last executing test programs:

1m50.125933227s ago: executing program 4 (id=49):
r0 = creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39dcdb)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
close(r0)
r2 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x1b0)
fcntl$setlease(r2, 0x400, 0x1)
r3 = memfd_create(&(0x7f0000000180)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xecz\xabq\x95t*T9\xa9\b X \x04\"\x17\xbf\xcb\xccF\xda\xcf\xdd^\xa0\x15\xc0\xcb^h>\x1b\xb5d\xc7\x7f0\x9a&\xb0\x12#\x9c`\xa6\xed\x05\x95g\a\xccYb\xaf\xe9\xb6G?\x9f\xf5\xfe\xc1\xc0JJ\xc8\xd9d\x80\x13\x8fX\xb4\x19\xc4\\\xcb\x89-)\x90\x01\v\xac^\xdbBQ|\xaej;\x92\\\xf8u\x19Y\xee\x99EI\xf1t\xadn<\x9b\xc9\x87\xd0\xa7\x1a\x81\xb9\xc87sq\xd7\x15\xd6\x91O\x9c\x99!9>\xff\xa8\xfa\xe6=d\xcf\xca\xa9\xc61!\xc6P\x13\xd0\x88gZ\xbe\xdfl\xfa\xff\xb0m;d07tx\xbb\xabd\xe5\x16\xc4\xae\xf0', 0x0)
write$binfmt_script(r3, &(0x7f0000000340)={'#! ', './file0'}, 0xb)
execveat(r3, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

1m49.222476465s ago: executing program 4 (id=56):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0xfffffffffffffcc5)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000540)='inet_sock_set_state\x00', r3}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000540)='inet_sock_set_state\x00', r2}, 0x18)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r4, 0x40)

1m49.183917595s ago: executing program 4 (id=57):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
eventfd2(0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000000e00)=ANY=[@ANYBLOB="18000000030000000000000026d0000095002b000000000093adffa87d2255f674412d020000000000005ab527ee3697f1ec4436dd1164aa93cc5800075557165397000a63f6b9b3f427f6ba6b34f98125f30e697fffffffffffffffa30b273683626e0003254d570dca6b78ad833488cfe4109eaf009edd3e69613d3cd6aaa300006eee8501000000520a0000151d010000000100bf00000000cc587424363dc6ad7f3bbd424c6e6cafbe9309aba218a52001a3cd000041f0db74596fd72c002a60c1bc7dc8c38b7d2e13c50424b9dd1145d03ff45f70685c6bd9ff41c69b7de4758c1096a1dc52f29e470a000517ebc406e89dcbb7677e6528b0856e31ed9474ac24cf609068f645ce971fc0480737a55ebb0bd701f7ff21e88b3cfc22df01e4bac9d97328fa2a82b5e8741e02056d933bed759ff232cebc68b91af50479387467824262852c7939db5672d07cdbe8e14abf56497e5d56d06c759da324a39f7f51b870b2851c3f0a1aab71587a21c8f1b3369ebfcba105a6ccdd01b0f04edb256c604f068773f6ff000000000000006ffbfe5ca32142b0195531458b7d1e341c6f864f983d745f5865aad41d2915aae7602a2d6cd415e8351ebc4223f54d6bec664709ff03f1aa3dc7f1580ace9bf2afd28d7157e67fb98d121ad6eb372713255012e028cb2654d493a0b4b35faae176c89b745eda2967199cc936859a537e8e4871d4acf3e3dc10e13ef227f627a40000ad1fa253d33fa74f172d3407ae4e1e347c0cff28235a3cbb5d33b09bc30cf2880c586272c3f4d79bc36305745cb1cb385e6add14652003c7cdd3324f07d134d3ed07f1c10900000009dd872ec66ea6c718bbd1aa59114000f0be4c6f8df084c5e9734ae30aa9afdc719bf01ab03a9b1074407136b4506000f0916a39d3057d50183612b39e73aeeb6eaf14652dda68e98ef938e6515a94a71836469e2051d9b7eb85f3f2d5ae2c51944da8d7391d6d6b97419a3b7660df4c5124ca425d374b371867a79b31c6617fc3327191fbf514573f0e30d1d60be2168fe6c2f3dccd599a2cb77f124e22f87673675805494db821f39b50d938d5fd8c6b2a3a324c257b84000000b749ccd74089ed6b86f81ca3d247d8f71d290ed1b1a11f7a67125170c88c3b6a50696332226401b110da9c786eeca22debc99335583b54c13c3130978fa069af8223b38ced735c2d905f51ca85ffa4add5647489b3960127696cf2f16625c0c102000000000000009ef52134842e64171f3963841086e3797a4825d081f2d987f05c5341877386ec55d7dc958fd235d6071619a65d4b82d9c162f3556076b80550d961ca74f1ffdaccf0ea5f02e0fca8b27ff3983ab74fd3d560700a1fbb44e77e312b3b129e000302d613916c9bcf9f0000fac73adb6bfb27f88dba816020be760f7b45e001efada800000000000000fdaf4660402f7b3b79a433e08074ea2462974ab2cbd247eb1cfa2638f56daee57ed14bc74de0fd87a9ce638190f3570e0b4c80ef682df22237270955afb6008846557ee3bc09fda6dbb6542e597300eb82a184c96ffde5a30e5433d86666cb045bdd02c804c22ff2635c7bfbf5c0d586cda5e1e88a4d41dee7cc74f822278d124638fec58faeb48afe324369cc51204158bb440df2a694f4cdcaa4f65c22f000000000000000000000000000d503d79906958102000000000000000000001ffff0ef89b2a635edb2dd163e863315e84498dfb52b7f54da6398cbedaa42cc17c4563c859656a357770289a61faa95a82bf1cfb7f2fd7252e9322abe282c3344fc6738b4467893b9bf0d1c8130ae6b226900110635376413c29f7c6f7b7e29b9f4bddd5e328661f4046e01f7d7dc22174e5e627a6f608ad53a4168d4d8f7fbc71104512efe8e5d7d934aa289b4db2b870000000000000000000000000000000000000000009b777883a0f9cf4ad155110cd3ace2b322ac31bfa27847dc99c8a69a1ea5b98e525e6393ad7fd9795170e7b11e4fa990b9386910a6a1a66a70eaff01247603c2ff49d3979676bffb3049166ab84a0f061991bd57c2566c10c282352a5105b6164e3f2491e4793e590dcc71de10da96fdff40dd44a2c9882d3aa0f8a797b8fea6efcfb5046b7679f15559cdaa977504c40b2f777acb907ebf5fc14add71d0bca37405ded69b77ab4a3d7487fd50c5e22ade17556abb722d9c085b189b5fd1f30e8dc813f60400fde1f88d830b11002135e8e7262f299ed7923bfbe00ad88be179e56b41ff3792cee2fc37eee739c3e3af923e8738d93d583a9cf00b946960fc38cf85aae7cf708f9a9d166f2e352a06d99b8be476d1cc2a53a859ae4fdab2a987925d12422474ac044ffe9fe2bf9bf9bbdf36c4ca89c516647542ac45545337829fa7039d155ebda42d4c14f4ca7f8b5d5842658c62d0a03092b94fa1b19f190000000000000000000000000000009e75a32b9fafeffd890f2759b0fe3add33fa43a4c3995458f86a926ad56b23571c46728c039cd3b4bb7d69dfa27782b953a7b81cc161912b3e5716360686e126311a7e21bfa2efd0f57b90c203528c8f620d3c7b31c7abcffae382f53500f7cd5d00159e5f741d3e2d2cbd1a04b3f39b50a4683daa7d117b7f4a149c954d69d8ab001339e464c8eb5f0c63899010757c9a3b69f4920531b83f71d5a34ef9405819afee15b77c015ea755c95127ff2274bb9a8463ce4b8c08ad70596ad2b2b044e660ed144b9dce372450ea69d25da2b6deed67fac26e765aa7d5532ba1044f62db049486acde2294127cb767c23da7d8f9844d3be5b6aa83ee4ce1876af5130efe1b64ccb6bbd349bcc0e8deec8ab3bd1b35bbc8ab8a152771744baa576b9223d26b5603a7f091be1264cabaf661fe2dbe7990a61f710f923f2337818a3983d06c11a6bee7fccb78a53c56db5c18f920d2194374db665dcadf53b8d0014e682ec721d67a7ab6c817fe53c86f8900000000000000000000000000000060b7b827c56e973a2ab5bc5c558ada68c4ec3762f5957b20b919af5d53c87de056a397bdcb614c34761e2c815698e1f9f5521a385c2910850929040a4eba573e91ca21fc855358120ecd79a5d7007693ef3ff9d2b993d114443d53c53094e516f675b2a7074584714e7a2015e05e507811b4ca89c39281c9ada5f58ceb55893cca783ab09c9a19836a3a2c715b10436a5731549e364679ecd8461a68433ab52b1108831edb9654dc602183c1170d6881647f6dca15d57fb76357d815c5f1000000000000000000f49e327c0b6e511494466cec78650f0a6267"], &(0x7f00002bf000)='syzkaller\x00', 0x4, 0x436, &(0x7f0000000040)=""/183, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x7}, 0x48)
r2 = socket$kcm(0x29, 0x2, 0x0)
r3 = socket$inet6(0xa, 0x803, 0x6)
connect$inet6(r3, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000180)={r3, r1})
sendmmsg$inet(r2, &(0x7f0000000b80)=[{{0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f00000001c0)='\x00', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f00000002c0)="971fb2", 0x3}], 0x1}}], 0x2, 0x4000)

1m49.163910086s ago: executing program 4 (id=58):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(0x0, 0x0, 0x0, 0x80000, 0x0)
mount$bind(0x0, 0x0, 0x0, 0x1adc51, 0x0)
mount$bind(0x0, 0x0, 0x0, 0x1389899, 0x0)
mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x12f451, 0x0)
mount$bind(&(0x7f00000000c0)='.\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x88f8d2, 0x0)

1m49.143507736s ago: executing program 4 (id=60):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2010008, &(0x7f00000001c0), 0xff, 0x52e, &(0x7f0000000640)="$eJzs3cFvI1cZAPBvnDib7GabFDhApZZCi7IVrJ00tI04lCIhOFVClPsSEieK4sRR7LSbqILsX4CEECBxggsXJP4AJLQSF44IqRKcQSoCIdiCBAfoINvjJDjjxFuceNf5/aTZeW/GM9/3vHnjGc/TOIAr69mIeC0i3k/T9IWImMmWF7IpDttT83XvPXh7pTklkaZv/DWJJFvW2VeSzW9km01GxFe/HPGN5HTc+v7B5nK1WtnN6uXG1k65vn9we2Nreb2yXtleXFx4eemVpZeW5gfSzpsR8eoX//i9b//kS6/+4jNv/eHOn299s5nWdLb+ZDse0vhZK9tNL16b7Npg9wMGexQ121PsVKb62+beBeYDAEBvzXP8D0XEJyPihZiJsbNPZwEAAIDHUPr56fh3EpHmm+ixHAAAAHiMFFpjYJNCKRsLMB2FQqnUHsP7kbheqNbqjU+v1fa2V9tjZWejWFjbqFbms7HCs1FMmvWFVvm4/mJXfTEinoyI785MteqllVp1ddhffgAAAMAVcaPr+v8fM+3rfwAAAGDEzA47AQAAAODCuf4HAACA0ef6HwAAAEbaV15/vTmlnd+/Xn1zf2+z9ubt1Up9s7S1t1Jaqe3ulNZrtfXWM/u2zttftVbb+Wxs790tNyr1Rrm+f3Bnq7a33bizEZOX0iAAAADglCc/fv93SUQcfm6qNTVNDDsp4FKMH5WSbJ7T+3//RHv+7iUlBVyKsT5e8+61/OXOE+DxNt69oEdfB0ZPcdgJAEOXnLO+5+CdX2fzTww2HwAAYPDmPpZ///+864GIw8IlpAdcIJ0Yrq6u+//pzLASAS5d6/5/vwN5nCzASCn2NQIQGGX/9/3/c6XpQyUEAAAM3HRrSgql7Ou96SgUSqWIm62fBSgmaxvVynxEPBERv50pXmvWF1pbJn2MEQAAAAAAAAAAAAAAAAAAAAAAAAAAovVU7iRSAAAAYKRFFP6U/LL9LP+5meenu78fmEj+1fpJ4ImIeOuHb3z/7nKjsbvQXP63o+WNH2TLXxzGNxgAAABAt851emv+z2FnAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCoee/B2yudqY+XTw0q7l++EBGzefHHY7I1n4xiRFz/exLjJ7ZLImJsAPEP70XER/PiJ820jkLmxR/Em3BO/JjN3oW8+DcGEB+usvvN489ref2vEM+25vn9bzzif+ofVO/jXxwd/8Z69P+bfcZ46p2flXvGvxfx1Hj+8acTP+kR/7k+43/9awcHvdalP4qY63z+tI54JyMcl8qNrZ1yff/g9sbW8nplvbK9uLjw8tIrSy8tzZfXNqqV7N/cGN95+ufvn9X+67mff0mWTe/2P5+zv7zPpP+8c/fBhzuVw9Pxbz2XE/9XP85ecTp+IYvzqazcXD/XKR+2yyc989PfPHNW+1eP2198mP//W7122u1UR3m63z8dAOAC1PcPNper1cruyBaaV+mPQBoKj2DhWwPdYZqmabNP5ay6HxH97CeJAbe0kJ/PcaHnEWDYRyYAAGDQjk/6h50JAAAAAAAAAAAAAAAAAAAAXF2X8ZS17pjHj0BOBvEIbQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAgfhvAAAA//89e9P5")
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x32126, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, @perf_bp={0x0, 0x2}, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x51857000)
setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
socket$inet6_icmp(0xa, 0x2, 0x3a)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))

1m48.95666897s ago: executing program 4 (id=65):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0xe7fd}, 0x100002, 0x3, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000012c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000340)={0x1, &(0x7f0000000300)=[{0x9, 0xf7, 0x9, 0x10001}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000a00)='fib_table_lookup\x00', r2}, 0x18)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000f80)="d8000000180081064e81f782db4cb904021d0800fd007c05e8fe50a10a000700014002020c600e41b0000900ac000a0501000000160012000a00ff150048035c3b61c1d67f6f94007134cf6efb8007a007a290457f01a7cee4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5ae24e25ccca9e00360db79826835d3a71d95667daffffffffff1f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5b7276505de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9000001008af26c8b7b55f4d2a6823a45", 0xd8}], 0x1}, 0x40080)

1m48.93841567s ago: executing program 32 (id=65):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0xe7fd}, 0x100002, 0x3, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000012c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000340)={0x1, &(0x7f0000000300)=[{0x9, 0xf7, 0x9, 0x10001}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000a00)='fib_table_lookup\x00', r2}, 0x18)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000f80)="d8000000180081064e81f782db4cb904021d0800fd007c05e8fe50a10a000700014002020c600e41b0000900ac000a0501000000160012000a00ff150048035c3b61c1d67f6f94007134cf6efb8007a007a290457f01a7cee4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5ae24e25ccca9e00360db79826835d3a71d95667daffffffffff1f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5b7276505de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9000001008af26c8b7b55f4d2a6823a45", 0xd8}], 0x1}, 0x40080)

48.549602185s ago: executing program 2 (id=1117):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, &(0x7f0000000a40)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x3}, [@printk={@ld}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)={0x34, r2, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x8000)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r3}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0a00000001010000ff7f0000cc00000000000000", @ANYRES32], 0x50)

47.846464399s ago: executing program 2 (id=1124):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
quotactl_fd$Q_GETINFO(0xffffffffffffffff, 0xffffffff80000501, 0x0, 0x0)
getpgrp(0xffffffffffffffff)
r2 = gettid()
process_vm_writev(r2, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0x7ffff000}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)
syz_clone(0x42164000, 0x0, 0x0, 0x0, 0x0, 0x0)

47.434463577s ago: executing program 2 (id=1133):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000440)='kfree\x00', r1, 0x0, 0x5}, 0x18)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000380), 0x84d03, 0x0)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r2, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x3, r3, {0x2, 0x0, @multicast2}, 0x2}}, 0x2e)
r4 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r4, &(0x7f00000000c0)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast1}, 0x2, 0x2}}, 0x26)
close_range(r2, 0xffffffffffffffff, 0x0)

47.361602478s ago: executing program 2 (id=1135):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x3800480, &(0x7f0000002200), 0x45, 0x786, &(0x7f00000007c0)="$eJzs3d9rW2UfAPDvSX93e9/2hRd0XhUELYyldtZNwYuJFyI4GOi1W0mzMps2o0nHWgpuiOCNoOKFoDe79se889Yft/pfeCEbU7vhxAupnDRZszXpkq1J5vb5wGme5zwnfZ5vnnOe8yTnkATwyJpI/2QiDkTEB0nEWHV9EhEDlVR/xLGt7W5urOfSJYnNzdd/Syrb3NhYz0Xdc1L7qpnHI+L7dyMOZnbWW1pdW5gtFPLL1fxUefHsVGl17dCZxdn5/Hx+6cj0zMzho88dPbJ3sf7x09r+qx++8vRXx/5657HL7/+QxLHYXy2rj2OvTMRE9TUZSF/C27y815X1WLJ7cYM9gAdB2jF9W0d5HIix6KukmhjpZssAgE55OyI2m+lrWgIA/Kslzc//AMBDqfY5wI2N9Vxt6e0nEt117aWIGN6Kv3Z9c6ukv3rNbrhyHXT0RnLblZEkIsb3oP6JiPjsmze/SJfo0HVIgEYuXIyIU+MTO8f/ZMc9C+16poVtJu7IG/+ge75N5z/PN5r/ZW7Nf6LB/GeowbF7L+5+/Geu7EE1TaXzvxfr7m27WRd/1XhfNfefypxvIDl9ppBPx7b/RsRkDAyl+eld6pi8/vf1ZmX187/fP3rr87T+9HF7i8yV/qHbnzM3W569n5jrXbsY8UR/o/iTW/2fNJn/nmixjldfeO/TZmVp/Gm8tWVn/J21eSniqYb9v31HW7Lr/YlTld1hqrZTNPD1z5+MNqu/vv/TJa2/9l6gG9L+H909/vGk/n7NUvt1/Hhp7LtmZXePv/H+P5i8UUkPVtedny2Xl6cjBpPXdq4/vP3cWr62fRr/5JONj//d9v/0PeGpFuPvv/rrl/cef2el8c+11f/tJy7fXOhrVn9r/T9TSU1W17Qy/rXawPt57QAAAAAAAAAAAAAAAAAAAAAAAACgVZmI2B9JJnsrnclks1u/4f3/GM0UiqXywdPFlaW5qPxW9ngMZGpfdTlW932o09Xvw6/lD9+RfzYi/hcRHw+NVPLZXLEw1+vgAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBqX5Pf/0/9MtTr1gEAHTPc1+sWAADdNtzf6xYAAN023NbWIx1rBwDQPe2d/wGAh4HzPwA8epz/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6LATx4+ny+afG+u5ND93bnVloXju0Fy+tJBdXMllc8Xls9n5YnG+kM/miotN/9GFrYdCsXh2JpZWzk+V86XyVGl17eRicWWpfPLM4ux8/mR+oGuRAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDrSqtrC7OFQn5ZQkKi7URc2DqOHpT27F0iBrdHiZGejU8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD7p/AgAA//+mAybn")
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000840)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000400007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$setregs(0xd, r0, 0x930, &(0x7f0000000800))
ptrace$poke(0x21, r0, 0x0, 0x0)

47.24897397s ago: executing program 2 (id=1136):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x103, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000cc0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
unshare(0x20060400)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r3}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)

44.760896198s ago: executing program 0 (id=1187):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000090000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r1 = syz_io_uring_setup(0x3e, &(0x7f0000000640)={0x0, 0x2a94, 0x10100, 0x2, 0x1fe}, &(0x7f0000000200)=<r2=>0x0, &(0x7f00000006c0)=<r3=>0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000400)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r4, 0x0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000019c0)=[{&(0x7f00000002c0)=""/183, 0xb7}], 0x1}, 0x0, 0x80002101})
io_uring_enter(r1, 0xd81, 0x0, 0x0, 0x0, 0x0)
r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCMIWAIT(r6, 0x545c, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000280), r5)

44.15202701s ago: executing program 2 (id=1193):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xd, &(0x7f0000000780)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, @fallback=0x36e084fcb6392193, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
accept4$inet6(0xffffffffffffffff, 0x0, 0x0, 0x800)
mkdir(&(0x7f0000000580)='./file0\x00', 0x92)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r2 = inotify_init1(0x800)
inotify_add_watch(r2, &(0x7f00000002c0)='./file0\x00', 0x100080c)
lsetxattr$security_selinux(&(0x7f0000000400)='./file0\x00', &(0x7f0000000000), &(0x7f0000000280)='system_u:object_r:fsadm_exec_t:s0\x00', 0x22, 0x0)

44.124560051s ago: executing program 33 (id=1193):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xd, &(0x7f0000000780)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, @fallback=0x36e084fcb6392193, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
accept4$inet6(0xffffffffffffffff, 0x0, 0x0, 0x800)
mkdir(&(0x7f0000000580)='./file0\x00', 0x92)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r2 = inotify_init1(0x800)
inotify_add_watch(r2, &(0x7f00000002c0)='./file0\x00', 0x100080c)
lsetxattr$security_selinux(&(0x7f0000000400)='./file0\x00', &(0x7f0000000000), &(0x7f0000000280)='system_u:object_r:fsadm_exec_t:s0\x00', 0x22, 0x0)

43.865675296s ago: executing program 0 (id=1200):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$selinux_load(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1, 0x0, 0x3}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0xf5, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000880)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000180a0500000000000000000002000000300003802c00038014000100776732000000000000000000000000001400010076657468315f746f5f627269646765000900020073797a30000000000900010073797a300000000014000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x24040089}, 0x20008000)

43.714364569s ago: executing program 0 (id=1203):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x2a)
unshare(0x2040400)
r1 = fsopen(&(0x7f0000000400)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
unshare(0x2000400)
fsmount(r1, 0x0, 0x0)

43.702682649s ago: executing program 0 (id=1204):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x3800480, &(0x7f0000002200), 0x45, 0x786, &(0x7f00000007c0)="$eJzs3d9rW2UfAPDvSX93e9/2hRd0XhUELYyldtZNwYuJFyI4GOi1W0mzMps2o0nHWgpuiOCNoOKFoDe79se889Yft/pfeCEbU7vhxAupnDRZszXpkq1J5vb5wGme5zwnfZ5vnnOe8yTnkATwyJpI/2QiDkTEB0nEWHV9EhEDlVR/xLGt7W5urOfSJYnNzdd/Syrb3NhYz0Xdc1L7qpnHI+L7dyMOZnbWW1pdW5gtFPLL1fxUefHsVGl17dCZxdn5/Hx+6cj0zMzho88dPbJ3sf7x09r+qx++8vRXx/5657HL7/+QxLHYXy2rj2OvTMRE9TUZSF/C27y815X1WLJ7cYM9gAdB2jF9W0d5HIix6KukmhjpZssAgE55OyI2m+lrWgIA/Kslzc//AMBDqfY5wI2N9Vxt6e0nEt117aWIGN6Kv3Z9c6ukv3rNbrhyHXT0RnLblZEkIsb3oP6JiPjsmze/SJfo0HVIgEYuXIyIU+MTO8f/ZMc9C+16poVtJu7IG/+ge75N5z/PN5r/ZW7Nf6LB/GeowbF7L+5+/Geu7EE1TaXzvxfr7m27WRd/1XhfNfefypxvIDl9ppBPx7b/RsRkDAyl+eld6pi8/vf1ZmX187/fP3rr87T+9HF7i8yV/qHbnzM3W569n5jrXbsY8UR/o/iTW/2fNJn/nmixjldfeO/TZmVp/Gm8tWVn/J21eSniqYb9v31HW7Lr/YlTld1hqrZTNPD1z5+MNqu/vv/TJa2/9l6gG9L+H909/vGk/n7NUvt1/Hhp7LtmZXePv/H+P5i8UUkPVtedny2Xl6cjBpPXdq4/vP3cWr62fRr/5JONj//d9v/0PeGpFuPvv/rrl/cef2el8c+11f/tJy7fXOhrVn9r/T9TSU1W17Qy/rXawPt57QAAAAAAAAAAAAAAAAAAAAAAAACgVZmI2B9JJnsrnclks1u/4f3/GM0UiqXywdPFlaW5qPxW9ngMZGpfdTlW932o09Xvw6/lD9+RfzYi/hcRHw+NVPLZXLEw1+vgAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBqX5Pf/0/9MtTr1gEAHTPc1+sWAADdNtzf6xYAAN023NbWIx1rBwDQPe2d/wGAh4HzPwA8epz/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6LATx4+ny+afG+u5ND93bnVloXju0Fy+tJBdXMllc8Xls9n5YnG+kM/miotN/9GFrYdCsXh2JpZWzk+V86XyVGl17eRicWWpfPLM4ux8/mR+oGuRAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDrSqtrC7OFQn5ZQkKi7URc2DqOHpT27F0iBrdHiZGejU8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD7p/AgAA//+mAybn")
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000840)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000400007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$setregs(0xd, r0, 0x930, &(0x7f0000000800))
ptrace$poke(0x21, r0, 0x0, 0x0)

43.339318206s ago: executing program 0 (id=1205):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r3, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010005"], 0x3c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newlink={0x54, 0x10, 0xffffff1f, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, 0x0, 0x10000}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @gretap={{0xb}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_GRE_ENCAP_TYPE={0x6, 0xe, 0x2}, @IFLA_GRE_ENCAP_FLAGS={0x6, 0xf, 0x7}, @IFLA_GRE_REMOTE={0x8, 0x7, @dev={0xac, 0x14, 0x14, 0x28}}]}}}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x54}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(r2, &(0x7f0000000040)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@newlink={0x58, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x90646}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x18, 0x2, 0x0, 0x1, [@IFLA_VLAN_FLAGS={0xc, 0x2, {0x1f, 0x1f}}, @IFLA_VLAN_ID={0x6, 0x1, 0x1}]}}}, @IFLA_LINK={0x8, 0x5, r5}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x58}, 0x1, 0x0, 0x0, 0x600}, 0x0)

42.538502882s ago: executing program 0 (id=1208):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x3, &(0x7f0000000040)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r1 = syz_io_uring_setup(0x44cd, &(0x7f00000004c0)={0x0, 0x5331, 0x10100, 0x1000006, 0xfffefffe}, &(0x7f0000000100)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='8'], 0x38}}, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r4, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r4, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1})
io_uring_enter(r1, 0x2d3e, 0xec84, 0x0, 0x0, 0x0)

42.494356763s ago: executing program 34 (id=1208):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x3, &(0x7f0000000040)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r1 = syz_io_uring_setup(0x44cd, &(0x7f00000004c0)={0x0, 0x5331, 0x10100, 0x1000006, 0xfffefffe}, &(0x7f0000000100)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='8'], 0x38}}, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r4, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r4, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1})
io_uring_enter(r1, 0x2d3e, 0xec84, 0x0, 0x0, 0x0)

6.378929905s ago: executing program 6 (id=1847):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x11, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000580)='kfree\x00', r0}, 0x18)
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r3 = dup(r2)
write$P9_RLERRORu(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r3, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
creat(&(0x7f00000003c0)='./file0\x00', 0x36)

6.343506296s ago: executing program 6 (id=1848):
r0 = socket$inet6(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, &(0x7f0000000100)=0x1800, 0x4)
r3 = getpid()
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RELOAD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000740)={0x3c, r4, 0x1, 0x70bd26, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r3}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x24040010)
fcntl$getownex(r0, 0x10, &(0x7f0000000280)={0x0, <r5=>0x0})
sendmsg$DEVLINK_CMD_RELOAD(r1, &(0x7f00000003c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x3c, r4, 0x12, 0x70bd2c, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r5}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x22004040}, 0x40)

2.451227232s ago: executing program 7 (id=1938):
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4000000)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x50)
pipe2(0x0, 0x0)
ioctl$TIOCNXCL(0xffffffffffffffff, 0x540d)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0xd, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x18, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2ab6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r0}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r1}, 0x10)
syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x11, 0x2, 0x4}, 0x0, 0x0)

1.882356903s ago: executing program 5 (id=1950):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40000000}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000580)={{r0}, 0x0, &(0x7f00000002c0)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x3, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='br_fdb_add\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='br_fdb_add\x00', r2}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'bridge0\x00', <r5=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="280000001c000100000000000000000007000000", @ANYRES32=r5, @ANYBLOB="4000aa000a0002"], 0x28}}, 0x0)

1.716704176s ago: executing program 5 (id=1952):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x161281, 0x0)
write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, "0040001e1d113c812e5d6000"})
r1 = syz_open_pts(r0, 0x0)
dup3(r1, r0, 0x0)
r2 = syz_io_uring_setup(0x88e, &(0x7f0000000140)={0x0, 0x3cfa, 0x0, 0x2, 0x1b9}, &(0x7f0000000000)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r2, 0x47f6, 0x0, 0x2, 0x0, 0x0)
ppoll(&(0x7f0000000140)=[{r0}], 0x1, 0x0, 0x0, 0x0)
ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000180)={0x38000, 0x8, 0x0, 0x2, 0x5, "aa32b73986bbee6bd231334cbfa0b758261a93"})

1.591986169s ago: executing program 1 (id=1956):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000300)={'#! ', '', [{0x20, 'memory.events\x00'}]}, 0x13)
perf_event_open(&(0x7f0000000140)={0x8, 0x80, 0x7, 0x0, 0x0, 0x3, 0x82, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0xf}, 0x8080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x10000000000007}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f0000000400)={0x8, 0x80, 0x0, 0x94, 0x10, 0x0, 0x82, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0xb}, 0x1, 0x0, 0x2}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x1e, 0x12, r4, 0x0)

1.498339251s ago: executing program 7 (id=1957):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x1000}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', <r2=>0x0})
setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f00000001c0)=0x2, 0x4)
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4)
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4)
bind$xdp(r0, &(0x7f0000000100)={0x2c, 0x0, r2}, 0x10)
r3 = syz_io_uring_setup(0x234, &(0x7f0000000580)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=<r4=>0x0, &(0x7f0000000100)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xffffffffffffff31})
io_uring_enter(r3, 0x207a98, 0x0, 0x0, 0x0, 0x0)

927.894872ms ago: executing program 6 (id=1958):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r1}, 0x18)
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x89a0, &(0x7f0000000040)={'syzkaller0\x00'})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'syzkaller0\x00', <r3=>0x0})
bind$packet(r2, &(0x7f0000000080)={0x11, 0x1a, r3, 0x1, 0x1, 0x6, @broadcast}, 0x14)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r5, 0x89a1, &(0x7f0000000040)={'syzkaller0\x00'})

927.589901ms ago: executing program 3 (id=1959):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r3}, 0x4)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f00000001c0)='kfree\x00', r4}, 0x18)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0x1}, {0xffff, 0xffff}, {0x0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000600)=@newtfilter={0x44, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0x0, 0xf}, {}, {0x7, 0x10}}, [@filter_kind_options=@f_flow={{0x9}, {0x14, 0x2, [@TCA_FLOW_EMATCHES={0x10, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x2}}, @TCA_EMATCH_TREE_LIST={0x4}]}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x10}, 0x2008c014)

927.397462ms ago: executing program 5 (id=1960):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082", @ANYRES32, @ANYBLOB="180000000000000000000000000000001811"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @sk_skb=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000800)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x101, 0x0, 0x0, 0x41100, 0x59}, 0x94)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
creat(&(0x7f00000003c0)='./file0\x00', 0x36)

927.232991ms ago: executing program 7 (id=1968):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x0, 0x0, 0x0, 0x8, 0x0, 0x1}, 0x0, 0xfffffeffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000010c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x23, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = fsopen(&(0x7f0000000380)='gadgetfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
fsmount(r3, 0x0, 0xf)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r3, 0x7, 0x0, 0x0, 0x0)

927.004861ms ago: executing program 1 (id=1961):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000"], 0x48)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x8, &(0x7f0000000000), 0x1, 0x51a, &(0x7f0000001200)="$eJzs3U9sI1cZAPBvJsnam6ZNCj0AKnQphQWt1k68bVT1QjlVCFVC9MhhGxInimLHUeyUJuwhe+SORCVOcOLMAYkDUk/ckTjAjUs5IBVYgRokJFx5bGedP06sbGJv499PGvnNvLG/93Y071mfN/MCGFu3ImI/Im5ExLsRMds5nnS2eLO9tc775NGD5YNHD5aTaDbf+WeS1beORc97Wp7pfGY+In7wVsSPkmNB/xRR393bWKpUytudQ8VGdatY3927u15dWiuvlTdLpcWFxfnX771WurS+vlT9zcc3I+L3v/vyR3/c/9ZPWs2a6dT19uMytbs+dRinZTIivncVwUZgotOfGxd584XexGVKI+JzEfFydv/PxkR2NY86epm+PcTWAQBXodmcjeZs7z4AcN2lWQ4sSQudXMBMpGmh0M7hvRDTaaVWb9xZre1srrRzZXMxla6uV8rznVzhXEwlq+uT5YWs3N2vlEvH9u9FxPMR8bPczWy/sFyrrIzyiw8AjLFnjs3//8m1538A4JrLPy7mRtkOAGB48qNuAAAwdOZ/ABg/5n8AGD/mfwAYP+Z/ABg/5n8AGCvff/vt1tY86Dz/euW93Z2N2nt3V8r1jUJ1Z7mwXNveKqzVamvZM3uq531epVbbWng1dt4vNsr1RrG+u3e/WtvZbNzPnut9vzw1lF4BAGd5/qUP/5JExP4bN7Mtep73f+5c/eJVtw64SumoGwCMzMSoGwCMzMnVvoBxIR8P4+v/zWYzetbujYiHh6Weh4H2/S9CHwwUJrVuKDx9bn/xCfL/wGea/D+Mr4vl/32Xh+tA/h/GV7OZWPMfAMaMHD+QnFPf+/v/fLNnZ7Df/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBamsm2JC101gKfiTQtFCKejYi5mEpW1yvl+Yh4LiL+nJvKtfYXIsK6QQDwWZb+Pems/3V79pWZ47U3cv/NZa8R8eNfvPPz95caje2FiBvJvw6PNz7oHC+Nov0AwHm683R3Hu/65NGD5e42zPZ8/J324qKtuAedrV0zGZPZaz7LNUz/O+nst7W+r0xcQvz9hxHxhdP6n2S5kbnOyqfH47diPzvU+OmR+GlW135t/Vt8/hLaAuPmw9b48+Zp918at7LX0+//fDZCPbnu+HdwYvxLD8e/iT7j361BY7z6h++eONicbdc9jPjSZMRB98N7xp9u/KRP/FcGjP/XF7/ycr+65i8jbsdp/U+OxCo2qlvF+u7e3fXq0lp5rbxZKi0uLM6/fu+1UjHLURe7meqT/vHGnef6xW/1f7pP/Pw5/f/6gP3/1f/e/eFXz4j/za+dfv1fOCN+a078xoDxl6Z/m+9X14q/0qf/513/OwPG/+hveysDngoADEF9d29jqVIpbz95IX/mOellhBigkETsX3GIx4Xcr3/61vkn54bWngsWol/VxNPSwmtTyD0dzRigMOqRCbhqj2/6UbcEAAAAAAAAAAAAAADoZxh/TjTqPgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB9fRoAAP//j4/W2A==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x40086602, &(0x7f0000000080)={@desc={0x84c00, 0x0, @desc2}})
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffff9]}, 0x0, 0x8)
r1 = gettid()
r2 = gettid()
tkill(r1, 0x12)
tkill(r1, 0x1)
tkill(r2, 0x14)

885.202192ms ago: executing program 5 (id=1962):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000600), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000003c0)={0x9c9, 0x0, 0x0, 'queue1\x00', 0x200000})
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x6}, 0x18)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r0, 0x40605346, &(0x7f0000000280)={0x0, 0x0, {0x0, 0x0, 0x40000000, 0x0, 0x3}, 0x8})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), r2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="31832abd70000000000019000000180001801400020065727370616e30"], 0x2c}, 0x1, 0x0, 0x0, 0x50}, 0x4886)

884.535682ms ago: executing program 7 (id=1963):
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000380)={@fallback, 0x11, 0x1, 0x8875, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000001000000000000000000851000000600000018000000", @ANYRES32=0x0, @ANYBLOB="00000000000100006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0xa, 0x0, 0x0, 0x40f00, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000a80)='kfree\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18)
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r3 = dup(r2)
write$P9_RLERRORu(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r3, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])

781.367545ms ago: executing program 7 (id=1964):
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2002, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000280)={0x1f, 0x4, 0x3}, 0x6)
io_setup(0x7, &(0x7f0000002400)=<r1=>0x0)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(0xffffffffffffffff, 0xc04c5349, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000002c0)="2e00000010008188040f80ec59acbc0413010048100000005e140602000000000e000a000f000000028000", 0x2b}, {&(0x7f0000000100)="c40ad38ae96bf7e8ef19243a4a63c9ede45421a4cc1ea4504d47866824674eaddcad792a2f1f58188c59fff4b1fb0b49630d4e7f229064316790a7916d12178651b69f849bfe114ae79e72f93c4829173295bf31f43bd1d62288c403eee7db47d164886c1fbb599665397adefcfe53401743b08ba4a79a7e140e09096a2c2354f66e94015f44215aa79ea38c482f4ec92b3552e7b6232db6f8736300d5845dc948128f60e4c1fdb3", 0xa8}], 0x2}, 0x4)
io_submit(r1, 0x1, &(0x7f0000000000)=[&(0x7f0000000100)={0x2002000000, 0x4, 0x0, 0x7, 0x0, r0, &(0x7f0000000040)="0200ffef0004", 0x6, 0x0, 0x0, 0x3}])
r3 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000000)=ANY=[@ANYBLOB="380000000314010000000000000000000900020073797a2f000000000800410072786500140033007465616d5f736c6176655f30"], 0x38}}, 0x0)

714.505566ms ago: executing program 5 (id=1965):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0xff, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000540), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(r3, &(0x7f0000000a00)={0x0, 0xfffffffffffffe7f, &(0x7f00000009c0)={&(0x7f0000000640)={0x2c, r4, 0x1, 0x0, 0x25dfdbfe, {}, [@ETHTOOL_A_STRSET_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_team\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x141}, 0x0)

714.171496ms ago: executing program 3 (id=1966):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r3, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010005"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x43d, 0x70bd2b, 0x10000, {0x0, 0x0, 0x0, r3, {0xc, 0xffff}, {0x0, 0x4}, {0xfff3, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x8014}, 0x0)

702.130176ms ago: executing program 6 (id=1967):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffd98, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000f"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r4}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}, 0x1, 0x0, 0x0, 0xc000}, 0x0)

701.092926ms ago: executing program 5 (id=1969):
socket$packet(0x11, 0x3, 0x300)
r0 = socket$inet(0x2, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x20000376, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000020b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$phonet_pipe(0x23, 0x5, 0x2)
listen(r2, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x100000000000000, 0x0, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

644.488357ms ago: executing program 1 (id=1970):
r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
fchdir(r1)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
r2 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
getdents64(r3, &(0x7f0000001f80)=""/4102, 0x1006)
getdents(r2, &(0x7f0000000100)=""/155, 0x9b)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0)

625.662597ms ago: executing program 1 (id=1971):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB], 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x7, 0x0)
syz_clone(0x100411, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x94)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c16, &(0x7f0000000040)={[{@nobh}, {@usrjquota}]}, 0xff, 0x240, &(0x7f00000002c0)="$eJzs3T1oO2UcB/DvXRL/tg1SdRHEFxARLZS6CS51UShIKSKCChURF6UVaotb6+TioLNKJ5ciblZH6VJcFMGpaoe6CFocLA46RJJrpbYRX1Jz4n0+cLm75J77Pcfd97kQOBKgsaaTzCdpJZlJ0klSnN/gzmqaPl3dnthfTnq9x34oBttV65WzdlNJtpI8kGSvLPJCO9nYferop4NH7nl9vXP3u7tPToz1IE8dHx0+evLO4msfLNy/8dkX3y0WmU/3d8d19Yoh77WL5KZ/o9h/RNGuuwf8FUuvvP9lP/c3J7lrkP9OylQn74216/Y6ue/tP2r75vef3zrOvgJXr9fr9O+BWz2gccok3RTlbJJquSxnZ6vv8F+1JssXV9dennl+dX3lubpHKuCqdJPDhz+69uHUhfx/26ryD/xPVT9KHT6+tPN1f+GkVXeHgLG4rZr17/8zz2zeG/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmH5pJ/aC75h+aSf2iu8/kHAJqld63uJ5CButQ9/gAAAAAAAAAAAAAAAAAAAJdtT+wvn03jqvnJW8nxQ0naw+q3Bv9HnFw/eJ38sehv9puiajaSp+8YcQcjeq/mp69v+Kbe+p/eXm/9zZVk69Ukc+325euvOL3+/rkb/+TzzrMjFvibigvrDz4x3voX/bJTb/2Fg+Tj/vgzN2z8KXPLYD58/On2z9+I9V/6ecQdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDa/BgAA//8YZW08")
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
listxattr(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x200000b, 0x13, 0xffffffffffffffff, 0x53be1000)

577.830129ms ago: executing program 6 (id=1972):
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00')
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x95, 0x3}, 0x100002, 0x0, 0xffffffff, 0x3, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x3f, 0x0, 0x0, 0x0, 0xb}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
creat(0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x73, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r3, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x7], 0x0, 0x0, 0x1}}, 0x40)

557.644309ms ago: executing program 1 (id=1973):
r0 = socket$inet6(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, &(0x7f0000000100)=0x1800, 0x4)
r3 = getpid()
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RELOAD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000740)={0x3c, r4, 0x1, 0x70bd26, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r3}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x24040010)
fcntl$getownex(r0, 0x10, &(0x7f0000000280)={0x0, <r5=>0x0})
sendmsg$DEVLINK_CMD_RELOAD(r1, &(0x7f00000003c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x3c, r4, 0x12, 0x70bd2c, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r5}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x22004040}, 0x40)

514.18567ms ago: executing program 6 (id=1974):
syz_clone(0x4021400, 0x0, 0x9000, 0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000280)='./file1\x00', 0x14552, &(0x7f0000000b40)=ANY=[], 0xfb, 0x1219, &(0x7f0000001100)="$eJzs28FrXEUcB/BfkqapqclGrdUWxEEvFeTR5OBFL0FSkC4obSO0gvBqXnTJczfkLYEVsXry6t8hggjeBPGml1z8DwRvuXisID7JrrZd3RVWQjfI53PZH8z7zs7ssAuzzBy+8tn7O9tVtp13Y3ZmJmZ3I9LdFClm4y8fxwsvf//DM9dv3rq63mxuXEvpyvqN1ZdSSsvPfvvWh18891337JtfL3+zEAcrbx/+svbzwfmDC4e/33ivVaVWldqdbsrT7U6nm98ui7TVqnaylN4oi7wqUqtdFXtD7dtlZ3e3l/L21tLi7l5RVSlv99JO0UvdTuru9VL+bt5qpyzL0tJiMLlT96rNz+/WdR1R1/NxOuq6rh+JxTgbj8ZSLEcjVuKxeDyeiHPxZJyPp+Lp+OqnL3tHCQAAAAAAAAAAAAAAAAAAAOD4THr//0L/qWmPGgAAAAAAAAAAAAAAAAAAAP5frt+8dXW92dy4ltKZiPLT/c39zcHroH19O1pRRhGXoxG/Rf/2/8CgvvJac+Ny6luJT8o7f+bv7G/ODedXoxEvjs6vDvJpOL8Qiw/m16IR50bl52NtZP5MXHr+gXwWjfjxnehEGVtxlL3//h+tpvTq682/5S/2nxtv7mEsDwAAAByLLN0zcv+eZePaB/kJ/h8Y2l8fZS+emurUiYiq98FOXpbFnmJkcelkDKNfnD7ODucjYrLUr3VdT/9DmFIx/puyEBH/ueeZiDgZE/xHMe1fJh6G+4s+7ZEAAAAAAAAAAAAwibHHABf+7YTg3ETHCac9RwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YAeOBQAAAACE+Vun0bEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfBUAAP//0AbP3Q==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
ftruncate(r0, 0x2000009)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000001680)=ANY=[@ANYBLOB], &(0x7f0000001700)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000}, 0x94)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000003c0)='kfree\x00'}, 0x10)
write$P9_RREADLINK(r1, &(0x7f0000000000)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0xfffffdab)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
close(0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'bond_slave_0\x00'})

513.31432ms ago: executing program 3 (id=1975):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000080)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="4800000010000507000000000000000016000000", @ANYRES32=r2, @ANYBLOB="0000000200000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r4)
getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
sendmsg$nl_route_sched(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000003c0)=@delchain={0x3c, 0x2c, 0xf31, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xfff2, 0xffff}, {0xfff3}}, [@filter_kind_options=@f_basic={{0xa}, {0xc, 0x2, [@TCA_BASIC_CLASSID={0x8, 0x1, {0x2, 0xfff2}}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4008844}, 0x4010)

314.184034ms ago: executing program 3 (id=1976):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000050000000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x1f, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x0)
r4 = openat$cgroup_subtree(r3, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_subtree(r4, &(0x7f0000000300)=ANY=[@ANYBLOB='-cpu'], 0x5)
write$cgroup_subtree(r4, &(0x7f0000000140)={[{0x2b, 'cpu'}]}, 0x5)

200.651086ms ago: executing program 3 (id=1977):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000200)='qdisc_reset\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000200)='qdisc_reset\x00', r2}, 0x10)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000002c0)={'rose0\x00', 0x112})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000180)={'rose0\x00', 0x112})
ioctl$TUNSETQUEUE(r4, 0x400454d9, &(0x7f0000000100)={'vlan0\x00', 0x400})

200.148026ms ago: executing program 7 (id=1978):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
r2 = syz_io_uring_setup(0x1104, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xfffffffe, 0x21e}, &(0x7f00000003c0)=<r3=>0x0, &(0x7f0000000000)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000380)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x1fc, 0x0, 0x1})
io_uring_enter(r2, 0x47fa, 0x0, 0x0, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0)={<r5=>0xffffffffffffffff})
syz_io_uring_submit(r3, r4, &(0x7f00000001c0)=@IORING_OP_RECVMSG={0xa, 0x20, 0x2, r5, 0x0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0, 0x40032043, 0x1})
connect$netlink(0xffffffffffffffff, 0x0, 0x0)
unshare(0x8010300)

152.718007ms ago: executing program 3 (id=1979):
unshare(0x2040400)
gettid()
socket(0x1e, 0x4, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)=""/254, 0xfe}], 0x1}, 0x20)
sendmmsg(0xffffffffffffffff, &(0x7f00000030c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x9200000000000000)
close(0x4)
fcntl$lock(0xffffffffffffffff, 0x26, &(0x7f00000000c0)={0x0, 0x1, 0x8000000000003, 0x10000})
r0 = syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000280)='./bus\x00', 0x1200840, &(0x7f0000000100)=ANY=[@ANYBLOB="757466383d312c636865636b3d7374726963742c73686f72746e616d653d6d697865642c6e6f6e756d7461696c3d302c73686f72746e616d653d6d697865642c73686f72746e616d653d77696e39352c696f636861727365743d73703836322c696f636861727365743d63703433372c73686f72746e616d653d77696e39352c756e695f786c6174653d312c756e695f786c6174653d302c757466383d302c756e695f786c6174653d302c003c24d06816418f4be78ed4fbfe47efc82f966a602a8db43ad053c978bbd3501706515140ef63c2a58653ced497550b22917b09702604bc162c57e05beec5bb0c11fc2f9238b25e4527e24bab534e9ba458d92a597c3fee89f57053a4a1535771c9877b3ab101fb26937779cff75a95a296fafddf11280fafeb9bd5f2da4a88b43f3e4d5b1a9aed1f659d88f914548fba990603b0d4f14adda86d459c62701d3d6f007c7e50da9608a03eff5843f6739a8ec5ff33791394a5c075018b5d92bbd7d9874589f3561fbdfc44653bb6c56b522a3413"], 0x3, 0x37c, &(0x7f0000000ec0)="$eJzs3TGIW2UcAPB/7uUud9J6NwiiIEQ3QY+2CqKLV8oVilmqhKqDGGyr5XIWehhsh6bnIo6Co05uDjo4dHMRFOnm4GoFqYqDditY+uTlvSQvl+Q8Kmkt/n5D+Pf7/v/vfS/5aL7Lke9eX4uNk/Nx+vr1a7G4WInq2pG1uFGJlUii71KMW5jQBgDcG26kafyZ5iK+2ktJZfazAgBmqff+/+b+Ust73+yWn+bv/vOznhcAMDvFz/9L5bZkR87itOKzM5sWADBDo5//R8RjYymlX/VXx/YGAMC956VXXn3hcCPixXp9MWLz/U6z04znhv2HT8eZaMepOBDLcTMi3yhkD5Xe49FjjfUD9Xq9G7+sRDOr6DQjNrudZr5TOJz06mtxMJZjpagvdhtpmiZHv2ysH6z3RMSlbu/6sVnpNOdjKatfijM/3hen4lDU44Gx+ohjjfXBnqS52a+fj9gefm6RzX81luP7N+JstONkZLX9bU1j/eLBev1I2thXGdZ3O81aLy839RMQAAAAAAAAAAAAAAAAAAAAAAC4Lav1gZXB+Tnp8Pye1dUJ/b3zcfL64nyg7fx8oLSWRpr+8e6TzQ+SGDkfqHfAz0h9Nebu7q0DAAAAAAAAAAAAAAAAAADAf8bW+YVotdunzm2dv7BRDrrnts7PRUTW8vZ3n3+9FKM5S8UAo1UjQbVIKXXVh1Vp0k9Ok5GcIkiyi1eqectnlwczLufUBncxcRq16V3t9v5Hf/74wkZ/1EeS/si3hjlJTLyvC8mOaZSDzfvzAac/LbsEh/4h52qaptPKL742XhWViOrUqd5mkGbBt9feeuiprf4iSHOPP7F84upHn/620WpnV8602wvntm6mG63i35MX2/QgKa2fSrHYKuWVUG09fev4vikjb4+2tJIffn/54Q+vFC1zu79M6Ykrw5Z3JuQk+UW/2Nm1kAfZNAddz2dB9hyNjzM/YfFPCp6Jf/XCPfjJWuvyxZ9+3WtV6T8JB3UAAAAAAAAAAAAAAAAAAMAdUfqueKH4su/8blXPHp/9zAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgzhn+/f9BEHPbO1r2FvzVjX7Lieh31bIBY6F0xZW7eLcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPxf/R0AAP//KWlfjg==")
openat(r0, &(0x7f0000000480)='./file0\x00', 0x40, 0x80)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)

0s ago: executing program 1 (id=1980):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r1}, 0x18)
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x89a0, &(0x7f0000000040)={'syzkaller0\x00'})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'syzkaller0\x00', <r3=>0x0})
bind$packet(r2, &(0x7f0000000080)={0x11, 0x1a, r3, 0x1, 0x1, 0x6, @broadcast}, 0x14)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r5, 0x89a1, &(0x7f0000000040)={'syzkaller0\x00'})

kernel console output (not intermixed with test programs):

back.
[   84.954914][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.067140][ T5677] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   85.078870][ T5677] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   85.209239][ T4206] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[   85.217616][ T4206] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   85.217951][ T5730] sctp: [Deprecated]: syz.0.788 (pid 5730) Use of struct sctp_assoc_value in delayed_ack socket option.
[   85.217951][ T5730] Use struct sctp_sack_info instead
[   85.245322][ T4206] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[   85.253826][ T4206] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   85.274353][ T4201] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[   85.283006][ T4201] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   85.309810][ T4206] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[   85.318364][ T4206] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   86.137289][ T5759] loop3: detected capacity change from 0 to 512
[   86.157214][ T5759] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.800: bg 0: block 393: padding at end of block bitmap is not set
[   86.332890][ T5759] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6657: Corrupt filesystem
[   86.355066][ T5763] loop2: detected capacity change from 0 to 512
[   86.367731][ T5759] EXT4-fs (loop3): 2 truncates cleaned up
[   86.393057][ T5759] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   86.413671][ T5763] __quota_error: 434 callbacks suppressed
[   86.413694][ T5763] Quota error (device loop2): find_tree_dqentry: Cycle in quota tree detected: block 3 index 0
[   86.430183][ T5763] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0
[   86.439730][ T5763] EXT4-fs error (device loop2): ext4_acquire_dquot:6937: comm syz.2.801: Failed to acquire dquot type 1
[   86.561492][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.573384][ T5763] EXT4-fs (loop2): 1 truncate cleaned up
[   86.579476][ T5763] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   86.632351][ T5772] __nla_validate_parse: 2 callbacks suppressed
[   86.632368][ T5772] netlink: 12 bytes leftover after parsing attributes in process `syz.0.805'.
[   86.710766][ T5772] netlink: 12 bytes leftover after parsing attributes in process `syz.0.805'.
[   86.739927][   T29] audit: type=1326 audit(86.707:2454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5778 comm="syz.1.807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f526361ebe9 code=0x7ffc0000
[   86.763405][   T29] audit: type=1326 audit(86.707:2455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5778 comm="syz.1.807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f526361ebe9 code=0x7ffc0000
[   86.787344][   T29] audit: type=1326 audit(86.707:2456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5778 comm="syz.1.807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=12 compat=0 ip=0x7f526361ebe9 code=0x7ffc0000
[   86.810336][   T29] audit: type=1326 audit(86.707:2457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5778 comm="syz.1.807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f526361ebe9 code=0x7ffc0000
[   86.833181][   T29] audit: type=1326 audit(86.707:2458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5778 comm="syz.1.807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f526361ebe9 code=0x7ffc0000
[   86.857054][   T29] audit: type=1326 audit(86.707:2459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5778 comm="syz.1.807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7f526361ebe9 code=0x7ffc0000
[   86.881300][   T29] audit: type=1326 audit(86.707:2460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5778 comm="syz.1.807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f526361ebe9 code=0x7ffc0000
[   86.904221][   T29] audit: type=1326 audit(86.707:2461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5778 comm="syz.1.807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f526361ebe9 code=0x7ffc0000
[   86.929588][ T3323] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.383789][ T5830] loop2: detected capacity change from 0 to 128
[   87.399081][ T5830] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[   87.539419][ T3323] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   87.582041][ T5838] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   87.593666][ T5838] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   87.612123][ T5843] hub 6-0:1.0: USB hub found
[   87.617540][ T5843] hub 6-0:1.0: 8 ports detected
[   87.634693][ T4206] netdevsim netdevsim3 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[   87.644207][ T4206] netdevsim netdevsim3 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[   87.655964][ T4206] netdevsim netdevsim3 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[   87.679354][ T4206] netdevsim netdevsim3 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[   87.870818][ T5859] loop2: detected capacity change from 0 to 2048
[   87.918642][ T5456]  loop2: p2 p3 p7
[   87.932407][ T5859]  loop2: p2 p3 p7
[   87.967868][ T2994]  loop2: p2 p3 p7
[   88.606423][ T5882] loop3: detected capacity change from 0 to 1024
[   88.704810][ T5882] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   88.754132][ T5882] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.841: Allocating blocks 497-513 which overlap fs metadata
[   88.769698][ T5882] EXT4-fs (loop3): pa ffff88810729d5b0: logic 256, phys. 369, len 9
[   88.778709][ T5882] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1
[   88.794808][ T5882] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 18: block 129:freeing already freed block (bit 8); block bitmap corrupt.
[   88.855188][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.896279][ T5890] loop3: detected capacity change from 0 to 164
[   88.990254][ T5894] loop1: detected capacity change from 0 to 512
[   89.011039][    C0] vcan0: j1939_tp_rxtimer: 0xffff888119166800: rx timeout, send abort
[   89.012878][ T5894] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   89.021079][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff888119166800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[   89.029649][ T5894] EXT4-fs (loop1): couldn't mount as ext2 due to feature incompatibilities
[   89.087751][ T5896] netlink: zone id is out of range
[   89.105212][ T5896] netlink: zone id is out of range
[   89.114707][ T5894] netlink: zone id is out of range
[   89.130706][ T5894] netlink: zone id is out of range
[   89.142349][ T5894] netlink: zone id is out of range
[   89.148424][ T5894] netlink: zone id is out of range
[   89.163843][ T5894] netlink: zone id is out of range
[   89.182347][ T5894] netlink: zone id is out of range
[   89.187883][ T5894] netlink: zone id is out of range
[   89.195868][ T5894] netlink: zone id is out of range
[   89.376526][ T5909] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   89.551002][ T5919] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=12 sclass=netlink_route_socket pid=5919 comm=syz.1.855
[   89.816836][ T5937] netlink: 332 bytes leftover after parsing attributes in process `syz.5.863'.
[   89.924120][ T5943] netdevsim netdevsim5 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   89.934564][ T5943] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.006496][ T5943] netdevsim netdevsim5 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   90.017049][ T5943] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.087365][ T5943] netdevsim netdevsim5 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   90.098072][ T5943] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.139394][ T5953] netlink: 34 bytes leftover after parsing attributes in process `syz.1.869'.
[   90.200655][ T5943] netdevsim netdevsim5 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   90.211792][ T5943] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.362716][ T4191] netdevsim netdevsim5 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[   90.371552][ T4191] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   90.405033][ T4191] netdevsim netdevsim5 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[   90.413725][ T4191] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   90.450035][ T4191] netdevsim netdevsim5 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[   90.458916][ T4191] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   90.488432][ T4191] netdevsim netdevsim5 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[   90.496921][ T4191] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   90.585084][ T5977] netlink: 12 bytes leftover after parsing attributes in process `syz.5.879'.
[   90.748394][ T5984] netlink: 'syz.5.881': attribute type 49 has an invalid length.
[   90.787033][ T5987] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[   90.787354][ T5986] IPVS: stopping master sync thread 5987 ...
[   91.011171][ T5998] capability: warning: `syz.0.887' uses 32-bit capabilities (legacy support in use)
[   91.069889][ T6002] loop0: detected capacity change from 0 to 512
[   91.081305][ T6002] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.888: bg 0: block 393: padding at end of block bitmap is not set
[   91.097230][ T6002] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6657: Corrupt filesystem
[   91.108024][ T6002] EXT4-fs (loop0): 2 truncates cleaned up
[   91.116330][ T6002] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   91.146260][ T3303] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   91.559200][ T6024] netlink: 'syz.0.897': attribute type 1 has an invalid length.
[   91.567432][ T6024] netlink: 161700 bytes leftover after parsing attributes in process `syz.0.897'.
[   91.846395][ T6026] loop0: detected capacity change from 0 to 1024
[   91.876302][ T6026] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   91.923406][   T29] kauditd_printk_skb: 96 callbacks suppressed
[   91.923422][   T29] audit: type=1326 audit(91.897:2558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6025 comm="syz.0.898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f237743ebe9 code=0x7ffc0000
[   91.952923][   T29] audit: type=1326 audit(91.907:2559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6025 comm="syz.0.898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=119 compat=0 ip=0x7f237743ebe9 code=0x7ffc0000
[   91.977530][   T29] audit: type=1326 audit(91.907:2560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6025 comm="syz.0.898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f237743ebe9 code=0x7ffc0000
[   91.977567][   T29] audit: type=1326 audit(91.907:2561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6025 comm="syz.0.898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f237743ebe9 code=0x7ffc0000
[   91.977671][   T29] audit: type=1326 audit(91.907:2562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6025 comm="syz.0.898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=443 compat=0 ip=0x7f237743ebe9 code=0x7ffc0000
[   91.977743][   T29] audit: type=1326 audit(91.907:2563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6025 comm="syz.0.898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f237743ebe9 code=0x7ffc0000
[   91.978593][   T29] audit: type=1326 audit(91.947:2564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6025 comm="syz.0.898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f237743ebe9 code=0x7ffc0000
[   92.019448][ T3303] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   92.187371][ T6032] syzkaller0: entered allmulticast mode
[   92.187459][ T6032] syzkaller0: entered promiscuous mode
[   92.194802][ T6032] syzkaller0 (unregistering): left allmulticast mode
[   92.194828][ T6032] syzkaller0 (unregistering): left promiscuous mode
[   92.196507][ T6034] loop1: detected capacity change from 0 to 1024
[   92.227375][ T6034] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   92.295469][ T6040] netlink: 12 bytes leftover after parsing attributes in process `syz.0.912'.
[   92.304737][ T6039] loop2: detected capacity change from 0 to 512
[   92.316665][ T6039] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.902: bg 0: block 393: padding at end of block bitmap is not set
[   92.334190][ T6039] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6657: Corrupt filesystem
[   92.354460][ T6039] EXT4-fs (loop2): 2 truncates cleaned up
[   92.361280][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   92.371358][ T6039] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   92.426928][ T6047] netlink: 40 bytes leftover after parsing attributes in process `syz.1.903'.
[   92.473237][ T6045] tipc: Started in network mode
[   92.478916][ T6045] tipc: Node identity 76286afe7a1f, cluster identity 4711
[   92.488144][ T6045] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   92.496600][ T3323] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   92.508871][ T6044] tipc: Resetting bearer <eth:syzkaller0>
[   92.553253][   T29] audit: type=1400 audit(92.517:2565): avc:  denied  { ioctl } for  pid=6052 comm="syz.2.907" path="socket:[13768]" dev="sockfs" ino=13768 ioctlcmd=0x48dd scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   92.578777][   T29] audit: type=1400 audit(92.517:2566): avc:  denied  { setopt } for  pid=6052 comm="syz.2.907" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   92.598564][   T29] audit: type=1400 audit(92.517:2567): avc:  denied  { bind } for  pid=6052 comm="syz.2.907" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   92.641517][ T6044] tipc: Disabling bearer <eth:syzkaller0>
[   92.950650][ T6085] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[   93.049384][ T6090] loop3: detected capacity change from 0 to 512
[   93.088160][ T6090] EXT4-fs warning (device loop3): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   93.136067][ T6090] EXT4-fs (loop3): mount failed
[   93.201370][ T6090] loop3: detected capacity change from 0 to 1024
[   93.240861][ T6090] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   93.252349][ T6090] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   93.292843][ T6090] JBD2: no valid journal superblock found
[   93.299451][ T6090] EXT4-fs (loop3): Could not load journal inode
[   93.458950][ T6103] loop0: detected capacity change from 0 to 512
[   93.479056][ T6103] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   93.489834][ T6103] EXT4-fs (loop0): couldn't mount as ext2 due to feature incompatibilities
[   93.500100][ T6104] ref_ctr increment failed for inode: 0x2f7 offset: 0xb ref_ctr_offset: 0x82 of mm: 0xffff88811962a840
[   93.515837][ T6104] ref_ctr increment failed for inode: 0x2f7 offset: 0xf ref_ctr_offset: 0x82 of mm: 0xffff88811962a840
[   93.540203][ T6102] uprobe: syz.3.928:6102 failed to unregister, leaking uprobe
[   93.621601][ T6102] uprobe: syz.3.928:6102 failed to unregister, leaking uprobe
[   93.725517][ T6114] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=6114 comm=syz.3.934
[   93.738751][ T6114] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=6114 comm=syz.3.934
[   93.816705][ T6117] loop3: detected capacity change from 0 to 2048
[   93.874008][ T6117] Alternate GPT is invalid, using primary GPT.
[   93.880539][ T6117]  loop3: p1 p2 p3
[   93.950605][ T6051] syz.1.908 (6051) used greatest stack depth: 6336 bytes left
[   94.080161][ T3290] udevd[3290]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[   94.098561][ T5456] udevd[5456]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[   94.120476][ T5457] udevd[5457]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[   94.151513][ T3290] udevd[3290]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[   94.160556][ T5456] udevd[5456]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[   94.169789][ T5457] udevd[5457]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[   94.471156][ T6083] net_ratelimit: 156 callbacks suppressed
[   94.471174][ T6083] Set syz1 is full, maxelem 65536 reached
[   94.519396][ T6129] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   94.528104][ T6127] tipc: Resetting bearer <eth:syzkaller0>
[   94.545582][ T6127] tipc: Disabling bearer <eth:syzkaller0>
[   94.575145][ T6143] netlink: 'syz.3.945': attribute type 83 has an invalid length.
[   95.421571][ T6219] loop5: detected capacity change from 0 to 1024
[   95.448094][ T6219] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   95.502627][ T6219] SELinux:  Context @ is not valid (left unmapped).
[   95.617111][ T3645] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   95.668596][ T6261] netlink: 28 bytes leftover after parsing attributes in process `syz.3.964'.
[   95.679607][ T6261] netlink: 28 bytes leftover after parsing attributes in process `syz.3.964'.
[   95.767985][ T6265] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   95.782028][ T6263] tipc: Resetting bearer <eth:syzkaller0>
[   95.800695][ T6263] tipc: Disabling bearer <eth:syzkaller0>
[   95.874038][ T6277] loop2: detected capacity change from 0 to 512
[   95.881446][ T6277] EXT4-fs: Ignoring removed oldalloc option
[   95.892064][ T6277] EXT4-fs error (device loop2): ext4_xattr_inode_iget:433: comm syz.2.971: Parent and EA inode have the same ino 15
[   95.905313][ T6277] EXT4-fs (loop2): 1 orphan inode deleted
[   95.914208][ T6277] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   95.928228][ T6277] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   95.951267][ T6281] syzkaller0: entered allmulticast mode
[   95.968140][ T6281] syzkaller0: entered promiscuous mode
[   95.986603][ T6281] syzkaller0 (unregistering): left allmulticast mode
[   95.993734][ T6281] syzkaller0 (unregistering): left promiscuous mode
[   96.084486][ T6285] sctp: [Deprecated]: syz.5.974 (pid 6285) Use of struct sctp_assoc_value in delayed_ack socket option.
[   96.084486][ T6285] Use struct sctp_sack_info instead
[   96.491298][ T6293] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   96.653181][ T6293] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   96.664004][ T6289] Set syz1 is full, maxelem 65536 reached
[   96.723786][ T6298] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6298 comm=syz.1.979
[   96.764090][ T6293] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   96.814052][ T6293] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   96.899318][ T4206] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   96.918232][ T4206] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   96.942357][ T4206] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   96.971368][ T4206] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   97.057178][   T29] kauditd_printk_skb: 53 callbacks suppressed
[   97.057211][   T29] audit: type=1326 audit(97.027:2620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6318 comm="syz.2.987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c1593ebe9 code=0x7ffc0000
[   97.107909][   T29] audit: type=1326 audit(97.027:2621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6318 comm="syz.2.987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f0c1593ebe9 code=0x7ffc0000
[   97.131068][   T29] audit: type=1326 audit(97.027:2622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6318 comm="syz.2.987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c1593ebe9 code=0x7ffc0000
[   97.154418][   T29] audit: type=1326 audit(97.027:2623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6318 comm="syz.2.987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f0c1593ebe9 code=0x7ffc0000
[   97.177967][   T29] audit: type=1326 audit(97.027:2624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6318 comm="syz.2.987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c1593ebe9 code=0x7ffc0000
[   97.200836][   T29] audit: type=1326 audit(97.027:2625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6318 comm="syz.2.987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f0c1593ebe9 code=0x7ffc0000
[   97.223782][   T29] audit: type=1326 audit(97.027:2626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6318 comm="syz.2.987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c1593ebe9 code=0x7ffc0000
[   97.246853][   T29] audit: type=1326 audit(97.027:2627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6318 comm="syz.2.987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f0c1593ebe9 code=0x7ffc0000
[   97.270006][   T29] audit: type=1326 audit(97.027:2628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6318 comm="syz.2.987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c1593ebe9 code=0x7ffc0000
[   97.293206][   T29] audit: type=1326 audit(97.027:2629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6318 comm="syz.2.987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=154 compat=0 ip=0x7f0c1593ebe9 code=0x7ffc0000
[   97.613176][ T6342] rdma_op ffff8881268afd80 conn xmit_rdma 0000000000000000
[   97.634058][ T6347] ref_ctr increment failed for inode: 0x4bb offset: 0xb ref_ctr_offset: 0x82 of mm: 0xffff888104342280
[   97.651073][ T6349] syzkaller0: entered allmulticast mode
[   97.654934][ T6347] ref_ctr increment failed for inode: 0x4bb offset: 0xf ref_ctr_offset: 0x82 of mm: 0xffff888104342280
[   97.671682][ T6349] syzkaller0 (unregistering): left allmulticast mode
[   97.692714][ T6346] uprobe: syz.1.997:6346 failed to unregister, leaking uprobe
[   97.772715][ T6356] sctp: [Deprecated]: syz.2.1001 (pid 6356) Use of struct sctp_assoc_value in delayed_ack socket option.
[   97.772715][ T6356] Use struct sctp_sack_info instead
[   97.789530][ T6346] uprobe: syz.1.997:6346 failed to unregister, leaking uprobe
[   99.129000][ T6402] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1016'.
[   99.138055][ T6402] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1016'.
[   99.184973][ T6404] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1019'.
[   99.204417][ T6402] bridge_slave_0: left promiscuous mode
[   99.210334][ T6402] bridge0: port 1(bridge_slave_0) entered disabled state
[   99.248596][ T6402] bridge_slave_1: left allmulticast mode
[   99.254417][ T6402] bridge_slave_1: left promiscuous mode
[   99.260247][ T6402] bridge0: port 2(bridge_slave_1) entered disabled state
[   99.273034][ T6402] bond0: (slave bond_slave_0): Releasing backup interface
[   99.286059][ T6402] bond0: (slave bond_slave_1): Releasing backup interface
[   99.301861][ T6402] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   99.309543][ T6402] batman_adv: batadv0: Removing interface: batadv_slave_0
[   99.406228][ T6402] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   99.414134][ T6402] batman_adv: batadv0: Removing interface: batadv_slave_1
[   99.526117][ T6402] bond1: (slave batadv1): Releasing active interface
[   99.573001][ T6417] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1024'.
[   99.663855][ T6420] loop2: detected capacity change from 0 to 1024
[   99.699728][ T6420] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   99.775320][ T6420] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm syz.2.1025: Allocating blocks 385-513 which overlap fs metadata
[   99.878013][ T6420] EXT4-fs (loop2): pa ffff88810729d620: logic 16, phys. 129, len 24
[   99.886177][ T6420] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[  100.252231][ T3323] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.379702][ T6459] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1036'.
[  100.401901][ T6458] loop3: detected capacity change from 0 to 512
[  100.451000][ T6458] EXT4-fs: Ignoring removed oldalloc option
[  100.532686][ T6458] /dev/loop3: Can't open blockdev
[  101.676592][ T6526] syzkaller1: entered promiscuous mode
[  101.682400][ T6526] syzkaller1: entered allmulticast mode
[  101.852712][ T6535] 9pnet: p9_errstr2errno: server reported unknown error 
[  102.188756][ T6546] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  102.204683][ T6546] tipc: Disabling bearer <eth:syzkaller0>
[  102.465227][ T6541] Set syz1 is full, maxelem 65536 reached
[  102.614258][   T29] kauditd_printk_skb: 73 callbacks suppressed
[  102.614347][   T29] audit: type=1326 audit(102.587:2703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6556 comm="syz.2.1077" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0c1593ebe9 code=0x0
[  102.806256][   T29] audit: type=1400 audit(102.757:2704): avc:  denied  { create } for  pid=6556 comm="syz.2.1077" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  102.817496][ T6568] netlink: 87 bytes leftover after parsing attributes in process `syz.3.1080'.
[  102.825682][   T29] audit: type=1400 audit(102.767:2705): avc:  denied  { read write } for  pid=6556 comm="syz.2.1077" path="socket:[16523]" dev="sockfs" ino=16523 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  103.003504][ T6577] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1081'.
[  103.023179][ T6577] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1081'.
[  103.485228][ T6633] loop5: detected capacity change from 0 to 8192
[  103.608601][ T6641] netlink: 'syz.0.1091': attribute type 1 has an invalid length.
[  103.634625][   T29] audit: type=1326 audit(103.587:2706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6630 comm="syz.5.1089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbcffaebe9 code=0x7ffc0000
[  103.657843][   T29] audit: type=1326 audit(103.587:2707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6630 comm="syz.5.1089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbcffaebe9 code=0x7ffc0000
[  103.681487][   T29] audit: type=1326 audit(103.587:2708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6630 comm="syz.5.1089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdbcffaebe9 code=0x7ffc0000
[  103.705049][   T29] audit: type=1326 audit(103.587:2709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6630 comm="syz.5.1089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbcffaebe9 code=0x7ffc0000
[  103.728492][   T29] audit: type=1326 audit(103.587:2710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6630 comm="syz.5.1089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbcffaebe9 code=0x7ffc0000
[  103.751891][   T29] audit: type=1326 audit(103.587:2711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6630 comm="syz.5.1089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdbcffaebe9 code=0x7ffc0000
[  103.775103][   T29] audit: type=1326 audit(103.587:2712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6630 comm="syz.5.1089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbcffaebe9 code=0x7ffc0000
[  103.854477][ T6667] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1091'.
[  103.937175][ T6641] 8021q: adding VLAN 0 to HW filter on device bond2
[  103.962979][ T6667] bond2 (unregistering): Released all slaves
[  104.143862][ T6684] loop0: detected capacity change from 0 to 1024
[  104.192268][ T6684] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  104.285374][ T6684] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4183: comm syz.0.1105: Allocating blocks 449-513 which overlap fs metadata
[  104.392465][ T6683] EXT4-fs (loop0): pa ffff88810729d690: logic 48, phys. 177, len 21
[  104.400854][ T6683] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4
[  104.446119][ T3303] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.468459][ T6697] tipc: New replicast peer: 255.255.255.255
[  104.474876][ T6697] tipc: Enabled bearer <udp:syz2>, priority 10
[  104.600042][ T6707] netlink: 76 bytes leftover after parsing attributes in process `syz.5.1104'.
[  104.841412][ T6739] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.924265][ T6739] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  105.033443][ T6739] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  105.117903][ T6739] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  105.186861][ T6749] random: crng reseeded on system resumption
[  105.261870][ T4185] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  105.291949][ T4185] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  105.404657][ T4185] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  105.442770][ T4185] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  105.518471][ T6764] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1125'.
[  105.549996][ T6767] atomic_op ffff88811bdf8928 conn xmit_atomic 0000000000000000
[  105.721772][ T6781] loop1: detected capacity change from 0 to 8192
[  105.933660][ T6792] serio: Serial port ptm0
[  105.947181][ T6793] random: crng reseeded on system resumption
[  106.007258][ T6797] loop2: detected capacity change from 0 to 2048
[  106.023748][ T6797] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  106.104056][ T3323] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[  106.180133][ T3323] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  106.205419][ T4210] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 3 with error 28
[  106.218299][ T4210] EXT4-fs (loop2): This should not happen!! Data will be lost
[  106.218299][ T4210] 
[  106.228149][ T4210] EXT4-fs (loop2): Total free blocks count 0
[  106.234193][ T4210] EXT4-fs (loop2): Free/Dirty block details
[  106.240129][ T4210] EXT4-fs (loop2): free_blocks=0
[  106.245221][ T4210] EXT4-fs (loop2): dirty_blocks=912
[  106.250438][ T4210] EXT4-fs (loop2): Block reservation details
[  106.256649][ T4210] EXT4-fs (loop2): i_reserved_data_blocks=57
[  106.571524][ T6818] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1144'.
[  106.668930][ T6822] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  106.753975][ T6824] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=770 sclass=netlink_route_socket pid=6824 comm=syz.3.1147
[  106.795950][ T6827] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1149'.
[  106.838535][ T6827] 8021q: adding VLAN 0 to HW filter on device bond1
[  106.867510][ T6827] vlan2: entered allmulticast mode
[  106.872778][ T6827] bond1: entered allmulticast mode
[  107.000067][ T6839] loop3: detected capacity change from 0 to 256
[  107.035603][ T6839] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  107.044792][ T6839] FAT-fs (loop3): Filesystem has been set read-only
[  107.115077][ T6844] random: crng reseeded on system resumption
[  107.348003][ T6851] netlink: 276 bytes leftover after parsing attributes in process `syz.1.1159'.
[  107.387503][ T6852] syzkaller0: entered promiscuous mode
[  107.393677][ T6852] syzkaller0: entered allmulticast mode
[  107.884118][   T29] kauditd_printk_skb: 149 callbacks suppressed
[  107.884196][   T29] audit: type=1326 audit(107.857:2862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6886 comm="syz.5.1175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbcffaebe9 code=0x7ffc0000
[  107.927641][ T6887] loop5: detected capacity change from 0 to 256
[  107.947909][   T29] audit: type=1326 audit(107.897:2863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6886 comm="syz.5.1175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdbcffaebe9 code=0x7ffc0000
[  107.971736][   T29] audit: type=1326 audit(107.897:2864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6886 comm="syz.5.1175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbcffaebe9 code=0x7ffc0000
[  107.996083][   T29] audit: type=1326 audit(107.897:2865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6886 comm="syz.5.1175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbcffaebe9 code=0x7ffc0000
[  108.019335][   T29] audit: type=1326 audit(107.897:2866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6886 comm="syz.5.1175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fdbcffaebe9 code=0x7ffc0000
[  108.029181][ T6890] syzkaller0: entered promiscuous mode
[  108.043011][   T29] audit: type=1326 audit(107.897:2867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6886 comm="syz.5.1175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fdbcffaec23 code=0x7ffc0000
[  108.048946][ T6890] syzkaller0: entered allmulticast mode
[  108.071931][   T29] audit: type=1326 audit(107.897:2868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6886 comm="syz.5.1175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fdbcffad69f code=0x7ffc0000
[  108.100699][   T29] audit: type=1326 audit(107.897:2869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6886 comm="syz.5.1175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fdbcffaec77 code=0x7ffc0000
[  108.124262][   T29] audit: type=1326 audit(107.897:2870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6886 comm="syz.5.1175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fdbcffad550 code=0x7ffc0000
[  108.147763][   T29] audit: type=1326 audit(107.897:2871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6886 comm="syz.5.1175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fdbcffae7eb code=0x7ffc0000
[  108.238911][ T6866] Restarting kernel threads ...
[  108.253903][ T6866] Done restarting kernel threads.
[  108.260211][ T6897] sch_tbf: burst 1821 is lower than device lo mtu (65550) !
[  108.270313][ T6897] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1179'.
[  108.325993][ T6901] loop1: detected capacity change from 0 to 1024
[  108.350824][ T6901] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  108.366846][ T6901] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4183: comm syz.1.1181: Allocating blocks 385-513 which overlap fs metadata
[  108.383380][ T6901] EXT4-fs (loop1): pa ffff8881071bc2a0: logic 16, phys. 129, len 24
[  108.391439][ T6901] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[  108.435833][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.567087][ T6916] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1196'.
[  109.096700][ T6929] loop5: detected capacity change from 0 to 128
[  109.128473][ T4206] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  109.132641][ T6800] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 4 with max blocks 906 with error 28
[  109.183820][ T4206] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  109.245857][ T4206] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  109.283276][ T6941] sch_fq: defrate 0 ignored.
[  109.324306][ T4206] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  109.696282][ T6978] loop0: detected capacity change from 0 to 2048
[  109.721738][ T4206] bond0 (unregistering): Released all slaves
[  109.736157][ T4206] bond1 (unregistering): Released all slaves
[  109.799968][ T6978] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  109.800597][ T4206] tipc: Disabling bearer <udp:£>
[  109.817979][ T4206] tipc: Left network mode
[  109.922334][ T4206] hsr_slave_0: left promiscuous mode
[  109.954230][ T4206] hsr_slave_1: left promiscuous mode
[  109.973774][ T4206] batman_adv: batadv0: Interface deactivated: veth1_vlan
[  109.980992][ T4206] batman_adv: batadv0: Removing interface: veth1_vlan
[  110.011500][ T3303] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[  110.030039][ T4206] veth0_macvtap: left promiscuous mode
[  110.036123][ T4206] veth1_vlan: left promiscuous mode
[  110.046386][ T4206] veth0_vlan: left promiscuous mode
[  110.115650][ T3303] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  110.117173][ T4210] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 3 with error 28
[  110.137329][ T4210] EXT4-fs (loop0): This should not happen!! Data will be lost
[  110.137329][ T4210] 
[  110.147212][ T4210] EXT4-fs (loop0): Total free blocks count 0
[  110.153338][ T4210] EXT4-fs (loop0): Free/Dirty block details
[  110.159279][ T4210] EXT4-fs (loop0): free_blocks=0
[  110.164451][ T4210] EXT4-fs (loop0): dirty_blocks=512
[  110.169743][ T4210] EXT4-fs (loop0): Block reservation details
[  110.175784][ T4210] EXT4-fs (loop0): i_reserved_data_blocks=32
[  110.224438][ T6989] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 4 with max blocks 494 with error 28
[  110.506266][ T6943] chnl_net:caif_netlink_parms(): no params data found
[  110.765374][ T6943] bridge0: port 1(bridge_slave_0) entered blocking state
[  110.772586][ T6943] bridge0: port 1(bridge_slave_0) entered disabled state
[  110.785734][ T6943] bridge_slave_0: entered allmulticast mode
[  110.799258][ T6943] bridge_slave_0: entered promiscuous mode
[  110.813272][ T6943] bridge0: port 2(bridge_slave_1) entered blocking state
[  110.820423][ T6943] bridge0: port 2(bridge_slave_1) entered disabled state
[  110.827965][ T6943] bridge_slave_1: entered allmulticast mode
[  110.837232][ T6943] bridge_slave_1: entered promiscuous mode
[  110.895773][ T6943] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  110.924092][ T6943] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  110.965740][ T4206] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  110.989306][ T6943] team0: Port device team_slave_0 added
[  111.001464][ T6943] team0: Port device team_slave_1 added
[  111.024696][ T4206] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  111.076312][ T6943] batman_adv: batadv0: Adding interface: batadv_slave_0
[  111.083380][ T6943] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  111.110017][ T6943] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  111.169557][ T6943] batman_adv: batadv0: Adding interface: batadv_slave_1
[  111.176609][ T6943] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  111.202935][ T6943] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  111.246116][ T4206] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  111.324242][ T6943] hsr_slave_0: entered promiscuous mode
[  111.330490][ T6943] hsr_slave_1: entered promiscuous mode
[  111.341961][ T6943] debugfs: 'hsr0' already exists in 'hsr'
[  111.347783][ T6943] Cannot create hsr debugfs directory
[  111.386492][ T4206] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  111.425668][ T7071] loop3: detected capacity change from 0 to 1024
[  111.447835][ T7071] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  111.483538][ T7071] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 15: block 369:freeing already freed block (bit 23); block bitmap corrupt.
[  111.587086][ T7085] netlink: 5 bytes leftover after parsing attributes in process `syz.5.1219'.
[  111.619549][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.823757][ T4206] bond0 (unregistering): Released all slaves
[  111.832908][ T4206] bond1 (unregistering): Released all slaves
[  111.844536][ T7085] 0ªî{X¹¦: renamed from gretap0 (while UP)
[  111.853869][ T7085] 0ªî{X¹¦: entered allmulticast mode
[  111.860141][ T7085] A link change request failed with some changes committed already. Interface 
30ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[  111.901506][ T4206] tipc: Left network mode
[  111.913009][ T7035] chnl_net:caif_netlink_parms(): no params data found
[  111.981318][ T7107] netdevsim netdevsim5 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  111.992249][ T7107] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  112.008577][ T4206] hsr_slave_0: left promiscuous mode
[  112.016292][ T4206] hsr_slave_1: left promiscuous mode
[  112.025388][ T4206] veth1_macvtap: left promiscuous mode
[  112.031006][ T4206] veth0_macvtap: left promiscuous mode
[  112.165574][ T7107] netdevsim netdevsim5 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  112.175853][ T7107] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  112.216479][ T6943] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  112.231858][ T6943] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  112.265862][ T7107] netdevsim netdevsim5 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  112.276521][ T7107] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  112.295347][ T6943] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  112.306496][ T6943] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  112.330419][ T3366] IPVS: starting estimator thread 0...
[  112.358253][ T7107] netdevsim netdevsim5 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  112.368248][ T7107] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  112.407405][ T7035] bridge0: port 1(bridge_slave_0) entered blocking state
[  112.415487][ T7035] bridge0: port 1(bridge_slave_0) entered disabled state
[  112.426735][ T7035] bridge_slave_0: entered allmulticast mode
[  112.433903][ T7035] bridge_slave_0: entered promiscuous mode
[  112.447495][ T7148] netlink: 272 bytes leftover after parsing attributes in process `syz.3.1231'.
[  112.452478][ T7140] IPVS: using max 2304 ests per chain, 115200 per kthread
[  112.467014][ T7035] bridge0: port 2(bridge_slave_1) entered blocking state
[  112.474346][ T7035] bridge0: port 2(bridge_slave_1) entered disabled state
[  112.484708][ T7035] bridge_slave_1: entered allmulticast mode
[  112.491274][ T7035] bridge_slave_1: entered promiscuous mode
[  112.523946][ T7035] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  112.556080][ T7035] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  112.567610][ T4185] netdevsim netdevsim5 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  112.576536][ T4185] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  112.587915][ T7156] loop1: detected capacity change from 0 to 256
[  112.595583][ T6943] 8021q: adding VLAN 0 to HW filter on device bond0
[  112.617224][ T4185] netdevsim netdevsim5 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  112.625975][ T4185] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  112.649861][ T6943] 8021q: adding VLAN 0 to HW filter on device team0
[  112.672906][ T4185] netdevsim netdevsim5 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  112.681299][ T4185] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  112.690393][ T7035] team0: Port device team_slave_0 added
[  112.703603][ T7035] team0: Port device team_slave_1 added
[  112.721748][ T4185] netdevsim netdevsim5 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  112.730786][ T4185] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  112.758016][ T7168] loop3: detected capacity change from 0 to 1024
[  112.770989][ T7035] batman_adv: batadv0: Adding interface: batadv_slave_0
[  112.778053][ T7035] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  112.804162][ T7035] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  112.814702][ T7168] EXT4-fs: Ignoring removed nobh option
[  112.820678][ T7168] EXT4-fs: Ignoring removed bh option
[  112.836010][ T7035] batman_adv: batadv0: Adding interface: batadv_slave_1
[  112.843126][ T7035] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  112.869335][ T7035] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  112.885490][ T7168] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  112.903379][ T4185] bridge0: port 1(bridge_slave_0) entered blocking state
[  112.910609][ T4185] bridge0: port 1(bridge_slave_0) entered forwarding state
[  112.930017][   T29] kauditd_printk_skb: 166 callbacks suppressed
[  112.930043][   T29] audit: type=1326 audit(112.897:3038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7167 comm="syz.3.1236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf34d7ebe9 code=0x7ffc0000
[  112.964377][ T4185] bridge0: port 2(bridge_slave_1) entered blocking state
[  112.971728][ T4185] bridge0: port 2(bridge_slave_1) entered forwarding state
[  112.995670][   T29] audit: type=1326 audit(112.937:3039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7167 comm="syz.3.1236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf34d7ebe9 code=0x7ffc0000
[  113.019811][   T29] audit: type=1326 audit(112.937:3040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7167 comm="syz.3.1236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7fcf34d7ebe9 code=0x7ffc0000
[  113.045862][   T29] audit: type=1326 audit(112.937:3041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7167 comm="syz.3.1236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf34d7ebe9 code=0x7ffc0000
[  113.068484][ T6943] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  113.069464][   T29] audit: type=1326 audit(112.937:3042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7167 comm="syz.3.1236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf34d7ebe9 code=0x7ffc0000
[  113.080805][ T6943] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  113.103279][   T29] audit: type=1326 audit(112.937:3043): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7167 comm="syz.3.1236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=29 compat=0 ip=0x7fcf34d7ebe9 code=0x7ffc0000
[  113.103347][   T29] audit: type=1326 audit(112.937:3044): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7167 comm="syz.3.1236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf34d7ebe9 code=0x7ffc0000
[  113.103384][   T29] audit: type=1326 audit(112.937:3045): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7167 comm="syz.3.1236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf34d7ebe9 code=0x7ffc0000
[  113.103419][   T29] audit: type=1326 audit(112.947:3046): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7167 comm="syz.3.1236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fcf34d7ebe9 code=0x7ffc0000
[  113.103533][   T29] audit: type=1326 audit(112.947:3047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7167 comm="syz.3.1236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fcf34d7ec23 code=0x7ffc0000
[  113.250661][ T7171] loop1: detected capacity change from 0 to 1024
[  113.260531][ T7171] EXT4-fs: Ignoring removed nobh option
[  113.268405][ T7171] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  113.287317][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.327765][ T7171] EXT4-fs error (device loop1): ext4_ext_check_inode:523: inode #11: comm syz.1.1235: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  113.361191][ T7035] hsr_slave_0: entered promiscuous mode
[  113.367684][ T7035] hsr_slave_1: entered promiscuous mode
[  113.403595][ T7171] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.1235: couldn't read orphan inode 11 (err -117)
[  113.420153][ T7171] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  113.526495][ T6943] 8021q: adding VLAN 0 to HW filter on device batadv0
[  113.541399][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.603825][ T7035] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  113.636513][ T7035] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  113.659531][ T7035] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  113.671100][ T7212] loop1: detected capacity change from 0 to 1024
[  113.701280][ T7035] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  113.725165][ T7212] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  113.761500][ T7212] EXT4-fs error (device loop1): mb_free_blocks:2017: group 0, inode 15: block 369:freeing already freed block (bit 23); block bitmap corrupt.
[  113.825415][ T7239] loop3: detected capacity change from 0 to 512
[  113.848519][ T7035] 8021q: adding VLAN 0 to HW filter on device bond0
[  113.867497][ T7239] EXT4-fs: Ignoring removed mblk_io_submit option
[  113.878879][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.880304][ T7035] 8021q: adding VLAN 0 to HW filter on device team0
[  113.896033][ T7239] EXT4-fs: Ignoring removed nomblk_io_submit option
[  113.910902][ T7239] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  113.915692][ T6943] veth0_vlan: entered promiscuous mode
[  113.920402][ T7239] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  113.940028][ T4209] bridge0: port 1(bridge_slave_0) entered blocking state
[  113.947260][ T4209] bridge0: port 1(bridge_slave_0) entered forwarding state
[  113.969637][ T4209] bridge0: port 2(bridge_slave_1) entered blocking state
[  113.976914][ T4209] bridge0: port 2(bridge_slave_1) entered forwarding state
[  113.991377][ T7239] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.1244: Allocating blocks 41-42 which overlap fs metadata
[  114.015582][ T7239] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.1244: Allocating blocks 41-42 which overlap fs metadata
[  114.034366][ T7247] netdevsim netdevsim1 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  114.044265][ T7247] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  114.051639][ T7239] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.1244: Failed to acquire dquot type 1
[  114.066982][ T7239] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  114.083682][ T7239] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #12: comm syz.3.1244: corrupted inode contents
[  114.097091][ T6943] veth1_vlan: entered promiscuous mode
[  114.104917][ T7239] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #12: comm syz.3.1244: mark_inode_dirty error
[  114.115517][ T6943] veth0_macvtap: entered promiscuous mode
[  114.124435][ T7239] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #12: comm syz.3.1244: corrupted inode contents
[  114.147055][ T6943] veth1_macvtap: entered promiscuous mode
[  114.155300][ T7239] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #12: comm syz.3.1244: mark_inode_dirty error
[  114.176966][ T7239] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #12: comm syz.3.1244: corrupted inode contents
[  114.177515][ T7247] netdevsim netdevsim1 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  114.193098][ T7239] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[  114.199989][ T7247] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  114.209245][ T7239] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #12: comm syz.3.1244: corrupted inode contents
[  114.230515][ T7239] EXT4-fs error (device loop3): ext4_truncate:4666: inode #12: comm syz.3.1244: mark_inode_dirty error
[  114.233132][ T6943] batman_adv: batadv0: Interface activated: batadv_slave_0
[  114.254263][ T7239] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[  114.255989][ T6943] batman_adv: batadv0: Interface activated: batadv_slave_1
[  114.264122][ T7239] EXT4-fs (loop3): 1 truncate cleaned up
[  114.280703][ T7247] netdevsim netdevsim1 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  114.281631][ T7239] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  114.290644][ T7247] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  114.335730][ T4242] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  114.347804][ T4242] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  114.374359][ T4242] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  114.385694][ T7035] 8021q: adding VLAN 0 to HW filter on device batadv0
[  114.398167][ T7247] netdevsim netdevsim1 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  114.408697][ T7247] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  114.421301][ T7239] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  114.433758][ T4242] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  114.446923][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.466679][ T4242] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  114.475305][ T4242] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  114.500049][ T4185] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  114.509356][ T4185] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  114.548998][ T4185] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  114.557412][ T4185] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  114.596329][ T4185] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  114.604711][ T4185] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  114.679101][ T7272] loop3: detected capacity change from 0 to 8192
[  114.695542][ T7281] loop6: detected capacity change from 0 to 512
[  114.724850][ T5456]  loop3: p1 p2[DM] p4
[  114.729513][ T5456] loop3: p1 size 196608 extends beyond EOD, truncated
[  114.737071][ T7281] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  114.756080][ T5456] loop3: p2 start 4292936063 is beyond EOD, truncated
[  114.763098][ T5456] loop3: p4 size 50331648 extends beyond EOD, truncated
[  114.783601][ T7272]  loop3: p1 p2[DM] p4
[  114.789355][ T7272] loop3: p1 size 196608 extends beyond EOD, truncated
[  114.819407][ T7272] loop3: p2 start 4292936063 is beyond EOD, truncated
[  114.819658][ T6943] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.826442][ T7272] loop3: p4 size 50331648 extends beyond EOD, truncated
[  114.854123][ T7035] veth0_vlan: entered promiscuous mode
[  114.867777][ T7035] veth1_vlan: entered promiscuous mode
[  114.918688][ T7035] veth0_macvtap: entered promiscuous mode
[  114.929659][ T7035] veth1_macvtap: entered promiscuous mode
[  114.943347][ T7035] batman_adv: batadv0: Interface activated: batadv_slave_0
[  114.964271][ T5456] udevd[5456]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[  114.976025][ T3290] udevd[3290]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[  114.989288][ T7035] batman_adv: batadv0: Interface activated: batadv_slave_1
[  114.999776][ T7300] loop1: detected capacity change from 0 to 512
[  115.012084][ T3290] udevd[3290]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[  115.026819][ T5456] udevd[5456]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[  115.052296][ T7300] EXT4-fs (loop1): fragment/cluster size (1024) != block size (4096)
[  115.074747][ T4210] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  115.103338][ T7304] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1255'.
[  115.119975][ T4210] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  115.144649][ T4210] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  115.218532][ T4210] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  115.292462][ T7313] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.1257'.
[  115.313946][ T7315] netlink: 'syz.7.1258': attribute type 1 has an invalid length.
[  115.389383][ T3413] IPVS: starting estimator thread 0...
[  115.451433][ T7326] loop5: detected capacity change from 0 to 164
[  115.482625][ T7323] IPVS: using max 2448 ests per chain, 122400 per kthread
[  115.500168][ T7326] rock: directory entry would overflow storage
[  115.506430][ T7326] rock: sig=0x66, size=4, remaining=3
[  115.560425][ T7330] loop7: detected capacity change from 0 to 8192
[  115.588818][ T7339] loop1: detected capacity change from 0 to 512
[  115.598600][ T7339] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  115.608603][ T7339] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  115.639640][ T7339] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  115.662962][ T7339] System zones: 0-2, 18-18, 34-35
[  115.694750][ T7339] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  115.727102][ T7349] 8021q: adding VLAN 0 to HW filter on device bond1
[  115.758390][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.792376][ T7358] netlink: 'syz.3.1276': attribute type 1 has an invalid length.
[  115.804852][ T7349] bond1: (slave ip6gretap1): making interface the new active one
[  115.849644][ T7349] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[  115.855950][ T7367] loop5: detected capacity change from 0 to 1024
[  115.873997][ T7367] EXT4-fs: Ignoring removed nobh option
[  115.887547][ T7367] EXT4-fs: Ignoring removed bh option
[  115.898682][ T7358] 8021q: adding VLAN 0 to HW filter on device bond2
[  115.916643][ T7367] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  115.924051][ T7370] bond2: (slave geneve2): making interface the new active one
[  115.984154][ T7370] bond2: (slave geneve2): Enslaving as an active interface with an up link
[  115.997058][ T4210] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  116.024368][ T4210] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  116.045786][ T3645] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.055269][ T4210] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  116.064115][ T4210] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  116.110385][ T7388] loop5: detected capacity change from 0 to 128
[  116.141926][ T7390] loop3: detected capacity change from 0 to 512
[  116.161637][ T7390] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  116.171694][ T7390] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  116.184237][ T7388] syz.5.1283: attempt to access beyond end of device
[  116.184237][ T7388] loop5: rw=0, sector=121, nr_sectors = 8 limit=128
[  116.199816][ T7390] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  116.213610][ T7390] System zones: 0-2, 18-18, 34-35
[  116.231550][ T7390] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  116.258177][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.329086][ T7403] bond0: (slave bond_slave_0): Releasing backup interface
[  116.340742][ T7403] bond0: (slave bond_slave_1): Releasing backup interface
[  116.354646][ T7405] loop5: detected capacity change from 0 to 512
[  116.361561][ T7405] EXT4-fs: Ignoring removed mblk_io_submit option
[  116.368496][ T7405] EXT4-fs: Ignoring removed nomblk_io_submit option
[  116.376025][ T7403] team0: Port device team_slave_0 removed
[  116.382908][ T7405] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  116.392532][ T7405] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  116.405629][ T7403] team0: Port device team_slave_1 removed
[  116.412526][ T7403] batman_adv: batadv0: Removing interface: batadv_slave_0
[  116.420542][ T7403] batman_adv: batadv0: Removing interface: batadv_slave_1
[  116.430288][ T7403] bond2: (slave geneve2): Releasing active interface
[  116.430840][ T7405] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4183: comm syz.5.1290: Allocating blocks 41-42 which overlap fs metadata
[  116.452290][ T7405] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4183: comm syz.5.1290: Allocating blocks 41-42 which overlap fs metadata
[  116.467331][ T7405] EXT4-fs error (device loop5): ext4_acquire_dquot:6937: comm syz.5.1290: Failed to acquire dquot type 1
[  116.472595][ T7407] team0: Mode changed to "activebackup"
[  116.479471][ T7405] EXT4-fs error (device loop5): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  116.503520][ T7405] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #12: comm syz.5.1290: corrupted inode contents
[  116.518352][ T4214] netdevsim netdevsim3 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  116.531046][ T7405] EXT4-fs error (device loop5): ext4_dirty_inode:6538: inode #12: comm syz.5.1290: mark_inode_dirty error
[  116.531634][ T4214] netdevsim netdevsim3 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  116.576226][ T7405] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #12: comm syz.5.1290: corrupted inode contents
[  116.596310][ T4252] netdevsim netdevsim3 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  116.613727][ T4251] netdevsim netdevsim3 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  116.639278][ T7405] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #12: comm syz.5.1290: mark_inode_dirty error
[  116.661161][ T7405] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #12: comm syz.5.1290: corrupted inode contents
[  116.675086][ T7405] EXT4-fs error (device loop5) in ext4_orphan_del:305: Corrupt filesystem
[  116.685493][ T7405] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #12: comm syz.5.1290: corrupted inode contents
[  116.714124][ T7413] loop3: detected capacity change from 0 to 512
[  116.735057][ T7413] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  116.757232][ T7405] EXT4-fs error (device loop5): ext4_truncate:4666: inode #12: comm syz.5.1290: mark_inode_dirty error
[  116.786557][ T7405] EXT4-fs error (device loop5) in ext4_process_orphan:347: Corrupt filesystem
[  116.808090][ T7405] EXT4-fs (loop5): 1 truncate cleaned up
[  116.827058][ T7405] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  116.882807][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.936806][ T7405] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  116.987184][ T3645] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.066068][ T7426] netlink: 'syz.5.1297': attribute type 7 has an invalid length.
[  117.073970][ T7426] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1297'.
[  117.491577][ T7453] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1308'.
[  117.520964][ T7456] SELinux:  Context Ü is not valid (left unmapped).
[  117.541206][ T7456] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1309'.
[  117.545565][ T7453] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1308'.
[  117.574670][ T7456] netlink: 'syz.7.1309': attribute type 10 has an invalid length.
[  117.582663][ T7456] netlink: 40 bytes leftover after parsing attributes in process `syz.7.1309'.
[  117.606933][ T7456] team0: Port device geneve1 added
[  117.725938][ T7462] netlink: 96 bytes leftover after parsing attributes in process `syz.5.1312'.
[  117.751787][ T7463] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  117.806310][ T7468] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1314'.
[  117.817885][ T7468] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1314'.
[  117.875522][ T7474] netlink: 'syz.6.1316': attribute type 10 has an invalid length.
[  117.887894][ T7474] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  117.938575][   T29] kauditd_printk_skb: 345 callbacks suppressed
[  117.938590][   T29] audit: type=1326 audit(117.907:3385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7450 comm="syz.1.1307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7f526361ebe9 code=0x7ffc0000
[  117.990015][   T29] audit: type=1326 audit(117.937:3386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7450 comm="syz.1.1307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7f526361ebe9 code=0x7ffc0000
[  118.014060][   T29] audit: type=1326 audit(117.957:3387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7450 comm="syz.1.1307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7f526361ebe9 code=0x7ffc0000
[  118.038975][   T29] audit: type=1326 audit(117.997:3388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7450 comm="syz.1.1307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7f526361ebe9 code=0x7ffc0000
[  118.062473][   T29] audit: type=1326 audit(118.007:3389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7450 comm="syz.1.1307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7f526361ebe9 code=0x7ffc0000
[  118.086105][   T29] audit: type=1326 audit(118.057:3390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7450 comm="syz.1.1307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7f526361ebe9 code=0x7ffc0000
[  118.109542][   T29] audit: type=1326 audit(118.077:3391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7450 comm="syz.1.1307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7f526361ebe9 code=0x7ffc0000
[  118.136326][   T29] audit: type=1326 audit(118.107:3392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7450 comm="syz.1.1307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7f526361ebe9 code=0x7ffc0000
[  118.164050][   T29] audit: type=1326 audit(118.127:3393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7450 comm="syz.1.1307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7f526361ebe9 code=0x7ffc0000
[  118.204203][   T29] audit: type=1326 audit(118.177:3394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7450 comm="syz.1.1307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7f526361ebe9 code=0x7ffc0000
[  118.311523][ T7499] netlink: 'syz.7.1327': attribute type 3 has an invalid length.
[  118.319744][ T7499] netlink: 'syz.7.1327': attribute type 3 has an invalid length.
[  118.338747][ T7501] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1329'.
[  118.380985][ T7505] netlink: 'syz.7.1330': attribute type 10 has an invalid length.
[  118.392653][ T7503] loop6: detected capacity change from 0 to 2048
[  118.407984][ T7503] EXT4-fs (loop6): failed to initialize system zone (-117)
[  118.421862][ T7505] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  118.431885][ T7503] EXT4-fs (loop6): mount failed
[  118.511082][ T7517] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  118.524720][ T7517] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  118.548996][ T7519] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1337'.
[  118.601911][ T7521] syzkaller0: entered promiscuous mode
[  118.607496][ T7521] syzkaller0: entered allmulticast mode
[  118.927232][ T7551] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  118.940227][ T7551] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  118.995153][ T7557] netlink: 'syz.1.1355': attribute type 1 has an invalid length.
[  119.017913][ T7557] 8021q: adding VLAN 0 to HW filter on device bond2
[  119.043114][ T7557] bond2: (slave dummy0): making interface the new active one
[  119.054079][ T7557] bond2: (slave dummy0): Enslaving as an active interface with an up link
[  119.067029][ T7565] sch_tbf: burst 6 is lower than device ip6gre0 mtu (1448) !
[  119.185685][ T7573] loop5: detected capacity change from 0 to 8192
[  119.230529][ T7580] netlink: 'syz.3.1365': attribute type 7 has an invalid length.
[  119.239543][ T7573]  loop5: p1[EZD] p2 p4
[  119.252402][ T7573] loop5: p1 start 150996992 is beyond EOD, truncated
[  119.270178][ T7573] loop5: p4 size 281856 extends beyond EOD, truncated
[  119.386312][ T5456] udevd[5456]: inotify_add_watch(7, /dev/loop5p2, 10) failed: No such file or directory
[  119.397192][ T3290] udevd[3290]: inotify_add_watch(7, /dev/loop5p4, 10) failed: No such file or directory
[  119.674824][ T7604] netdevsim netdevsim5 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  119.685183][ T7604] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.735272][ T7606] loop6: detected capacity change from 0 to 512
[  119.754914][ T7604] netdevsim netdevsim5 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  119.764979][ T7604] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.782122][ T7606] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c018, mo2=0002]
[  119.791141][ T7606] System zones: 0-7
[  119.797113][ T7606] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  119.825335][ T7604] netdevsim netdevsim5 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  119.825340][ T6943] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  119.825382][ T7604] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.896747][ T7604] netdevsim netdevsim5 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  119.906666][ T7604] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.932034][ T7614] loop7: detected capacity change from 0 to 512
[  119.944845][ T7614] EXT4-fs (loop7): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  119.968286][ T7615] SELinux: failed to load policy
[  120.014547][ T7614] atomic_op ffff888122e2f128 conn xmit_atomic 0000000000000000
[  120.040386][ T4240] netdevsim netdevsim5 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  120.048804][ T4240] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  120.070068][ T7035] EXT4-fs (loop7): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[  120.087678][ T4240] netdevsim netdevsim5 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  120.096729][ T4240] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  120.151429][ T4240] netdevsim netdevsim5 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  120.160725][ T4240] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  120.192967][ T7630] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  120.241902][ T4240] netdevsim netdevsim5 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  120.251053][ T4240] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  120.281310][ T7630] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  120.466655][ T7630] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  120.534923][ T7658] syzkaller0: entered promiscuous mode
[  120.540607][ T7658] syzkaller0: entered allmulticast mode
[  120.553741][ T7630] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  120.634787][ T7667] 8021q: adding VLAN 0 to HW filter on device bond3
[  120.663930][ T7667] vlan2: entered allmulticast mode
[  120.669508][ T7667] bond3: entered allmulticast mode
[  120.751863][ T4251] netdevsim netdevsim7 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  120.770448][ T4251] netdevsim netdevsim7 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  120.788599][ T4251] netdevsim netdevsim7 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  120.806752][ T4251] netdevsim netdevsim7 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  121.189663][ T7716] loop6: detected capacity change from 0 to 512
[  121.249656][ T7716] EXT4-fs error (device loop6): ext4_orphan_get:1392: comm syz.6.1421: inode #15: comm syz.6.1421: iget: illegal inode #
[  121.282050][ T7716] EXT4-fs error (device loop6): ext4_orphan_get:1397: comm syz.6.1421: couldn't read orphan inode 15 (err -117)
[  121.338125][ T7716] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  121.357567][ T7716] netlink: 'syz.6.1421': attribute type 1 has an invalid length.
[  121.370182][ T7716] EXT4-fs error (device loop6): ext4_lookup:1787: comm syz.6.1421: inode #15: comm syz.6.1421: iget: illegal inode #
[  121.424603][ T6943] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.529251][ T7735] loop6: detected capacity change from 0 to 512
[  121.545821][ T7735] EXT4-fs: Ignoring removed oldalloc option
[  121.549980][ T3399] IPVS: starting estimator thread 0...
[  121.596484][ T7735] EXT4-fs error (device loop6): ext4_xattr_inode_iget:433: comm syz.6.1429: Parent and EA inode have the same ino 15
[  121.631718][ T7735] EXT4-fs (loop6): Remounting filesystem read-only
[  121.640445][ T7735] EXT4-fs warning (device loop6): ext4_evict_inode:274: xattr delete (err -30)
[  121.642764][ T7741] IPVS: using max 2448 ests per chain, 122400 per kthread
[  121.651258][ T7735] EXT4-fs (loop6): 1 orphan inode deleted
[  121.678060][ T7735] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  121.815143][ T6943] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.966254][ T7760] infiniband syz2: set active
[  121.971095][ T7760] infiniband syz2: added bond0
[  121.987595][ T7760] RDS/IB: syz2: added
[  121.991914][ T7760] smc: adding ib device syz2 with port count 1
[  121.998443][ T7760] smc:    ib device syz2 port 1 has pnetid 
[  122.207061][ T7784] __nla_validate_parse: 11 callbacks suppressed
[  122.207083][ T7784] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1449'.
[  122.242812][ T7784] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=7784 comm=syz.1.1449
[  122.318303][ T7792] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  122.365932][ T7792] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  122.446021][ T7792] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  122.527100][ T7792] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  122.591479][ T4206] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  122.654203][ T7803] netlink: 'syz.1.1457': attribute type 2 has an invalid length.
[  122.662475][ T7803] netlink: 'syz.1.1457': attribute type 1 has an invalid length.
[  122.670254][ T7803] netlink: 'syz.1.1457': attribute type 2 has an invalid length.
[  122.793608][ T4210] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  122.902267][ T4210] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  122.941954][ T4210] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  123.062259][   T29] kauditd_printk_skb: 238 callbacks suppressed
[  123.062296][   T29] audit: type=1400 audit(124.012:3633): avc:  denied  { create } for  pid=7817 comm="syz.1.1463" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  123.087951][   T29] audit: type=1400 audit(124.012:3634): avc:  denied  { read } for  pid=7817 comm="syz.1.1463" dev="nsfs" ino=4026532421 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  123.108790][   T29] audit: type=1400 audit(124.012:3635): avc:  denied  { open } for  pid=7817 comm="syz.1.1463" path="net:[4026532421]" dev="nsfs" ino=4026532421 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  123.132265][   T29] audit: type=1400 audit(124.022:3636): avc:  denied  { create } for  pid=7817 comm="syz.1.1463" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  123.561277][ T7834] loop5: detected capacity change from 0 to 512
[  123.577235][   T29] audit: type=1400 audit(124.032:3637): avc:  denied  { write } for  pid=7817 comm="syz.1.1463" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  123.596946][   T29] audit: type=1400 audit(124.032:3638): avc:  denied  { getopt } for  pid=7817 comm="syz.1.1463" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  123.617013][   T29] audit: type=1400 audit(124.062:3639): avc:  denied  { execute } for  pid=7812 comm="syz.6.1461" path="/47/cpu.stat" dev="tmpfs" ino=263 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  123.640507][   T29] audit: type=1400 audit(124.462:3640): avc:  denied  { name_bind } for  pid=7830 comm="syz.1.1467" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[  123.663063][   T29] audit: type=1400 audit(124.512:3641): avc:  denied  { ioctl } for  pid=7833 comm="syz.5.1468" path="socket:[21795]" dev="sockfs" ino=21795 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  123.731958][ T7834] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  123.768823][   T29] audit: type=1400 audit(124.692:3642): avc:  denied  { map } for  pid=7837 comm="syz.7.1470" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=162 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  123.907434][ T7843] SELinux:  policydb magic number 0x6b7a7973 does not match expected magic number 0xf97cff8c
[  123.975520][ T7843] SELinux: failed to load policy
[  123.992877][ T7843] vhci_hcd: invalid port number 96
[  123.998393][ T7843] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  124.010560][ T3645] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  124.483455][ T7859] netlink: 'syz.5.1477': attribute type 1 has an invalid length.
[  124.564319][ T7859] 8021q: adding VLAN 0 to HW filter on device bond1
[  124.663349][ T7859] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1477'.
[  124.684913][ T7861] dummy0: entered promiscuous mode
[  124.704999][ T7861] bond1: (slave dummy0): making interface the new active one
[  124.751537][ T7861] bond1: (slave dummy0): Enslaving as an active interface with an up link
[  124.774724][ T7859] vlan2: entered promiscuous mode
[  124.779844][ T7859] bond1: entered promiscuous mode
[  124.791973][ T7863] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1478'.
[  124.982148][ T7876] batadv1: entered promiscuous mode
[  124.993844][ T7873] netlink: 36 bytes leftover after parsing attributes in process `syz.7.1480'.
[  125.017317][ T7881] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  125.029971][ T7883] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7883 comm=syz.1.1484
[  125.056765][ T7883] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1484'.
[  125.455532][ T7902] netlink: 'syz.6.1494': attribute type 1 has an invalid length.
[  125.463647][ T7902] netlink: 'syz.6.1494': attribute type 4 has an invalid length.
[  125.471597][ T7902] netlink: 9462 bytes leftover after parsing attributes in process `syz.6.1494'.
[  125.552720][ T7903] netlink: 'syz.6.1494': attribute type 1 has an invalid length.
[  125.560576][ T7903] netlink: 'syz.6.1494': attribute type 4 has an invalid length.
[  125.568391][ T7903] netlink: 9462 bytes leftover after parsing attributes in process `syz.6.1494'.
[  125.694176][ T7909] 
: renamed from bond0 (while UP)
[  125.704439][ T7906] netlink: 'syz.6.1497': attribute type 1 has an invalid length.
[  125.783099][ T7913] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1497'.
[  125.809961][ T7906] 8021q: adding VLAN 0 to HW filter on device bond2
[  125.914606][ T7913] bond2 (unregistering): Released all slaves
[  126.015957][ T7921] bridge: RTM_NEWNEIGH with invalid ether address
[  126.143011][ T7932] netlink: 40 bytes leftover after parsing attributes in process `syz.7.1505'.
[  126.165547][ T7932] dummy0: entered promiscuous mode
[  126.197728][ T7932] 
: (slave dummy0): Releasing backup interface
[  126.243844][ T7939] loop7: detected capacity change from 0 to 512
[  126.286838][ T7939] EXT4-fs (loop7): too many log groups per flexible block group
[  126.295075][ T7939] EXT4-fs (loop7): failed to initialize mballoc (-12)
[  126.380811][ T7939] EXT4-fs (loop7): mount failed
[  126.444422][ T7932] bridge0: port 3(dummy0) entered blocking state
[  126.452253][ T7932] bridge0: port 3(dummy0) entered disabled state
[  126.480000][ T7932] dummy0: entered allmulticast mode
[  126.514203][ T7938] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1510'.
[  126.910559][ T7967] loop7: detected capacity change from 0 to 2048
[  126.985150][ T7967]  loop7: p1 < > p4
[  126.991157][ T7967] loop7: p4 size 8388608 extends beyond EOD, truncated
[  127.129897][ T7969] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 37748736, id = 0
[  127.145035][ T7967] IPVS: stopping master sync thread 7969 ...
[  127.279653][ T7977] netdevsim netdevsim1 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  127.289690][ T7977] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  127.320102][ T7981] 
@ÿ: renamed from bond_slave_0 (while UP)
[  127.364474][ T7977] netdevsim netdevsim1 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  127.374600][ T7977] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  127.393345][ T7987] validate_nla: 1 callbacks suppressed
[  127.393365][ T7987] netlink: 'syz.6.1528': attribute type 4 has an invalid length.
[  127.416829][ T7987] netlink: 'syz.6.1528': attribute type 4 has an invalid length.
[  127.436406][ T7977] netdevsim netdevsim1 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  127.446370][ T7977] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  127.484482][ T7977] netdevsim netdevsim1 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  127.494445][ T7977] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  127.565887][ T7997] loop5: detected capacity change from 0 to 512
[  127.582732][ T7997] journal_path: Lookup failure for './file0'
[  127.588984][ T7997] EXT4-fs: error: could not find journal device path
[  127.612900][ T4206] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  127.621891][ T4206] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  127.669448][ T4206] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  127.677836][ T4206] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  127.697433][ T8007] __nla_validate_parse: 5 callbacks suppressed
[  127.697454][ T8007] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1531'.
[  127.722387][ T4251] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  127.730645][ T4251] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  127.749420][ T4251] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  127.757939][ T4251] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  128.067550][ T8024] vlan2: entered allmulticast mode
[  128.073068][ T8024] bridge_slave_0: entered allmulticast mode
[  128.154803][   T29] kauditd_printk_skb: 76 callbacks suppressed
[  128.154820][   T29] audit: type=1400 audit(129.122:3719): avc:  denied  { map } for  pid=8027 comm="syz.5.1544" path="socket:[22121]" dev="sockfs" ino=22121 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  128.184694][   T29] audit: type=1400 audit(129.122:3720): avc:  denied  { read } for  pid=8027 comm="syz.5.1544" path="socket:[22121]" dev="sockfs" ino=22121 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  128.209680][ T8031] C: renamed from team_slave_0 (while UP)
[  128.228696][   T29] audit: type=1326 audit(129.192:3721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8027 comm="syz.5.1544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbcffaebe9 code=0x7ffc0000
[  128.251943][   T29] audit: type=1326 audit(129.192:3722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8027 comm="syz.5.1544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbcffaebe9 code=0x7ffc0000
[  128.274958][   T29] audit: type=1326 audit(129.192:3723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8027 comm="syz.5.1544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=64 compat=0 ip=0x7fdbcffaebe9 code=0x7ffc0000
[  128.298679][   T29] audit: type=1326 audit(129.192:3724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8027 comm="syz.5.1544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbcffaebe9 code=0x7ffc0000
[  128.321743][   T29] audit: type=1326 audit(129.192:3725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8027 comm="syz.5.1544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=66 compat=0 ip=0x7fdbcffaebe9 code=0x7ffc0000
[  128.344720][   T29] audit: type=1326 audit(129.192:3726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8027 comm="syz.5.1544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbcffaebe9 code=0x7ffc0000
[  128.368083][   T29] audit: type=1326 audit(129.192:3727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8027 comm="syz.5.1544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbcffaebe9 code=0x7ffc0000
[  128.391742][ T8034] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1546'.
[  128.399624][ T8031] netlink: 'syz.6.1545': attribute type 1 has an invalid length.
[  128.408649][ T8031] netlink: 152 bytes leftover after parsing attributes in process `syz.6.1545'.
[  128.417815][ T8031] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  128.444320][   T29] audit: type=1400 audit(129.412:3728): avc:  denied  { name_bind } for  pid=8035 comm="syz.7.1548" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  128.488302][ T8034] hsr_slave_1 (unregistering): left promiscuous mode
[  128.545227][ T8042] loop7: detected capacity change from 0 to 1024
[  128.557249][ T8044] loop6: detected capacity change from 0 to 512
[  128.576953][ T8042] EXT4-fs: Ignoring removed orlov option
[  128.654164][ T8042] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  128.654272][ T8044] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  128.687959][ T8044] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #2: comm syz.6.1550: corrupted inode contents
[  128.701711][ T8044] EXT4-fs error (device loop6): ext4_dirty_inode:6538: inode #2: comm syz.6.1550: mark_inode_dirty error
[  128.719247][ T8044] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #2: comm syz.6.1550: corrupted inode contents
[  128.745798][ T8044] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1550'.
[  128.758505][ T8054] loop5: detected capacity change from 0 to 512
[  128.797100][ T8044] team0 (unregistering): Port device C removed
[  128.820767][ T8054] EXT4-fs error (device loop5): ext4_get_branch:178: inode #11: block 4294967295: comm syz.5.1553: invalid block
[  128.836266][ T8044] team0 (unregistering): Port device team_slave_1 removed
[  128.845835][ T8062] 9pnet: p9_errstr2errno: server reported unknown error 
[  128.862645][ T8054] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.1553: invalid indirect mapped block 4294967295 (level 1)
[  128.870699][ T8064] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1556'.
[  128.905489][ T8054] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.1553: invalid indirect mapped block 4294967295 (level 1)
[  128.921568][ T8054] EXT4-fs (loop5): 2 truncates cleaned up
[  128.928553][ T8054] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  128.988979][ T8064] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=8064 comm=syz.1.1556
[  129.013934][ T6943] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.023817][ T3645] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.217560][ T7035] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.065461][ T8133] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1585'.
[  130.308849][ T8135] syzkaller0: entered promiscuous mode
[  130.314649][ T8135] syzkaller0: entered allmulticast mode
[  130.362617][ T8145] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1590'.
[  130.371618][ T8145] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1590'.
[  130.573052][ T8155] netlink: 332 bytes leftover after parsing attributes in process `syz.5.1594'.
[  130.721070][ T8163] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1598'.
[  130.816480][ T8163] 8021q: adding VLAN 0 to HW filter on device bond2
[  130.836398][ T8165] vlan3: entered allmulticast mode
[  130.841596][ T8165] bond2: entered allmulticast mode
[  131.149886][ T8178] loop7: detected capacity change from 0 to 128
[  131.465915][ T8198] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8198 comm=syz.7.1612
[  131.558015][ T8206] netlink: 'syz.1.1615': attribute type 3 has an invalid length.
[  131.587623][ T8206] netlink: 'syz.1.1615': attribute type 3 has an invalid length.
[  131.826978][ T8248] syzkaller0: entered promiscuous mode
[  131.832694][ T8248] syzkaller0: entered allmulticast mode
[  132.170709][ T8261] program syz.3.1638 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  133.212245][   T29] kauditd_printk_skb: 490 callbacks suppressed
[  133.212327][   T29] audit: type=1400 audit(134.062:4219): avc:  denied  { bind } for  pid=8295 comm="syz.1.1653" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  133.239146][   T29] audit: type=1400 audit(134.112:4220): avc:  denied  { listen } for  pid=8295 comm="syz.1.1653" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  133.507275][ T8310] __nla_validate_parse: 7 callbacks suppressed
[  133.507297][ T8310] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1658'.
[  133.632000][ T8312] netlink: 96 bytes leftover after parsing attributes in process `syz.6.1659'.
[  133.695946][   T29] audit: type=1326 audit(134.662:4221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8319 comm="syz.1.1663" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f526361ebe9 code=0x0
[  133.797769][ T8324] random: crng reseeded on system resumption
[  133.850962][   T29] audit: type=1400 audit(134.762:4222): avc:  denied  { write } for  pid=8319 comm="syz.1.1663" name="snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  133.874005][   T29] audit: type=1400 audit(134.762:4223): avc:  denied  { open } for  pid=8319 comm="syz.1.1663" path="/dev/snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  133.897483][   T29] audit: type=1400 audit(134.792:4224): avc:  denied  { create } for  pid=8325 comm="syz.6.1665" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  133.917199][   T29] audit: type=1400 audit(134.802:4225): avc:  denied  { firmware_load } for  pid=4250 comm="kworker/u8:61" path="/lib/firmware/regulatory.db" dev="sda1" ino=448 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:lib_t tclass=system permissive=1
[  133.942220][   T29] audit: type=1400 audit(134.802:4226): avc:  denied  { bind } for  pid=8325 comm="syz.6.1665" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  133.962608][   T29] audit: type=1400 audit(134.802:4227): avc:  denied  { write } for  pid=8325 comm="syz.6.1665" path="socket:[23628]" dev="sockfs" ino=23628 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  134.366827][ T8344] blktrace: Concurrent blktraces are not allowed on loop6
[  134.662374][ T8356] netlink: 360 bytes leftover after parsing attributes in process `syz.1.1678'.
[  134.925762][   T29] audit: type=1326 audit(135.862:4228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8362 comm="syz.7.1681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82667cebe9 code=0x7ffc0000
[  135.191427][ T8370] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1684'.
[  135.208948][ T8371] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1683'.
[  135.299774][ T8373] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=8373 comm=syz.3.1683
[  135.410252][ T8370] netlink: 256 bytes leftover after parsing attributes in process `syz.7.1684'.
[  136.012584][ T8403] netlink: 'syz.5.1697': attribute type 7 has an invalid length.
[  136.020568][ T8403] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1697'.
[  136.034230][   T36] Process accounting resumed
[  136.274492][ T8421] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  136.293486][ T8420] tipc: Resetting bearer <eth:syzkaller0>
[  136.331752][ T8420] tipc: Disabling bearer <eth:syzkaller0>
[  136.494651][ T8430] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1707'.
[  136.503865][ T8430] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1707'.
[  136.518294][ T8431] v: renamed from ip6_vti0 (while UP)
[  136.529783][ T8428] loop5: detected capacity change from 0 to 512
[  136.554344][ T8428] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  136.659065][ T8430] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1707'.
[  136.668964][ T8435] ref_ctr increment failed for inode: 0x667 offset: 0x5 ref_ctr_offset: 0x1000 of mm: 0xffff88811962a840
[  136.936371][ T8450] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  137.387288][ T8471] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  137.412422][ T8471] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  137.463922][ T8464] netlink: 'syz.7.1718': attribute type 6 has an invalid length.
[  138.053832][ T8487] loop7: detected capacity change from 0 to 512
[  138.113300][ T8487] EXT4-fs (loop7): too many log groups per flexible block group
[  138.121239][ T8487] EXT4-fs (loop7): failed to initialize mballoc (-12)
[  138.152456][ T8487] EXT4-fs (loop7): mount failed
[  138.285138][   T29] kauditd_printk_skb: 150 callbacks suppressed
[  138.285155][   T29] audit: type=1400 audit(139.252:4379): avc:  denied  { read } for  pid=8497 comm="syz.5.1732" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  138.401809][ T8504] netlink: 'syz.5.1733': attribute type 7 has an invalid length.
[  138.482130][ T8512] netlink: 'syz.6.1736': attribute type 1 has an invalid length.
[  138.514038][ T8512] 8021q: adding VLAN 0 to HW filter on device bond2
[  138.565121][ T8512] __nla_validate_parse: 9 callbacks suppressed
[  138.565140][ T8512] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1736'.
[  138.629575][ T8512] vlan2: entered promiscuous mode
[  138.634762][ T8512] bond2: entered promiscuous mode
[  138.650310][ T8516] dummy0: entered promiscuous mode
[  138.671877][ T8516] bond0: (slave dummy0): Releasing backup interface
[  138.698096][ T8516] bond2: (slave dummy0): making interface the new active one
[  138.707712][ T8516] bond2: (slave dummy0): Enslaving as an active interface with an up link
[  139.146904][   T29] audit: type=1326 audit(140.112:4380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8521 comm="syz.1.1739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f5263615ba7 code=0x7ffc0000
[  139.169979][   T29] audit: type=1326 audit(140.112:4381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8521 comm="syz.1.1739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f52635badb9 code=0x7ffc0000
[  139.192832][   T29] audit: type=1326 audit(140.112:4382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8521 comm="syz.1.1739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f5263615ba7 code=0x7ffc0000
[  139.215902][   T29] audit: type=1326 audit(140.112:4383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8521 comm="syz.1.1739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f52635badb9 code=0x7ffc0000
[  139.238870][   T29] audit: type=1326 audit(140.112:4384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8521 comm="syz.1.1739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f526361ebe9 code=0x7ffc0000
[  139.261798][   T29] audit: type=1326 audit(140.112:4385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8521 comm="syz.1.1739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f526361ebe9 code=0x7ffc0000
[  139.381253][ T8528] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1741'.
[  139.424867][ T8528] netlink: 256 bytes leftover after parsing attributes in process `syz.5.1741'.
[  139.429988][   T29] audit: type=1326 audit(140.192:4386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8521 comm="syz.1.1739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f526361ebe9 code=0x7ffc0000
[  139.457220][   T29] audit: type=1326 audit(140.192:4387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8521 comm="syz.1.1739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f526361ebe9 code=0x7ffc0000
[  139.480351][   T29] audit: type=1326 audit(140.192:4388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8521 comm="syz.1.1739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f526361ebe9 code=0x7ffc0000
[  139.638908][ T8540] hub 6-0:1.0: USB hub found
[  139.647494][ T8540] hub 6-0:1.0: 8 ports detected
[  139.659261][ T8540] pimreg: entered allmulticast mode
[  139.705062][ T8548] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1748'.
[  140.796516][ T8561] vlan3: entered allmulticast mode
[  141.008395][ T8584] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1760'.
[  141.068076][ T8584] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1760'.
[  141.126891][ T8588] serio: Serial port ptm0
[  141.445165][ T8606] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  141.468527][ T8606] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  141.759900][ T8615] loop6: detected capacity change from 0 to 128
[  141.879293][ T8615] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a84ec018, mo2=0002]
[  141.887727][ T8615] System zones: 1-3, 19-19, 35-36
[  141.894927][ T8615] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  141.984324][ T6943] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  142.284977][ T8639] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  142.292745][ T8639] IPv6: NLM_F_CREATE should be set when creating new route
[  142.420789][ T8642] bridge: RTM_NEWNEIGH with invalid ether address
[  142.587926][ T8645] loop5: detected capacity change from 0 to 512
[  142.619713][ T8645] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  142.667192][ T8645] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  142.794402][ T3645] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.834208][ T8654] loop7: detected capacity change from 0 to 2048
[  142.859754][ T8654] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  142.973375][ T8654] EXT4-fs error (device loop7): ext4_free_inode:354: comm syz.7.1788: bit already cleared for inode 15
[  143.012996][ T8662] loop5: detected capacity change from 0 to 128
[  143.536817][   T29] kauditd_printk_skb: 98 callbacks suppressed
[  143.536836][   T29] audit: type=1326 audit(144.502:4487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8665 comm="syz.6.1791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e77fbebe9 code=0x7ffc0000
[  143.543106][ T8666] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  143.566235][   T29] audit: type=1326 audit(144.502:4488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8665 comm="syz.6.1791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e77fbebe9 code=0x7ffc0000
[  143.618503][   T29] audit: type=1326 audit(144.502:4489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8665 comm="syz.6.1791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=64 compat=0 ip=0x7f5e77fbebe9 code=0x7ffc0000
[  143.624467][ T7035] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.641651][   T29] audit: type=1326 audit(144.502:4490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8665 comm="syz.6.1791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e77fbebe9 code=0x7ffc0000
[  143.674121][   T29] audit: type=1326 audit(144.502:4491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8665 comm="syz.6.1791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e77fbebe9 code=0x7ffc0000
[  143.697142][   T29] audit: type=1326 audit(144.502:4492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8665 comm="syz.6.1791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5e77fbd550 code=0x7ffc0000
[  143.720672][   T29] audit: type=1326 audit(144.502:4493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8665 comm="syz.6.1791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f5e77fbe7eb code=0x7ffc0000
[  143.743503][   T29] audit: type=1326 audit(144.502:4494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8665 comm="syz.6.1791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f5e77fbe7eb code=0x7ffc0000
[  143.767257][ T8666] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  143.789881][   T29] audit: type=1326 audit(144.752:4495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8665 comm="syz.6.1791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e77fbebe9 code=0x7ffc0000
[  143.813143][   T29] audit: type=1326 audit(144.752:4496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8665 comm="syz.6.1791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e77fbebe9 code=0x7ffc0000
[  143.932252][ T8670] 
: renamed from bond0 (while UP)
[  144.010550][ T8673] block device autoloading is deprecated and will be removed.
[  145.082945][ T8706] hub 6-0:1.0: USB hub found
[  145.087760][ T8706] hub 6-0:1.0: 8 ports detected
[  145.125084][ T8710] 9pnet: p9_errstr2errno: server reported unknown error 
[  145.184330][ T8715] netdevsim netdevsim6 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.283970][ T8715] netdevsim netdevsim6 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.379285][ T8715] netdevsim netdevsim6 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.484175][ T8715] netdevsim netdevsim6 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.790581][ T4228] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  145.840046][ T4228] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  145.848804][ T8743] loop5: detected capacity change from 0 to 2048
[  145.873388][ T4228] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  145.897303][ T4228] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  145.971174][ T8747] 9pnet: p9_errstr2errno: server reported unknown error 
[  146.107313][ T8758] 9pnet: p9_errstr2errno: server reported unknown error 
[  146.189302][ T8763] bridge0: port 2(bridge_slave_1) entered disabled state
[  146.196722][ T8763] bridge0: port 1(bridge_slave_0) entered disabled state
[  146.236065][ T8763] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  146.284688][ T8763] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  146.396685][  T160] netdevsim netdevsim6 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  146.434378][  T160] netdevsim netdevsim6 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  146.475145][  T160] netdevsim netdevsim6 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  146.495489][  T160] netdevsim netdevsim6 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  146.693720][ T8786] pim6reg1: entered promiscuous mode
[  146.699145][ T8786] pim6reg1: entered allmulticast mode
[  146.809452][ T8796] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1844'.
[  146.885210][ T8790] vlan2: entered allmulticast mode
[  147.016419][ T8802] ªªªªª»: renamed from bond_slave_1 (while UP)
[  147.097341][ T8813] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1850'.
[  147.108506][ T8813] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1850'.
[  147.128363][ T8815] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1852'.
[  147.272228][ T8821] vlan0: entered allmulticast mode
[  147.336057][ T8833] loop5: detected capacity change from 0 to 512
[  147.382584][ T8833] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  147.434004][ T3645] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  147.562489][ T8850] loop3: detected capacity change from 0 to 512
[  147.576865][ T8850] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  147.615469][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  147.655090][ T8859] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1866'.
[  147.688962][ T8861] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1867'.
[  147.698943][ T8861] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1867'.
[  147.798295][ T8871] pim6reg1: entered promiscuous mode
[  147.804096][ T8871] pim6reg1: entered allmulticast mode
[  147.912105][ T8876] netlink: 28 bytes leftover after parsing attributes in process `syz.7.1874'.
[  147.921203][ T8876] netlink: 28 bytes leftover after parsing attributes in process `syz.7.1874'.
[  148.088960][ T8887] loop3: detected capacity change from 0 to 512
[  148.099043][ T8887] EXT4-fs error (device loop3): ext4_get_branch:178: inode #11: block 4294967295: comm syz.3.1879: invalid block
[  148.112098][ T8887] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.1879: invalid indirect mapped block 4294967295 (level 1)
[  148.128571][ T8887] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.1879: invalid indirect mapped block 4294967295 (level 1)
[  148.144928][ T8887] EXT4-fs (loop3): 2 truncates cleaned up
[  148.151303][ T8887] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  148.192708][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  148.215924][ T8891] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1880'.
[  148.234944][ T8891] 8021q: adding VLAN 0 to HW filter on device bond4
[  148.254972][ T8891] vlan2: entered allmulticast mode
[  148.260318][ T8891] bond4: entered allmulticast mode
[  148.388673][ T8898] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  148.398724][ T8898] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  148.527399][ T8905] syzkaller0: entered promiscuous mode
[  148.533224][ T8905] syzkaller0: entered allmulticast mode
[  148.960288][ T8921] loop5: detected capacity change from 0 to 1756
[  148.974320][ T8921] iso9660: Unknown parameter '†wÐmÁ°¸uE9'
[  148.989657][ T8921] ªªªªª»: renamed from bond_slave_1 (while UP)
[  149.109226][ T8932] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8932 comm=syz.5.1897
[  149.314944][   T29] kauditd_printk_skb: 338 callbacks suppressed
[  149.314964][   T29] audit: type=1400 audit(150.282:4835): avc:  denied  { bind } for  pid=8942 comm="syz.5.1901" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  149.616378][ T8954] netlink: 'syz.3.1906': attribute type 10 has an invalid length.
[  149.626230][ T8954] dummy0: entered promiscuous mode
[  149.648944][ T8954] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check.
[  149.669656][ T8956] loop3: detected capacity change from 0 to 512
[  149.692818][ T8956] EXT4-fs (loop3): too many log groups per flexible block group
[  149.701998][ T8956] EXT4-fs (loop3): failed to initialize mballoc (-12)
[  149.710398][ T8956] EXT4-fs (loop3): mount failed
[  149.789824][   T29] audit: type=1326 audit(150.752:4836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8961 comm="syz.5.1907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbcffaebe9 code=0x7ffc0000
[  149.813997][   T29] audit: type=1326 audit(150.752:4837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8961 comm="syz.5.1907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdbcffaebe9 code=0x7ffc0000
[  149.837324][   T29] audit: type=1326 audit(150.752:4838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8961 comm="syz.5.1907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbcffaebe9 code=0x7ffc0000
[  149.861677][   T29] audit: type=1326 audit(150.752:4839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8961 comm="syz.5.1907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=447 compat=0 ip=0x7fdbcffaebe9 code=0x7ffc0000
[  149.884756][   T29] audit: type=1326 audit(150.752:4840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8961 comm="syz.5.1907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbcffaebe9 code=0x7ffc0000
[  149.884817][   T29] audit: type=1326 audit(150.752:4841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8961 comm="syz.5.1907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fdbcffaebe9 code=0x7ffc0000
[  149.884849][   T29] audit: type=1326 audit(150.752:4842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8961 comm="syz.5.1907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbcffaebe9 code=0x7ffc0000
[  149.884874][   T29] audit: type=1326 audit(150.752:4843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8961 comm="syz.5.1907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbcffaebe9 code=0x7ffc0000
[  149.884900][   T29] audit: type=1326 audit(150.752:4844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8961 comm="syz.5.1907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fdbcffaebe9 code=0x7ffc0000
[  149.982630][ T8960] cgroup: Invalid name
[  150.074639][ T8967] loop3: detected capacity change from 0 to 1756
[  150.086124][ T8967] iso9660: Unknown parameter '†wÐmÁ°¸uE9'
[  150.103979][ T8971] loop5: detected capacity change from 0 to 2048
[  150.109661][ T8967] ªªªªª»: renamed from bond_slave_1
[  150.127395][ T8971] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  150.176688][ T8980] loop3: detected capacity change from 0 to 1024
[  150.192769][ T8980] EXT4-fs: Ignoring removed orlov option
[  150.216827][ T8980] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  150.307688][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  150.331346][ T3645] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  150.641280][ T9012] usb usb6: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  150.651222][ T9012] vhci_hcd: invalid port number 96
[  150.656595][ T9012] vhci_hcd: default hub control req: 0000 vfffa i0060 l0
[  150.712905][ T9020] team0 (unregistering): Port device team_slave_0 removed
[  150.748078][ T9020] team0 (unregistering): Port device team_slave_1 removed
[  150.888748][ T9045] syzkaller0: entered allmulticast mode
[  150.905482][ T9045] syzkaller0: entered promiscuous mode
[  150.918277][ T9045] syzkaller0 (unregistering): left allmulticast mode
[  150.925202][ T9045] syzkaller0 (unregistering): left promiscuous mode
[  150.943913][ T9054] loop3: detected capacity change from 0 to 2048
[  150.982967][ T9054] EXT4-fs error (device loop3): ext4_orphan_get:1418: comm syz.3.1939: bad orphan inode 61
[  150.994852][ T9054] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  151.061133][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  151.212062][ T9073] loop3: detected capacity change from 0 to 128
[  151.233776][ T9073] EXT4-fs: Ignoring removed nobh option
[  151.248074][ T9073] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  151.320008][ T3315] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  151.350510][ T9081] bond2: (slave dummy0): Releasing active interface
[  151.374422][ T9081] bridge_slave_0: left promiscuous mode
[  151.380414][ T9081] bridge0: port 1(bridge_slave_0) entered disabled state
[  151.408884][ T9087] netlink: 'syz.1.1945': attribute type 10 has an invalid length.
[  151.444187][ T9081] bridge_slave_1: left allmulticast mode
[  151.449915][ T9081] bridge_slave_1: left promiscuous mode
[  151.455848][ T9081] bridge0: port 2(bridge_slave_1) entered disabled state
[  151.468809][ T9081] 
: (slave bond_slave_0): Releasing backup interface
[  151.489767][ T9081] 
: (slave ªªªªª»): Releasing backup interface
[  151.514248][ T9081] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  151.521735][ T9081] batman_adv: batadv0: Removing interface: batadv_slave_0
[  151.531270][ T9081] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  151.538894][ T9081] batman_adv: batadv0: Removing interface: batadv_slave_1
[  151.548686][ T9095] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  151.548686][ T9095] The task syz.3.1951 (9095) triggered the difference, watch for misbehavior.
[  151.588797][ T9090] bridge: RTM_NEWNEIGH with invalid ether address
[  151.760262][ T9104] ref_ctr increment failed for inode: 0x8a0 offset: 0xb ref_ctr_offset: 0x82 of mm: 0xffff888104345080
[  151.777702][ T9104] ref_ctr increment failed for inode: 0x8a0 offset: 0xf ref_ctr_offset: 0x82 of mm: 0xffff888104345080
[  151.828279][ T9103] uprobe: syz.1.1956:9103 failed to unregister, leaking uprobe
[  151.892473][ T9103] uprobe: syz.1.1956:9103 failed to unregister, leaking uprobe
[  152.559774][ T9124] ALSA: seq fatal error: cannot create timer (-22)
[  152.572052][ T9126] netlink: 'syz.7.1964': attribute type 10 has an invalid length.
[  152.601991][ T9126] 8021q: adding VLAN 0 to HW filter on device team0
[  152.623778][ T9126] 
: (slave team0): Enslaving as an active interface with an up link
[  152.649608][ T9129] __ib_cache_gid_add: unable to add gid fe80:0000:0000:0000:609b:8aff:feb7:9cb0 error=-28
[  152.663731][ T9131] netlink: 'syz.3.1966': attribute type 1 has an invalid length.
[  152.678704][ T9135] __nla_validate_parse: 5 callbacks suppressed
[  152.678725][ T9135] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1967'.
[  152.710363][ T9131] 8021q: adding VLAN 0 to HW filter on device bond5
[  152.725999][ T9140] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1966'.
[  152.751832][ T9129] infiniband syz!: set active
[  152.756764][ T9129] infiniband syz!: added team_slave_0
[  152.764975][ T9140] bond5 (unregistering): Released all slaves
[  152.779886][ T9129] RDS/IB: syz!: added
[  152.788903][ T9129] smc: adding ib device syz! with port count 1
[  152.796006][ T9129] smc:    ib device syz! port 1 has pnetid 
[  152.834197][ T9147] netdevsim netdevsim1 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  152.844191][ T9147] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.857620][ T9152] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1975'.
[  152.904492][ T9149] loop6: detected capacity change from 0 to 8192
[  152.948161][ T9152] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=9152 comm=syz.3.1975
[  152.965938][ T9147] netdevsim netdevsim1 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  152.975877][ T9147] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  153.054184][ T9147] netdevsim netdevsim1 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  153.064063][ T9147] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  153.124383][ T9147] netdevsim netdevsim1 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  153.134797][ T9147] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  153.206477][ T4215] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  153.214926][ T4215] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  153.225129][ T9164] loop3: detected capacity change from 0 to 256
[  153.238074][ T4191] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  153.246981][ T4191] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  153.261569][ T4215] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  153.270176][ T4215] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  153.280554][ T4215] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  153.289073][ T4215] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  153.301412][ T9164] FAT-fs (loop3): Directory bread(block 64) failed
[  153.309006][ T9164] FAT-fs (loop3): Directory bread(block 65) failed
[  153.315911][ T9164] FAT-fs (loop3): Directory bread(block 66) failed
[  153.322760][ T9164] FAT-fs (loop3): Directory bread(block 67) failed
[  153.331865][ T9164] FAT-fs (loop3): Directory bread(block 68) failed
[  153.338903][ T9164] FAT-fs (loop3): Directory bread(block 69) failed
[  153.345951][ T9164] FAT-fs (loop3): Directory bread(block 70) failed
[  153.353057][ T9164] FAT-fs (loop3): Directory bread(block 71) failed
[  153.359944][ T9164] FAT-fs (loop3): Directory bread(block 72) failed
[  153.366942][ T9164] FAT-fs (loop3): Directory bread(block 73) failed
[  153.425808][ T9155] ==================================================================
[  153.434046][ T9155] BUG: KCSAN: data-race in fat16_ent_put / fat_mirror_bhs
[  153.441191][ T9155] 
[  153.443540][ T9155] write to 0xffff88813653d802 of 2 bytes by task 9149 on cpu 0:
[  153.451274][ T9155]  fat16_ent_put+0x28/0x60
[  153.455717][ T9155]  fat_alloc_clusters+0x4d1/0xa80
[  153.460881][ T9155]  fat_get_block+0x258/0x5e0
[  153.465584][ T9155]  __block_write_begin_int+0x400/0xf90
[  153.471152][ T9155]  cont_write_begin+0x5fc/0x970
[  153.476107][ T9155]  fat_write_begin+0x4f/0xe0
[  153.480898][ T9155]  cont_write_begin+0x1b0/0x970
[  153.485856][ T9155]  fat_write_begin+0x4f/0xe0
[  153.490555][ T9155]  generic_cont_expand_simple+0xad/0x150
[  153.496408][ T9155]  fat_cont_expand+0x3e/0x170
[  153.501209][ T9155]  fat_setattr+0x2a5/0x8a0
[  153.506089][ T9155]  notify_change+0x806/0x890
[  153.511017][ T9155]  do_ftruncate+0x34b/0x450
[  153.515823][ T9155]  __x64_sys_ftruncate+0x68/0xc0
[  153.520879][ T9155]  x64_sys_call+0x2d52/0x2ff0
[  153.525762][ T9155]  do_syscall_64+0xd2/0x200
[  153.530532][ T9155]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.536833][ T9155] 
[  153.539177][ T9155] read to 0xffff88813653d800 of 512 bytes by task 9155 on cpu 1:
[  153.546909][ T9155]  fat_mirror_bhs+0x1df/0x320
[  153.551665][ T9155]  fat_alloc_clusters+0x98b/0xa80
[  153.556841][ T9155]  fat_get_block+0x258/0x5e0
[  153.561546][ T9155]  __block_write_begin_int+0x400/0xf90
[  153.567154][ T9155]  cont_write_begin+0x5fc/0x970
[  153.572321][ T9155]  fat_write_begin+0x4f/0xe0
[  153.577261][ T9155]  generic_perform_write+0x181/0x490
[  153.582579][ T9155]  __generic_file_write_iter+0x9e/0x120
[  153.588248][ T9155]  generic_file_write_iter+0x8d/0x2f0
[  153.593811][ T9155]  vfs_write+0x52a/0x960
[  153.598331][ T9155]  ksys_write+0xda/0x1a0
[  153.602784][ T9155]  __x64_sys_write+0x40/0x50
[  153.608188][ T9155]  x64_sys_call+0x27fe/0x2ff0
[  153.613186][ T9155]  do_syscall_64+0xd2/0x200
[  153.618085][ T9155]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.624008][ T9155] 
[  153.626345][ T9155] Reported by Kernel Concurrency Sanitizer on:
[  153.632712][ T9155] CPU: 1 UID: 0 PID: 9155 Comm: syz.6.1974 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  153.642894][ T9155] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  153.653206][ T9155] ==================================================================