last executing test programs:

5m13.36381709s ago: executing program 32 (id=159):
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_bp={0x0, 0xa}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x5, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
r2 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
syz_usb_disconnect(r2)

4m1.781281473s ago: executing program 33 (id=2447):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000000000000085000000230000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='sys_enter\x00', r0}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
getpgid(0xffffffffffffffff)

3m10.348947964s ago: executing program 34 (id=5101):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000019200)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1, 0x0, 0xfffffffffffffffe}, 0x18)
r2 = socket$caif_stream(0x25, 0x1, 0x0)
writev(r2, &(0x7f00000002c0)=[{&(0x7f0000000800)="c7", 0x1}], 0x1)

2m52.1061714s ago: executing program 35 (id=5916):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000f7850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xe, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000ac0)='kmem_cache_free\x00', r0}, 0x10)
r1 = open(&(0x7f0000000300)='.\x00', 0x100000, 0x0)
flock(r1, 0x6)

2m39.4419641s ago: executing program 36 (id=6404):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x4, 0x8604, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x9, 0x6}, 0x0, 0x10000, 0x0, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x40008d0}, 0x40)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a400000000c0a010400000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c0001"], 0x68}, 0x1, 0x0, 0x0, 0x24000840}, 0x40)

2m22.614245194s ago: executing program 9 (id=7206):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r1, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r1, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @loopback}, 0x10, 0x0, 0x0, &(0x7f0000000100)=[@rdma_args={0x48, 0x114, 0x1, {{0x80000000, 0x403fc}, {&(0x7f00000001c0)=""/227, 0xe3}, &(0x7f0000000480)=[{&(0x7f0000000380)=""/153, 0x99}], 0x1, 0x17, 0x6}}, @fadd={0x58, 0x114, 0x6, {{0x4, 0x5}, &(0x7f0000000080)=0x10, 0x0, 0x5, 0x8000, 0x3, 0x1, 0x8, 0xfffffffffffffffd}}], 0xa0, 0x20040000}, 0x0)

2m22.581287597s ago: executing program 9 (id=7208):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000ac0000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000004000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = add_key$keyring(&(0x7f0000000540), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_MOVE(0x1e, r2, 0xffffffffffffffff, r2, 0x1)

2m22.566198559s ago: executing program 9 (id=7209):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000480)='kfree\x00', r2}, 0x10)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000940)=@newtaction={0x8c, 0x30, 0x1, 0x1000, 0x25dfdbfc, {}, [{0x78, 0x1, [@m_ct={0x2c, 0x2, 0x0, 0x0, {{0x7}, {0x4, 0x20}, {0x4}, {0xc}, {0xc}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x8c}}, 0x0)

2m22.55069172s ago: executing program 9 (id=7210):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f00000001c0)='./file0\x00', &(0x7f00000007c0)='./file0/file0\x00', 0x0, 0x1000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mount_setattr(r0, &(0x7f0000000100)='.\x00', 0x9000, &(0x7f0000001dc0)={0x0, 0x85, 0x20000}, 0x20)

2m22.537627721s ago: executing program 9 (id=7211):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000440)={@val={0x70}, @void, @eth={@broadcast, @remote, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x4000, 0x6, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, {0x0, 0x6558, 0x18, 0x0, @wg=@data={0x4, 0x0, 0xffff5865}}}}}}}, 0x3e)

2m22.319215071s ago: executing program 9 (id=7217):
unshare(0x28000600)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x11, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000ffffffff000000000000000085000000a8000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback=0x6f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x2}, 0x38)

2m22.319094381s ago: executing program 37 (id=7217):
unshare(0x28000600)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x11, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000ffffffff000000000000000085000000a8000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback=0x6f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x2}, 0x38)

1m56.813275098s ago: executing program 2 (id=8309):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1000040, &(0x7f00000002c0)={[{@barrier}, {@nodioread_nolock}, {@noquota}, {@barrier}, {@auto_da_alloc}, {@nodioread_nolock}]}, 0x11, 0x59c, &(0x7f0000001840)="$eJzs3U9oHGUbAPBnZrNN/+T70g++Dz6lh6JChdJN0j9aPbVXsVDoQfCiYbMNJZtsySbahIDpvYg9iEov9aYHj4oHD+LFo1cvimeh2KDQ9KArm51N03S3bmI2W7O/H0z2fWdm93nfmX3e7AwzTAB962j9TxrxVERcTCKGNywbiGzh0cZ6qytLxfsrS8UkarVLvySRRMS9laVic/0kez0UEcsR8f+I+CYfcTxd/8h9zUJ1YXFqvFwuzWb1kbnpqyPVhcUTV6bHJ0uTpZlTL7505uzpM2MnxzY2935tYy2/tb7e+PHmuze+e+X2zU8/O7JcfH88iXMxlC3b2I+d1Ngm+Ti3af7pbgTroaTXDWBbclme11PpfzEcuSzrW6ltHBwGd6V5QBfVBiNq6zYUgT6QSHroU83fAfXj3+a0m78/7pxvHIDU466uLBXfiWb8gca5idi/dmxy8NfkoSOT+vHm4d1sKHvS8vWIGB0YePT7n2Tfv+0b3YkG0lVfn2/sqEf3f7o+/kSL8Weoee70b2qOf6vZ+LfaIn6uzfh3scMYv7/+00dt418fjKdbxk/W4yct4qcR8WaH8W+99uXZdstqH0cci9bxm5LHnx8euXylXBpt/G0Z46tjR15u3/+Ig23iN87Z7l9ryMb+78valHbY/y++/fyZ5cfEf/7Zx+//Vtv/QES812H8/9z75NV2y+5cT+7WfwVsdf8nkY/bHcZ/4dzRH7Kis4YAAAAAAAAAALCD0rVr2ZK0sF5O00KhcQ/vf+NgWq5U545frszPTDSueTsc+bR5pdVwo57U62PZ9bjN+slN9VO5LGDuwFq9UKyUJ3rcdwAAAAAAAAAAAAAAAAAAAHhSHNp0//9vubX7/zc/rhrYq9o/8hvY6+Q/9K+H8z/pWTuA3ef/P/StmvyH/iX/oX/Jf+hf8h/6l/yH/iX/oX/JfwAAAAAAAAAAAAAAAAAAAAAAAAAA6IqLFy7Up9r9laVivT4xsDA/VXnrxESpOlWYni8WipXZq4XJSmWyXCoUK9N/9XlJpXJ1NGbmr43MlapzI9WFxTemK/MzzWeKlvJd7xEAAAAAAAAAAAAAAAAAAAD88wytTUlaiMg36mlaKET8KyIOJ5FcvlIujUbEvyPi+1x+sF4f63WjAQAAAAAAAAAAAAAAAAAAYI+pLixOjZfLpdnuFQayUF0M0XlhYCsrR8Tyzjaj/olbflc+24A93nR7o5B7Mr6HT36hh4MSAAAAAAAAAAAAAAAAAAD0qQc3/Xb6jj+62yAAAAAAAAAAAAAAAAAAAADoS+nPSUTUp2PDzw1tXrovWc2tvUbE27cufXBtfG5udqw+/+76/LkPs/kne9F+oFPNPE0jop7HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwAPVhcWp8XK5NLvNwmAH6/S6jwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADb8WcAAAD//y4WzlE=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x15)
pwrite64(r0, &(0x7f0000000140)='2', 0xfdef, 0xc00)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0}, 0x18)

1m56.728205026s ago: executing program 2 (id=8317):
bpf$MAP_CREATE(0x0, &(0x7f0000000dc0)=ANY=[], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000000001000001"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x8, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
syz_emit_ethernet(0xd2, &(0x7f00000000c0)=ANY=[@ANYBLOB="0180c2000000ffffffffffff86dd60ecff80009c1101fe8000000000000000000000000000bbff02000000000000000000000000000100004e22009c9078"], 0x0)

1m56.68077592s ago: executing program 2 (id=8319):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41002, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x18)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
syz_open_procfs(0x0, &(0x7f0000000040)='net/udp\x00')
close_range(r1, 0xffffffffffffffff, 0x0)

1m56.640353854s ago: executing program 2 (id=8323):
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x2151090, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x972, &(0x7f0000006680))
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262)

1m56.581830109s ago: executing program 2 (id=8326):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x4, &(0x7f0000000980)=ANY=[@ANYBLOB="1801000000000000000000006dfeff00850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='kfree\x00', r0, 0x0, 0x401}, 0x11)
r1 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r1, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r1, &(0x7f0000000740)={&(0x7f0000000040)={0x2, 0x0, @dev}, 0x10, 0x0, 0x0, &(0x7f0000004680)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f0000002bc0)=[{&(0x7f0000001900)=""/135, 0x87}], 0x1}}], 0x48}, 0x0)

1m56.388047567s ago: executing program 2 (id=8341):
syz_usbip_server_init(0x1)
syz_usbip_server_init(0x1)
syz_usbip_server_init(0x2)
syz_usbip_server_init(0x1)
syz_usbip_server_init(0x1)

1m56.313226934s ago: executing program 38 (id=8341):
syz_usbip_server_init(0x1)
syz_usbip_server_init(0x1)
syz_usbip_server_init(0x2)
syz_usbip_server_init(0x1)
syz_usbip_server_init(0x1)

1m34.496350239s ago: executing program 4 (id=9303):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = add_key$keyring(&(0x7f0000000200), &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r2, &(0x7f0000000240)='asymmetric\x00', &(0x7f00000001c0)=@keyring)

1m34.448902684s ago: executing program 4 (id=9306):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a300000000068000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a300000000008000540000000212c0011800a0001006c696d69740000001c0002800c00024000000000000000030c0001400000000200000101480000000c0a01010000000000000000070000000900020073797a31000000000900010073797a30000000001c0003800c00008008000340000000020c0000800800034000000002"], 0xf8}}, 0x0)

1m34.411137617s ago: executing program 4 (id=9308):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x42901, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @broadcast})
write$tun(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="034886dd0900300003003003e80060ce902d9f0c2f0081e949b93897bc3b0000000000007d01ff02000000000000000000000000000112006558"], 0xfdef)

1m34.197406487s ago: executing program 4 (id=9319):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x2c)
mount$tmpfs(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f0000000300), 0x210009, 0x0)
chroot(&(0x7f0000000000)='./file0/../file0\x00')
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
pivot_root(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000140)='./file0/../file0\x00')

1m34.16630806s ago: executing program 4 (id=9321):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xf, &(0x7f0000000400)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a03000000000000000000010000000900010073797a30000000000900020073797a30000000002c0003800800014000000000180003801400020000007468305f746f5f68737200000000080002"], 0xe8}}, 0x0)

1m33.746137229s ago: executing program 4 (id=9333):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r0, &(0x7f0000000140)={0x2, 0x0, @remote}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000), 0x20000328)
setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x81, 0x4)

1m33.73646351s ago: executing program 39 (id=9333):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r0, &(0x7f0000000140)={0x2, 0x0, @remote}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000), 0x20000328)
setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x81, 0x4)

1m23.929782926s ago: executing program 0 (id=9781):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='kmem_cache_free\x00', r1, 0x0, 0x8000}, 0x18)
memfd_secret(0x0)

1m23.900769078s ago: executing program 0 (id=9782):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000180)='syzkaller\x00', 0x5, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
removexattr(&(0x7f0000000080)='./file0\x00', &(0x7f0000000000)=@known='system.posix_acl_default\x00')

1m23.815670486s ago: executing program 0 (id=9787):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x18)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010326bd7000fbdbdf251c"], 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0x40006)

1m23.741342153s ago: executing program 0 (id=9791):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x2, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x10}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000200)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x4a0, 0x1e8, 0xffffffff, 0xffffffff, 0x1e8, 0xffffffff, 0x3d0, 0xffffffff, 0xffffffff, 0x3d0, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@remote, @loopback, [0xff, 0xff, 0xff, 0xff], [0xff000000, 0xff, 0xff], 'team_slave_0\x00', 'netdevsim0\x00', {}, {0xff}, 0x29, 0x3, 0x0, 0x60}, 0x0, 0x1a0, 0x1e8, 0x60030000, {0x0, 0xff000000}, [@common=@inet=@recent0={{0xf8}, {0x9, 0x0, 0x24, 0x0, 'syz1\x00'}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x1, 0x4, 0x7a3, 0x6, 'snmp_trap\x00', {0x369bc443}}}}, {{@ipv6={@remote, @local, [0xffffff00, 0xffffffff, 0x0, 0xffffff00], [0xffffffff, 0xffffff00, 0xffffffff, 0xff000000], 'netpci0\x00', 'bridge_slave_1\x00', {}, {0xff}, 0x2b, 0x2, 0x5, 0x5}, 0x0, 0x1c8, 0x1e8, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x29, 0x1, 0x1, 'syz0\x00'}}, @inet=@rpfilter={{0x28}, {0x1c}}]}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x500)

1m23.684283749s ago: executing program 0 (id=9796):
mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x11, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000001480)='GPL\x00', 0x5, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000380)='kfree\x00', r0, 0x0, 0x4804}, 0x18)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30)
mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0)

1m23.660936831s ago: executing program 0 (id=9800):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000a40)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0, 0x0, 0x1}, 0x18)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000001c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
write$cgroup_subtree(r1, 0x0, 0x2a)

1m7.505380423s ago: executing program 40 (id=9800):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000a40)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0, 0x0, 0x1}, 0x18)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000001c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
write$cgroup_subtree(r1, 0x0, 0x2a)

58.635102943s ago: executing program 5 (id=10754):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000005c00)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3ac3209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b135ab6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385beef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8e3070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750890ae71555b3228b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6c30ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d25f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88372091cd397b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42453ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca00000000000000000000007925d0f1256330b9e2aa9a18cea8e009116f63c6c7d8f7f95bf0f6731e5eb1dcdc534f357b9f08e7a9a3aebeca145d695053b5bef004ca24e6c57ed10f01488d38b8b0b68d93e3cf630837915d518fde2115e66615786fe7b9216de958119cf762cac77ac829a02f48e72c0d2841880b2c"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff7e}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000780), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_FLUSH(r1, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000240)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002bbd7000fcdbdf2518"], 0x60}}, 0x4024000)

58.595506776s ago: executing program 5 (id=10757):
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000500), 0x28002)
r1 = dup(r0)
r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f00000001c0)='.\x00', &(0x7f0000000180), 0x0, &(0x7f0000000040)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}})

57.660917753s ago: executing program 5 (id=10788):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
openat(r2, &(0x7f00000000c0)='.\x00', 0x515401, 0x408)

57.560630062s ago: executing program 5 (id=10790):
syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000000)='./file0\x00', 0x800090, &(0x7f0000000a40)=ANY=[@ANYBLOB="6572726f72733d72656d6f756e742d726f2c756e695f786c6174653d312c756e695f786c6174653d302c757466383d302c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6d697865642c696f636861727365743d64656661756c742c6e6f6e756d7461696c3d302c73686f72746e616d653d6c6f7765722c726f6469722c757466383d302c6572726f72733d72656d6f756e742d726f2c6572726f72733d636f6e74696e75652c756e695f786c6174653d302c756e695f786c6174653d302c646d61736b3d30303030303030303030303030303030303030303030312c747a3d5554432c6e6f6e756d7461696c3d302c73686f72746e616d653d6d697865642c6572726f72733d72656d6f756e742d726f2c6e6f6e756d7461696c3d302c6e6f6e756d7461696c3d302c756e695f786c6174653d302c73686f72746e616d653d6d697865642c73686f72746e616d653d77696e6e742c756e695f786c6174653d302c726f6469722c696f636861727365743d63703733372c73686f72746e616d653d77696e39352c696f636861727365743d6370313235312c73686f72746e616d653d77696e39352c73686f72746e616d653d77696e6e742c6e6f6e756d7461696c3d303e002804de526a2962c96269574f352812653af3f6cd668c31a51bb3ea504a07f361244709ddea94f616bfbdb1850c78c12060f961cc4c0f80ed3390fb03dbe82a2014852c59665501cd64f0a6a4ba839cf58fe10e184c735b4692a267d276169f0c203459a3f8899e6c3ac3bd115cdd185ca2972692171eed646eb083d9c646931c7987d8c087efbb77b881ceaaef4cf13f59d8417bf2ba94f6f9bcf2d707ff2c4f28415a5fa5517f85d05882"], 0x4, 0x2d1, &(0x7f0000000740)="$eJzs3T9rJGUcB/DfbGb/qMVuYSWCA1pYHZdrbTbIHYipPLY4LTR4dyDZRUgg4h9cU4mdjaWvQBB8ITZ2loKtYGeEwMjMzmR3k3GzkWxE8/kUyZOZ5zvP73lmkkyTJ++9ONl/nMXT489+iV4vidawG3GSxCBaUfsilgy/DgDgv+wkz+P3fKbh9M9frcj2NlgXALA5l/z+r6Tlx0dFjx9urjYAYDMePnr7zZ3d3ftvZVkvHky+PBolEVF8np3feRofxDiexN3ox2lE+aLQjvJtoWg+yPN8mmaFQbwymR6NiuTk3R+r6+/8FlHmt6Mfg/LQ2dtGmX9j9/52NrOQnxZ1PFuNPyzy96Ifz5+Fl/L3GvIx6sSrLy/Ufyf68dP78WGM43FZxDz/+XaWvZ5/88en7xTlFflkejTqlv3m8q168OkN3yMAAAAAAAAAAAAAAAAAAAAAAP5/7lR753Sj3L+nOFTtv7N1WnzRjqw2WN6fZ5ZP6gvN9weKVp7n0zy+rffXuZtlWV51nOfTeCGtNhYEAAAAAAAAAAAAAAAAAACAW+7w40/298bjJwfX0qh3A0gj4s+HEf/0OsOFIy/F6s7dasy98bhVNZf7pItHYqvuk0SsLKOYxDUty2WNZy7UXDW++74xVczoMI2mU73LB203j3XFxkft2To29qmfrv29pHkNu2fF94obF+dvXCeaR2/HuSOdv6uwfhTXm06n8VT/ysvSea5sTFf0iWTV98Vrv87KXpjFUp9OuaqN8XbVWIifezbWep6jN4tf/FmR2K0DAAAAAAAAAAAAAAAAAAA2av7Xvw0nj1dGW3l3Y2UBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwI2a////dRrpcniNVCcODv+tuQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB7/BUAAP//vaZV2Q==")
creat(&(0x7f00000004c0)='./bus\x00', 0x75)
mount(&(0x7f0000000480)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x801400, 0x0)
r0 = open(&(0x7f0000000080)='./bus\x00', 0x4600, 0xe898d2275f586838)
preadv2(r0, &(0x7f0000000980)=[{&(0x7f0000001200)=""/4096, 0x1000}], 0x1, 0x8000, 0x40009, 0x1b)

57.528375565s ago: executing program 5 (id=10793):
r0 = socket$inet(0x2, 0x802, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x3f, &(0x7f0000000040)=0x7, 0x4)
connect$inet(r0, &(0x7f0000002780)={0x2, 0x4e22, @remote}, 0x10)
write(r0, &(0x7f0000000440)="08008edf773c8000", 0x8)
recvmmsg(r0, &(0x7f0000006f80)=[{{0x0, 0x0, 0x0}, 0x2}], 0x1, 0x20, 0x0)

56.777196024s ago: executing program 5 (id=10805):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r0}, 0x18)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f0000000100)={{0x1, 0x0, 0x0, 0x3}})
close_range(r1, 0xffffffffffffffff, 0x400000000000000)

56.737614558s ago: executing program 41 (id=10805):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r0}, 0x18)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f0000000100)={{0x1, 0x0, 0x0, 0x3}})
close_range(r1, 0xffffffffffffffff, 0x400000000000000)

1.131522645s ago: executing program 3 (id=13187):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x64, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket(0x10, 0x3, 0x0)
connect$netlink(r2, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x25dfdbff, 0x2000}, 0xc)
sendmsg$nl_route_sched(r2, &(0x7f00000000c0)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f0000001540)=@newtaction={0x18, 0x30, 0x829, 0x0, 0x0, {}, [{0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0xc010}, 0x4044040)

1.106852268s ago: executing program 8 (id=13188):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000880)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x50, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_DESC={0xc, 0x9, 0x0, 0x1, [@NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0x1}]}, @NFTA_SET_POLICY={0x8, 0x8, 0x1, 0x0, 0x1}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x78}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a400000000e0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c000180060001"], 0x68}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)

1.090778248s ago: executing program 3 (id=13189):
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='mountinfo\x00')
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='net\x00')
fchdir(r0)
exit(0xffffffffffffffa9)
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./mnt\x00', 0x8400, 0x10b)

1.07894202s ago: executing program 8 (id=13190):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[], 0x48)
bpf$BPF_PROG_DETACH(0x8, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0, 0x0, 0x7}, 0x18)
r1 = socket(0x2b, 0x80801, 0x1)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8000000, 0x7fffffe, 0x2d0, 0x0, 0xffffffff, 0xffffffff, 0x110, 0xffffffff, 0x200, 0xffffffff, 0xffffffff, 0x200, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x3, 0x0}, @mcast1, [0x0, 0x0, 0x0, 0xffffff], [0x0, 0x0, 0x4c62d6309aaa1bde, 0xff000000], 'ip6tnl0\x00', 'nicvf0\x00', {}, {0xff}, 0x3a}, 0x0, 0xa8, 0x110}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x4, '\x00', 'syz1\x00'}}}, {{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast1, [], [0x0, 0x0, 0xffffff00, 0xffffff00], 'veth1\x00', 'veth0_to_bridge\x00'}, 0x0, 0xa8, 0xf0}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', {0x1}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x330)

882.637328ms ago: executing program 6 (id=13195):
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ff1000/0x2000)=nil, &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
writev(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000140)='15', 0x2}], 0x8)
r0 = io_uring_setup(0x524, &(0x7f0000000040)={0x0, 0x3cb1, 0x1c080, 0xa, 0x20002f7})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[], 0x30}, 0x1, 0x0, 0x0, 0x4040000}, 0x0)
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)

823.397134ms ago: executing program 6 (id=13198):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000021c0), 0x181000)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0xc0a85320, &(0x7f0000000c40)={{0x80}, 'port0\x00', 0x49, 0xfe8ee28a1d9fac77, 0xa, 0x6, 0x2, 0x40, 0x3, 0x0, 0x6, 0x6})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000060000000000000000008500000007000000850000000e00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000012c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x10)
ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r0, 0xc0a85320, &(0x7f0000000880)={{0x80}, 'port0\x00', 0x3c, 0x151625, 0x2, 0x2, 0x20107, 0x6, 0x8, 0x0, 0x4, 0x3})
close(r0)

799.766935ms ago: executing program 6 (id=13199):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0xb, 0x1, 0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0xd07, 0x40}, 0x100b28, 0x6, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r0, 0x400448cb, 0x0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000b80)=[{0x6, 0x19, 0x2}]}, 0x10)
bind$bt_hci(r1, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6)

745.077121ms ago: executing program 8 (id=13203):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000040), &(0x7f0000000080)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000880)='sched_kthread_work_queue_work\x00', r2}, 0x18)
socketpair(0x1d, 0x2, 0x2, &(0x7f0000000300)={0x0, 0x0})

730.570292ms ago: executing program 1 (id=13204):
symlink(&(0x7f0000001780)='./file0/../file0\x00', &(0x7f00000017c0)='./file0\x00')
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
execve(&(0x7f00000002c0)='./file0\x00', 0x0, 0x0)

715.285393ms ago: executing program 6 (id=13205):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000040000000000000000850000002300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_read_part_table(0x4080, &(0x7f0000000000)="$eJzszz9KA0EcBeC3JpEoUbAWxEWwFO2scotcQDyCjY0G03kMwSZ4AG/gkUwjI2GX1cRWQeX7in37e/tnZsKvcP/a3lwuL5td/3K9+t5Om88XT3tJDuu8lVIyTNJf++WiJKdnGWwPNzJKcvV11cn8e08BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8JdP1orc6Pra5n9nNOOelcXvXS9U+qU+S3Y8PFiXZ6qZ+E5P5D2wdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPjvSillmdWnbpCk35RVMu36UR6OMhsfVBkm9fE7+3NoAwAIAwEwwTAh87A3CvEJoQPU3ama/uf/lP3Omf/qpGWNphUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXHbgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwAwckAAAAAIL+v25HoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBGAQAA//88nie/")
fadvise64(0xffffffffffffffff, 0x80000001, 0x9, 0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000380)='kfree\x00', r0}, 0x18)
syz_io_uring_setup(0x10e, 0x0, &(0x7f0000000400), 0x0)

714.705413ms ago: executing program 8 (id=13206):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=@base={0x7, 0x4, 0x80, 0xe, 0x28}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r1}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x18)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000003180)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x7ff, 0xf84, 0x3}, 0x1c)
close(r0)

707.290624ms ago: executing program 1 (id=13207):
r0 = socket$kcm(0x10, 0x2, 0x4)
close(r0)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000140)={0x0, 0x7, 0x0, 0xc, 0xffffffff})
r1 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r1, &(0x7f0000000040)=@in6={0x21, 0x0, 0x2, 0x1c, {0x2, 0x100, 0x0, @loopback={0xff00000000000000}}}, 0x24)
sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f00c00e}, 0x0)

684.807216ms ago: executing program 1 (id=13208):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000200), 0x42082)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x22c7, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xe, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f00000002c0)='kfree\x00', r2, 0x0, 0x2}, 0x18)
ioctl$SNDRV_TIMER_IOCTL_STATUS32(r0, 0xc0f85403, 0x0)

684.364756ms ago: executing program 8 (id=13209):
syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000040)='./file0\x00', 0x100c404, &(0x7f0000000340)=ANY=[@ANYBLOB='dmask=00000000000000000002001,flush,uid=', @ANYRESHEX=0x0, @ANYBLOB="0004074443", @ANYRESHEX=0xee00, @ANYBLOB=',dots,nodots,gid=', @ANYRESHEX=0xee00, @ANYBLOB=',nodots,nodots,dots,nodots,nodots,nodots,check=relaxed,nodots,sys_immutable,nodots,showexec,flush,umask=00000000000000000000007,nodots,dots,\x00'], 0x1, 0x1f5, &(0x7f0000000600)="$eJzs3cFqE1EUANCbmCYTcdGdIAgjLnRV1C+oSAUxIFSy0J2gK7NqN6mb9jP8Bf/LD5CuspEncSadmKYxBDKj7Tmb3pn7Xt+7M2SSTW5SFL7f/RpZ1or2fuzHpBW70Y6ZswAArpNJSvEjFZreCwBQjzXe/3/WvCUAYMvevnv/+vlgcHCY51nE+dl4OB4Wf4v8y1eDgyf5b7vVrPPxeHjrIv80X/zsMM3vxO0y/6yYn1+kuxEx7Mbjh0V+mnvxZpD/Ob8XH7dcOwAAAAAAAAAAAAAAAAAAAAAANOV+5DNL+/vs7S3m+2W+OJrrD7TQv6cT9zrlYdUeKJ3WURQAAAAAAAAAAAAAAAAAAAD8Z45Pvnz+MBp9OqqCXkTMn+ksGXN10Cr/8VqDmw/asdn0flnmBou2yku03QL7y2/uOkF0/pW7s2mQ17BWf+XlTWkaLH8VzNpiXDm9GxGrV390uOnmJyml0bcHR8cnkVYOrp4RvVqfSAAAAAAAAAAAAAAAAAAAcHPNfev7kqyJDQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAA6rf/58Gl8+sDE4j4k78dfBsrZ3IGq0VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA6+tXAAAA//85ziI4")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
fadvise64(r0, 0x2, 0x0, 0x4)

630.127881ms ago: executing program 1 (id=13210):
syz_clone(0x42000000, 0x0, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f00003ef000/0x3000)=nil, 0x3000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_io_uring_setup(0x10b, &(0x7f00000003c0)={0x0, 0x334b, 0x80, 0x3, 0x805}, 0x0, 0x0)
r0 = syz_open_procfs$namespace(0x0, &(0x7f0000001380)='ns/cgroup\x00')
open_by_handle_at(r0, &(0x7f00000003c0)=ANY=[@ANYBLOB="20000000f10002000a00000000000000000002"], 0x0)

564.515817ms ago: executing program 1 (id=13211):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000080200000e"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7030000ec000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0xe, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x18)
r2 = openat$selinux_relabel(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
write$selinux_access(r2, &(0x7f0000001a80)=ANY=[@ANYBLOB="73797374656d5f753a6f62576563745f723a7570647077645f657865635f742073797374656d5f753a73797374656d5f723afaffffffffffffff3a73302030"], 0x56)

544.352539ms ago: executing program 1 (id=13212):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000060000000000000000008500000007000000850000000e00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000012c0)={&(0x7f0000000040)='kfree\x00', r0}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000006c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x4050)
recvmsg$unix(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
syz_usb_connect$printer(0x3, 0x2d, &(0x7f0000000000)=ANY=[], 0x0)

452.729198ms ago: executing program 8 (id=13213):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000016c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x840e, &(0x7f0000001080)={[{@discard}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@jqfmt_vfsold}, {@bsdgroups}, {@quota}]}, 0x3, 0x43a, &(0x7f0000001100)="$eJzs28tvG1UXAPAzfrRfX19CVR59AIGCqHgkTVpKF2xAILEACQkWZRmStCp1G9QEiVYRBITKCqFK7BFLJP4CVrBBwAqJLexRpQpl08LKaOyZxHYcNzFOnOLfT5r23plr3XM8c+07c+MABtZI+k8SsTcifouIoXq1ucFI/b/bSwtTfy0tTCVRrb7xZ1Jrd2tpYSpvmr9uT14pRRQ+SeJwm37nrly9MFmpzFzO6mPzF98dm7ty9ZnzFyfPzZybuTRx+vTJE+PPnZp4tid5pnndOvTB7JGDr7x1/bWpM9ff/umbJM+/JY8eGel08PFqtcfd9de+hnJS6mMgbEixPkyjXBv/Q1GMlZM3FC9/3NfggE1VrVar9619eLEK/Icl0e8IgP7Iv+jT+99826Kpx7Zw84X6DVCa9+1sqx8pRSFrU265v+2lkYg4s/j3l+kWm/McAgCgyXfp/OfpdvO/QjQ+F/p/toYyHBH3RMT+iDgVEQci4t6IWtv7I+KBDfbfukiyev5TuNFVYuuUzv+ez9a2mud/+ewvhotZbV8t/3Jy9nxl5nj2nhyL8s60Pt6hj+9f+vXztY41zv/SLe0/nwtmcdwo7Wx+zfTk/GRziN27+VHEoVK7/JPllYAkIg5GxKEu+zj/5NdH1jp25/w76ME6U/WriCfq538xWvLPJZ3XJ8f+F5WZ42P5VbHaz79ce32t/v9V/j2Qnv/dba//5fyHk8b12rmN93Ht90/XvKfp9vrfkbzZtO/9yfn5y+MRO5JX60E37p9oaTex0j7N/9jR9uN/f6y8E4cjIr2IH4yIhyLi4Sz2RyLi0Yg42iH/H1987J3u899caf7TGzr/K4Ud0bqnfaF44Ydvmzod3kj+6fk/WSsdy/Ysf/51sJ64uruaAQAA4O5TiIi9kRRGl8uFwuho/W/4D8TuQmV2bv6ps7PvXZqu/0ZgOMqF/EnXUMPz0PHstj6vT7TUT2TPjb8o7qrVR6dmK9P9Th4G3J4otR3/qT+K/Y4O2HR+rwWDy/iHwWX8w+Ay/mFwtRn/u/oRB7D12n3/f9iHOICt1zL+LfvBAHH/D4PL+IfBZfzDQJrbFXf+kbyCwqpCFLZFGOssfFbeFmHcRYV+fzIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0xj8BAAD//3g65pw=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./bus\x00', 0x1c1002, 0x0)
write(r1, &(0x7f0000004200)='t', 0x1)
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7ffff000)

386.481774ms ago: executing program 6 (id=13214):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[], 0x48)
bpf$BPF_PROG_DETACH(0x8, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0, 0x0, 0x7}, 0x18)
r1 = socket(0x2b, 0x80801, 0x1)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8000000, 0x7fffffe, 0x2d0, 0x0, 0xffffffff, 0xffffffff, 0x110, 0xffffffff, 0x200, 0xffffffff, 0xffffffff, 0x200, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x3, 0x0}, @mcast1, [0x0, 0x0, 0x0, 0xffffff], [0x0, 0x0, 0x4c62d6309aaa1bde, 0xff000000], 'ip6tnl0\x00', 'nicvf0\x00', {}, {0xff}, 0x3a}, 0x0, 0xa8, 0x110}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x4, '\x00', 'syz1\x00'}}}, {{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast1, [], [0x0, 0x0, 0xffffff00, 0xffffff00], 'veth1\x00', 'veth0_to_bridge\x00'}, 0x0, 0xa8, 0xf0}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', {0x1}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x330)

281.979094ms ago: executing program 7 (id=13217):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="160000000000000005000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x3, 0x21f3, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000ed00000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0xcf}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r1}, 0x10)
timer_create(0x2, 0x0, &(0x7f0000bbdffc)=<r2=>0x0)
timer_settime(r2, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)

269.849804ms ago: executing program 7 (id=13218):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x3, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000002000000000000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x1, '\x00', 0x0, @fallback=0x35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000180000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000f0850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0xe40, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x320e, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)

233.675738ms ago: executing program 7 (id=13219):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec8500000050000000850000000f00000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10)
r1 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)={0x34, r1, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'bond0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x34}}, 0x0)
sendmsg$SMC_PNETID_DEL(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)={0x14, r1, 0xe27, 0x70bd28, 0x0, {0x4, 0x7, 0x2}}, 0x14}, 0x1, 0x40030000000000}, 0x4000)

178.162373ms ago: executing program 3 (id=13220):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x1fffffffffffffcd, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000072"], 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r0}, 0x10)
syz_emit_ethernet(0x2a, &(0x7f0000000380)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x18}, @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x0, 0x20, 0x1c, 0x0, 0x0, 0x1, 0x2, 0x0, @dev, @local}, {0x14, 0x0, 0x0, @rand_addr=0x64010102}}}}}, 0x0)

144.334806ms ago: executing program 7 (id=13221):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000300)='sys_enter\x00', r0}, 0x18)
r1 = gettid()
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSIGACCEPT(r2, 0x5607, 0xb)
tkill(r1, 0x11)

143.807536ms ago: executing program 3 (id=13222):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f00000000c0)='./file0\x00', 0x204888, &(0x7f0000000740)=ANY=[@ANYBLOB="756e695f786c6174653d312c696f636861727365743d757466382c0097b75cbdde02821d0f899c2377ee9577397fc18b433d0c59e692b381740ca495e1c145c5922679338b5ff21c0653a98440a5725268a242c0263564f988d3c178704feaf8a412df818275708882ea9a4048c6e458a1f05b83f2e69b965b1df203b21de2b0ee375647f886a5310889982079aa7b1fb4eefe7f768eec58b19cf50faaf129503175f4262df740183df51d3641ff78b86127c1db8ef165bfa3bd20797fde6ff91a0e45d3d7c1c6d1ce0a72be8c1fdb00000000", @ANYRES16, @ANYRESHEX, @ANYRESHEX, @ANYRESDEC=0x0, @ANYRESOCT, @ANYRES32], 0x1, 0x343, &(0x7f0000000bc0)="$eJzs3cGLG1UcB/BfY+22tdvsQQQF8aEXvYTd9R8wSAvigrJ2pXoQpu6shkyTJRMqKWJ7E2/+HcWjN0EEz3vx7s3bXjz2UIwk2d1u4u7BQna25POB5L3My5d5k/DC7zJ5+7d/vNveKRs7WT9q76W4EhG1xxErUYtDFw7a2rh/KY57GO/Ub//5+iefff5hc2PjxmZKN5u33l1PKV1/49dvvv3pzd/6L3368/VflmJv5Yv9v9f/2ntl79X9f2593SpTq0ydbj9l6U6328/uFHnabpXtRkofF3lW5qnVKfPe1PhO0d3dHaSss718dbeXl2XKOoPUzgep30393iBlX2WtTmo0Gmn5aiyWZ7nerUebm1lzDpPhDP0we+DK9Mter5mN1vDSf5Jbj+Y6MQDgXJqt/2txeXy8ovr/sET5//X/hUWv/5+F+n8RjOr/Swfrd5r6HwAAAAAAAAAAAAAAngePh8P6cDisH7azj6rnx3z5/hfbsRv3LkcU39/burc1aSfjzZ1oRRF5rEY9nkQMj8T4TsGbH2zcWE1jK7F898EkP2pfmM6vRT1WpvOj51F+LaU0fJDSdP7F8T9aHOXXox4vn5xfn5x/Jn8p3n7rWL4R9fjjy+hGEdsxyj7Nf7eW0vsfbczkl8bvAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAxNNKRE/fvbzROG5/kj/bXX416PDl5f/7VE/fnvxivXaz22gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgUDm4386KIu+dfedhnDI0PFDVxM6+EzG3U/x+LU77nHXOV+fawZo8H/Op+IcJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKvB00++qZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECVysH9dlYUeW+OnaqvEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4HnybwAAAP//V3Yinw==")
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaa"], 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)

48.995675ms ago: executing program 3 (id=13223):
bind$inet(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x1, 0x2, &(0x7f0000000140)=ANY=[@ANYBLOB="9110bd000000000095"], &(0x7f00000000c0)='GPL\x00'}, 0x94)

45.327245ms ago: executing program 7 (id=13224):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000400)=[{0x200000000006, 0x0, 0x2, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_reuseport=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
semctl$SEM_INFO(0x0, 0x2, 0x13, &(0x7f0000000e00)=""/219)

18.514238ms ago: executing program 6 (id=13225):
bpf$PROG_LOAD(0x5, &(0x7f0000001a00)={0x0, 0x26, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r0}, 0x18)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r1, 0x28, 0x1, &(0x7f0000000100)=0xfffffffffffffffe, 0x112)

398.089µs ago: executing program 3 (id=13226):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r2, r1, 0x25, 0x0, @void}, 0x10)
syz_emit_ethernet(0xd81, &(0x7f0000001c00)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xd73, 0x66, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0xd5f, 0x0, @wg=@data={0x4, 0x7407, 0xfffffffffffffffd, "9c67524ed6ed152d4f775bbc411126513b67aa2818e6f3aeb55bee6ae1049f195705bc8bd9b1085cd41af77353267df8a1d4cecdb01908186ea04e641c89a2ee0432e9c0894a8d7aff0c865e96548d507f048f907320b0f8b1e83b5f1425b63ad9c6adfd09578bbda92c9bd8f57d6efd752a6f20487ebea241d612212e3ccb077a5150c08f56aed6ee45acd4439043886b78cc5562b00bc57cf509d90b02a7bc86919f1b882f556e6aac5e9b93ee545b2b68bd014e2a49c332432ef4adeb61ac418aa4e20ee299f1a8b7a72e985223996b11a8913f3b1c23b10f88c3de28660457a37126fd3b6394536da0cd962f532ff22c496e1df4ffe049b193514c02571399d3618383a287068f4f15d51d1781cc0bc2af66ddc68135bfd33634e1a75be80630ce76ef79c86c9abb2fdc6d84367ea10fd8a6ee3c99eaec83c66bf5ffce6eb5ccc2546b6df905ff1aea223029ba2f7eb2469c5b8637b79347361f8cf0fa9d58a039e7811f343961b22c23d68b2c04eb8b5aeee7c6f71ce95cab886bf2694e0643d18761043e2d1dcb8ce0bdd15817a75f591b05146424797f729689e2a7bd53cb6c02fd15c339057c714794b407b342d12e69ec383b6ea6c99f845d04fd5128203c78a388fb0a1caf1f725f7636eb41e415951f8284a9c475760eb9312f7d6307037d472fbda509d56a0cf8e36d44f3f0b67fabdd2842ab4241cbfc7d309188d3a634129a13bfcac3b39b75d46bed585550ff7b41746dfd7e0f0c8a25e9f39deb7e2a4f0e068b86c6593b3b37838d2809eef3eb2f3120fde2fe3e9fef4e4bea1ddf3d17c40f753b37baaa110a8b4ad805d500e0235e9371b828993da25c5697d1001c8971b3862eef047730b242350403c851cd74cdea94501c0e2875a5830aa71733a0f022cb37e1cfffaee8eb0a23d51181a0691dadcd6b30a86a5fbf5c499120e265938f6430ffde09eb173327c2e25bdf22ae0d742141db856c4beee07af0ce37c078f6e59b41a29502cc01737c984185f6622a3ce02ed04daf2a7eb03c92a5a5ecce5973ef704aba9efcb99bf52f5c662d52f4399a13af760f9f9ff3d5930c3fae014b92ee0aded4ba51d95cf946d5f55f5b5d4603f8b76087d681ad77fc385fe114331c24a4ada85eaebf5405467dbe656b31b79a0f893864a13bda309a2fec2f4fc4858d9daf946df31f4077338bfc3116a45827ce8907ad691d241d3a8859a3672aeee3878e45b0be6f68194638dee30ba6735a6424e51f8b9a4965d37ab7ca96e167a5c32c8a935ff34693e24d067039db0f4ffe4dc5fe7c56a0d6e52a7cef9a6f1cc8b88d61d2258e3e0e8f2d7b699d4a22ab661f6afae5b48cc8fbc9ddfe57e76f274e65b210994fd96cd4deb6fdb795df4147ca0d876b1b08b64d20a28a358f48086c0f8d1f0741260f95adabba51f2d3f36107d49d46ba0c666232597bf08bfab60b5a432a1652e2c503fcf977ea6ff15c8e8f3bd9b7a3017c36be787d5a6579f5236b17d7bdc2c3918d9257e266bdf7929bb366d98d2b225c08c3c5ed22113b8c051c811bd1e52ecbe619dbc9579270c7cf69ac129e84a7141e689d9745d56e1cda6affdc1856757a6e39039b17d5286cf393186b99b20c54987087ece9972c39b4a05f1ca218c35254c666e7fcb7df4aa401cc79e1aade63732064ca80af164709a85fcf8ac72fa5ace60aa04d2ee0d5f051cb032f7c25100facb7ec1c247812b0de4f1c3c1ab98f904d9752cc427bc0445d8e27b51d5a8084087ea61f82ccc1114679f673753eddc7cfc00ba7e25db3391579ecdf638ab73078133e49b522d3d16bf2ebd06e7cefc24154088965ad3c9291c68f19f7cdd2943abc716ecf0b33fe249108da2b1f9abdbcb4dba89746a8c5711a41556efe5537327e253bd9ac68dc56516392292152b86ef118e25cac4e3c7c2b20bbc5bbc2d825c8dc14e9807aa6a423fdebfa7deee913c8f9f58bd967d43af1d65dc5ce72b2cd1a17ce34facd199bf2c62beeb752d156d6f31ea0323bc3ec0500587c485d8141f5b5ac81457df9396fbf98222212ef70527b6ed8d6e4d11156c8ecaee4692e068a72cb3b12686436028a7297956c48ee8fc393907edd3695fddbb786808c0a48182e3334e73fedcef0ee1bfbb13dce8a79b8822fd1ca0ed645f64d134c240844be5a7ac3aa15419ae79e7b1d721ae5abe1b0896c6189f23b65d79f5c3677b89f40aceff98dfca244a160dff264a2b14a3774064e1152fe0cabfc23e3e16dba5f46ea6af09fb3b8529022837c7e9303e3ecd0170fcc0e6fb0f3981d9f8f838412eae1a3dd13b7a980a642739e8abebed29db34c06460f09e27ddba1ed76b4ac6290235f6f81fcd3eb12af9821575b050aaf80d5c6c695807f7480f24e4bc0159744f9045a2d37574508d7e687482f775d0a4c471c4914e6a64b0d444037407b8d079751ddf4b14ed0ee6f1e622952a331a1a147f3a805fb7ca29c3c7feb2dddd0db795ac0ca327d95b19ff37bd8d553703014e5137f8c41b947d199f95f245d3354f9679876db736da5cfbd7cb9f80a12e50c895b999b670c9e161aa12e82c79d98fed5017e11674158a2f258ecc7c550f10dee6bb9d159316c567e3973e8aa30f157f6d30f239877021e7161c0a93c7b6bedccc7a3d8c9313f6f860d33ae0c162236853ae29d7a619bc306998e51c5d91a73475119a648700fbf3a41701ef87b440b83573a44339aea5806c0883470613e38baa518466dee2c671d96768f8d842feb5a812ea3ecd1e307a913a1032f06af2656b0a969b38366c39ca149205540391f36c897efb80aa43707c12e21544386fc232a45c9eb40a64c35edd4db20bd4970d642c0c2a0ee43ce8bf4d1bd84b3c3fa198cfc8d1f83960a1c3cd85a164926dc962a9078c5b079e0f4bb0b4e94b0aec3d13e7c47edc936927da2e6e7fe9485b0489bc4fdd1699611aeb00d767057602b8e53dfb4a6651c0f2873e5f60fdd7e2542d6aba79f491f87522f77427323e87386c89e1df9dd6e4f32be85c9eefbd6e6b177dde573b0d0bb8df828185aedc7aba2e6c3d4d9df393b203c1147f005860a6dd44dbcebead0eeb29fe3216930ef4a5994a93851df960d3be82d4294b64ba8295a59d099fd10afe39c2a79727a5447fa27909d53df6a00a63897261619e853036a6852e95ac6da62276007f2f3f386267cd8a0d136e645247e76db84e466e56ba42618b4fdef3e6d8c48dae5d03e1e369cd74042146e361cd6b4e654c8adc75446c454d3275a7d91646c4fb721966df9df3f761f10bebd212bfc87db9c48ffa0c6efcb17db3955f4a6f58919a036cda4f0a0c07a7306d2909adeeb474bd0bbec58865c4a5804108a014838673ff26438c162ec61e71bb880b154d475c71d500bfda3128b9fac2bccecb790dbd3075f424b1244f111c7eb5cbb7af0b6f3ec9cac20f82b1631822b940c03d697e213747627a5a7ed57414f2826888e515b88e61e69b742b053fe086ffc916abe00a41870cd332201d96c96bd174b369094b0da81ddc50affefa3709a358a5c00308d30a41d10b1c3f91a011bd246588336ff76dd60c10c3bbc8eec06adb3e73cc21d218b83eb9306e0650dd4e41bd65e15bb99a0653fc312251c174abed9e3ed04ef0378feaf78d839ebf61fda85c290f140cd3690cff881c348c57f504c50ca61986b29e58fdb0cbe276e42c982154762110c0f65b240aebe4291c66157629f0a45ea48e8e6a5dfe062214d635c5f828d1c888ec83a279ddac80f748c00e984248bef8e884590dcc1322aceb2d3b525618450fa0649e4ae8722769c6a32eb47161f7bf08bd59f903240ab9f790313b41607554b21ce45f10cde937f9f68fbb23ace0eaebd86b1201ea230c7f4c57f6594e655904db2a6d3d294f98fe630a524573f52c145b19eea382bc3adac7c7b62863bfa04f2d9fb9b93e7cda0fff4af897281580b879912ebd2c9c9d433ef479e886a477ce4538590179049aaff5e8e51b25db6c0300393a37c25c350e1e4effdd657f26de15199d39e134d1e7fe278b68377674a0e31a12e67096d44f62bd0353147041050fe44d9fbfc95fa8aa368e5868148a9e7a6f5551cf55f677b48ac2b4cd29a300d3cb9cd3a5ef486b9b3138018fb1568ce3f59385b98e93b7113dc85cd242bb57e545d6c151727d1c33ced565b2e29419bc6c458b45ab2107a55793618d20bd476e81ff79543cbace7b26a53a67a3f17ad0e2f2c0cc55f45d374ddc3cf8ada0c52cf1251cc4a6e1c7e84a1536cf328a0a392a3b79bbef1b40ad6e69811f3ec73b971c7cf6d64bfd0b183135d76fbb121aa99c753dce310f3288d460a1158a0c1c2ca4a66eadb38c6669dae4742a1da14b007555ffdae4e60f535ee23018dde93863b028346edc0f8da3ee5208b06fb107e921492ed9f2f2064d865afb5f955c80b1a6c5dbc540f1af7dd68925353d288fce304243f09d1791661027ea11f21ade9abb81a71343f1d405f35b01a504a99e08514f3b8307dce0b7c4305c0e531a538c6c11d8021183a87c2de3e1e384d114559601b948359f153d9845067683d8ef3dc75829a46211368ddf4837c021bf3ba1cc8005ab6902e094635f86f2f090851d5ac0af51c3aec46bdf9024ebe196351e2acd483f71821f033aa02d7bdee2fe987412bda115a5ce7f51dfdb78ce378485801fa10180339d3c5372a65cc46d2f0ef8ad3317062af5c243f81d920075e4874ea69081ba22d8be502422e973128c657da28f4f63d34919b5a4663544e244524263bae0a9a6c7455a16b5b860aedea"}}}}}}, 0x0)

0s ago: executing program 7 (id=13227):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000008c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000e868495fb58d00b6ad1f50ad32d6ad25dfd73a015e0ca6a0f68a7d007dc6751dfb265a0e3ccae669e173a64bc1cfd514600650a58f145ff1205fc9ddaa275e687d452d64e7cc957d77578f4c25235138d5521f9453559c35da860e8efbc64e57cbb7aee976f2b54421eed73d5661cfeecf9c66c54c3b3ffe1b4ce25d7c983cd44c05bd0a48dfe3e26e7a23129d6606ed28a69989d552af6d9a9df2c3af36e0360070011bbecc2f4a3799af2551ce935b0f327cb3f011a7d06602e2fd5234712596b696418f163d1a1a83109753f54b21cd027edd68149ee99eebc6f7d6dd4aed4af7588c8e1b44ccb19e810879b81a7000000e7ffffff00000000d7900a820b63278f4e9a217b98ef7042ad2a928903000000cbe43a1ed25268816b00000000000009d27d753a30a147b24a48435bd8a568669596e9e0867958e1dd7a0defb6670c06054002238260000000000040587c1ed797aa21a38e1e389f640a0b8b0000000000a835ad0f61ba739cd0c31b05c00fba8a4aee676d7caa2e53b91a68ff2e60da7b01a2e5785a238afa4aba70c08b0d71b6f72d6a8d87fb08533d97ad96d3943c4cc8306dac433a5cdf78b04963d679d5a5d07e618a1ef9057fec00f9e93021f5a8d30e716de8cde9c6000000000c3b64d10f0939b42b33ab2a8717096c58bb3bb1d457d8bb96870f5a7e2ba31fd69bb80235d957eaa9a40b764e5381ffa604aaafb76a980e72b408f686b185736693089213b4e140f8f38e5589663115093889deb646122a5dc5a9e5ba4d37749a36b880110e2bf524b79bc91105f1d3f7d0de694a9417d68694f17ba5e27ea1cec518b93fadcfe0de010ae9be3273ff73c34b5695080a35bfa5c69e3b533e1b939c81b3beda037b7191cb0000000000000000000010e5d683b8938db5c305cf7e6e62a6890ba9e1f4ee64f8202b59de5036569febfaa95f4633db108b2f786333ec7bacc927f4a1785165b5d2444b4c022bb5cff472e6a0c8ee9d6d8df83b704669147b732ac508c9b9f0ca0a1ce45319d43d4643eb285835daf2065b57bebd61ad6671296c27253a5f9688d57c91ccd40ffe2dbc5dd1613a2e6f5b363cc8d205ce6ef3c3c6ded7dd3dfdb39008d8997213f68cdc971c1d6fdacb7729a5560880a77525e9cfb94ef1735dfe74e6b948697f7e3580436b532a82e315d56b17a5dba98436cc24babaae409f0aab0b40af116001bc85492455956e853ead08b5793d4ecf72378a3dfd9cc837b1c66212d9a2be8fd6341c2f837c7fe09924a51ec42912856cce3d3b2d092c80813aad03e1e63a655f4138730f302df339f30a4fbd453c9a0fba381d071ad7cb80a52bec572e29b0b9b55c235806b97e166609f8083ce776075c"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x18)
r1 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'bond0\x00', <r2=>0x0})
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@newqdisc={0x94, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r2, {0x0, 0xf}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x64, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1], 0x0, [0x5, 0x6, 0x2, 0x0, 0x8, 0x0, 0x5, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x8001]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x8, 0x2, 0x0, 0x1, [{0x4}]}]}}]}, 0x94}}, 0x0)

kernel console output (not intermixed with test programs):

0814][T29632] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  305.573960][T31000] loop8: p5 start 460800 is beyond EOD, truncated
[  305.580622][T31000] loop8: p6 size 83886080 extends beyond EOD, truncated
[  305.604300][T31045] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1)
[  305.664578][T31058] EXT4-fs: Ignoring removed bh option
[  305.887497][T31088] bridge0: port 2(bridge_slave_1) entered disabled state
[  305.894914][T31088] bridge0: port 1(bridge_slave_0) entered disabled state
[  305.981504][ T4826] netdevsim netdevsim8 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  306.005970][ T4826] netdevsim netdevsim8 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  306.015220][ T4826] netdevsim netdevsim8 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  306.024432][ T4826] netdevsim netdevsim8 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  306.180018][T31140] EXT4-fs: Ignoring removed nobh option
[  306.188061][T31140] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  306.191106][T31142] sg_write: data in/out 49276/1 bytes for SCSI command 0x1c-- guessing data in;
[  306.191106][T31142]    program syz.8.10762 not setting count and/or reply_len properly
[  306.198167][T31140] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.10760: iget: bad i_size value: 38620345925642
[  306.228949][T31140] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.10760: couldn't read orphan inode 15 (err -117)
[  306.272315][T31140] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.10760: bg 0: block 5: invalid block bitmap
[  306.375881][T31169] ipt_ECN: cannot use operation on non-tcp rule
[  306.980091][T31205] set_capacity_and_notify: 17 callbacks suppressed
[  306.980111][T31205] loop8: detected capacity change from 0 to 8192
[  307.067834][T31214] netlink: 'syz.8.10787': attribute type 1 has an invalid length.
[  307.094659][T31219] loop5: detected capacity change from 0 to 256
[  307.159920][ T4267] FAT-fs (loop5): error, corrupted directory (invalid entries)
[  307.160097][ T4267] FAT-fs (loop5): error, corrupted directory (invalid entries)
[  307.266579][T31178] syz.3.10777 invoked oom-killer: gfp_mask=0x402d02(GFP_NOIO|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN|__GFP_ACCOUNT), order=0, oom_score_adj=1000
[  307.266629][T31178] CPU: 1 UID: 0 PID: 31178 Comm: syz.3.10777 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  307.266665][T31178] Tainted: [W]=WARN
[  307.266673][T31178] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  307.266822][T31178] Call Trace:
[  307.266829][T31178]  <TASK>
[  307.266837][T31178]  __dump_stack+0x1d/0x30
[  307.266947][T31178]  dump_stack_lvl+0x95/0xd0
[  307.266974][T31178]  dump_stack+0x15/0x1b
[  307.267046][T31178]  dump_header+0x81/0x240
[  307.267070][T31178]  oom_kill_process+0x295/0x350
[  307.267096][T31178]  out_of_memory+0x97b/0xb80
[  307.267123][T31178]  try_charge_memcg+0x610/0xa10
[  307.267243][T31178]  obj_cgroup_charge_pages+0xa6/0x150
[  307.267277][T31178]  __memcg_kmem_charge_page+0x9f/0x170
[  307.267311][T31178]  __alloc_frozen_pages_noprof+0x18f/0x360
[  307.267412][T31178]  alloc_pages_mpol+0xb3/0x260
[  307.267448][T31178]  alloc_pages_noprof+0x90/0x130
[  307.267498][T31178]  __vmalloc_node_range_noprof+0xa7b/0x1310
[  307.267540][T31178]  __kvmalloc_node_noprof+0x492/0x6b0
[  307.267570][T31178]  ? ip_set_alloc+0x24/0x30
[  307.267683][T31178]  ? ip_set_alloc+0x24/0x30
[  307.267715][T31178]  ? __kmalloc_cache_noprof+0x3e5/0x4c0
[  307.267799][T31178]  ip_set_alloc+0x24/0x30
[  307.267831][T31178]  hash_netiface_create+0x282/0x740
[  307.267877][T31178]  ? __pfx_hash_netiface_create+0x10/0x10
[  307.267914][T31178]  ip_set_create+0x3cc/0x970
[  307.267982][T31178]  ? __nla_parse+0x40/0x60
[  307.268026][T31178]  nfnetlink_rcv_msg+0x4c6/0x590
[  307.268138][T31178]  netlink_rcv_skb+0x123/0x220
[  307.268173][T31178]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  307.268207][T31178]  nfnetlink_rcv+0x167/0x16c0
[  307.268321][T31178]  ? __list_del_entry_valid_or_report+0x65/0x130
[  307.268422][T31178]  ? __rmqueue_pcplist+0x9c2/0xb90
[  307.268513][T31178]  ? should_fail_ex+0x30/0x280
[  307.268538][T31178]  ? selinux_nlmsg_lookup+0x99/0x890
[  307.268652][T31178]  ? __rcu_read_unlock+0x34/0x70
[  307.268723][T31178]  ? __netlink_lookup+0x266/0x2a0
[  307.268801][T31178]  netlink_unicast+0x5c0/0x690
[  307.268849][T31178]  netlink_sendmsg+0x58b/0x6b0
[  307.268919][T31178]  ? __pfx_netlink_sendmsg+0x10/0x10
[  307.268954][T31178]  __sock_sendmsg+0x145/0x180
[  307.268978][T31178]  ____sys_sendmsg+0x31e/0x4a0
[  307.269011][T31178]  ___sys_sendmsg+0x17b/0x1d0
[  307.269108][T31178]  __x64_sys_sendmsg+0xd4/0x160
[  307.269143][T31178]  x64_sys_call+0x17ba/0x3000
[  307.269349][T31178]  do_syscall_64+0xca/0x2b0
[  307.269418][T31178]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.269439][T31178] RIP: 0033:0x7fe9d062f749
[  307.269467][T31178] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  307.269485][T31178] RSP: 002b:00007fe9cf097038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  307.269505][T31178] RAX: ffffffffffffffda RBX: 00007fe9d0885fa0 RCX: 00007fe9d062f749
[  307.269591][T31178] RDX: 0000000000000800 RSI: 0000200000000200 RDI: 0000000000000003
[  307.269604][T31178] RBP: 00007fe9d06b3f91 R08: 0000000000000000 R09: 0000000000000000
[  307.269647][T31178] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  307.269660][T31178] R13: 00007fe9d0886038 R14: 00007fe9d0885fa0 R15: 00007fff828dc568
[  307.269680][T31178]  </TASK>
[  307.269710][T31178] memory: usage 307200kB, limit 307200kB, failcnt 213
[  307.516614][T31241] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  307.521281][T31178] memory+swap: usage 307212kB, limit 9007199254740988kB, failcnt 0
[  307.527453][T31242] IPVS: stopping master sync thread 31241 ...
[  307.531792][T31178] kmem: usage 238400kB, limit 9007199254740988kB, failcnt 0
[  307.644625][T31178] Memory cgroup stats for /syz3:
[  307.645317][T31178] cache 69373952
[  307.654188][T31178] rss 954368
[  307.657480][T31178] shmem 69255168
[  307.657493][T31178] mapped_file 118784
[  307.657502][T31178] dirty 118784
[  307.657510][T31178] writeback 106496
[  307.657574][T31178] workingset_refault_anon 45
[  307.657584][T31178] workingset_refault_file 2816
[  307.657593][T31178] swap 12288
[  307.657601][T31178] swapcached 106496
[  307.657611][T31178] pgpgin 302546
[  307.657620][T31178] pgpgout 285346
[  307.657629][T31178] pgfault 389074
[  307.657638][T31178] pgmajfault 47
[  307.657647][T31178] inactive_anon 45424640
[  307.657666][T31178] active_anon 24629248
[  307.657673][T31178] inactive_file 0
[  307.657680][T31178] active_file 135168
[  307.657687][T31178] unevictable 0
[  307.657696][T31178] hierarchical_memory_limit 314572800
[  307.657707][T31178] hierarchical_memsw_limit 9223372036854771712
[  307.657719][T31178] total_cache 69373952
[  307.657728][T31178] total_rss 954368
[  307.657737][T31178] total_shmem 69255168
[  307.657747][T31178] total_mapped_file 118784
[  307.657773][T31178] total_dirty 118784
[  307.657780][T31178] total_writeback 106496
[  307.657787][T31178] total_workingset_refault_anon 45
[  307.657796][T31178] total_workingset_refault_file 2816
[  307.657804][T31178] total_swap 12288
[  307.657811][T31178] total_swapcached 106496
[  307.657858][T31178] total_pgpgin 302546
[  307.657867][T31178] total_pgpgout 285346
[  307.657875][T31178] total_pgfault 389074
[  307.657884][T31178] total_pgmajfault 47
[  307.657893][T31178] total_inactive_anon 45424640
[  307.657903][T31178] total_active_anon 24629248
[  307.657913][T31178] total_inactive_file 0
[  307.657923][T31178] total_active_file 135168
[  307.657933][T31178] total_unevictable 0
[  307.657972][T31178] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.10777,pid=31177,uid=0
[  307.658069][T31178] Memory cgroup out of memory: Killed process 31177 (syz.3.10777) total-vm:95884kB, anon-rss:1268kB, file-rss:22184kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  307.835896][   T29] kauditd_printk_skb: 173 callbacks suppressed
[  307.835911][   T29] audit: type=1400 audit(813.480:30183): avc:  denied  { write } for  pid=31254 comm="syz.8.10802" path="socket:[89982]" dev="sockfs" ino=89982 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  307.868855][   T29] audit: type=1326 audit(813.518:30184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31260 comm="syz.8.10803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75bb3df749 code=0x7ffc0000
[  307.868971][   T29] audit: type=1326 audit(813.518:30185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31260 comm="syz.8.10803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75bb3df749 code=0x7ffc0000
[  307.879824][   T29] audit: type=1326 audit(813.527:30186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31260 comm="syz.8.10803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f75bb3df749 code=0x7ffc0000
[  307.879862][   T29] audit: type=1326 audit(813.527:30187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31260 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75bb3df749 code=0x7ffc0000
[  307.880508][   T29] audit: type=1326 audit(813.527:30188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31260 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75bb3df749 code=0x7ffc0000
[  307.880953][   T29] audit: type=1326 audit(813.536:30189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31260 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f75bb3df749 code=0x7ffc0000
[  307.881687][   T29] audit: type=1326 audit(813.536:30190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31260 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75bb3df749 code=0x7ffc0000
[  307.882384][   T29] audit: type=1326 audit(813.536:30191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31260 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75bb3df749 code=0x7ffc0000
[  307.882453][   T29] audit: type=1326 audit(813.536:30192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31260 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f75bb3df749 code=0x7ffc0000
[  308.050262][  T898] tipc: Subscription rejected, illegal request
[  308.147776][ T4832] bridge_slave_1: left allmulticast mode
[  308.147801][ T4832] bridge_slave_1: left promiscuous mode
[  308.147900][ T4832] bridge0: port 2(bridge_slave_1) entered disabled state
[  308.153357][T31313] x_tables: ip6_tables: sctp match: only valid for protocol 132
[  308.455771][ T4832] bridge_slave_0: left allmulticast mode
[  308.461508][ T4832] bridge_slave_0: left promiscuous mode
[  308.467252][ T4832] bridge0: port 1(bridge_slave_0) entered disabled state
[  308.515202][ T4832] bond2 (unregistering): (slave gre1): Releasing backup interface
[  308.523138][ T4832] gre1 (unregistering): left promiscuous mode
[  308.651566][ T4832] bond0 (unregistering): left promiscuous mode
[  308.657897][ T4832] ..
@ÿ: left promiscuous mode
[  308.663197][ T4832] bond_slave_1: left promiscuous mode
[  308.672115][ T4832] bond0 (unregistering): (slave ..
@ÿ): Releasing backup interface
[  308.681414][ T4832] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  308.704726][ T4832] bond0 (unregistering): Released all slaves
[  308.715414][ T4832] bond1 (unregistering): Released all slaves
[  308.725020][ T4832] bond2 (unregistering): Released all slaves
[  308.729571][T31355] loop8: detected capacity change from 0 to 512
[  308.734363][ T4832] bond3 (unregistering): Released all slaves
[  308.738105][T31355] EXT4-fs: Ignoring removed nobh option
[  308.750006][T31355] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  308.759139][T31329] geneve2: entered promiscuous mode
[  308.764728][T31329] geneve2: entered allmulticast mode
[  308.771488][T31355] EXT4-fs error (device loop8): ext4_orphan_get:1391: inode #15: comm syz.8.10835: iget: bad i_size value: 38620345925642
[  308.784531][T31343] netem: change failed
[  308.790027][T31355] EXT4-fs error (device loop8): ext4_orphan_get:1396: comm syz.8.10835: couldn't read orphan inode 15 (err -117)
[  308.803122][ T4832] tipc: Disabling bearer <udp:s>
[  308.808169][ T4832] tipc: Left network mode
[  308.839274][T31355] EXT4-fs error (device loop8): ext4_validate_block_bitmap:432: comm syz.8.10835: bg 0: block 5: invalid block bitmap
[  308.903966][ T4832] batadv0: left promiscuous mode
[  308.916982][ T4832] hsr_slave_0: left promiscuous mode
[  308.924648][ T4832] hsr_slave_1: left promiscuous mode
[  308.935486][ T4832] batman_adv: batadv0: Removing interface: batadv_slave_0
[  308.950466][ T4832] batman_adv: batadv0: Removing interface: batadv_slave_1
[  308.958888][ T4832] batman_adv: batadv0: Removing interface: dummy0
[  308.966209][ T4832] veth1_macvtap: left allmulticast mode
[  308.994124][ T4832] team0 (unregistering): Port device team_slave_1 removed
[  309.004529][ T4832] team0 (unregistering): Port device team_slave_0 removed
[  309.012052][ T4813] smc: removing ib device syz!
[  309.101644][T31490] IPv6: NLM_F_CREATE should be specified when creating new route
[  309.127655][T31286] chnl_net:caif_netlink_parms(): no params data found
[  309.204959][T31497] loop7: detected capacity change from 0 to 8192
[  309.233792][T31286] bridge0: port 1(bridge_slave_0) entered blocking state
[  309.241086][T31286] bridge0: port 1(bridge_slave_0) entered disabled state
[  309.251717][T31286] bridge_slave_0: entered allmulticast mode
[  309.279624][T31286] bridge_slave_0: entered promiscuous mode
[  309.299800][T31286] bridge0: port 2(bridge_slave_1) entered blocking state
[  309.306922][T31286] bridge0: port 2(bridge_slave_1) entered disabled state
[  309.331855][T31286] bridge_slave_1: entered allmulticast mode
[  309.338908][T31286] bridge_slave_1: entered promiscuous mode
[  309.351495][T31565] loop7: detected capacity change from 0 to 512
[  309.358253][T31565] EXT4-fs: Ignoring removed nobh option
[  309.363969][T31560] geneve2: entered promiscuous mode
[  309.369364][T31560] geneve2: entered allmulticast mode
[  309.372985][T31565] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  309.385794][T31565] EXT4-fs error (device loop7): ext4_orphan_get:1391: inode #15: comm syz.7.10850: iget: bad i_size value: 38620345925642
[  309.399675][T31565] EXT4-fs error (device loop7): ext4_orphan_get:1396: comm syz.7.10850: couldn't read orphan inode 15 (err -117)
[  309.427187][T31565] EXT4-fs error (device loop7): ext4_validate_block_bitmap:432: comm syz.7.10850: bg 0: block 5: invalid block bitmap
[  309.428455][T31286] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  309.452422][T31286] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  309.476366][T31286] team0: Port device team_slave_0 added
[  309.497593][T31286] team0: Port device team_slave_1 added
[  309.545691][T31286] batman_adv: batadv0: Adding interface: batadv_slave_0
[  309.553018][T31286] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  309.579407][T31286] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  309.607099][T31286] batman_adv: batadv0: Adding interface: batadv_slave_1
[  309.614389][T31286] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  309.640500][T31286] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  309.641230][T31668] __nla_validate_parse: 7 callbacks suppressed
[  309.641292][T31668] netlink: 16 bytes leftover after parsing attributes in process `syz.1.10862'.
[  309.666929][ T3909] IPVS: starting estimator thread 0...
[  309.686562][T31286] hsr_slave_0: entered promiscuous mode
[  309.694021][T31286] hsr_slave_1: entered promiscuous mode
[  309.706247][T31286] debugfs: 'hsr0' already exists in 'hsr'
[  309.712207][T31286] Cannot create hsr debugfs directory
[  309.728848][T31710] ip6gre0: entered promiscuous mode
[  309.735631][T31710] team0: Device ip6gre0 is of different type
[  309.772338][T31669] IPVS: using max 2304 ests per chain, 115200 per kthread
[  309.927126][T31786] loop3: detected capacity change from 0 to 512
[  309.935360][T31786] EXT4-fs: Ignoring removed oldalloc option
[  309.944265][T31786] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  309.968649][T31786] EXT4-fs (loop3): 1 truncate cleaned up
[  310.055286][T31286] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  310.083618][T31286] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  310.094409][T31819] loop8: detected capacity change from 0 to 1024
[  310.095041][T31286] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  310.103301][T31819] EXT4-fs: Ignoring removed mblk_io_submit option
[  310.115225][T31819] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  310.126927][T31286] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  310.143086][T31819] EXT4-fs error (device loop8): ext4_iget_extra_inode:5073: inode #15: comm syz.8.10879: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  310.151866][T31286] bridge0: port 2(bridge_slave_1) entered blocking state
[  310.167368][T31286] bridge0: port 2(bridge_slave_1) entered forwarding state
[  310.168428][T31819] EXT4-fs (loop8): Remounting filesystem read-only
[  310.174697][T31286] bridge0: port 1(bridge_slave_0) entered blocking state
[  310.188519][T31286] bridge0: port 1(bridge_slave_0) entered forwarding state
[  310.211127][ T4848] bridge0: port 1(bridge_slave_0) entered disabled state
[  310.219452][ T4848] bridge0: port 2(bridge_slave_1) entered disabled state
[  310.285879][T31286] 8021q: adding VLAN 0 to HW filter on device bond0
[  310.319651][T31286] 8021q: adding VLAN 0 to HW filter on device team0
[  310.347247][ T4862] bridge0: port 1(bridge_slave_0) entered blocking state
[  310.354604][ T4862] bridge0: port 1(bridge_slave_0) entered forwarding state
[  310.369944][ T4860] bridge0: port 2(bridge_slave_1) entered blocking state
[  310.377168][ T4860] bridge0: port 2(bridge_slave_1) entered forwarding state
[  310.394757][T31850] loop8: detected capacity change from 0 to 256
[  310.516123][T31286] 8021q: adding VLAN 0 to HW filter on device batadv0
[  310.688537][T31848] loop3: detected capacity change from 0 to 32768
[  310.699103][T31891] loop8: detected capacity change from 0 to 1024
[  310.744221][T31286] veth0_vlan: entered promiscuous mode
[  310.750767][T31848]  loop3: p1 p2 p3 < p5 p6 >
[  310.764831][T31286] veth1_vlan: entered promiscuous mode
[  310.773572][T31848] loop3: p2 size 16775168 extends beyond EOD, truncated
[  310.785969][T31848] loop3: p5 start 4294970168 is beyond EOD, truncated
[  310.789832][T31286] veth0_macvtap: entered promiscuous mode
[  310.808579][T31286] veth1_macvtap: entered promiscuous mode
[  310.820786][T31286] batman_adv: batadv0: Interface activated: batadv_slave_0
[  310.833080][T31286] batman_adv: batadv0: Interface activated: batadv_slave_1
[  310.844700][ T4862] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  310.859758][ T4862] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  310.890779][ T4862] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  310.909953][ T4862] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  311.249814][T31986] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem
[  311.259158][T31986] EXT4-fs (loop6): invalid journal inode
[  311.259228][T31986] EXT4-fs (loop6): can't get journal size
[  311.260067][T31986] EXT4-fs (loop6): 1 truncate cleaned up
[  311.382282][T32004] netlink: 'syz.6.10923': attribute type 4 has an invalid length.
[  311.470577][T32013] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  311.481174][T32013] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  311.586035][T32025] EXT4-fs: Ignoring removed orlov option
[  311.586393][T32025] EXT4-fs (loop7): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  312.001351][T32057] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.10945: bg 0: block 112: padding at end of block bitmap is not set
[  312.001504][T32057] EXT4-fs (loop7): Remounting filesystem read-only
[  312.066280][T32062] atomic_op ffff88811c03e128 conn xmit_atomic 0000000000000000
[  312.080083][T32067] ref_ctr_offset mismatch. inode: 0x1ef offset: 0x0 ref_ctr_offset(old): 0x72 ref_ctr_offset(new): 0x0
[  312.154395][T32078] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=32078 comm=syz.7.10951
[  312.255356][T32091] program syz.3.10958 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  312.266539][T32088] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  312.276921][T32091] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  312.288284][T32088] EXT4-fs (loop8): 1 truncate cleaned up
[  312.297980][T32088] EXT4-fs error (device loop8): ext4_generic_delete_entry:2666: inode #2: block 13: comm syz.8.10956: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[  312.320134][T32088] EXT4-fs error (device loop8) in ext4_delete_entry:2737: Corrupt filesystem
[  312.335898][T32088] EXT4-fs warning (device loop8): ext4_rename_delete:3729: inode #2: comm syz.8.10956: Deleting old file: nlink 5, error=-117
[  312.403363][T32110] netlink: 16 bytes leftover after parsing attributes in process `syz.6.10965'.
[  312.489764][T32114] bridge0: port 2(bridge_slave_1) entered disabled state
[  312.497558][T32114] bridge0: port 1(bridge_slave_0) entered disabled state
[  312.535374][T32126] set_capacity_and_notify: 7 callbacks suppressed
[  312.535395][T32126] loop6: detected capacity change from 0 to 128
[  312.583344][T32114] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  312.595809][T32114] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  312.656940][ T4839] netdevsim netdevsim7 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  312.672997][T32143] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10978'.
[  312.682344][ T4839] netdevsim netdevsim7 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  312.728289][ T4839] netdevsim netdevsim7 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  312.739712][ T4839] netdevsim netdevsim7 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  312.748958][T32148] netlink: 12 bytes leftover after parsing attributes in process `syz.8.10979'.
[  312.758678][T32148] bridge_slave_0: default FDB implementation only supports local addresses
[  312.803285][T32172] loop7: detected capacity change from 0 to 128
[  312.841246][T32183] netlink: 24 bytes leftover after parsing attributes in process `syz.8.10981'.
[  312.885120][T32193] SELinux:  Context  is not valid (left unmapped).
[  312.938966][T32200] loop7: detected capacity change from 0 to 512
[  312.951147][T32200] EXT4-fs error (device loop7): ext4_xattr_inode_iget:441: inode #18: comm syz.7.10990: iget: bad extra_isize 90 (inode size 256)
[  312.973459][T32200] EXT4-fs (loop7): Remounting filesystem read-only
[  312.980730][T32200] EXT4-fs warning (device loop7): ext4_evict_inode:273: xattr delete (err -30)
[  312.989819][T32200] EXT4-fs (loop7): 1 orphan inode deleted
[  313.038102][T32213] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  313.049475][T32213] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  313.132379][T32232] netlink: 8 bytes leftover after parsing attributes in process `syz.3.11003'.
[  313.206508][T32245] loop3: detected capacity change from 0 to 512
[  313.213470][T32245] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  313.226183][T32245] EXT4-fs (loop3): 1 truncate cleaned up
[  313.236688][T32245] EXT4-fs error (device loop3): ext4_generic_delete_entry:2666: inode #2: block 13: comm syz.3.11006: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[  313.257606][T32245] EXT4-fs error (device loop3) in ext4_delete_entry:2737: Corrupt filesystem
[  313.266922][T32245] EXT4-fs warning (device loop3): ext4_rename_delete:3729: inode #2: comm syz.3.11006: Deleting old file: nlink 5, error=-117
[  313.302705][   T29] kauditd_printk_skb: 185 callbacks suppressed
[  313.302724][   T29] audit: type=1326 audit(818.606:30378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32271 comm="syz.3.11007" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9d062f749 code=0x7ffc0000
[  313.332386][   T29] audit: type=1326 audit(818.606:30379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32271 comm="syz.3.11007" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9d062f749 code=0x7ffc0000
[  313.355871][   T29] audit: type=1326 audit(818.606:30380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32271 comm="syz.3.11007" exe="/root/syz-executor" sig=0 arch=c000003e syscall=239 compat=0 ip=0x7fe9d062f749 code=0x7ffc0000
[  313.379114][   T29] audit: type=1326 audit(818.606:30381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32271 comm="syz.3.11007" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9d062f749 code=0x7ffc0000
[  313.402261][   T29] audit: type=1326 audit(818.606:30382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32271 comm="syz.3.11007" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9d062f749 code=0x7ffc0000
[  313.621286][T32282] bridge0: port 2(bridge_slave_1) entered disabled state
[  313.628584][T32282] bridge0: port 1(bridge_slave_0) entered disabled state
[  313.742270][T32282] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  313.754203][T32282] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  313.776751][T32301] loop7: detected capacity change from 0 to 164
[  313.786175][T32301] ISOFS: unable to read i-node block
[  313.792707][T32301] isofs_fill_super: get root inode failed
[  313.826734][ T4813] netdevsim netdevsim6 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  313.838282][ T4813] netdevsim netdevsim6 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  313.856972][ T4813] netdevsim netdevsim6 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  313.868348][ T4813] netdevsim netdevsim6 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  313.920645][   T29] audit: type=1326 audit(819.186:30383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32323 comm="syz.7.11022" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc0a4ecf749 code=0x0
[  313.978477][T32337] loop6: detected capacity change from 0 to 1024
[  314.012909][T32342] netlink: 68 bytes leftover after parsing attributes in process `syz.1.11028'.
[  314.048791][   T29] audit: type=1400 audit(819.298:30384): avc:  denied  { read write } for  pid=32351 comm="syz.1.11031" name="uhid" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  314.072227][   T29] audit: type=1400 audit(819.298:30385): avc:  denied  { open } for  pid=32351 comm="syz.1.11031" path="/dev/uhid" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  314.073546][ T1038] hid-generic 0003:0004:0000.0010: unknown main item tag 0x0
[  314.103041][ T1038] hid-generic 0003:0004:0000.0010: unknown main item tag 0x0
[  314.110632][ T1038] hid-generic 0003:0004:0000.0010: unknown main item tag 0x0
[  314.131080][T32355] netlink: 80 bytes leftover after parsing attributes in process `syz.8.11032'.
[  314.142381][T32355] netlink: 80 bytes leftover after parsing attributes in process `syz.8.11032'.
[  314.145489][ T1038] hid-generic 0003:0004:0000.0010: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  314.161613][   T29] audit: type=1326 audit(819.401:30386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32357 comm="syz.6.11033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f519a32f749 code=0x7ffc0000
[  314.203429][   T29] audit: type=1326 audit(819.401:30387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32357 comm="syz.6.11033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f519a32f749 code=0x7ffc0000
[  314.320591][T32377] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11039'.
[  314.458979][T32393] rdma_op ffff88811b3d8180 conn xmit_rdma 0000000000000000
[  314.490343][T32402] atomic_op ffff88811b3d8128 conn xmit_atomic 0000000000000000
[  314.532236][T32406] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=32406 comm=syz.6.11049
[  314.576108][T32414] loop8: detected capacity change from 0 to 512
[  314.673139][T32433] IPv6: NLM_F_CREATE should be specified when creating new route
[  314.815598][T32455] loop7: detected capacity change from 0 to 1764
[  314.929754][T32477] ip6tnl1: entered promiscuous mode
[  314.935090][T32477] ip6tnl1: entered allmulticast mode
[  315.101448][T32509] atomic_op ffff88811c03dd28 conn xmit_atomic 0000000000000000
[  315.139479][T32505] loop8: detected capacity change from 0 to 8192
[  315.163305][T32505] FAT-fs (loop8): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  315.227438][T32528] loop7: detected capacity change from 0 to 512
[  315.237607][T32528] EXT4-fs: Ignoring removed i_version option
[  315.243946][T32528] EXT4-fs: Ignoring removed bh option
[  315.530395][T32559] iso9660: Corrupted directory entry in block 2 of inode 1920
[  315.543089][T32574] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  315.552923][T32574] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  315.600945][T32574] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4215: comm syz.3.11111: Allocating blocks 41-42 which overlap fs metadata
[  315.616991][T32574] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4215: comm syz.3.11111: Allocating blocks 41-42 which overlap fs metadata
[  315.632944][T32574] EXT4-fs error (device loop3): ext4_acquire_dquot:6986: comm syz.3.11111: Failed to acquire dquot type 1
[  315.645488][T32574] EXT4-fs error (device loop3): mb_free_blocks:2037: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  315.660864][T32574] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #12: comm syz.3.11111: corrupted inode contents
[  315.673708][T32574] EXT4-fs error (device loop3): ext4_dirty_inode:6502: inode #12: comm syz.3.11111: mark_inode_dirty error
[  315.685915][T32574] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #12: comm syz.3.11111: corrupted inode contents
[  315.698658][T32574] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #12: comm syz.3.11111: mark_inode_dirty error
[  315.719355][T32574] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #12: comm syz.3.11111: corrupted inode contents
[  315.732178][T32574] EXT4-fs error (device loop3) in ext4_orphan_del:303: Corrupt filesystem
[  315.741231][T32574] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #12: comm syz.3.11111: corrupted inode contents
[  315.753889][T32574] EXT4-fs error (device loop3): ext4_truncate:4635: inode #12: comm syz.3.11111: mark_inode_dirty error
[  315.765413][T32574] EXT4-fs error (device loop3) in ext4_process_orphan:345: Corrupt filesystem
[  315.774777][T32574] EXT4-fs (loop3): 1 truncate cleaned up
[  315.801069][T32574] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  315.807532][T32591] can0: slcan on ttyS3.
[  315.866206][T32591] can0 (unregistered): slcan off ttyS3.
[  316.673712][T32661] msdos: Unknown parameter '184467440737095516150xffffffffffffffff18446744073709551615'
[  316.693158][T32668] __nla_validate_parse: 1 callbacks suppressed
[  316.693176][T32668] netlink: 4 bytes leftover after parsing attributes in process `syz.8.11140'.
[  316.918809][T32709] msdos: Unknown parameter '184467440737095516150xffffffffffffffff18446744073709551615'
[  316.971359][T32720] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #2: comm syz.6.11162: corrupted inode contents
[  317.004320][T32720] EXT4-fs error (device loop6): ext4_dirty_inode:6502: inode #2: comm syz.6.11162: mark_inode_dirty error
[  317.059963][T32720] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #2: comm syz.6.11162: corrupted inode contents
[  317.496447][  T336] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5123 sclass=netlink_route_socket pid=336 comm=syz.8.11190
[  317.513267][  T335] syzkaller1: entered promiscuous mode
[  317.518852][  T335] syzkaller1: entered allmulticast mode
[  317.623672][  T360] netdevsim netdevsim6: Direct firmware load for ./file1 failed with error -2
[  317.892511][  T390] macvlan2: entered promiscuous mode
[  317.897947][  T390] veth1_to_hsr: entered promiscuous mode
[  318.192351][  T418] can0: slcan on ttyS3.
[  318.265002][  T418] can0 (unregistered): slcan off ttyS3.
[  318.524713][  T459] set_capacity_and_notify: 9 callbacks suppressed
[  318.524744][  T459] loop3: detected capacity change from 0 to 1024
[  318.544356][  T459] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  318.555545][  T459] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  318.567748][  T459] jbd2_journal_init_inode: Cannot locate journal superblock
[  318.575463][  T459] EXT4-fs (loop3): Could not load journal inode
[  318.618007][  T459] macvtap0: default qdisc (pfifo_fast) fail, fallback to noqueue
[  318.685679][   T29] kauditd_printk_skb: 279 callbacks suppressed
[  318.685701][   T29] audit: type=1400 audit(823.639:30663): avc:  denied  { write } for  pid=475 comm="syz.1.11244" name="qrtr-tun" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  318.751996][   T29] audit: type=1400 audit(823.685:30664): avc:  denied  { map } for  pid=473 comm="syz.8.11243" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=162 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  318.778878][  T484] atomic_op ffff88814e388d28 conn xmit_atomic 0000000000000000
[  318.831528][   T29] audit: type=1326 audit(823.779:30665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=489 comm="syz.1.11249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fa21ef749 code=0x7ffc0000
[  318.854808][   T29] audit: type=1326 audit(823.779:30666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=489 comm="syz.1.11249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fa21ef749 code=0x7ffc0000
[  318.878211][   T29] audit: type=1326 audit(823.779:30667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=489 comm="syz.1.11249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4fa21ef749 code=0x7ffc0000
[  318.901193][   T29] audit: type=1326 audit(823.779:30668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=489 comm="syz.1.11249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fa21ef749 code=0x7ffc0000
[  318.924332][   T29] audit: type=1326 audit(823.779:30669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=489 comm="syz.1.11249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fa21ef749 code=0x7ffc0000
[  318.947511][   T29] audit: type=1326 audit(823.779:30670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=489 comm="syz.1.11249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4fa21ef749 code=0x7ffc0000
[  318.977668][   T29] audit: type=1326 audit(823.779:30671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=489 comm="syz.1.11249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fa21ef749 code=0x7ffc0000
[  319.000761][   T29] audit: type=1326 audit(823.779:30672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=489 comm="syz.1.11249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fa21ef749 code=0x7ffc0000
[  319.095658][  T507] loop3: detected capacity change from 0 to 2048
[  319.117172][  T507] EXT4-fs (loop3): failed to initialize system zone (-117)
[  319.124562][  T507] EXT4-fs (loop3): mount failed
[  319.176692][  T523] SELinux: ebitmap start bit (16777215) is not a multiple of the map unit size (64)
[  319.186798][  T523] SELinux: failed to load policy
[  319.333563][  T555] xt_hashlimit: max too large, truncated to 1048576
[  319.396141][  T566] openvswitch: netlink: Missing key (keys=40, expected=200000)
[  319.411754][  T567] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  319.450823][  T575] 9p: Bad value for 'rfdno'
[  319.514487][  T581] vhci_hcd vhci_hcd.2: invalid port number 96
[  319.520755][  T581] vhci_hcd vhci_hcd.2: default hub control req: 2000 vfffc i0060 l7
[  319.585175][  T592] loop3: detected capacity change from 0 to 1024
[  319.595007][  T594] loop6: detected capacity change from 0 to 512
[  319.617653][  T592] EXT4-fs error (device loop3): ext4_map_blocks:825: inode #15: block 3: comm syz.3.11299: lblock 3 mapped to illegal pblock 3 (length 3)
[  319.632972][  T592] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  319.645455][  T592] EXT4-fs (loop3): This should not happen!! Data will be lost
[  319.645455][  T592] 
[  319.667098][  T592] EXT4-fs error (device loop3): ext4_map_blocks:825: inode #15: block 7: comm syz.3.11299: lblock 7 mapped to illegal pblock 7 (length 9)
[  319.681913][  T592] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 7 with max blocks 9 with error 117
[  319.694952][  T592] EXT4-fs (loop3): This should not happen!! Data will be lost
[  319.694952][  T592] 
[  319.771208][  T621] loop3: detected capacity change from 0 to 512
[  319.788170][  T621] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #2: comm syz.3.11298: corrupted inode contents
[  319.800493][  T627] loop8: detected capacity change from 0 to 512
[  319.810948][  T621] EXT4-fs error (device loop3): ext4_dirty_inode:6502: inode #2: comm syz.3.11298: mark_inode_dirty error
[  319.825207][  T621] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #2: comm syz.3.11298: corrupted inode contents
[  319.996219][  T666] loop8: detected capacity change from 0 to 512
[  320.034811][  T666] EXT4-fs error (device loop8): ext4_do_update_inode:5617: inode #2: comm syz.8.11316: corrupted inode contents
[  320.056420][  T666] EXT4-fs error (device loop8): ext4_dirty_inode:6502: inode #2: comm syz.8.11316: mark_inode_dirty error
[  320.070040][  T666] EXT4-fs error (device loop8): ext4_do_update_inode:5617: inode #2: comm syz.8.11316: corrupted inode contents
[  320.129770][  T681] SELinux:  Context system_u:object is not valid (left unmapped).
[  320.151455][  T685] loop8: detected capacity change from 0 to 512
[  320.316165][  T719] netlink: 'syz.1.11335': attribute type 21 has an invalid length.
[  320.324487][  T719] netlink: 132 bytes leftover after parsing attributes in process `syz.1.11335'.
[  320.333620][  T719] netlink: 'syz.1.11335': attribute type 1 has an invalid length.
[  320.334089][  T717] loop7: detected capacity change from 0 to 512
[  320.351322][  T717] EXT4-fs: inline encryption not supported
[  320.361356][  T717] EXT4-fs error (device loop7): ext4_orphan_get:1417: comm syz.7.11334: bad orphan inode 15
[  320.371780][  T717] ext4_test_bit(bit=14, block=5) = 0
[  320.600265][  T758] loop7: detected capacity change from 0 to 512
[  320.629107][  T758] EXT4-fs error (device loop7): ext4_do_update_inode:5617: inode #2: comm syz.7.11350: corrupted inode contents
[  320.641695][  T758] EXT4-fs error (device loop7): ext4_dirty_inode:6502: inode #2: comm syz.7.11350: mark_inode_dirty error
[  320.655565][  T758] EXT4-fs error (device loop7): ext4_do_update_inode:5617: inode #2: comm syz.7.11350: corrupted inode contents
[  320.718381][  T773] netlink: 'syz.7.11356': attribute type 10 has an invalid length.
[  321.225762][  T817] xt_CT: You must specify a L4 protocol and not use inversions on it
[  321.293233][  T825] usb usb8: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  321.390890][  T833] openvswitch: netlink: Missing key (keys=40, expected=200000)
[  321.429454][  T835] bridge0: port 3(macvtap1) entered blocking state
[  321.436336][  T835] bridge0: port 3(macvtap1) entered disabled state
[  321.457967][  T835] macvtap1: entered allmulticast mode
[  321.463436][  T835] bridge0: entered allmulticast mode
[  321.490382][  T835] macvtap1: left allmulticast mode
[  321.495587][  T835] bridge0: left allmulticast mode
[  321.566277][  T847] EXT4-fs (loop3): orphan cleanup on readonly fs
[  321.572697][  T847] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -13
[  321.613168][  T847] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  321.631381][  T847] EXT4-fs error (device loop3): ext4_clear_blocks:876: inode #13: comm syz.3.11385: attempt to clear invalid blocks 2 len 1
[  321.645958][  T847] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.11385: invalid indirect mapped block 1819239214 (level 0)
[  321.673251][  T847] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.11385: invalid indirect mapped block 1819239214 (level 1)
[  321.701521][  T847] EXT4-fs (loop3): 1 truncate cleaned up
[  321.716758][  T856] random: crng reseeded on system resumption
[  321.739179][  T847] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[  321.768832][  T847] EXT4-fs error (device loop3): __ext4_remount:6789: comm syz.3.11385: Abort forced by user
[  321.795042][  T847] EXT4-fs (loop3): Remounting filesystem read-only
[  321.801663][  T847] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  322.668496][  T904] netlink: 'syz.8.11408': attribute type 10 has an invalid length.
[  322.687339][  T904] team0: Port device netdevsim1 added
[  323.045400][  T951] netlink: 'syz.3.11422': attribute type 10 has an invalid length.
[  323.088067][  T954] bridge0: port 4(macvtap0) entered blocking state
[  323.094775][  T954] bridge0: port 4(macvtap0) entered disabled state
[  323.132948][  T960] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  323.142727][  T954] macvtap0: entered allmulticast mode
[  323.148267][  T954] bridge0: entered allmulticast mode
[  323.185607][  T954] macvtap0: left allmulticast mode
[  323.190889][  T954] bridge0: left allmulticast mode
[  323.202625][  T963] netlink: 12 bytes leftover after parsing attributes in process `syz.7.11427'.
[  323.221331][  T963] openvswitch: netlink: Key 0 has unexpected len 2 expected 0
[  323.461334][  T986] FAT-fs (loop7): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  323.487307][  T986] FAT-fs (loop7): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  323.516232][  T984] 9pnet: p9_errstr2errno: server reported unknown error 
[  323.611203][  T982] EXT4-fs error (device loop8): ext4_acquire_dquot:6986: comm syz.8.11436: Failed to acquire dquot type 0
[  323.671598][ T1010] bridge0: port 3(macvtap1) entered blocking state
[  323.678253][ T1010] bridge0: port 3(macvtap1) entered disabled state
[  323.693012][ T1010] macvtap1: entered allmulticast mode
[  323.699656][ T1010] bridge0: entered allmulticast mode
[  323.705614][ T1010] macvtap1: left allmulticast mode
[  323.710876][ T1010] bridge0: left allmulticast mode
[  323.975913][ T1047] vhci_hcd vhci_hcd.2: invalid port number 96
[  323.982238][ T1047] vhci_hcd vhci_hcd.2: default hub control req: 2000 vfffc i0060 l7
[  324.041675][   T29] kauditd_printk_skb: 511 callbacks suppressed
[  324.041691][   T29] audit: type=1400 audit(828.643:31182): avc:  denied  { execute } for  pid=1056 comm="syz.8.11462" name="file0" dev="tmpfs" ino=6236 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  324.098033][   T29] audit: type=1400 audit(828.699:31183): avc:  denied  { validate_trans } for  pid=1058 comm="syz.6.11463" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  324.138594][   T29] audit: type=1400 audit(828.737:31184): avc:  denied  { read write } for  pid=1062 comm="syz.6.11465" name="virtual_nci" dev="devtmpfs" ino=132 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  324.161988][   T29] audit: type=1400 audit(828.737:31185): avc:  denied  { open } for  pid=1062 comm="syz.6.11465" path="/dev/virtual_nci" dev="devtmpfs" ino=132 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  324.194767][   T29] audit: type=1400 audit(828.737:31186): avc:  denied  { execute } for  pid=1063 comm="syz.8.11466" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=95016 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  324.221017][   T29] audit: type=1400 audit(828.793:31187): avc:  denied  { create } for  pid=1068 comm="syz.8.11467" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  324.307818][ T4809] Bluetooth: hci0: Frame reassembly failed (-84)
[  324.315461][   T29] audit: type=1400 audit(828.896:31188): avc:  denied  { bind } for  pid=1077 comm="syz.6.11469" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  324.335551][   T29] audit: type=1400 audit(828.924:31189): avc:  denied  { write } for  pid=1068 comm="syz.8.11467" path="socket:[95021]" dev="sockfs" ino=95021 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  324.367931][ T1082] set_capacity_and_notify: 5 callbacks suppressed
[  324.367947][ T1082] loop3: detected capacity change from 0 to 512
[  324.385461][ T1082] EXT4-fs: Ignoring removed bh option
[  324.391669][ T1082] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  324.392408][   T29] audit: type=1400 audit(828.980:31190): avc:  denied  { read write } for  pid=1083 comm="syz.8.11471" name="event0" dev="devtmpfs" ino=242 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  324.423718][   T29] audit: type=1400 audit(828.980:31191): avc:  denied  { open } for  pid=1083 comm="syz.8.11471" path="/dev/input/event0" dev="devtmpfs" ino=242 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  324.452988][ T1082] EXT4-fs mount: 64 callbacks suppressed
[  324.453086][ T1082] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  324.584457][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  324.684357][ T1111] netlink: 'syz.3.11480': attribute type 13 has an invalid length.
[  324.796663][ T1118] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  324.809874][ T1118] vhci_hcd vhci_hcd.2: invalid port number 96
[  324.816171][ T1118] vhci_hcd vhci_hcd.2: default hub control req: 0300 vfffa i0060 l0
[  324.851043][ T1128] loop3: detected capacity change from 0 to 128
[  324.859368][ T1128] EXT4-fs: Ignoring removed nobh option
[  324.867284][ T1128] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  324.909702][ T3316] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  324.961736][ T1146] netlink: 'syz.1.11493': attribute type 13 has an invalid length.
[  325.667880][ T1169] netlink: 'syz.8.11503': attribute type 1 has an invalid length.
[  325.676053][ T1169] netlink: 224 bytes leftover after parsing attributes in process `syz.8.11503'.
[  325.887586][ T1202] ªªªªªª: renamed from vlan0
[  325.957499][ T1222] loop8: detected capacity change from 0 to 1024
[  325.990622][ T1222] EXT4-fs (loop8): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  326.041726][ T1243] macvtap0: refused to change device tx_queue_len
[  326.109110][ T1252] EXT4-fs error (device loop8): ext4_free_blocks:6728: comm syz.8.11525: Freeing blocks not in datazone - block = 0, count = 16
[  326.219138][T16981] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  326.240713][ T1282] loop3: detected capacity change from 0 to 128
[  326.259209][ T1285] netlink: 24 bytes leftover after parsing attributes in process `syz.1.11542'.
[  326.395904][ T1323] macvtap0: refused to change device tx_queue_len
[  326.524773][   T44] Bluetooth: hci0: command 0x1003 tx timeout
[  326.525100][ T7595] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  326.970067][ T1392] loop7: detected capacity change from 0 to 1024
[  326.986246][ T1392] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  327.009555][T29632] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  327.174413][ T1417] loop7: detected capacity change from 0 to 128
[  327.175401][ T1417] EXT4-fs: Ignoring removed nobh option
[  327.190293][ T1417] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  327.230409][T29632] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  327.266345][ T1428] usb usb7: usbfs: process 1428 (syz.7.11588) did not claim interface 0 before use
[  327.304650][ T1432] loop8: detected capacity change from 0 to 2048
[  327.330344][ T1432] [EXT4 FS bs=2048, gc=1, bpg=262144, ipg=32, mo=8842c128, mo2=0002]
[  327.330840][ T1432] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  327.346572][ T1432] EXT4-fs error (device loop8): ext4_ext_precache:649: inode #2: comm syz.8.11590: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  327.356262][ T1439] loop7: detected capacity change from 0 to 512
[  327.368507][ T1432] EXT4-fs (loop8): Remounting filesystem read-only
[  327.375011][ T1439] EXT4-fs: Ignoring removed bh option
[  327.402506][T16981] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  327.411987][ T1439] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  327.425374][ T1439] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  327.651691][T29632] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  327.747103][ T1473] loop8: detected capacity change from 0 to 8192
[  327.771136][ T1488] netlink: 'syz.3.11608': attribute type 83 has an invalid length.
[  327.786351][ T1473]  loop8: p1 p2
[  327.834157][ T1503] loop6: detected capacity change from 0 to 512
[  327.842695][ T1503] EXT4-fs: Ignoring removed bh option
[  327.849014][ T1503] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  327.873307][ T1503] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  327.936419][ T1555] openvswitch: netlink: Missing key (keys=40, expected=80)
[  328.083338][ T1574] netlink: 'syz.3.11626': attribute type 1 has an invalid length.
[  328.162770][ T1579] netlink: 'syz.3.11628': attribute type 12 has an invalid length.
[  328.211717][ T1584] dvmrp1: tun_chr_ioctl cmd 1074025675
[  328.217327][ T1584] dvmrp1: persist enabled
[  328.223773][ T1584] dvmrp1: tun_chr_ioctl cmd 1074025675
[  328.229341][ T1584] dvmrp1: persist disabled
[  328.272839][T31286] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  328.449288][ T1627] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (32298!=35945)
[  328.459193][ T1627] EXT4-fs (loop7): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  328.470533][ T1627] EXT4-fs (loop7): revision level too high, forcing read-only mode
[  328.481482][ T1627] EXT4-fs (loop7): orphan cleanup on readonly fs
[  328.489436][ T1627] EXT4-fs error (device loop7): ext4_read_inode_bitmap:167: comm syz.7.11646: Inode bitmap for bg 0 marked uninitialized
[  328.508903][ T1627] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  328.533517][ T1627] EXT4-fs (loop7): ext4_remount: Checksum for group 0 failed (32298!=35945)
[  328.578220][T29632] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  328.642751][ T1660] netlink: 20 bytes leftover after parsing attributes in process `syz.8.11660'.
[  328.675100][ T1664] [EXT4 FS bs=2048, gc=1, bpg=262144, ipg=32, mo=8842c128, mo2=0002]
[  328.685400][ T1664] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  328.701650][ T1664] EXT4-fs error (device loop3): ext4_ext_precache:649: inode #2: comm syz.3.11661: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  328.719004][ T1664] EXT4-fs (loop3): Remounting filesystem read-only
[  328.738171][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  328.782273][ T1688] xt_addrtype: both incoming and outgoing interface limitation cannot be selected
[  328.880311][ T1706] EXT4-fs error (device loop3): ext4_get_branch:178: inode #11: block 4294967295: comm syz.3.11672: invalid block
[  328.894987][ T1706] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.11672: invalid indirect mapped block 4294967295 (level 1)
[  328.928705][ T1706] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.11672: invalid indirect mapped block 4294967295 (level 1)
[  328.959758][ T1706] EXT4-fs (loop3): 2 truncates cleaned up
[  328.966370][ T1706] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  328.967054][ T1732] netlink: 'syz.6.11677': attribute type 1 has an invalid length.
[  328.986910][ T1732] netlink: 224 bytes leftover after parsing attributes in process `syz.6.11677'.
[  329.025994][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  329.263167][ T1777] EXT4-fs: inline encryption not supported
[  329.269036][ T1777] EXT4-fs: Ignoring removed orlov option
[  329.289678][ T1777] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  329.306760][ T1777] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a840c018, mo2=0002]
[  329.315262][ T1777] System zones: 0-1, 3-12
[  329.320244][ T1777] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  329.471089][   T29] kauditd_printk_skb: 275 callbacks suppressed
[  329.471106][   T29] audit: type=1400 audit(833.722:31467): avc:  denied  { read write } for  pid=1804 comm="syz.6.11703" name="qrtr-tun" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  329.501206][   T29] audit: type=1400 audit(833.722:31468): avc:  denied  { open } for  pid=1804 comm="syz.6.11703" path="/dev/qrtr-tun" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  329.559660][ T1809] netlink: 'syz.1.11705': attribute type 1 has an invalid length.
[  329.569052][ T1812] netdevsim netdevsim6: loading /lib/firmware/. failed with error -22
[  329.574800][   T29] audit: type=1326 audit(833.825:31469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1811 comm="syz.8.11707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75bb3df749 code=0x7ffc0000
[  329.577322][ T1812] netdevsim netdevsim6: Direct firmware load for . failed with error -22
[  329.600347][   T29] audit: type=1326 audit(833.825:31470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1811 comm="syz.8.11707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=270 compat=0 ip=0x7f75bb3df749 code=0x7ffc0000
[  329.634508][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  329.709303][   T29] audit: type=1400 audit(833.947:31471): avc:  denied  { create } for  pid=1824 comm="syz.6.11713" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  329.709946][ T1823] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (32298!=35945)
[  329.738814][ T1823] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  329.754950][ T1829] SELinux: security_context_str_to_sid (u) failed with errno=-22
[  329.764715][ T1823] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  329.771113][   T29] audit: type=1326 audit(834.003:31472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1828 comm="syz.1.11714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fa21ef749 code=0x7ffc0000
[  329.772807][ T1823] EXT4-fs (loop3): orphan cleanup on readonly fs
[  329.795818][   T29] audit: type=1326 audit(834.003:31473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1828 comm="syz.1.11714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4fa21ef749 code=0x7ffc0000
[  329.825249][   T29] audit: type=1326 audit(834.003:31474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1828 comm="syz.1.11714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fa21ef749 code=0x7ffc0000
[  329.848695][   T29] audit: type=1326 audit(834.003:31475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1828 comm="syz.1.11714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4fa21ef749 code=0x7ffc0000
[  329.871822][   T29] audit: type=1326 audit(834.003:31476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1828 comm="syz.1.11714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fa21ef749 code=0x7ffc0000
[  329.882146][ T1823] EXT4-fs error (device loop3): ext4_read_inode_bitmap:167: comm syz.3.11711: Inode bitmap for bg 0 marked uninitialized
[  329.923345][ T1823] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  330.020866][ T1823] EXT4-fs (loop3): ext4_remount: Checksum for group 0 failed (32298!=35945)
[  330.083754][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  330.271506][ T1860] set_capacity_and_notify: 6 callbacks suppressed
[  330.271525][ T1860] loop3: detected capacity change from 0 to 8192
[  330.342315][ T1860]  loop3: p1 p2
[  330.550187][ T1962] loop3: detected capacity change from 0 to 512
[  330.579932][ T1962] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.11744: inode has both inline data and extents flags
[  330.594488][ T1962] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.11744: couldn't read orphan inode 15 (err -117)
[  330.607116][ T1962] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  330.951305][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  331.003781][ T2002] batadv_slave_1: entered promiscuous mode
[  331.010255][ T2001] batadv_slave_1: left promiscuous mode
[  331.175472][ T2032] netlink: 256 bytes leftover after parsing attributes in process `syz.7.11767'.
[  331.188005][ T2021] netlink: 115988 bytes leftover after parsing attributes in process `syz.6.11763'.
[  331.223276][ T2037] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  331.255306][ T2037] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  331.265970][ T2051] netlink: 32 bytes leftover after parsing attributes in process `syz.6.11773'.
[  331.308565][ T2072] loop7: detected capacity change from 0 to 512
[  331.317522][ T2072] EXT4-fs: Ignoring removed nobh option
[  331.317580][ T2064] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  331.331046][ T2064] vhci_hcd vhci_hcd.2: invalid port number 96
[  331.337361][ T2064] vhci_hcd vhci_hcd.2: default hub control req: 0300 vfffa i0060 l0
[  331.337943][ T2072] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e118, mo2=0002]
[  331.353853][ T2072] System zones: 1-12
[  331.357958][ T2072] EXT4-fs (loop7): orphan cleanup on readonly fs
[  331.365230][ T2072] EXT4-fs warning (device loop7): ext4_expand_extra_isize_ea:2857: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  331.378594][ T2072] EXT4-fs error (device loop7): ext4_do_update_inode:5617: inode #15: comm syz.7.11771: corrupted inode contents
[  331.391228][ T2072] EXT4-fs error (device loop7): ext4_dirty_inode:6502: inode #15: comm syz.7.11771: mark_inode_dirty error
[  331.397578][ T2082] SELinux: security_context_str_to_sid (u) failed with errno=-22
[  331.411208][ T2072] EXT4-fs error (device loop7): ext4_do_update_inode:5617: inode #15: comm syz.7.11771: corrupted inode contents
[  331.423689][ T2072] EXT4-fs error (device loop7): ext4_xattr_delete_inode:3000: inode #15: comm syz.7.11771: mark_inode_dirty error
[  331.436202][ T2072] EXT4-fs error (device loop7): ext4_xattr_delete_inode:3003: inode #15: comm syz.7.11771: mark inode dirty (error -117)
[  331.449272][ T2072] EXT4-fs warning (device loop7): ext4_evict_inode:273: xattr delete (err -117)
[  331.458382][ T2072] EXT4-fs (loop7): 1 orphan inode deleted
[  331.465002][ T2072] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  331.511208][T29632] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  331.529787][ T2090] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  331.537227][ T2090] vhci_hcd vhci_hcd.2: invalid port number 96
[  331.543368][ T2090] vhci_hcd vhci_hcd.2: default hub control req: 030b vfffa i0060 l0
[  331.680831][ T2111] loop6: detected capacity change from 0 to 1024
[  331.687917][ T2111] EXT4-fs: inline encryption not supported
[  331.693933][ T2111] EXT4-fs: Ignoring removed orlov option
[  331.700397][ T2111] EXT4-fs (loop6): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  331.721398][ T2111] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a840c018, mo2=0002]
[  331.729691][ T2111] System zones: 0-1, 3-12
[  331.734536][ T2111] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  331.891415][T31286] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  331.893409][ T2126] netlink: 'syz.3.11791': attribute type 21 has an invalid length.
[  331.910218][ T2126] netlink: 156 bytes leftover after parsing attributes in process `syz.3.11791'.
[  331.922811][ T2128] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11792'.
[  332.082861][ T2164] netlink: 124 bytes leftover after parsing attributes in process `syz.7.11806'.
[  332.092328][ T2164] netlink: 16 bytes leftover after parsing attributes in process `syz.7.11806'.
[  332.198243][ T2185] netlink: 'syz.1.11817': attribute type 6 has an invalid length.
[  332.252771][ T2191] loop8: detected capacity change from 0 to 512
[  332.265108][ T2191] EXT4-fs error (device loop8): ext4_orphan_get:1391: inode #15: comm syz.8.11819: inode has both inline data and extents flags
[  332.304017][ T2191] EXT4-fs error (device loop8): ext4_orphan_get:1396: comm syz.8.11819: couldn't read orphan inode 15 (err -117)
[  332.351281][ T2191] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  332.507832][ T2213] bond1: option lacp_active: mode dependency failed, not supported in mode balance-rr(0)
[  332.518886][ T2213] bond1 (unregistering): Released all slaves
[  332.576288][T16981] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  333.116929][ T2358] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'filter'
[  333.254932][ T2377] loop6: detected capacity change from 0 to 512
[  333.282992][ T2377] EXT4-fs (loop6): 1 orphan inode deleted
[  333.302789][ T2377] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  333.354508][T31286] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  333.499265][ T2407] netlink: 'syz.3.11872': attribute type 2 has an invalid length.
[  333.641512][ T2426] hub 9-0:1.0: USB hub found
[  333.658671][ T2426] hub 9-0:1.0: 8 ports detected
[  333.676194][ T2430] xt_hashlimit: max too large, truncated to 1048576
[  333.706496][ T2430] xt_CT: You must specify a L4 protocol and not use inversions on it
[  333.707688][ T2433] loop6: detected capacity change from 0 to 512
[  333.753280][ T2433] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  333.782741][ T2433] EXT4-fs (loop6): orphan cleanup on readonly fs
[  333.792771][ T2433] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #16: comm syz.6.11894: corrupted inode contents
[  333.805809][ T2433] EXT4-fs (loop6): Remounting filesystem read-only
[  333.812625][ T2433] EXT4-fs (loop6): 1 truncate cleaned up
[  333.818649][ T4814] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  333.829362][ T4814] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  333.877225][ T4814] EXT4-fs (loop6): Quota write (off=8, len=24) cancelled because transaction is not started
[  333.887611][ T2445] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'filter'
[  333.917500][ T2433] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  333.934414][ T2448] netlink: 8 bytes leftover after parsing attributes in process `syz.7.11890'.
[  333.993987][T31286] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  333.994522][ T2451] random: crng reseeded on system resumption
[  334.536009][ T2508] loop7: detected capacity change from 0 to 512
[  334.567207][ T2508] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  334.628673][T29632] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  334.655214][ T2546] netlink: 'syz.1.11928': attribute type 1 has an invalid length.
[  334.729811][ T2557] loop8: detected capacity change from 0 to 1024
[  334.747481][ T2557] EXT4-fs: Ignoring removed nomblk_io_submit option
[  334.769724][ T2565] netlink: 72 bytes leftover after parsing attributes in process `syz.1.11933'.
[  334.789148][ T2557] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  334.819289][ T2557] System zones: 0-1, 3-36
[  334.846338][ T2557] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  334.904406][   T29] kauditd_printk_skb: 273 callbacks suppressed
[  334.904424][   T29] audit: type=1400 audit(324.741:31744): avc:  denied  { setattr } for  pid=2556 comm="syz.8.11930" name="file0" dev="loop8" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  334.981876][T16981] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  334.989614][   T29] audit: type=1400 audit(324.806:31745): avc:  denied  { setopt } for  pid=2576 comm="syz.1.11940" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  335.042009][   T29] audit: type=1400 audit(324.872:31746): avc:  denied  { load_policy } for  pid=2582 comm="syz.6.11944" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  335.064453][ T2584] SELinux: failed to load policy
[  335.069806][ T2580] loop3: detected capacity change from 0 to 1024
[  335.087066][ T2580] EXT4-fs: inline encryption not supported
[  335.092405][   T29] audit: type=1400 audit(324.919:31747): avc:  denied  { read write } for  pid=2588 comm="syz.6.11946" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  335.116711][   T29] audit: type=1400 audit(324.919:31748): avc:  denied  { ioctl open } for  pid=2588 comm="syz.6.11946" path="/dev/sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  335.143798][ T2580] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  335.198901][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  335.210976][   T29] audit: type=1400 audit(324.994:31749): avc:  denied  { write } for  pid=2579 comm="syz.3.11941" name="file0" dev="loop3" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  335.217515][ T2592] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  335.240661][ T2592] vhci_hcd vhci_hcd.2: invalid port number 96
[  335.246854][ T2592] vhci_hcd vhci_hcd.2: default hub control req: 030b vfffa i0060 l0
[  335.295539][   T29] audit: type=1400 audit(325.115:31750): avc:  denied  { create } for  pid=2609 comm="syz.3.11952" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  335.315780][   T29] audit: type=1400 audit(325.115:31751): avc:  denied  { connect } for  pid=2609 comm="syz.3.11952" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  335.335335][   T29] audit: type=1400 audit(325.115:31752): avc:  denied  { bind } for  pid=2609 comm="syz.3.11952" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  335.388267][   T29] audit: type=1326 audit(325.209:31753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2621 comm="syz.1.11958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fa21ef749 code=0x7ffc0000
[  335.460480][ T2630] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  335.472300][ T2630] EXT4-fs warning (device loop7): ext4_expand_extra_isize_ea:2857: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  335.485863][ T2630] EXT4-fs (loop7): 1 truncate cleaned up
[  335.508985][ T2630] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  335.535469][ T2630] EXT4-fs (loop7): shut down requested (0)
[  335.563437][T29632] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  335.585611][ T2641] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  335.606024][ T2641] vhci_hcd vhci_hcd.2: invalid port number 96
[  335.612650][ T2641] vhci_hcd vhci_hcd.2: default hub control req: 030b vfffa i0060 l0
[  335.622927][ T2648] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  335.680456][ T2653] syzkaller1: entered promiscuous mode
[  335.686048][ T2653] syzkaller1: entered allmulticast mode
[  335.702131][ T2658] set_capacity_and_notify: 1 callbacks suppressed
[  335.702151][ T2658] loop8: detected capacity change from 0 to 1764
[  335.882990][ T2698] loop6: detected capacity change from 0 to 1764
[  335.891917][ T2691] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  335.909122][ T2691] vhci_hcd vhci_hcd.2: invalid port number 96
[  335.915550][ T2691] vhci_hcd vhci_hcd.2: default hub control req: 030b vfffa i0060 l0
[  335.924442][ T2703] IPv6: NLM_F_CREATE should be specified when creating new route
[  336.010588][ T2724] netlink: 'syz.7.11994': attribute type 178 has an invalid length.
[  336.075031][ T2731] IPVS: persistence engine module ip_vs_pe_ not found
[  336.083067][ T2737] batman_adv: batadv0: Removing interface: batadv_slave_1
[  336.216832][ T2770] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  336.242913][ T2770] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  336.278216][ T2776] vhci_hcd vhci_hcd.0: pdev(8) rhport(0) sockfd(4)
[  336.284860][ T2776] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  336.292453][ T2776] vhci_hcd vhci_hcd.0: Device attached
[  336.295554][ T2780] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  336.306939][ T2780] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  336.319278][ T2777] usbip_core: unknown command
[  336.324003][ T2777] vhci_hcd: unknown pdu 605128798
[  336.329132][ T2777] usbip_core: unknown command
[  336.335119][ T4832] vhci_hcd vhci_hcd.8: stop threads
[  336.340471][ T4832] vhci_hcd vhci_hcd.8: release socket
[  336.346014][ T4832] vhci_hcd vhci_hcd.8: disconnect device
[  336.575762][ T2789] loop3: detected capacity change from 0 to 1764
[  336.635449][ T2798] loop3: detected capacity change from 0 to 512
[  336.649477][ T2798] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  336.657785][ T2798] EXT4-fs (loop3): orphan cleanup on readonly fs
[  336.666059][ T2798] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #16: comm syz.3.12020: corrupted inode contents
[  336.678417][ T2798] EXT4-fs (loop3): Remounting filesystem read-only
[  336.685111][ T2798] EXT4-fs (loop3): 1 truncate cleaned up
[  336.690935][ T4858] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  336.701476][ T4858] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  336.712448][ T4858] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  336.723131][ T2798] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  336.773550][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  336.791532][ T2806] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  336.833079][ T2811] delete_channel: no stack
[  336.952993][ T2835] netlink: 24 bytes leftover after parsing attributes in process `syz.6.12035'.
[  336.973321][ T2834] netlink: 24 bytes leftover after parsing attributes in process `syz.8.12034'.
[  337.018981][ T2841] syzkaller1: entered promiscuous mode
[  337.024624][ T2841] syzkaller1: entered allmulticast mode
[  337.036973][ T2846] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  337.070387][ T2848] loop6: detected capacity change from 0 to 1024
[  337.083716][ T2854] xt_NFQUEUE: number of total queues is 0
[  337.093638][ T2848] EXT4-fs: inline encryption not supported
[  337.099618][ T2848] EXT4-fs: Ignoring removed orlov option
[  337.121556][ T2848] EXT4-fs (loop6): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  337.170700][ T2848] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  337.271427][T31286] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  337.444487][ T2908] IPVS: persistence engine module ip_vs_pe_ not found
[  337.655083][ T2940] IPVS: persistence engine module ip_vs_pe_ not found
[  338.117303][ T2997] netlink: 8 bytes leftover after parsing attributes in process `syz.8.12102'.
[  338.191720][ T3011] netlink: 8 bytes leftover after parsing attributes in process `syz.1.12095'.
[  338.279187][ T3017] loop8: detected capacity change from 0 to 512
[  338.310077][ T3017] EXT4-fs (loop8): revision level too high, forcing read-only mode
[  338.334336][ T3017] EXT4-fs (loop8): orphan cleanup on readonly fs
[  338.360780][ T3017] EXT4-fs error (device loop8): ext4_do_update_inode:5617: inode #16: comm syz.8.12099: corrupted inode contents
[  338.409916][ T3032] netlink: 8 bytes leftover after parsing attributes in process `syz.3.12105'.
[  338.419829][ T3017] EXT4-fs (loop8): Remounting filesystem read-only
[  338.434224][ T3017] EXT4-fs (loop8): 1 truncate cleaned up
[  338.440487][ T4848] EXT4-fs (loop8): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  338.451303][ T4848] EXT4-fs (loop8): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  338.495744][ T4848] EXT4-fs (loop8): Quota write (off=8, len=24) cancelled because transaction is not started
[  338.511935][ T3038] loop3: detected capacity change from 0 to 512
[  338.518993][ T3017] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  338.540895][ T3038] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  338.566192][ T3038] EXT4-fs (loop3): 1 truncate cleaned up
[  338.572440][ T3038] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  338.586647][T16981] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  338.606120][ T3038] EXT4-fs error (device loop3): ext4_find_dest_de:2050: inode #2: block 13: comm syz.3.12107: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[  338.657313][ T3038] EXT4-fs (loop3): Remounting filesystem read-only
[  338.724930][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  339.019099][ T3111] loop7: detected capacity change from 0 to 512
[  339.087237][ T3111] EXT4-fs (loop7): revision level too high, forcing read-only mode
[  339.095469][ T3111] EXT4-fs (loop7): orphan cleanup on readonly fs
[  339.119394][ T3126] loop8: detected capacity change from 0 to 1024
[  339.123982][ T3111] EXT4-fs error (device loop7): ext4_do_update_inode:5617: inode #16: comm syz.7.12124: corrupted inode contents
[  339.126640][ T3126] EXT4-fs: inline encryption not supported
[  339.144470][ T3126] EXT4-fs: Ignoring removed orlov option
[  339.151009][ T3126] EXT4-fs (loop8): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  339.178689][ T3111] EXT4-fs (loop7): Remounting filesystem read-only
[  339.185662][ T3111] EXT4-fs (loop7): 1 truncate cleaned up
[  339.193631][  T898] EXT4-fs (loop7): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  339.195168][ T3126] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  339.204315][  T898] EXT4-fs (loop7): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  339.267100][  T898] EXT4-fs (loop7): Quota write (off=8, len=24) cancelled because transaction is not started
[  339.278255][ T3111] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  339.420829][T16981] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  339.449092][T29632] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  339.646956][ T3175] loop8: detected capacity change from 0 to 512
[  339.659172][ T3175] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  339.668066][ T3175] EXT4-fs (loop8): feature flags set on rev 0 fs, running e2fsck is recommended
[  339.685704][ T3199] EXT4-fs: Ignoring removed nobh option
[  339.692399][ T3199] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e118, mo2=0002]
[  339.700842][ T3199] System zones: 1-12
[  339.705116][ T3199] EXT4-fs (loop3): orphan cleanup on readonly fs
[  339.707147][ T3175] EXT4-fs error (device loop8): ext4_mb_mark_diskspace_used:4215: comm syz.8.12144: Allocating blocks 41-42 which overlap fs metadata
[  339.726175][ T3199] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2857: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  339.740566][ T3175] EXT4-fs error (device loop8): ext4_acquire_dquot:6986: comm syz.8.12144: Failed to acquire dquot type 1
[  339.752835][ T3199] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #15: comm syz.3.12143: corrupted inode contents
[  339.771687][ T3175] EXT4-fs error (device loop8): mb_free_blocks:2037: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  339.780555][ T3199] EXT4-fs error (device loop3): ext4_dirty_inode:6502: inode #15: comm syz.3.12143: mark_inode_dirty error
[  339.798660][ T3199] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #15: comm syz.3.12143: corrupted inode contents
[  339.811067][ T3199] EXT4-fs error (device loop3): ext4_xattr_delete_inode:3000: inode #15: comm syz.3.12143: mark_inode_dirty error
[  339.823409][ T3175] EXT4-fs error (device loop8): ext4_do_update_inode:5617: inode #12: comm syz.8.12144: corrupted inode contents
[  339.824079][ T3199] EXT4-fs error (device loop3): ext4_xattr_delete_inode:3003: inode #15: comm syz.3.12143: mark inode dirty (error -117)
[  339.849335][ T3199] EXT4-fs warning (device loop3): ext4_evict_inode:273: xattr delete (err -117)
[  339.858681][ T3175] EXT4-fs error (device loop8): ext4_dirty_inode:6502: inode #12: comm syz.8.12144: mark_inode_dirty error
[  339.870887][ T3199] EXT4-fs (loop3): 1 orphan inode deleted
[  339.877190][ T3199] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  339.900594][ T3175] EXT4-fs error (device loop8): ext4_do_update_inode:5617: inode #12: comm syz.8.12144: corrupted inode contents
[  339.945265][ T3175] EXT4-fs error (device loop8): __ext4_ext_dirty:206: inode #12: comm syz.8.12144: mark_inode_dirty error
[  339.960637][ T3212] Unsupported NM flag settings (240)
[  339.978558][ T3175] EXT4-fs error (device loop8): ext4_do_update_inode:5617: inode #12: comm syz.8.12144: corrupted inode contents
[  339.998852][ T3175] EXT4-fs error (device loop8) in ext4_orphan_del:303: Corrupt filesystem
[  340.008160][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  340.013666][ T3175] EXT4-fs error (device loop8): ext4_do_update_inode:5617: inode #12: comm syz.8.12144: corrupted inode contents
[  340.029884][ T3175] EXT4-fs error (device loop8): ext4_truncate:4635: inode #12: comm syz.8.12144: mark_inode_dirty error
[  340.054699][ T3175] EXT4-fs error (device loop8) in ext4_process_orphan:345: Corrupt filesystem
[  340.064440][ T3175] EXT4-fs (loop8): 1 truncate cleaned up
[  340.100998][ T3175] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  340.176810][T16981] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  340.231288][ T3263] netlink: 8 bytes leftover after parsing attributes in process `syz.7.12168'.
[  340.249518][ T3263] netlink: 312 bytes leftover after parsing attributes in process `syz.7.12168'.
[  340.258944][ T3263] netlink: 8 bytes leftover after parsing attributes in process `syz.7.12168'.
[  340.290174][   T29] kauditd_printk_skb: 208 callbacks suppressed
[  340.290280][   T29] audit: type=1400 audit(329.783:31941): avc:  denied  { create } for  pid=3267 comm="syz.6.12170" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  340.336253][ T3276] netlink: 16 bytes leftover after parsing attributes in process `syz.3.12172'.
[  340.376523][   T29] audit: type=1400 audit(329.811:31942): avc:  denied  { ioctl } for  pid=3267 comm="syz.6.12170" path="socket:[100531]" dev="sockfs" ino=100531 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  340.401158][   T29] audit: type=1400 audit(329.811:31943): avc:  denied  { bind } for  pid=3267 comm="syz.6.12170" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  340.420175][   T29] audit: type=1400 audit(329.811:31944): avc:  denied  { tracepoint } for  pid=3268 comm="syz.8.12171" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  340.439684][   T29] audit: type=1400 audit(329.811:31945): avc:  denied  { connect } for  pid=3267 comm="syz.6.12170" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  340.458945][   T29] audit: type=1400 audit(329.811:31946): avc:  denied  { write } for  pid=3267 comm="syz.6.12170" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  340.477963][   T29] audit: type=1400 audit(329.811:31947): avc:  denied  { read } for  pid=3267 comm="syz.6.12170" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  340.496860][   T29] audit: type=1400 audit(329.820:31948): avc:  denied  { create } for  pid=3275 comm="syz.3.12172" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  340.516881][   T29] audit: type=1400 audit(329.820:31949): avc:  denied  { write } for  pid=3275 comm="syz.3.12172" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  340.536864][   T29] audit: type=1400 audit(329.820:31950): avc:  denied  { read } for  pid=3275 comm="syz.3.12172" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  340.612187][ T3286] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  340.623963][ T3293] bridge: RTM_NEWNEIGH with invalid ether address
[  340.647435][ T3286] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #17: comm syz.3.12178: inode has both inline data and extents flags
[  340.667475][ T3286] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.12178: couldn't read orphan inode 17 (err -117)
[  340.703564][ T3286] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  340.854199][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  341.035802][ T3342] vhci_hcd vhci_hcd.3: default hub control req: 8013 v0000 i0000 l31125
[  341.238437][ T3376] set_capacity_and_notify: 3 callbacks suppressed
[  341.238455][ T3376] loop3: detected capacity change from 0 to 512
[  341.261140][ T3376] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  341.269976][ T3376] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  341.332282][ T3376] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4215: comm syz.3.12205: Allocating blocks 41-42 which overlap fs metadata
[  341.362488][ T3376] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4215: comm syz.3.12205: Allocating blocks 41-42 which overlap fs metadata
[  341.398047][ T3376] EXT4-fs error (device loop3): ext4_acquire_dquot:6986: comm syz.3.12205: Failed to acquire dquot type 1
[  341.448239][ T3376] EXT4-fs error (device loop3): mb_free_blocks:2037: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  341.498845][ T3399] netlink: 16 bytes leftover after parsing attributes in process `syz.6.12208'.
[  341.521205][ T3376] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #12: comm syz.3.12205: corrupted inode contents
[  341.560890][ T3418] serio: Serial port ttyS3
[  341.572586][ T3376] EXT4-fs error (device loop3): ext4_dirty_inode:6502: inode #12: comm syz.3.12205: mark_inode_dirty error
[  341.603794][ T3376] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #12: comm syz.3.12205: corrupted inode contents
[  341.626669][ T3376] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #12: comm syz.3.12205: mark_inode_dirty error
[  341.639041][ T3425] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[  341.646413][ T3376] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #12: comm syz.3.12205: corrupted inode contents
[  341.669951][ T3432] sd 0:0:1:0: device reset
[  341.674379][ T3376] EXT4-fs error (device loop3) in ext4_orphan_del:303: Corrupt filesystem
[  341.688212][ T3376] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #12: comm syz.3.12205: corrupted inode contents
[  341.700513][ T3376] EXT4-fs error (device loop3): ext4_truncate:4635: inode #12: comm syz.3.12205: mark_inode_dirty error
[  341.713368][ T3376] EXT4-fs error (device loop3) in ext4_process_orphan:345: Corrupt filesystem
[  341.746275][ T3376] EXT4-fs (loop3): 1 truncate cleaned up
[  341.857205][ T3463] loop7: detected capacity change from 0 to 1024
[  341.863782][ T3466] netlink: 240 bytes leftover after parsing attributes in process `syz.8.12218'.
[  341.916714][ T3477] loop7: detected capacity change from 0 to 128
[  341.925197][ T3477] msdos: Unknown parameter '000000000000000000000030x0000000000000000¨L9¸1ê²Ô·1cQñL~¨ˆzâÛQô+ÛÂç}ú%ùZÅó!—gœÎâ¿gU“É·àh„ê¿â[y¼A;’'
[  342.116225][ T3529] macvtap0: entered promiscuous mode
[  342.121583][ T3529] macvtap0: entered allmulticast mode
[  342.147322][ T3538] binfmt_misc: register: failed to install interpreter file ./file2
[  342.225276][ T3551] netlink: 19 bytes leftover after parsing attributes in process `syz.8.12245'.
[  342.658349][ T3599] netlink: 4 bytes leftover after parsing attributes in process `syz.8.12268'.
[  342.805348][ T3623] loop3: detected capacity change from 0 to 512
[  342.813653][ T3623] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  342.824082][ T3623] EXT4-fs (loop3): orphan cleanup on readonly fs
[  342.830936][ T3623] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4215: comm syz.3.12280: Allocating blocks 41-42 which overlap fs metadata
[  342.845476][ T3623] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4215: comm syz.3.12280: Allocating blocks 41-42 which overlap fs metadata
[  342.859516][ T3623] EXT4-fs error (device loop3): ext4_acquire_dquot:6986: comm syz.3.12280: Failed to acquire dquot type 1
[  342.871316][ T3623] EXT4-fs error (device loop3): mb_free_blocks:2037: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  342.886263][ T3623] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #12: comm syz.3.12280: corrupted inode contents
[  342.898541][ T3623] EXT4-fs error (device loop3): ext4_dirty_inode:6502: inode #12: comm syz.3.12280: mark_inode_dirty error
[  342.910230][ T3623] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #12: comm syz.3.12280: corrupted inode contents
[  342.922455][ T3623] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #12: comm syz.3.12280: mark_inode_dirty error
[  342.934170][ T3623] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #12: comm syz.3.12280: corrupted inode contents
[  342.946598][ T3623] EXT4-fs error (device loop3) in ext4_orphan_del:303: Corrupt filesystem
[  342.955580][ T3623] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #12: comm syz.3.12280: corrupted inode contents
[  342.968208][ T3623] EXT4-fs error (device loop3): ext4_truncate:4635: inode #12: comm syz.3.12280: mark_inode_dirty error
[  342.979870][ T3623] EXT4-fs error (device loop3) in ext4_process_orphan:345: Corrupt filesystem
[  342.989512][ T3623] EXT4-fs (loop3): 1 truncate cleaned up
[  343.022840][ T3637] netlink: 12 bytes leftover after parsing attributes in process `syz.6.12285'.
[  343.121548][ T3655] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  343.136208][ T3655] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  343.236004][ T3679] netlink: 16 bytes leftover after parsing attributes in process `syz.1.12305'.
[  343.293921][ T3700] macvtap1: entered promiscuous mode
[  343.299416][ T3700] macvtap1: entered allmulticast mode
[  343.313370][ T3704] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  343.322356][ T3704] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  343.397010][ T3724] 9p: Bad value for 'source'
[  343.419243][ T3728] 0ªî{X¹¦: renamed from gretap0
[  343.426078][ T3728] 0ªî{X¹¦: entered allmulticast mode
[  343.432593][ T3728] A link change request failed with some changes committed already. Interface 
30ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[  343.448605][ T3730] 0ªX¹¦À: renamed from caif0
[  343.455583][ T3730] 0ªX¹¦À: entered allmulticast mode
[  343.461082][ T3730] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[  343.515954][ T3740] bridge0: port 3(batadv1) entered blocking state
[  343.522470][ T3740] bridge0: port 3(batadv1) entered disabled state
[  343.529094][ T3740] batadv1: entered allmulticast mode
[  343.535135][ T3740] batadv1: entered promiscuous mode
[  343.613805][ T3756] macvtap1: entered promiscuous mode
[  343.619235][ T3756] macvtap1: entered allmulticast mode
[  343.760755][ T3787] netlink: 'syz.7.12337': attribute type 4 has an invalid length.
[  343.807027][ T3796] sch_tbf: burst 22 is lower than device lo mtu (81) !
[  343.820755][ T3796] sch_tbf: burst 22 is lower than device lo mtu (81) !
[  343.846260][ T3808] program syz.7.12344 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  343.938900][ T3835] syz_tun: refused to change device tx_queue_len
[  344.057215][ T4814] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled
[  344.066474][ T4814] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled
[  344.222993][ T3888] netlink: 'syz.3.12369': attribute type 18 has an invalid length.
[  344.232449][ T3888] netlink: 'syz.3.12369': attribute type 18 has an invalid length.
[  344.503508][ T3934] netlink: 'syz.1.12389': attribute type 27 has an invalid length.
[  344.512470][ T3934] ip6gre0: left promiscuous mode
[  344.521705][ T3934] veth1_to_hsr: left promiscuous mode
[  344.527358][ T3934] macvlan2: left promiscuous mode
[  344.547462][ T3934] 8021q: adding VLAN 0 to HW filter on device bond0
[  344.556271][ T3934] 8021q: adding VLAN 0 to HW filter on device team0
[  344.570025][ T3934] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  344.642573][ T3946] bridge0: port 4(batadv0) entered blocking state
[  344.649373][ T3946] bridge0: port 4(batadv0) entered disabled state
[  344.656255][ T3946] batadv0: entered allmulticast mode
[  344.662328][ T3946] batadv0: entered promiscuous mode
[  344.982874][ T3993] netlink: 'syz.6.12406': attribute type 4 has an invalid length.
[  345.030696][ T3999] openvswitch: netlink: Missing key (keys=40, expected=200000)
[  345.179634][ T4814] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  345.188977][ T4814] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  345.635897][ T4857] Bluetooth: hci0: Frame reassembly failed (-84)
[  345.643022][   T29] kauditd_printk_skb: 334 callbacks suppressed
[  345.643041][   T29] audit: type=1400 audit(334.796:32276): avc:  denied  { ioctl } for  pid=4109 comm="syz.3.12428" path="socket:[102475]" dev="sockfs" ino=102475 ioctlcmd=0x48e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  345.688992][   T29] audit: type=1326 audit(334.825:32277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4113 comm="syz.7.12429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0a4ecf749 code=0x7ffc0000
[  345.712150][   T29] audit: type=1326 audit(334.825:32278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4113 comm="syz.7.12429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc0a4ecf749 code=0x7ffc0000
[  345.735916][   T29] audit: type=1326 audit(334.825:32279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4113 comm="syz.7.12429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0a4ecf749 code=0x7ffc0000
[  345.759508][   T29] audit: type=1326 audit(334.825:32280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4113 comm="syz.7.12429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0a4ecf749 code=0x7ffc0000
[  345.782785][   T29] audit: type=1326 audit(334.825:32281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4113 comm="syz.7.12429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc0a4ecf749 code=0x7ffc0000
[  345.807123][   T29] audit: type=1326 audit(334.825:32282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4113 comm="syz.7.12429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0a4ecf749 code=0x7ffc0000
[  345.830309][   T29] audit: type=1326 audit(334.825:32283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4113 comm="syz.7.12429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0a4ecf749 code=0x7ffc0000
[  345.853375][   T29] audit: type=1326 audit(334.825:32284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4113 comm="syz.7.12429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc0a4ecf749 code=0x7ffc0000
[  345.876453][   T29] audit: type=1326 audit(334.825:32285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4113 comm="syz.7.12429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0a4ecf749 code=0x7ffc0000
[  345.879624][ T4121] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=4121 comm=syz.7.12431
[  346.132177][ T4152] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=4152 comm=syz.1.12445
[  346.332274][ T4165] batadv0: Device is already in use.
[  346.452579][ T4179] __nla_validate_parse: 5 callbacks suppressed
[  346.452596][ T4179] netlink: 12 bytes leftover after parsing attributes in process `syz.6.12457'.
[  346.524998][ T4178] netlink: 84 bytes leftover after parsing attributes in process `syz.8.12456'.
[  346.534280][ T4178] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  346.559694][ T4188] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=4188 comm=syz.6.12459
[  347.554082][ T4262] SELinux: failed to load policy
[  347.820986][   T44] Bluetooth: hci0: command 0x1003 tx timeout
[  347.827088][ T7595] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  348.125631][ T4360] smc: net device bond0 applied user defined pnetid SYZ0
[  348.145846][ T4360] smc: net device bond0 erased user defined pnetid SYZ0
[  348.510661][ T4399] loop3: detected capacity change from 0 to 128
[  348.655166][ T4424] netlink: 'syz.6.12529': attribute type 1 has an invalid length.
[  348.894911][ T4451] random: crng reseeded on system resumption
[  349.190582][ T4478] netlink: 16 bytes leftover after parsing attributes in process `syz.8.12553'.
[  349.200326][ T4461] netlink: 84 bytes leftover after parsing attributes in process `syz.1.12547'.
[  349.209410][ T4461] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  349.922237][ T4601] smc: net device bond0 applied user defined pnetid SYZ0
[  349.931379][ T4601] smc: net device bond0 erased user defined pnetid SYZ0
[  350.008896][ T4609] random: crng reseeded on system resumption
[  350.145185][ T4630] loop3: detected capacity change from 0 to 256
[  350.163622][ T4628] xt_policy: neither incoming nor outgoing policy selected
[  350.172934][ T4630] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  350.194763][ T4630] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  350.240416][ T4641] loop7: detected capacity change from 0 to 128
[  350.330248][ T4652] SELinux: failed to load policy
[  350.474459][ T4679] netlink: 'syz.7.12622': attribute type 6 has an invalid length.
[  350.601608][ T4660] netlink: 256 bytes leftover after parsing attributes in process `syz.1.12614'.
[  350.605278][ T4694] hub 9-0:1.0: USB hub found
[  350.626674][ T4694] hub 9-0:1.0: 8 ports detected
[  350.718109][ T4715] netlink: 'syz.8.12634': attribute type 83 has an invalid length.
[  351.059320][   T29] kauditd_printk_skb: 311 callbacks suppressed
[  351.059337][   T29] audit: type=1326 audit(339.857:32597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4770 comm="syz.7.12649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0a4ecf749 code=0x7ffc0000
[  351.105395][ T4776] netlink: 28 bytes leftover after parsing attributes in process `syz.6.12647'.
[  351.115288][   T29] audit: type=1326 audit(339.894:32598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4770 comm="syz.7.12649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7fc0a4ecf749 code=0x7ffc0000
[  351.139076][   T29] audit: type=1326 audit(339.894:32599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4770 comm="syz.7.12649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0a4ecf749 code=0x7ffc0000
[  351.139306][ T4775] loop3: detected capacity change from 0 to 1024
[  351.162155][   T29] audit: type=1326 audit(339.894:32600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4770 comm="syz.7.12649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fc0a4ecf749 code=0x7ffc0000
[  351.192074][   T29] audit: type=1326 audit(339.894:32601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4770 comm="syz.7.12649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0a4ecf749 code=0x7ffc0000
[  351.215280][   T29] audit: type=1326 audit(339.894:32602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4770 comm="syz.7.12649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=297 compat=0 ip=0x7fc0a4ecf749 code=0x7ffc0000
[  351.238334][   T29] audit: type=1326 audit(339.894:32603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4770 comm="syz.7.12649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0a4ecf749 code=0x7ffc0000
[  351.331418][ T4788] serio: Serial port ptm0
[  351.337130][   T29] audit: type=1400 audit(340.072:32604): avc:  denied  { remove_name } for  pid=4771 comm="syz.3.12648" name="file0" dev="loop3" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  351.359651][   T29] audit: type=1400 audit(340.072:32605): avc:  denied  { rename } for  pid=4771 comm="syz.3.12648" name="file0" dev="loop3" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  351.399573][   T29] audit: type=1400 audit(340.166:32606): avc:  denied  { write } for  pid=4791 comm="syz.3.12652" path="socket:[104024]" dev="sockfs" ino=104024 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  351.491452][ T4844] netlink: 256 bytes leftover after parsing attributes in process `syz.7.12662'.
[  352.461522][ T4968] Cannot find add_set index 0 as target
[  352.585225][ T4976] veth1_to_bond: entered allmulticast mode
[  352.596376][ T4972] loop3: detected capacity change from 0 to 8192
[  352.604610][ T4972] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  352.629386][ T4976] veth1_to_bond: left allmulticast mode
[  353.705516][ T5136] Process accounting resumed
[  353.864203][ T5180] netlink: 'syz.8.12791': attribute type 1 has an invalid length.
[  353.928730][ T5205] loop7: detected capacity change from 0 to 512
[  353.938113][ T5180] 8021q: adding VLAN 0 to HW filter on device bond2
[  353.957724][ T5205] EXT4-fs error (device loop7): ext4_xattr_inode_iget:446: comm syz.7.12784: error while reading EA inode 32 err=-116
[  353.978336][ T5205] EXT4-fs (loop7): Remounting filesystem read-only
[  353.995811][ T5205] EXT4-fs warning (device loop7): ext4_expand_extra_isize_ea:2857: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  354.008858][ T5205] EXT4-fs warning (device loop7): ext4_evict_inode:256: couldn't mark inode dirty (err -30)
[  354.054327][ T5205] EXT4-fs (loop7): 1 orphan inode deleted
[  354.163799][ T5243] netlink: 8 bytes leftover after parsing attributes in process `syz.7.12790'.
[  354.260672][ T5145] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  355.270510][ T5329] netlink: 204 bytes leftover after parsing attributes in process `syz.8.12829'.
[  355.280831][ T5326] netlink: 12 bytes leftover after parsing attributes in process `syz.1.12828'.
[  355.513155][ T5364] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  355.589399][ T4256] kernel read not supported for file bpf-prog (pid: 4256 comm: kworker/1:9)
[  355.705905][ T5406] netlink: 19 bytes leftover after parsing attributes in process `syz.3.12863'.
[  355.789986][ T5416] netlink: 8 bytes leftover after parsing attributes in process `syz.3.12868'.
[  355.807737][ T5420] sch_tbf: burst 0 is lower than device lo mtu (81) !
[  355.917761][ T5433] loop3: detected capacity change from 0 to 2048
[  355.969534][ T5433] Alternate GPT is invalid, using primary GPT.
[  355.976116][ T5433]  loop3: p2 p3 p7
[  355.991107][ T5456] netlink: 'syz.8.12881': attribute type 6 has an invalid length.
[  356.033510][ T5467] loop3: detected capacity change from 0 to 128
[  356.067981][ T5467] EXT4-fs (loop3): re-mounted 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  356.072898][ T5474] netlink: 87 bytes leftover after parsing attributes in process `syz.8.12887'.
[  356.200782][ T5482] bond0: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  356.213392][ T5482] bond0: (slave ipvlan2): The slave device specified does not support setting the MAC address
[  356.229093][ T5482] bond0: (slave ipvlan2): Error -95 calling set_mac_address
[  356.276093][ T5498] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  356.322012][ T5500] loop3: detected capacity change from 0 to 1024
[  356.341018][ T5500] EXT4-fs: Ignoring removed orlov option
[  356.386328][ T5500] EXT4-fs (loop3): shut down requested (2)
[  356.422712][ T5523] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[  356.447718][   T29] kauditd_printk_skb: 413 callbacks suppressed
[  356.447739][   T29] audit: type=1326 audit(344.908:33020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5526 comm="syz.8.12904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75bb3df749 code=0x7ffc0000
[  356.488853][   T29] audit: type=1326 audit(344.908:33021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5526 comm="syz.8.12904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75bb3df749 code=0x7ffc0000
[  356.512221][   T29] audit: type=1326 audit(344.936:33022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5526 comm="syz.8.12904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f75bb3df749 code=0x7ffc0000
[  356.535281][   T29] audit: type=1326 audit(344.936:33023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5526 comm="syz.8.12904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75bb3df749 code=0x7ffc0000
[  356.558549][   T29] audit: type=1326 audit(344.936:33024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5526 comm="syz.8.12904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75bb3df749 code=0x7ffc0000
[  356.581634][   T29] audit: type=1326 audit(344.936:33025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5526 comm="syz.8.12904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f75bb3df749 code=0x7ffc0000
[  356.604726][   T29] audit: type=1326 audit(344.936:33026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5526 comm="syz.8.12904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75bb3df749 code=0x7ffc0000
[  356.608122][ T5531] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  356.627906][   T29] audit: type=1326 audit(344.936:33027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5526 comm="syz.8.12904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75bb3df749 code=0x7ffc0000
[  356.678161][   T29] audit: type=1326 audit(345.114:33028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5533 comm="syz.3.12905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9d062f749 code=0x7ffc0000
[  356.711853][ T5539] bond0: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  356.724641][ T5539] bond0: (slave ipvlan2): The slave device specified does not support setting the MAC address
[  356.750600][   T29] audit: type=1326 audit(345.142:33029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5533 comm="syz.3.12905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=71 compat=0 ip=0x7fe9d062f749 code=0x7ffc0000
[  356.769089][ T5534] netlink: 12 bytes leftover after parsing attributes in process `syz.8.12908'.
[  356.795474][ T5539] bond0: (slave ipvlan2): Error -95 calling set_mac_address
[  356.815065][ T5538] netlink: 8 bytes leftover after parsing attributes in process `syz.6.12910'.
[  356.882137][ T5563] netlink: 28 bytes leftover after parsing attributes in process `syz.8.12917'.
[  357.000907][ T5593] netlink: 19 bytes leftover after parsing attributes in process `syz.6.12929'.
[  357.068308][ T5605] IPv6: NLM_F_CREATE should be specified when creating new route
[  357.454898][ T5669] ip6gre1: entered allmulticast mode
[  357.513826][ T5680] netlink: 'syz.1.12963': attribute type 7 has an invalid length.
[  357.530791][ T5680] netlink: 'syz.1.12963': attribute type 7 has an invalid length.
[  357.882949][ T5752] loop3: detected capacity change from 0 to 512
[  357.904796][ T5752] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  357.941543][ T5752] EXT4-fs (loop3): 1 truncate cleaned up
[  357.956167][ T5718] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  357.976749][ T5752] EXT4-fs mount: 14 callbacks suppressed
[  357.976769][ T5752] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  358.066569][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  358.359045][ T5784] loop3: detected capacity change from 0 to 128
[  358.365189][ T5785] bond0: Unable to set up delay as MII monitoring is disabled
[  358.443259][ T5793] netlink: 'syz.6.12997': attribute type 7 has an invalid length.
[  358.467114][   T12] netdevsim netdevsim6 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  358.476520][ T5793] netlink: 'syz.6.12997': attribute type 7 has an invalid length.
[  358.490746][   T12] netdevsim netdevsim6 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  358.510354][   T12] netdevsim netdevsim6 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  358.526470][   T12] netdevsim netdevsim6 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  358.581877][ T4828] bio_check_eod: 102 callbacks suppressed
[  358.581954][ T4828] kworker/u8:32: attempt to access beyond end of device
[  358.581954][ T4828] loop3: rw=1, sector=145, nr_sectors = 8 limit=128
[  358.616043][ T4828] kworker/u8:32: attempt to access beyond end of device
[  358.616043][ T4828] loop3: rw=1, sector=161, nr_sectors = 8 limit=128
[  358.629922][ T4828] kworker/u8:32: attempt to access beyond end of device
[  358.629922][ T4828] loop3: rw=1, sector=177, nr_sectors = 8 limit=128
[  358.643723][ T4828] kworker/u8:32: attempt to access beyond end of device
[  358.643723][ T4828] loop3: rw=1, sector=193, nr_sectors = 8 limit=128
[  358.658187][ T4828] kworker/u8:32: attempt to access beyond end of device
[  358.658187][ T4828] loop3: rw=1, sector=209, nr_sectors = 8 limit=128
[  358.688137][ T4828] kworker/u8:32: attempt to access beyond end of device
[  358.688137][ T4828] loop3: rw=1, sector=225, nr_sectors = 8 limit=128
[  358.720313][ T4828] kworker/u8:32: attempt to access beyond end of device
[  358.720313][ T4828] loop3: rw=1, sector=241, nr_sectors = 8 limit=128
[  358.734521][ T4828] kworker/u8:32: attempt to access beyond end of device
[  358.734521][ T4828] loop3: rw=1, sector=257, nr_sectors = 8 limit=128
[  358.751761][ T4828] kworker/u8:32: attempt to access beyond end of device
[  358.751761][ T4828] loop3: rw=1, sector=273, nr_sectors = 8 limit=128
[  358.781558][ T4828] kworker/u8:32: attempt to access beyond end of device
[  358.781558][ T4828] loop3: rw=1, sector=289, nr_sectors = 8 limit=128
[  359.597001][ T5944] xt_hashlimit: max too large, truncated to 1048576
[  359.657686][ T5954] loop3: detected capacity change from 0 to 512
[  359.711849][ T5954] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  359.765570][ T5970] macvtap0: entered promiscuous mode
[  359.770933][ T5970] macvtap0: entered allmulticast mode
[  359.779716][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  360.311985][ T6036] loop3: detected capacity change from 0 to 1024
[  360.330393][ T6036] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  360.365957][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  360.527250][ T6088] __nla_validate_parse: 18 callbacks suppressed
[  360.527271][ T6088] netlink: 8 bytes leftover after parsing attributes in process `syz.8.13090'.
[  360.563172][ T6095] syz.8.13093: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0
[  360.577871][ T6095] CPU: 0 UID: 0 PID: 6095 Comm: syz.8.13093 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  360.577967][ T6095] Tainted: [W]=WARN
[  360.577975][ T6095] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  360.577990][ T6095] Call Trace:
[  360.578025][ T6095]  <TASK>
[  360.578033][ T6095]  __dump_stack+0x1d/0x30
[  360.578063][ T6095]  dump_stack_lvl+0x95/0xd0
[  360.578106][ T6095]  dump_stack+0x15/0x1b
[  360.578130][ T6095]  warn_alloc+0x12b/0x1a0
[  360.578158][ T6095]  ? __schedule+0x85f/0xcd0
[  360.578194][ T6095]  ? __rcu_read_unlock+0x4f/0x70
[  360.578243][ T6095]  __vmalloc_node_range_noprof+0xa0/0x1310
[  360.578274][ T6095]  ? __futex_wait+0x1fa/0x260
[  360.578297][ T6095]  ? __pfx_futex_wake_mark+0x10/0x10
[  360.578397][ T6095]  ? __rcu_read_unlock+0x4f/0x70
[  360.578418][ T6095]  ? avc_has_perm_noaudit+0xab/0x130
[  360.578444][ T6095]  vmalloc_user_noprof+0x7d/0xb0
[  360.578472][ T6095]  ? xskq_create+0x80/0xe0
[  360.578513][ T6095]  xskq_create+0x80/0xe0
[  360.578608][ T6095]  xsk_init_queue+0x95/0xf0
[  360.578691][ T6095]  xsk_setsockopt+0x3f5/0x640
[  360.578825][ T6095]  ? __pfx_xsk_setsockopt+0x10/0x10
[  360.578861][ T6095]  __sys_setsockopt+0x184/0x200
[  360.578892][ T6095]  __x64_sys_setsockopt+0x64/0x80
[  360.578940][ T6095]  x64_sys_call+0x21d5/0x3000
[  360.578969][ T6095]  do_syscall_64+0xca/0x2b0
[  360.579006][ T6095]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  360.579084][ T6095] RIP: 0033:0x7f75bb3df749
[  360.579102][ T6095] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  360.579123][ T6095] RSP: 002b:00007f75b9e3f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  360.579146][ T6095] RAX: ffffffffffffffda RBX: 00007f75bb635fa0 RCX: 00007f75bb3df749
[  360.579225][ T6095] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000005
[  360.579239][ T6095] RBP: 00007f75bb463f91 R08: 0000000000000004 R09: 0000000000000000
[  360.579254][ T6095] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  360.579269][ T6095] R13: 00007f75bb636038 R14: 00007f75bb635fa0 R15: 00007fffa50bb058
[  360.579291][ T6095]  </TASK>
[  360.579299][ T6095] Mem-Info:
[  360.796753][ T6095] active_anon:4298 inactive_anon:17142 isolated_anon:0
[  360.796753][ T6095]  active_file:14586 inactive_file:13350 isolated_file:0
[  360.796753][ T6095]  unevictable:0 dirty:379 writeback:0
[  360.796753][ T6095]  slab_reclaimable:3880 slab_unreclaimable:45127
[  360.796753][ T6095]  mapped:28822 shmem:17390 pagetables:1579
[  360.796753][ T6095]  sec_pagetables:0 bounce:0
[  360.796753][ T6095]  kernel_misc_reclaimable:0
[  360.796753][ T6095]  free:1771080 free_pcp:21413 free_cma:0
[  360.825665][ T6107] xt_hashlimit: max too large, truncated to 1048576
[  360.842944][ T6095] Node 0 active_anon:17308kB inactive_anon:68568kB active_file:58344kB inactive_file:53400kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:115288kB dirty:1516kB writeback:0kB shmem:69560kB kernel_stack:5584kB pagetables:6432kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  360.858411][ T6107] netlink: 16 bytes leftover after parsing attributes in process `syz.6.13099'.
[  360.877558][ T6095] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  360.877680][ T6095] lowmem_reserve[]: 0 2880 7859 7859
[  360.922012][ T6095] Node 0 DMA32 free:2945888kB boost:0kB min:4132kB low:7060kB high:9988kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:3129332kB managed:2949520kB mlocked:0kB bounce:0kB free_pcp:3632kB local_pcp:104kB free_cma:0kB
[  360.953506][ T6095] lowmem_reserve[]: 0 0 4978 4978
[  360.954564][ T4821] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  360.958583][ T6095] Node 0 Normal free:4123072kB boost:0kB min:7188kB low:12284kB high:17380kB reserved_highatomic:0KB free_highatomic:0KB active_anon:17308kB inactive_anon:68568kB active_file:58344kB inactive_file:53400kB unevictable:0kB writepending:1516kB zspages:0kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:81648kB local_pcp:53516kB free_cma:0kB
[  360.968250][ T4821] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  361.001099][ T6095] lowmem_reserve[]: 0 0 0 0
[  361.001142][ T6095] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  361.027275][ T6095] Node 0 DMA32: 2*4kB (M) 1*8kB (M) 3*16kB (M) 3*32kB (M) 3*64kB (M) 2*128kB (M) 3*256kB (M) 3*512kB (M) 4*1024kB (M) 3*2048kB (M) 716*4096kB (M) = 2945888kB
[  361.039029][ T4821] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  361.043898][ T6095] Node 0 Normal: 1823*4kB (UME) 2091*8kB (UME) 1422*16kB (UME) 1186*32kB (UME) 607*64kB (UME) 358*128kB (UME) 288*256kB (UM) 282*512kB (UM) 262*1024kB (UME) 141*2048kB (UME) 776*4096kB (UM) = 4123060kB
[  361.070428][ T4821] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  361.073801][ T6095] Node 0 hugepages_total=4 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB
[  361.073821][ T6095] 45520 total pagecache pages
[  361.073828][ T6095] 234 pages in swap cache
[  361.073835][ T6095] Free swap  = 123916kB
[  361.105649][ T6095] Total swap = 124996kB
[  361.109852][ T6095] 2097051 pages RAM
[  361.113711][ T6095] 0 pages HighMem/MovableOnly
[  361.118414][ T6095] 81271 pages reserved
[  361.296234][ T6142] loop7: detected capacity change from 0 to 512
[  361.305058][ T6142] EXT4-fs (loop7): 1 truncate cleaned up
[  361.311597][ T6142] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  361.329825][ T6142] EXT4-fs error (device loop7): ext4_free_branches:1023: inode #13: comm syz.7.13116: invalid indirect mapped block 234881024 (level 0)
[  361.356409][T29632] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  361.385420][ T6156] loop7: detected capacity change from 0 to 1024
[  361.392488][ T6156] EXT4-fs: Ignoring removed oldalloc option
[  361.422841][ T6156] EXT4-fs (loop7): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: writeback.
[  361.440937][ T6156] EXT4-fs error (device loop7): ext4_free_blocks:6728: comm syz.7.13120: Freeing blocks not in datazone - block = 0, count = 16
[  361.486968][T29632] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  361.622504][ T6187] loop3: detected capacity change from 0 to 128
[  361.805329][ T6200] netlink: 32 bytes leftover after parsing attributes in process `syz.7.13134'.
[  361.816599][ T6200] netlink: 32 bytes leftover after parsing attributes in process `syz.7.13134'.
[  361.839672][ T6204] netlink: 14 bytes leftover after parsing attributes in process `syz.7.13136'.
[  361.850436][ T6204] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  361.860576][ T6204] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  361.869773][ T6204] bond0 (unregistering): Released all slaves
[  361.899241][ T6241] netlink: 96 bytes leftover after parsing attributes in process `syz.6.13138'.
[  361.943198][   T29] kauditd_printk_skb: 379 callbacks suppressed
[  361.943218][   T29] audit: type=1326 audit(350.044:33409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6251 comm="syz.7.13141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0a4ecf749 code=0x7ffc0000
[  361.992023][   T29] audit: type=1326 audit(350.044:33410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6251 comm="syz.7.13141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0a4ecf749 code=0x7ffc0000
[  362.015343][   T29] audit: type=1326 audit(350.044:33411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6251 comm="syz.7.13141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0a4ecf749 code=0x7ffc0000
[  362.038551][   T29] audit: type=1326 audit(350.044:33412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6251 comm="syz.7.13141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc0a4ecf749 code=0x7ffc0000
[  362.061728][   T29] audit: type=1326 audit(350.044:33413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6251 comm="syz.7.13141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0a4ecf749 code=0x7ffc0000
[  362.085149][   T29] audit: type=1326 audit(350.044:33414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6251 comm="syz.7.13141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0a4ecf749 code=0x7ffc0000
[  362.108377][   T29] audit: type=1326 audit(350.044:33415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6251 comm="syz.7.13141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0a4ecf749 code=0x7ffc0000
[  362.131767][   T29] audit: type=1326 audit(350.044:33416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6251 comm="syz.7.13141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc0a4ecf749 code=0x7ffc0000
[  362.154893][   T29] audit: type=1326 audit(350.044:33417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6251 comm="syz.7.13141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0a4ecf749 code=0x7ffc0000
[  362.178178][   T29] audit: type=1326 audit(350.044:33418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6251 comm="syz.7.13141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0a4ecf749 code=0x7ffc0000
[  362.500064][ T6277] netlink: 'syz.8.13148': attribute type 29 has an invalid length.
[  362.924309][ T6306] loop3: detected capacity change from 0 to 2048
[  362.992729][ T6306] Alternate GPT is invalid, using primary GPT.
[  362.999140][ T6306]  loop3: p2 p3 p7
[  363.040638][ T6330] netlink: 8 bytes leftover after parsing attributes in process `syz.1.13166'.
[  363.147855][ T6350] netlink: 64 bytes leftover after parsing attributes in process `syz.1.13174'.
[  363.172698][ T6352] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  363.192373][ T6354] netlink: 'syz.3.13176': attribute type 10 has an invalid length.
[  363.200584][ T6354] netlink: 40 bytes leftover after parsing attributes in process `syz.3.13176'.
[  363.210509][ T6354] dummy0: entered promiscuous mode
[  363.216789][ T6354] bridge0: port 3(dummy0) entered blocking state
[  363.223286][ T6354] bridge0: port 3(dummy0) entered disabled state
[  363.229936][ T6354] dummy0: entered allmulticast mode
[  363.521630][ T6383] SELinux: ebitmap: map size 0 does not match my size 64 (high bit was 0)
[  363.530919][ T6383] SELinux: failed to load policy
[  363.739478][ T6400] netlink: 'syz.1.13193': attribute type 10 has an invalid length.
[  363.747562][ T6400] netlink: 40 bytes leftover after parsing attributes in process `syz.1.13193'.
[  363.765945][ T6400] dummy0: entered promiscuous mode
[  363.771986][ T6400] bridge0: port 3(dummy0) entered blocking state
[  363.778570][ T6400] bridge0: port 3(dummy0) entered disabled state
[  363.785507][ T6400] dummy0: entered allmulticast mode
[  363.793563][ T6400] bridge0: port 3(dummy0) entered blocking state
[  363.800141][ T6400] bridge0: port 3(dummy0) entered forwarding state
[  363.918492][ T6415] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  364.477955][ T6480] smc: net device bond0 applied user defined pnetid SYZ0
[  364.494997][ T6480] smc: net device bond0 erased user defined pnetid SYZ0
[  364.577784][ T6486] loop3: detected capacity change from 0 to 512
[  364.594818][ T6486] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  364.692719][ T6464] ==================================================================
[  364.700959][ T6464] BUG: KCSAN: data-race in shmem_file_splice_read / shmem_file_splice_read
[  364.709677][ T6464] 
[  364.712021][ T6464] write to 0xffff888125deb8e8 of 8 bytes by task 6469 on cpu 1:
[  364.719763][ T6464]  shmem_file_splice_read+0x470/0x600
[  364.725164][ T6464]  splice_direct_to_actor+0x26f/0x680
[  364.730553][ T6464]  do_splice_direct+0xda/0x150
[  364.735335][ T6464]  do_sendfile+0x380/0x650
[  364.739942][ T6464]  __x64_sys_sendfile64+0x105/0x150
[  364.745256][ T6464]  x64_sys_call+0x2db1/0x3000
[  364.749950][ T6464]  do_syscall_64+0xca/0x2b0
[  364.754554][ T6464]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  364.760453][ T6464] 
[  364.762776][ T6464] write to 0xffff888125deb8e8 of 8 bytes by task 6464 on cpu 0:
[  364.770494][ T6464]  shmem_file_splice_read+0x470/0x600
[  364.776035][ T6464]  splice_direct_to_actor+0x26f/0x680
[  364.781421][ T6464]  do_splice_direct+0xda/0x150
[  364.786278][ T6464]  do_sendfile+0x380/0x650
[  364.790715][ T6464]  __x64_sys_sendfile64+0x105/0x150
[  364.796137][ T6464]  x64_sys_call+0x2db1/0x3000
[  364.800915][ T6464]  do_syscall_64+0xca/0x2b0
[  364.805444][ T6464]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  364.811342][ T6464] 
[  364.813666][ T6464] value changed: 0x000000000000535d -> 0x000000000000535f
[  364.820771][ T6464] 
[  364.823095][ T6464] Reported by Kernel Concurrency Sanitizer on:
[  364.829247][ T6464] CPU: 0 UID: 0 PID: 6464 Comm: syz.8.13213 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  364.840732][ T6464] Tainted: [W]=WARN
[  364.844552][ T6464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  364.854803][ T6464] ==================================================================