last executing test programs:

2m29.790350706s ago: executing program 1 (id=2):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000140)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
clock_getres(0xfffffffffffffff1, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0x6}, 0x18)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc0189374, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = syz_io_uring_setup(0x6f52, &(0x7f0000000000)={0x0, 0xbd60, 0x8, 0x80007, 0xbffffffa}, &(0x7f00000003c0)=<r2=>0x0, &(0x7f00000004c0)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f00000002c0)=0x9, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000180)=@IORING_OP_STATX={0x15, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x80, 0x6000})
io_uring_enter(r1, 0x1c39, 0x106a, 0x22, 0x0, 0x0)

2m29.618729704s ago: executing program 1 (id=10):
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000840)=@nameseq={0x1e, 0x1, 0x1, {0x42, 0x0, 0x1}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x200000, 0x3}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000180)={0x42, 0x2, 0x1}, 0x10)
sendmsg$tipc(r3, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000090}, 0x95)
r4 = dup3(r0, r3, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, 0x0, 0x0)
setsockopt$TIPC_GROUP_LEAVE(r4, 0x10f, 0x88)

2m29.502890105s ago: executing program 1 (id=12):
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000001ec0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000000, &(0x7f00000006c0), 0x1, 0x512, &(0x7f0000000c40)="$eJzs3W1rZFcdAPD/vcmk2d3UTFVkLdgWW9ktujNJY9so0lYQfVVQ6/s1JpMQMsmEzKRuQtEsfgBBRAU/gG8EP4Ag+xFEWND3oqKI7upL3St35kbzMJMMySSzTn4/OJlz7sP5n3PJ3LkPh3sDuLJeioh3ImIsIl6NiOlielqk2OukfLnHjz5YzFMSWfbe35JIimn7deXl8Yi4Uaw2GRFf/0rEt5LjcZs7u2sL9XptqyhXW+ub1ebO7p3V9YWV2kptY25u9o35N+dfn5/JCufqZzki3vrSn370/Z99+a1ffebbv7/7l9vfyZv1hY912h0Ri+cK0EOn7lJ7W+zLt9HWRQQbkrw/pbFhtwIAgH7kx/gfjohPto//p2OsfTQHAAAAjJLs7an4VxKRAQAAACMrjYipSNJKMRZgKtK0UumM4f1oXE/rjWbr08uN7Y2lfF5EOUrp8mq9NlOMFS5HKcnLs8UY2/3ya0fKcxHxXET8cPpau1xZbNSXhn3xAwAAAK6IGy8ePv//53TazgMAAAAjptyzAAAAAIwKp/wAAAAw+pz/AwAAwEj76rvv5inbf4/30vs722uN9+8s1ZprlfXtxcpiY2uzstJorLSf2bd+Wn31RmPzs7Gxfa/aqjVb1ebO7t31xvZG6+7qoVdgAwAAAJfouRcf/C6JiL3PX2unKJ4DCHDIH4fdAGCQxobdAGBoxofdAGBoSqcuYQ8Boy45Zf7xwTuda4Xx64tpDwAAMHi3Pn78/v9EMe/0awPA/zNjfQDg6nF3D66u0llHAN4cdEuAYflQ5+OZXvN7Pryjj/v/nWsMWXamhgEAAAMz1U5JWimO06ciTSuViGfbrwUoJcur9dpMcX7w2+nSM3l5tr1mcuqYYQAAAAAAAAAAAAAAAAAAAAAAAACgI8uSyAAAAICRFpH+OWk/zT/i1vQrU4evDhx569dP3/vxvYVWa2s2YiL5+3Q+aSIiWj8ppr+WeSUAAAAAPAU65+nF5+ywWwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAqHn86IPF/XSZcf/6xYgod4s/HpPtz8koRcT1fyQxfmC9JCLGBhB/735E3OwWP4knWZaVi1Z0i3/tguOX25ume/w0Im4MID5cZQ/y/c873b5/abzU/uz+/Rsv0nn13v+l/93/jfXY/zx7pNzL8w9/Ue0Z/37E8+Pd9z/78ZNO/EMh8sLLffbxm9/Y3e0640CV3eIfjFVtrW9Wmzu7d1bXF1ZqK7WNubnZN+bfnH99fqa6vFqvFX+7hvnBJ3755KT+X+8Rv3y4/8e2/yt99T6Lfz+89+gjnUKpW/zbL3f//b3ZI35a/PZ9qsjn82/t5/c6+YNe+PlvXjip/0s9+j95Sv9v99X/+NyrX/veH7rOObY1AIDL0NzZXVuo12tbJ2Qm+1jmkjNvPx3NGGAmno5mDCuTfbfz/3i+es65+rFMdp7Vx2MAzZg49j0di7NWmETs5XX1+Q8JAACMmP8d9J90BwkAAAAAAAAAAAAAAAAAAAC4SGd8LNlkRPS98NGYe8PpKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAif4TAAD//4RX0Xo=")
r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0xff, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x4, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8d}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x0, 0x2, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x3, 0x0, 0x0, 0x40f00, 0x60, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffff9}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3, 0x0, 0x1}, 0x18)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
pwritev2(r0, &(0x7f0000000240)=[{0x0}], 0x1, 0x9c00, 0x0, 0x3)

2m29.061829049s ago: executing program 1 (id=17):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x3000046, &(0x7f0000000280)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@resgid}, {@data_err_ignore}, {@jqfmt_vfsv0}, {@nobh}, {@errors_remount}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x42, 0x1fe)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000340)={0x0, 0x18, 0xfa00, {0x3, 0x0, 0x111, 0x6}}, 0x20)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x3, 0x0, 0x13f, 0x1}}, 0x20)
write$RDMA_USER_CM_CMD_LISTEN(r0, &(0x7f00000001c0)={0x7, 0x8}, 0x10)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1, 0x8005, 0x0, 0x0, 0x19, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f283e6d60200000000000000000000000100", [0x208]})
io_setup(0x1, &(0x7f00000004c0)=<r2=>0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101042, 0x0)
io_submit(r2, 0x1, &(0x7f00000002c0)=[&(0x7f0000000280)={0xffffff7f00000000, 0x0, 0x0, 0x1, 0x0, r3, &(0x7f0000000140)='i', 0x1001, 0x8b}])

2m28.403873215s ago: executing program 1 (id=21):
r0 = io_uring_setup(0x667, &(0x7f0000000000)={0x0, 0x8dd3, 0x1, 0x42, 0x235})
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={0xffffffffffffffff, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x216, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xfffffffffffffcc4)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="09000000070000000080000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r1, <r2=>0xffffffffffffffff}, &(0x7f00000002c0), &(0x7f0000000280)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000d0039000000000000b4a518110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000840), 0x0)
read(r4, &(0x7f00000001c0)=""/260, 0xfffffd3c)
close_range(r0, 0xffffffffffffffff, 0x0)

2m26.948257611s ago: executing program 1 (id=36):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000280)='kfree\x00', r0}, 0x18)
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket(0x10, 0x2, 0x4)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="180000000000000000000000020000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fa540000850000008200000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x18)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = dup(r3)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="640000000206030000000000fffff0000000000016000300686173683a6e65742c706f72742c6e6574000000050004000000000005000500020000000900020073797a3200000000050001000700000014000780080013400000000008001240"], 0x64}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)={0x1c, 0x3, 0x6, 0x101, 0x0, 0x0, {0x2, 0x0, 0xa}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000800}, 0x4)

2m26.947939101s ago: executing program 32 (id=36):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000280)='kfree\x00', r0}, 0x18)
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket(0x10, 0x2, 0x4)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="180000000000000000000000020000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fa540000850000008200000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x18)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = dup(r3)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="640000000206030000000000fffff0000000000016000300686173683a6e65742c706f72742c6e6574000000050004000000000005000500020000000900020073797a3200000000050001000700000014000780080013400000000008001240"], 0x64}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)={0x1c, 0x3, 0x6, 0x101, 0x0, 0x0, {0x2, 0x0, 0xa}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000800}, 0x4)

3.922532027s ago: executing program 4 (id=2229):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0x3, 0x2)
r2 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="1801000000000800000000005e002200850000006d00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x10)
bind$can_j1939(r2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r0, &(0x7f0000000840)={@val={0x8, 0x800}, @val={0x6, 0x0, 0x6, 0x0, 0x14}, @ipv4=@generic={{0x5, 0x4, 0x2, 0x2, 0x2a, 0x66, 0x0, 0xb, 0x4, 0x0, @rand_addr=0x64010102, @broadcast}, "3297e3ba0fa8a2e71bd9fe1a399b5110420b70460c0d"}}, 0x38)

1.980614872s ago: executing program 4 (id=2248):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x1f, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$selinux_policy(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket(0xa, 0x2, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000740), 0x1, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='kfree\x00', r1, 0x0, 0x115}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r2 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
add_key(&(0x7f0000000040)='ceph\x00', 0x0, &(0x7f00000009c0)="010000000037a788a11d18000000000000006923c63a4541062101b60a2156566de77062", 0x24, r2)

1.960842064s ago: executing program 4 (id=2249):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0xffffffffffffffcf, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xa1b96aadc3618c72}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = gettid()
timer_create(0x0, &(0x7f0000000180)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)=<r3=>0x0)
timer_settime(r3, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r4, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x9)

1.807174079s ago: executing program 0 (id=2251):
r0 = socket$netlink(0x10, 0x3, 0x6)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5ba}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kmem_cache_free\x00', r1, 0x0, 0x3}, 0x18)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000100)=0x1800, 0x4)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02030609100000000000004c9e0000000200130002000000da16c167d803f1f805000600200000000a00060000000000ff0000000000000000001ffeff0001000003f1dc7f7c6e7c02000100000000000040000280ffffff05000500000000000a"], 0x80}}, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
timer_settime(0x0, 0x0, 0x0, 0x0)
sendmsg$nl_xfrm(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newsa={0x138, 0x10, 0x1, 0xfffffffe, 0x100, {{@in6=@private0={0xfc, 0x0, '\x00', 0x1}, @in=@rand_addr=0x64010101, 0x1, 0x714, 0x4e23, 0x5, 0x0, 0x0, 0x0, 0x3a}, {@in6=@mcast2, 0x4d4, 0x6c}, @in=@dev={0xac, 0x14, 0x14, 0x3f}, {0x0, 0x192, 0x6, 0xffff, 0x8251c, 0x2, 0xfffffffffffffff8}, {0xffffffffffffffff, 0x0, 0x1f, 0xfffffffffffffffe}, {0x2, 0xfffffffc}, 0x70bd2a, 0x3504, 0x2, 0x1, 0x0, 0x20}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x138}, 0x1, 0x0, 0x0, 0x8801}, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="3801000018"], 0x138}, 0x1, 0x0, 0x0, 0x8801}, 0x0)

1.8003455s ago: executing program 0 (id=2253):
syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r0}, &(0x7f0000000280), 0x0}, 0x20)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x37e2f4aba9289b81, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000180)={r2, r0}, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000300)={'pim6reg1\x00', 0x1})
close(0xffffffffffffffff)

1.656566004s ago: executing program 4 (id=2256):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x2)
write$binfmt_aout(r1, &(0x7f00000000c0)=ANY=[], 0x20)
r2 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x40)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4, 0x12, r2, 0x0)
syz_clone(0x630c1100, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x100202, 0x0, 0xfffffffb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x8, 0x80, 0x0, 0x4, 0x0, 0x6, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x7}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

1.528421327s ago: executing program 0 (id=2259):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300))
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r0 = fsopen(&(0x7f00000014c0)='proc\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0xa)
r2 = socket$kcm(0x2, 0x1000000000000002, 0x0)
sendmsg$inet(r2, &(0x7f0000000840)={&(0x7f0000000000)={0x2, 0x4e23}, 0x10, 0x0, 0x0, &(0x7f00000001c0)=[@ip_retopts={{0x18, 0x0, 0x7, {[@noop, @lsrr={0x83, 0x7, 0x4, [@private]}]}}}], 0x18}, 0x0)
fchdir(r1)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x108)
getdents64(r3, &(0x7f0000000f80)=""/4096, 0x1000)

1.471231723s ago: executing program 0 (id=2261):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r4 = getuid()
quotactl_fd$Q_QUOTAON(r1, 0xffffffff80000201, r4, &(0x7f0000000240)='./file0\x00')
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r3, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0xffffff1f, 0x0, 0x1, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @vxcan={{0xa}, {0x4, 0x2, 0x0, 0x1, @void}}}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r5 = socket(0x1, 0x803, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000040)={'team0\x00', <r7=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=@newlink={0x4c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x90646}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6, 0x1, 0x1}]}}}, @IFLA_LINK={0x8, 0x5, r7}, @IFLA_MASTER={0x8, 0xa, r6}]}, 0x4c}, 0x1, 0x0, 0x0, 0x600}, 0x0)

1.223258778s ago: executing program 0 (id=2268):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000480)='kmem_cache_free\x00', r1, 0x0, 0x200000000000006}, 0x18)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r3 = dup(r2)
write$UHID_INPUT(r3, &(0x7f0000000000)={0xc, {"a2e3ad21ed0d52f91b5a090987f70e06d038e7ff7fc6e5539b5b43078b089b3b32346d090890e0878f0e1ac6e7049b3371959b689a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d074c0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9a0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r5 = eventfd2(0x0, 0x0)
read$eventfd(r5, &(0x7f0000000040), 0x8)

1.165674733s ago: executing program 4 (id=2271):
syz_usb_connect$uac1(0x5, 0x0, 0x0, 0x0)
prctl$PR_SVE_SET_VL(0x32, 0x28de8)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000580)={0x400}, 0x8)
signalfd(0xffffffffffffffff, &(0x7f0000000140)={[0x8]}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x4)
r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x1f0519, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x3}, 0x6025, 0x4005, 0xb, 0x3, 0x2, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap$perf(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1, 0x4000011, r0, 0x0)
perf_event_open(&(0x7f0000001d00)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x7, 0xed1ca, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x1, @perf_bp={&(0x7f0000000100)}, 0x120, 0x10000, 0x33f8, 0x1, 0x8, 0xd, 0x8b, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, r0, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="180100000100a7"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xb904}, 0x94)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02030609100000000000004c9e0000000200130002000000da16c167d803f1f805000600200000000a00060000000000ff0000000000000000001ffeff0001000003f1dc7f7c6e7c02000100000000000040000280ffffff05000500000000000a"], 0x80}}, 0x0)

962.972863ms ago: executing program 2 (id=2278):
r0 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r0, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r1 = socket$unix(0x1, 0x2, 0x0)
r2 = syz_io_uring_setup(0xbde, &(0x7f0000000080)={0x0, 0x79a4, 0x2, 0x5, 0x229d}, &(0x7f0000000000)=<r3=>0x0, &(0x7f0000000040)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x2007, @fd=r1, 0x0, &(0x7f0000000600)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1})
io_uring_enter(r2, 0x847ba, 0x0, 0xe, 0x0, 0x0)
r5 = socket$unix(0x1, 0x2, 0x0)
connect$unix(r5, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
sendmmsg(r5, &(0x7f0000002dc0), 0x307017fdb7a66cb, 0x3ec0)
connect$unix(r1, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
ppoll(&(0x7f0000000040)=[{r1, 0x245}], 0x1, 0x0, 0x0, 0x0)
close(0x3)

800.26002ms ago: executing program 2 (id=2281):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000fa000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r1}, 0x18)
socket$key(0xf, 0x3, 0x2)
openat$selinux_policy(0xffffff9c, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000001240)='./file2\x00', 0x14552, &(0x7f0000000b40)=ANY=[], 0xfb, 0x11ff, &(0x7f0000002480)="$eJzs3E+LHEUYB+B315iNG/ePGqMJiIVe9NJk9+BFL4tsQDKgJFkhEYSO26vDtDPD9LAwIkZPXv0cIojgTRBvetmL30DwthePEcSWndEko5PDSEiH5Xku80LVb6jqphuq6erD1774sLNXZXv5MBYXFmKxH5FupUixGP/4NF5+9cefnrty7fqlrVZr+3JKF7eubrySUlp9/vt3Pv7qhR+Gp9/+dvW7pThYf/fwt81fD84enDv88+oH7Sq1q9TtDVOebvR6w/xGWaTddtXJUnqrLPKqSO1uVQym2vfKXr8/Snl3d2W5PyiqKuXdUeoUozTspeFglPL383Y3ZVmWVpaD+Z24Xe18eauu64i6fjRORl3X9WOxHKfj8ViJ1ViL9Xginoyn4kw8HWfjmXg2vvnl69FRAgAAAAAAAAAAAAAAAAAAALh/5t3/f27cq+lRAwAAAAAAAAAAAAAAAAAAwPFy5dr1S1ut1vbllE5FlJ/v7+zvTH4n7Vt70Y4yirgQa/FHjHf/T0zqi2+0ti+ksfX4rLz5d/7m/s4j0/mN8ecEZuY3Jvk0nV+K5bvzm7EWZ2bnN2fmT8VLL96Vz2Itfn4velHGbhxl7+Q/2Ujp9Tdb/8qfH/cDAACA4yBLt81cv2fZvdon+TmeD0ytr4+y5080OnUiohp91MnLshgoHvriZLPD+L2u6+YPQkPFva+UpYj43/+8EBEPxwT/UzR9Z+JBuHPSmx4JAAAAAAAAAAAA83gQrxM2PUcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YgeOBQAAAACE+Vun0bEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHwVAAD//+pd0x0=")
creat(&(0x7f00000004c0)='./bus\x00', 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, 0x0}, 0x94)
r2 = open(&(0x7f0000000540)='./bus\x00', 0x4000, 0x0)
preadv2(r2, &(0x7f00000000c0)=[{&(0x7f0000001200)=""/4096, 0x1000}], 0x2, 0x0, 0x0, 0x0)

799.62402ms ago: executing program 5 (id=2282):
syz_socket_connect_nvme_tcp()
sync_file_range(0xffffffffffffffff, 0x6, 0x9fd, 0x3)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r0, 0x0, 0xc4000)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
unshare(0x22020600)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
openat$selinux_avc_cache_stats(0xffffffffffffff9c, 0x0, 0x0, 0x0)

628.224287ms ago: executing program 2 (id=2283):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x2)
write$binfmt_aout(r1, &(0x7f00000000c0)=ANY=[], 0x20)
r2 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x40)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4, 0x12, r2, 0x0)
syz_clone(0x630c1100, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x100202, 0x0, 0xfffffffb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x8, 0x80, 0x0, 0x4, 0x0, 0x6, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x7}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

627.859147ms ago: executing program 3 (id=2284):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000001000000080000000c"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000540)='inet_sock_set_state\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB='\n\x00'], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x36, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000540)='inet_sock_set_state\x00', r4}, 0x10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r2}, &(0x7f00000001c0), &(0x7f0000000200)=r3}, 0x20)
listen(r5, 0x4)

627.525027ms ago: executing program 5 (id=2293):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x9, 0x4, 0xdd, 0xa}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
close(0x3)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0x5, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0xfffffffd}, 0x50)
close(0x3)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b00000008000000080000000600000001"], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r2}, 0x38)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1c, 0x2000000000000329, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000073"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r4}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000400)=@bpf_lsm={0x18, 0x3, &(0x7f0000000000)=@framed, &(0x7f0000000100)='GPL\x00', 0x4}, 0x94)

588.613751ms ago: executing program 5 (id=2285):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e000100000000000000000000000000000000000000000a0060"], 0xb8}}, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x29, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0x2, 0x0, 0x25dfdbfe, {{@in6=@private0, @in=@remote, 0x0, 0x400, 0x0, 0x0, 0xa, 0x60, 0x0, 0x3b, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {}, 0x9}}, 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, 0x0, 0x0, 0xfe, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x700}, 0x50)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9"], 0xb8}}, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99e9, 0x0, 0x25dfdbfe, {{@in6=@private0={0xfc, 0x0, '\x00', 0x40}, @in=@remote, 0x0, 0x400, 0x0, 0x0, 0xa, 0x60, 0x0, 0x0, 0x0, 0xee01}, {}, {}, 0x1}}, 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99e9, 0x0, 0x0, {{@in6=@private0, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x40, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x9}, {0x0, 0x5}}}, 0xb8}}, 0x4000)

583.204502ms ago: executing program 3 (id=2286):
prctl$PR_SET_SECUREBITS(0x1c, 0x1d)
setuid(0xee01)
r0 = syz_clone(0x20300000, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x6, 0xb, &(0x7f0000000000)=@framed={{}, [@printk={@llx, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x8}, {0x85, 0x0, 0x0, 0xcb}}]}, &(0x7f0000000100)='syzkaller\x00', 0x7, 0x85, &(0x7f0000000140)=""/133}, 0x94)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r1)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000040)={[{@stripe={'stripe', 0x3d, 0x4}}, {@nogrpid}, {@quota}, {@nobh}]}, 0x1, 0x514, &(0x7f00000003c0)="$eJzs3c9vG1kdAPDvOHHs/NhNdtkDINgtuwsFVXWa7LJCe4DlhBBaCbFHkLohcaModhzFzrIJObRnrkhU4gRH/gAuXHriDgcENy7lgMSPCNQgcTCa8Ti4qZ1mm9ZO489HGs1781x/v6/WzMu8xPMCGFtXIuJ2RExFxIcRMZ8fT/It3uts6eseHB6sHh0erCbRbn/wjyRrT49Fz79JzebvWY6I730r4ofJo3Gbe/ubK7VadSevL7bq24vNvf3rG/WV9ep6dWt5eeJp9/W1+lRe+vz9393+yo/TtObyI739eBJJp8v9jkdE8ThOajIivnOeYBfIRN6fqZMN06PJh0+mEBEvR8Tr2fk/HxPZpwkAXGbt9ny053vrAMBlV8jmwJJCJZ8LmItCoVKJ0mxEvBIzhVqj2bp2q7G7tdaZK1uIYuHWRq16I58rXIhiktaXsvL/68udeqlbfysiXoqIn5ams3pltVFbG+UPPgAwxmZPjP//LmXjPwBw2ZVHnQAAMHTGfwAYP8Z/ABg/xn8AGD+d8d8TGwBgnJx6/+95QABwKZn/B4Cx8t3330+39lH+/Ou1j/Z2NxsfXV+rNjcr9d3VympjZ7uy3misZ8/sqT/u/WqNxvbS27H78cLXt5utxebe/s16Y3erdTN7rvfNajF7Vd9HZQMAQ/LSa/f+lKQj8rvT2RY9azkUR5oZ8KwVRp0AMDInFtlqjyoPYPj8dQ+Mr3Pc45segEuizxK9Dyn3+4JQu912wwDPr6ufMf8P46pn/t9fAcOYmRh1AsDIlEadADAy7XZy1jX/46wvBAAuNnP8wIDf/7+c73+V/3LgB2snX3H3WWYFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF1t3/d9Kvhb4XBQKlUrECxGxEMXk1kateiMiXoyIP5aKpbS+NOKcAYDzKvw1ydf/ujr/5txDTa/OHhenIuJHP//gZx+vtFo7f4iYSv5Z6h5v3c2PLw8/ewDgdOm9fneczvY9N/IPDg9Wu9swc/rbNyOiHPHgN7/vHDiOPxmT2b4cxYiY+VeS1zuSnrmL87h9JyI+3a//ScxlcyCdlU9Pxk9jvzDU+IWH4heyts4+/b/41FPIBcbNvfT6816/868QV7J9//O/nF2hzi+//qVvtXp0eJBt3fjd69/EgOvflbPGePu33+6Uph9tuxPx2cmIbuyjnutPN34yIP6bZ4z/58+9+vqgtvYvIq5G//i9sRZb9e3F5t7+9Y36ynp1vbq1vPzO0js3vvbWV5cXsznqxcGjwd/fvfbioLa0/zMD4pcf0/8vnrH/v/zvh9//winxv/xGv/iFeOWU+OmY+KUzxl+Z+XV5UFsaf21A/x/3+V87Y/z7f9l/ZNlwAGB0mnv7myu1WnXneS/MFTsduij5KDyLQvoJX4A0+ha+MaxYU9G/6SdvdE6BE03t9hPFGnTFeBqzbsBFcHzSR8R/Rp0MAAAAAAAAAAAAAADQ1zC+sTTqPgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB5/S8AAP//bRLIqg==")
unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000001100)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r2 = syz_open_procfs(r0, &(0x7f0000000280)='io\x00')
preadv(r2, &(0x7f00000001c0)=[{&(0x7f0000000340)=""/230, 0xe6}], 0x1, 0x401, 0x9)
r3 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f00000002c0)={'wlan1\x00', &(0x7f0000000800)=@ethtool_rxnfc={0x30, 0x9, 0x8, {0x11, @udp_ip6_spec={@private0={0xfc, 0x0, '\x00', 0x1}, @local, 0x4e21, 0x4e24, 0x6}, {0x0, @local, 0x6, 0xfffd, [0x80000000, 0x9]}, @esp_ip4_spec={@loopback, @empty, 0x4, 0x1}, {0x0, @empty, 0x5, 0xbb15, [0xffffffff, 0x1]}, 0x8, 0x2}}})

576.253252ms ago: executing program 4 (id=2287):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000001680)=ANY=[@ANYBLOB="1800000000030000000000000000000095"], &(0x7f0000001700)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='io_uring_complete\x00', r0}, 0x18)
r1 = syz_io_uring_setup(0x5c2, &(0x7f0000000140)={0x0, 0x1954, 0x0, 0x4}, &(0x7f0000000300)=<r2=>0x0, &(0x7f0000000580)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000004c0)=@IORING_OP_TIMEOUT={0xb, 0x49, 0x0, 0x0, 0x4, &(0x7f0000000280)={0x0, 0x989680}, 0x1, 0x40, 0x1})
io_uring_enter(r1, 0x6e2, 0x3900, 0x3, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x3, 0x3, &(0x7f0000000000)=@framed={{0x72, 0xa, 0x0, 0xffc4, 0x0, 0x71, 0x10, 0x8d}}, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r4}, &(0x7f0000000400), &(0x7f00000003c0)}, 0x20)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000680)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x94, 0x94, 0x3, [@decl_tag={0x5, 0x0, 0x0, 0x11, 0x1, 0x57b}, @type_tag={0x2, 0x0, 0x0, 0x12, 0x1}, @typedef={0x6}, @restrict={0xb, 0x0, 0x0, 0xb, 0x1}, @typedef={0xe, 0x0, 0x0, 0x8, 0x2}, @union={0x8, 0x5, 0x0, 0x5, 0x0, 0x8, [{0x8, 0x4, 0x6}, {0xb, 0x1, 0x3}, {0x6b7, 0x3}, {0x5, 0x4, 0xda9d}, {0xe, 0x0, 0x6}]}, @enum64={0xa}]}, {0x0, [0x30]}}, 0x0, 0xaf}, 0x28)
r5 = msgget$private(0x0, 0x0)
msgsnd(r5, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2000, 0x0)

512.138899ms ago: executing program 5 (id=2288):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
fsetxattr$trusted_overlay_opaque(0xffffffffffffffff, 0x0, &(0x7f0000000080), 0x2, 0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x50, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x15, 0x3, 'hash:ip,port,net\x00'}]}, 0x50}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
read(r2, &(0x7f0000000380)=""/171, 0xab)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB="74000000090601020000000000000000030000000900020073797a310000000005000100070000004c0007801800018014000240fe8000000000000000000000000000aa1800148014000240fc000000000000000000000000000000060004404e1f0000050007008400000006000540"], 0x74}, 0x1, 0x0, 0x0, 0x10040003}, 0x0)
sendmsg$IPSET_CMD_LIST(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x7, 0x6, 0x801, 0x0, 0x0, {0x1, 0x0, 0x7}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x94)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB='t\x00\x00\x00\n'], 0x74}, 0x1, 0x0, 0x0, 0x10040003}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0x7, &(0x7f0000000040)=ANY=[@ANYRESHEX=r0, @ANYRES32=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sched_getparam(0x0, &(0x7f00000002c0))

511.335449ms ago: executing program 3 (id=2289):
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r0, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x4e22, @broadcast}}, 0x80, 0x0, 0x0, 0x0, 0x18}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000dc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4016, &(0x7f00000006c0)={[{@dioread_nolock}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x2}}, {@noauto_da_alloc}, {@lazytime}, {@noquota}, {@quota}]}, 0x1, 0x43c, &(0x7f0000000280)="$eJzs28tvG0UYAPBv7SR9k1CVR9MCgYKIeCRNWkoPXEAgcQAJCQ7lGJK0CnUb1ASJVhEEhMoRVeKOOCLxF3CCCwJOSFzhjipVKJcWTkZr7ya2Y7tJ6tSh/v2kbWd2x5n5vDv2zI43gJ41kv6TROyPiD8iYrCarS8wUv3v1srS9D8rS9NJlMtv/51Uyt1cWZrOi+av25dn+iIKnydxpEm9C5evnJ8qlWYvZfnxxQsfjC9cvvL83IWpc7PnZi9Onj598sTEi6cmX+hInGlcN4c/nj96+PV3r705febae798l+TxN8TRISPtDj5VLne4uu46UJNO+rrYEDalWO2m0V/p/4NRjLWTNxivfdbVxgHbqlwulx9sfXi5DNzDkuh2C4DuyL/o0/lvvt2loceOcOPl6gQojftWtlWP9EUhK9PfML/tpJGIOLP879fpFttzHwIAoM4P6fjnuWbjv0LU3he6L1tDGYqI+yPiYESciohDEfFARKXsQxHx8Cbrb1wkWT/+KVzfUmAblI7/XsrWturHf/noL4aKWe5AJf7+5OxcafZ49p6MRv+uND/Rpo4fX/39y1bHasd/6ZbWn48Fs3Zc79tV/5qZqcWpO4m51o1PI4b7msWfrK4EJBFxOCKGt1jH3DPfHm117Pbxt9GBdabyNxFPV8//cjTEn0var0+O747S7PHx/KpY79ffrr7Vqv47ir8D0vO/t+n1vxr/UFK7Xruw+Tqu/vlFyznNVq//geSdun0fTS0uXpqIGEjeqDa6dv9kQ7nJtfJp/KPHsvgH6vv/wVh7J45ERHoRPxIRj0bEY1nbH4+IJyLiWJv4f37lyfe3Fv/uNn+1M9L4ZzZ1/tcSA9G4p3mieP6n7+sqHdpo/JGd/5OV1Gi2ZyOffxtp19auZgAAAPj/KUTE/kgKY6vpQmFsrPob/kOxt1CaX1h89uz8hxdnqs8IDEV/Ib/TNVhzP3Qim9bn+cmG/InsvvFXxT2V/Nj0fGmm28FDj9vXov+n/ip2u3XAtvO8FvQu/R96l/4PvUv/h55U+ZVfk/6/pwttAbqg2ff/J11oB3D3NfR/y37QQ8z/oXfp/9C79H/oSQt74vYPyUtIrEtEYUc04x5MxI5oRrc/mQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADrjvwAAAP//qSDljg==")
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x39, 0x2, 0xffff, 0x1})
socket$inet(0x2, 0x3, 0xd)
r1 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x389b0d52417bb201)
socket$nl_netfilter(0x10, 0x3, 0xc)
pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x6a000}], 0x1, 0x7000, 0x0, 0x3)

432.605847ms ago: executing program 3 (id=2290):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f0000"], 0x48)
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap$perf(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1, 0x4000011, r0, 0x0)
perf_event_open(&(0x7f0000001d00)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x7, 0xed1ca, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x1, @perf_bp={0x0}, 0x120, 0x10000, 0x33f8, 0x1, 0x8, 0xd, 0x8b, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, r0, 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$tipc(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x804}, 0x4)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb86dd6000000000142c"], 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ec}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000080)={r1, 0x0, 0x2d, 0x0, @val=@netfilter={0xa, 0x1, 0x353a, 0x1}}, 0x20)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000002c0)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff6, 0x0, 0x0, 0x10, 0x3}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0xffffffffffffff62, &(0x7f0000000000)="ff", 0x0, 0x149c, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe, 0x7000000}, 0x48)

344.875266ms ago: executing program 0 (id=2291):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{0x77359400}, {0x0, 0x3938700}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r1 = syz_create_resource$binfmt(&(0x7f0000000000)='./file0\x00')
r2 = openat$binfmt(0xffffffffffffff9c, r1, 0x41, 0x1ff)
fcntl$setlease(r2, 0x400, 0x1)
open$dir(&(0x7f0000000100)='./file0\x00', 0x4000, 0xc)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
read$watch_queue(r3, &(0x7f00000001c0)=""/178, 0xb2)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, 0x0, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@void, @void}}}, 0x14}}, 0x4000054)

330.657017ms ago: executing program 2 (id=2292):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0xfe, 0x0, 0x7ffc9ffe}]})
close(0xffffffffffffffff)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000300), 0x0, 0x0, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000e00)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc680000000c0a010100000000000000000a0000070900020073797a31000000000900010073797a31000000003c0003803800008008000340000000022c0007800a0001006c696d69740000001c0002800c00024000000000000000050c000140000000000000000414000000110001"], 0xcc}, 0x1, 0x0, 0x0, 0x24000850}, 0x40)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
close(r0)

239.250386ms ago: executing program 2 (id=2294):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)=@delchain={0xb0, 0x65, 0x2, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0x2}, {0x0, 0x1}, {0xd}}, [@filter_kind_options=@f_u32={{0x8}, {0xc, 0x2, [@TCA_U32_DIVISOR={0x8, 0x4, 0xd8}]}}, @TCA_RATE={0x6, 0x5, {0xa, 0x40}}, @filter_kind_options=@f_bpf={{0x8}, {0x68, 0x2, [@TCA_BPF_FD={0x8}, @TCA_BPF_NAME={0xc, 0x7, './file0\x00'}, @TCA_BPF_ACT={0x50, 0x1, [@m_nat={0x4c, 0x0, 0x0, 0x0, {{0x8}, {0x4}, {0x22, 0x6, "525dfeac86ce84c0651b02d8cfcfb2e8ebe4fa883a2e8593252c80a728a5"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}]}]}}]}, 0xb0}, 0x1, 0x0, 0x0, 0x40488c5}, 0x20000080)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000b40)=ANY=[@ANYBLOB], 0x114}], 0x1}, 0x0)
socket(0x10, 0x803, 0x0)
set_mempolicy(0x4005, &(0x7f0000000080)=0x7e, 0x9)
socket$can_bcm(0x1d, 0x2, 0x2)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x8, &(0x7f0000000140)=ANY=[@ANYRES64=r0, @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000300), 0x0)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r2, 0xc0145401, 0x0)
r3 = getpid()
r4 = syz_pidfd_open(r3, 0x0)
fsetxattr$trusted_overlay_opaque(r4, &(0x7f00000000c0), 0x0, 0x0, 0x2)

194.121301ms ago: executing program 5 (id=2295):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94)
bpf$MAP_CREATE(0x1900000000000000, 0x0, 0x0)
syz_io_uring_setup(0x1e1e, &(0x7f0000000200)={0x0, 0x86f7, 0x10100}, &(0x7f0000002000)=<r0=>0x0, &(0x7f0000000000)=<r1=>0x0)
syz_io_uring_submit(r0, r1, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000680)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{r2}, &(0x7f0000000000), &(0x7f0000000140)=r3}, 0x20)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
writev(r4, &(0x7f00000000c0)=[{&(0x7f0000000040)="3700000013000318680907070000000f0000ff3f13000000170a001700000000040037000d00030001362564aa58b9a6c011f6bbf44dc4", 0x37}], 0x1)

119.286918ms ago: executing program 2 (id=2296):
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r0 = socket$xdp(0x2c, 0x3, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x6000009, 0x11, r0, 0x180000000)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000800), 0x1, 0x5d8, &(0x7f0000001200)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r2, &(0x7f0000004200)='t', 0x1)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000e80)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x18)
sendfile(r2, r1, 0x0, 0x3ffff)
sendfile(r2, r1, 0x0, 0x7ffff000)

98.14374ms ago: executing program 3 (id=2297):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f00000005c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r0 = socket$inet6(0xa, 0x1, 0x6)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x2182)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001080)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r1}, 0x18)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, 0x0)
setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, &(0x7f0000000040)=ANY=[@ANYBLOB="00020201"], 0x18)

65.403914ms ago: executing program 5 (id=2298):
r0 = socket$netlink(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB], 0x48)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r3, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
r4 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r4, &(0x7f0000000000)={&(0x7f0000000140)={0x2, 0x4001, @empty}, 0x10, 0x0}, 0x30006041)
close(r4)

0s ago: executing program 3 (id=2299):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f00000000c0)})
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="020000000400000008000000"], 0x48)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="0207000902"], 0x10}}, 0x0)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e23, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x4}, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, {}, 0x0, 0x0, 0x1}, {{@in6=@dev, 0x0, 0x32}, 0x0, @in=@private=0xa010100, 0x0, 0x0, 0x0, 0xb7, 0xc4, 0xfffffffe}}, 0xe8)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x1c)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x200, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300000}, 0xaf)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x800)

kernel console output (not intermixed with test programs):

crement failed for inode: 0x4de offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff88810a305c00
[  114.626659][ T7237] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -2360, delta: -1
[  114.635412][ T7237] ref_ctr decrement failed for inode: 0x4de offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff88810a305c00
[  114.646709][ T7237] uprobe: syz.2.1316:7237 failed to unregister, leaking uprobe
[  114.674129][ T7246] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  114.696024][ T7246] team0: Mode changed to "loadbalance"
[  115.583950][ T7269] sch_tbf: burst 22 is lower than device lo mtu (11337746) !
[  115.593469][ T7267] netlink: 64 bytes leftover after parsing attributes in process `syz.5.1337'.
[  115.801009][ T7298] netlink: 'syz.5.1342': attribute type 1 has an invalid length.
[  115.970906][ T7312] loop2: detected capacity change from 0 to 512
[  115.977904][ T7312] EXT4-fs: Ignoring removed i_version option
[  115.984026][ T7312] EXT4-fs: Ignoring removed bh option
[  116.013753][ T7312] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  116.027222][ T7312] ext4 filesystem being mounted at /240/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  116.051466][ T7312] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  116.110653][ T3327] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.312128][ T7328] loop2: detected capacity change from 0 to 2048
[  116.359887][ T7328]  loop2: p1 < > p4
[  116.365240][ T7328] loop2: p4 size 8388608 extends beyond EOD, truncated
[  116.395839][ T3005]  loop2: p1 < > p4
[  116.405461][ T3005] loop2: p4 size 8388608 extends beyond EOD, truncated
[  116.551191][ T3499] udevd[3499]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[  116.553249][ T3635] udevd[3635]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  116.732542][ T7348] loop4: detected capacity change from 0 to 512
[  116.758917][ T7348] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  116.795009][ T7344] loop2: detected capacity change from 0 to 1024
[  116.801595][ T7348] ext4 filesystem being mounted at /283/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  116.833572][ T7344] EXT4-fs: Ignoring removed bh option
[  116.860198][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.884093][ T7344] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  116.897452][ T7344] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  116.957607][ T7344] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0100]
[  116.968236][ T7344] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 2: comm syz.2.1356: lblock 2 mapped to illegal pblock 2 (length 1)
[  116.998902][ T7377] loop4: detected capacity change from 0 to 512
[  117.002215][ T7344] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 48: comm syz.2.1356: lblock 0 mapped to illegal pblock 48 (length 1)
[  117.029066][ T7377] EXT4-fs error (device loop4): ext4_iget_extra_inode:5075: inode #15: comm syz.4.1369: corrupted in-inode xattr: invalid ea_ino
[  117.055010][ T7344] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.1356: Failed to acquire dquot type 0
[  117.059818][ T7377] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.1369: couldn't read orphan inode 15 (err -117)
[  117.069744][ T7372] syzkaller0: entered promiscuous mode
[  117.083576][ T7372] syzkaller0: entered allmulticast mode
[  117.089504][ T7344] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  117.098981][ T7344] EXT4-fs error (device loop2): ext4_evict_inode:254: inode #11: comm syz.2.1356: mark_inode_dirty error
[  117.110955][ T7377] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  117.110980][ T7375] ip6_vti0 speed is unknown, defaulting to 1000
[  117.129568][ T7344] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  117.166324][ T7344] EXT4-fs (loop2): 1 orphan inode deleted
[  117.188089][ T7344] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  117.189582][  T413] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:5: lblock 1 mapped to illegal pblock 1 (length 1)
[  117.226949][  T413] EXT4-fs error (device loop2): ext4_release_dquot:6981: comm kworker/u8:5: Failed to release dquot type 0
[  117.242218][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.286356][ T3327] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.296810][ T3327] EXT4-fs error (device loop2): __ext4_get_inode_loc:4832: comm syz-executor: Invalid inode table block 1 in block_group 0
[  117.338319][ T3327] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  117.364951][ T7392] loop3: detected capacity change from 0 to 1024
[  117.366380][ T3327] EXT4-fs error (device loop2): ext4_quota_off:7229: inode #3: comm syz-executor: mark_inode_dirty error
[  117.397918][ T7392] EXT4-fs: Ignoring removed orlov option
[  117.414092][ T7392] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  117.445973][ T7392] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  117.548279][ T7403] netlink: 324 bytes leftover after parsing attributes in process `syz.4.1379'.
[  117.750523][ T7411] loop2: detected capacity change from 0 to 512
[  117.793876][ T7411] EXT4-fs error (device loop2): ext4_iget_extra_inode:5075: inode #15: comm syz.2.1381: corrupted in-inode xattr: invalid ea_ino
[  117.818550][ T7411] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.1381: couldn't read orphan inode 15 (err -117)
[  117.848868][ T7411] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  117.861593][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.901674][ T3327] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.948223][   T29] kauditd_printk_skb: 2091 callbacks suppressed
[  117.948238][   T29] audit: type=1326 audit(1763103455.176:7812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7422 comm="syz.2.1384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8adfbf6c9 code=0x7ffc0000
[  117.956824][ T7423] loop2: detected capacity change from 0 to 512
[  117.977951][   T29] audit: type=1326 audit(1763103455.176:7813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7422 comm="syz.2.1384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8adfbf6c9 code=0x7ffc0000
[  117.985181][ T7421] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -2360, delta: 1
[  118.007580][   T29] audit: type=1326 audit(1763103455.176:7814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7422 comm="syz.2.1384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd8adfbf6c9 code=0x7ffc0000
[  118.007610][   T29] audit: type=1326 audit(1763103455.176:7815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7422 comm="syz.2.1384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8adfbf6c9 code=0x7ffc0000
[  118.016198][ T7421] ref_ctr increment failed for inode: 0x624 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff88810a306d40
[  118.039660][   T29] audit: type=1326 audit(1763103455.176:7816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7422 comm="syz.2.1384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd8adfbf6c9 code=0x7ffc0000
[  118.122292][ T7425] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -2360, delta: -1
[  118.131108][ T7425] ref_ctr decrement failed for inode: 0x624 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff88810a306d40
[  118.157182][ T7425] uprobe: syz.0.1385:7425 failed to unregister, leaking uprobe
[  118.159505][ T7423] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  118.165330][   T29] audit: type=1326 audit(1763103455.176:7817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7422 comm="syz.2.1384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8adfbf6c9 code=0x7ffc0000
[  118.198009][   T29] audit: type=1326 audit(1763103455.176:7818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7422 comm="syz.2.1384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fd8adfbf6c9 code=0x7ffc0000
[  118.221529][   T29] audit: type=1326 audit(1763103455.176:7819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7422 comm="syz.2.1384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fd8adfbf703 code=0x7ffc0000
[  118.229878][ T7423] EXT4-fs (loop2): 1 truncate cleaned up
[  118.244803][   T29] audit: type=1326 audit(1763103455.186:7820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7422 comm="syz.2.1384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fd8adfbe17f code=0x7ffc0000
[  118.263398][ T7423] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  118.273651][   T29] audit: type=1326 audit(1763103455.186:7821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7422 comm="syz.2.1384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fd8adfbf757 code=0x7ffc0000
[  118.410310][ T7435] syzkaller0: entered promiscuous mode
[  118.415803][ T7435] syzkaller0: entered allmulticast mode
[  118.454461][ T3327] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.861826][ T7456] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  118.897518][ T7456] team0: Mode changed to "loadbalance"
[  119.002182][ T7459] ip6_vti0 speed is unknown, defaulting to 1000
[  119.291322][ T7464] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -2360, delta: 1
[  119.300072][ T7464] ref_ctr increment failed for inode: 0x5cc offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff88810a3005c0
[  119.409827][ T7465] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -2360, delta: -1
[  119.418540][ T7465] ref_ctr decrement failed for inode: 0x5cc offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff88810a3005c0
[  119.434723][ T7448] loop4: detected capacity change from 0 to 1024
[  119.441176][ T7465] uprobe: syz.3.1398:7465 failed to unregister, leaking uprobe
[  119.479735][ T7448] EXT4-fs: Ignoring removed bh option
[  119.486923][ T7448] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  119.499831][ T7448] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  119.548598][ T7448] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0100]
[  119.607376][ T7448] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 2: comm syz.4.1394: lblock 2 mapped to illegal pblock 2 (length 1)
[  119.640595][ T7470] syzkaller0: entered promiscuous mode
[  119.646160][ T7470] syzkaller0: entered allmulticast mode
[  119.652641][ T7448] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 48: comm syz.4.1394: lblock 0 mapped to illegal pblock 48 (length 1)
[  119.669723][ T7448] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.1394: Failed to acquire dquot type 0
[  119.681242][ T7448] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  119.695519][ T7448] EXT4-fs error (device loop4): ext4_evict_inode:254: inode #11: comm syz.4.1394: mark_inode_dirty error
[  119.714875][ T7448] EXT4-fs warning (device loop4): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  119.741974][ T7448] EXT4-fs (loop4): 1 orphan inode deleted
[  119.748841][ T7448] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  119.761504][   T41] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:2: lblock 1 mapped to illegal pblock 1 (length 1)
[  119.776557][ T7477] netlink: 'syz.2.1401': attribute type 1 has an invalid length.
[  119.785275][   T41] EXT4-fs error (device loop4): ext4_release_dquot:6981: comm kworker/u8:2: Failed to release dquot type 0
[  119.848818][ T7477] bond2: (slave macvlan0): making interface the new active one
[  120.008617][ T7480] loop3: detected capacity change from 0 to 8192
[  120.025675][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  120.066339][ T3315] EXT4-fs error (device loop4): __ext4_get_inode_loc:4832: comm syz-executor: Invalid inode table block 1 in block_group 0
[  120.105281][ T3315] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  120.156044][ T3315] EXT4-fs error (device loop4): ext4_quota_off:7229: inode #3: comm syz-executor: mark_inode_dirty error
[  120.480133][ T7506] bond0: (slave dummy0): Releasing active interface
[  120.512377][ T7512] netlink: 'syz.0.1418': attribute type 1 has an invalid length.
[  120.521269][ T7506] dummy0: left promiscuous mode
[  120.529577][ T7506] dummy0: left allmulticast mode
[  120.539830][ T7506] bridge_slave_0: left allmulticast mode
[  120.545532][ T7506] bridge_slave_0: left promiscuous mode
[  120.551225][ T7506] bridge0: port 1(bridge_slave_0) entered disabled state
[  120.568898][ T7506] bridge_slave_1: left allmulticast mode
[  120.574628][ T7506] bridge_slave_1: left promiscuous mode
[  120.580384][ T7506] bridge0: port 2(bridge_slave_1) entered disabled state
[  120.594951][ T7506] team0: Port device team_slave_1 removed
[  120.605379][ T7506] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  120.629239][ T7513] team0: Mode changed to "loadbalance"
[  120.636668][ T7518] bond1: (slave macvlan0): making interface the new active one
[  120.724277][ T7528] loop2: detected capacity change from 0 to 512
[  120.792893][ T7528] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  120.829534][ T7528] ext4 filesystem being mounted at /256/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  120.876370][ T7530] loop4: detected capacity change from 0 to 8192
[  120.993169][ T7536] loop3: detected capacity change from 0 to 2048
[  121.041708][ T3327] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.053811][ T7538] loop4: detected capacity change from 0 to 512
[  121.060941][ T3635]  loop3: p1 < > p4
[  121.068493][ T3635] loop3: p4 size 8388608 extends beyond EOD, truncated
[  121.091127][ T7538] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  121.111825][ T7536]  loop3: p1 < > p4
[  121.117707][ T7536] loop3: p4 size 8388608 extends beyond EOD, truncated
[  121.129155][ T7538] ext4 filesystem being mounted at /296/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  121.205853][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.246017][ T3635] udevd[3635]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[  121.258395][ T3499] udevd[3499]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[  121.274503][ T3635] udevd[3635]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[  121.287281][ T3499] udevd[3499]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[  121.328340][ T7549] syzkaller0: entered promiscuous mode
[  121.333874][ T7549] syzkaller0: entered allmulticast mode
[  121.675660][ T7558] bond0: (slave dummy0): Releasing backup interface
[  121.683374][ T7558] bridge_slave_0: left allmulticast mode
[  121.689120][ T7558] bridge_slave_0: left promiscuous mode
[  121.694855][ T7558] bridge0: port 1(bridge_slave_0) entered disabled state
[  121.702555][ T7559] netlink: 'syz.5.1433': attribute type 1 has an invalid length.
[  121.710867][ T7558] bridge_slave_1: left allmulticast mode
[  121.716588][ T7558] bridge_slave_1: left promiscuous mode
[  121.722328][ T7558] bridge0: port 2(bridge_slave_1) entered disabled state
[  121.730952][ T7558] bond0: (slave bond_slave_0): Releasing backup interface
[  121.739135][ T7558] bond0: (slave bond_slave_1): Releasing backup interface
[  121.747965][ T7558] team0: Port device team_slave_0 removed
[  121.755121][ T7558] team0: Port device team_slave_1 removed
[  121.761002][ T7558] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  121.783584][ T7562] team0: Mode changed to "loadbalance"
[  121.797797][ T7559] bond2: (slave macvlan0): making interface the new active one
[  121.882661][ T7572] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1438'.
[  122.333955][ T7594] loop4: detected capacity change from 0 to 1024
[  122.342187][ T7594] EXT4-fs: Ignoring removed bh option
[  122.348382][ T7594] EXT4-fs: inline encryption not supported
[  122.355802][ T7594] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  122.380029][ T7594] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[  122.390865][ T7594] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 2: comm syz.4.1448: lblock 2 mapped to illegal pblock 2 (length 1)
[  122.409654][ T7594] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 48: comm syz.4.1448: lblock 0 mapped to illegal pblock 48 (length 1)
[  122.438305][ T7594] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.1448: Failed to acquire dquot type 0
[  122.456492][ T7594] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  122.466221][ T7594] EXT4-fs error (device loop4): ext4_evict_inode:254: inode #11: comm syz.4.1448: mark_inode_dirty error
[  122.477823][ T7594] EXT4-fs warning (device loop4): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  122.488291][ T7594] EXT4-fs (loop4): 1 orphan inode deleted
[  122.494426][ T7594] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  122.509494][  T413] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:5: lblock 1 mapped to illegal pblock 1 (length 1)
[  122.524625][  T413] EXT4-fs error (device loop4): ext4_release_dquot:6981: comm kworker/u8:5: Failed to release dquot type 0
[  122.567132][ T7605] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1452'.
[  122.666608][ T7609] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  122.692808][ T7610] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1453'.
[  122.785939][ T7610] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1453'.
[  122.817300][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  122.910726][ T7617] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1454'.
[  122.984988][ T7622] loop4: detected capacity change from 0 to 512
[  122.991728][   T29] kauditd_printk_skb: 919 callbacks suppressed
[  122.991748][   T29] audit: type=1326 audit(1763103460.216:8735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7621 comm="syz.4.1459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeabbcf6c9 code=0x7ffc0000
[  123.021373][   T29] audit: type=1326 audit(1763103460.216:8736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7621 comm="syz.4.1459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7feeabbcf6c9 code=0x7ffc0000
[  123.045195][   T29] audit: type=1326 audit(1763103460.216:8737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7621 comm="syz.4.1459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeabbcf6c9 code=0x7ffc0000
[  123.068593][   T29] audit: type=1326 audit(1763103460.216:8738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7621 comm="syz.4.1459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7feeabbcf6c9 code=0x7ffc0000
[  123.081768][ T7622] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  123.091995][   T29] audit: type=1326 audit(1763103460.216:8739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7621 comm="syz.4.1459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeabbcf6c9 code=0x7ffc0000
[  123.125176][   T29] audit: type=1326 audit(1763103460.216:8740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7621 comm="syz.4.1459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7feeabbcf6c9 code=0x7ffc0000
[  123.148691][   T29] audit: type=1326 audit(1763103460.216:8741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7621 comm="syz.4.1459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7feeabbcf703 code=0x7ffc0000
[  123.171907][   T29] audit: type=1326 audit(1763103460.216:8742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7621 comm="syz.4.1459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7feeabbce17f code=0x7ffc0000
[  123.195211][   T29] audit: type=1326 audit(1763103460.216:8743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7621 comm="syz.4.1459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7feeabbcf757 code=0x7ffc0000
[  123.218607][   T29] audit: type=1326 audit(1763103460.216:8744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7621 comm="syz.4.1459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7feeabbcdf10 code=0x7ffc0000
[  123.244857][ T7624] netlink: 460 bytes leftover after parsing attributes in process `syz.5.1460'.
[  123.257020][ T7622] EXT4-fs (loop4): 1 truncate cleaned up
[  123.264795][ T7624] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1460'.
[  123.277488][ T7622] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  123.295709][ T7624] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1460'.
[  123.489570][ T7642] macsec0: entered promiscuous mode
[  123.498733][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  123.534988][ T7640] netlink: 44 bytes leftover after parsing attributes in process `syz.5.1467'.
[  123.563151][ T7647] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1469'.
[  123.634475][ T7647] bond2: (slave geneve3): Enslaving as an active interface with an up link
[  123.643286][  T413] netdevsim netdevsim4 eth0: set [1, 1] type 2 family 0 port 20000 - 0
[  123.656483][ T7647] bond2 (unregistering): (slave geneve3): Releasing backup interface
[  123.694287][ T7647] bond2 (unregistering): Released all slaves
[  123.718959][  T413] netdevsim netdevsim4 eth0: unset [1, 1] type 2 family 0 port 20000 - 0
[  125.104592][ T7706] loop4: detected capacity change from 0 to 2048
[  125.181589][ T7706] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  125.247247][ T7711] loop2: detected capacity change from 0 to 512
[  125.325212][ T7711] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  125.383688][ T7711] ext4 filesystem being mounted at /276/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  125.510586][ T3327] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  125.555956][ T7720] netlink: 'syz.5.1498': attribute type 3 has an invalid length.
[  125.571260][ T7722] netlink: 'syz.2.1497': attribute type 4 has an invalid length.
[  125.590646][ T7722] netlink: 'syz.2.1497': attribute type 4 has an invalid length.
[  125.670434][ T7726] loop2: detected capacity change from 0 to 2048
[  125.707451][ T7729] netlink: 'syz.5.1502': attribute type 4 has an invalid length.
[  125.723400][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  125.740967][ T7726] Alternate GPT is invalid, using primary GPT.
[  125.747518][ T7726]  loop2: p2 p3 p7
[  126.114468][ T7758] loop4: detected capacity change from 0 to 512
[  126.208436][ T7758] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  126.290860][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  126.995288][ T7784] __nla_validate_parse: 10 callbacks suppressed
[  126.995306][ T7784] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1526'.
[  127.011036][ T7784] team0 (uninitialized): Failed to send options change via netlink (err -105)
[  127.024737][ T7784] team0: entered promiscuous mode
[  127.029813][ T7784] team0: entered allmulticast mode
[  127.059539][ T7787] netlink: '': attribute type 4 has an invalid length.
[  127.066417][ T7787] netlink: 152 bytes leftover after parsing attributes in process `'.
[  127.100597][ T7789] bridge_slave_0: left allmulticast mode
[  127.106275][ T7789] bridge_slave_0: left promiscuous mode
[  127.111992][ T7789] bridge0: port 1(bridge_slave_0) entered disabled state
[  127.259930][ T7789] bridge_slave_1: left allmulticast mode
[  127.265627][ T7789] bridge_slave_1: left promiscuous mode
[  127.271307][ T7789] bridge0: port 2(bridge_slave_1) entered disabled state
[  127.290177][ T7789] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  127.306753][ T7787] .`: renamed from bond0
[  127.709205][ T7819] loop3: detected capacity change from 0 to 1024
[  127.721078][ T7819] EXT4-fs: inline encryption not supported
[  127.726925][ T7819] EXT4-fs: Ignoring removed orlov option
[  127.755899][ T7819] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  127.793635][ T7819] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a840c019, mo2=0002]
[  127.802057][ T7819] System zones: 0-1, 3-12
[  127.821681][ T7819] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  127.880669][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  127.900097][ T7841] ip6_vti0 speed is unknown, defaulting to 1000
[  128.199775][   T29] kauditd_printk_skb: 36 callbacks suppressed
[  128.199789][   T29] audit: type=1326 audit(1763103465.426:8781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7792 comm="syz.2.1529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd8adfbf6c9 code=0x7fc00000
[  128.317243][ T7880] netlink: 'syz.2.1559': attribute type 1 has an invalid length.
[  128.348752][ T7882] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1561'.
[  128.351664][ T7880] 8021q: adding VLAN 0 to HW filter on device bond0
[  128.359391][   T29] audit: type=1400 audit(1763103465.576:8782): avc:  denied  { setopt } for  pid=7881 comm="syz.4.1561" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  128.381095][ T7880] bond0: (slave dummy0): making interface the new active one
[  128.392263][ T7880] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  128.474673][ T7878] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  128.501962][   T29] audit: type=1400 audit(1763103465.666:8783): avc:  denied  { mounton } for  pid=7884 comm="syz.2.1562" path="/proc/715/task" dev="proc" ino=25778 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  128.524643][   T29] audit: type=1400 audit(1763103465.666:8784): avc:  denied  { mount } for  pid=7884 comm="syz.2.1562" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  128.547132][ T7888] tipc: New replicast peer: 255.255.255.255
[  128.553358][ T7888] tipc: Enabled bearer <udp:s>, priority 10
[  128.560035][ T7877] tipc: Resetting bearer <eth:syzkaller0>
[  128.614570][ T7885] loop2: detected capacity change from 0 to 32768
[  128.655929][ T7877] tipc: Disabling bearer <eth:syzkaller0>
[  128.672658][ T3635]  loop2: p1 p3 < >
[  128.682741][ T7885]  loop2: p1 p3 < >
[  128.772865][   T29] audit: type=1326 audit(1763103466.006:8785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7896 comm="syz.4.1566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeabbcf6c9 code=0x7ffc0000
[  128.796514][   T29] audit: type=1326 audit(1763103466.006:8786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7896 comm="syz.4.1566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeabbcf6c9 code=0x7ffc0000
[  128.819977][   T29] audit: type=1326 audit(1763103466.006:8787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7896 comm="syz.4.1566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7feeabbcf6c9 code=0x7ffc0000
[  128.843479][   T29] audit: type=1326 audit(1763103466.006:8788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7896 comm="GPL" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeabbcf6c9 code=0x7ffc0000
[  128.866328][   T29] audit: type=1326 audit(1763103466.006:8789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7896 comm="GPL" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeabbcf6c9 code=0x7ffc0000
[  128.889241][   T29] audit: type=1326 audit(1763103466.006:8790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7896 comm="GPL" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7feeabbcf6c9 code=0x7ffc0000
[  128.920333][ T7898] netlink: 8 bytes leftover after parsing attributes in process `GPL'.
[  128.928631][ T7898] netlink: 12 bytes leftover after parsing attributes in process `GPL'.
[  128.947724][   T41] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  128.979804][   T41] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  129.016382][   T41] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  129.117437][   T41] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  129.154651][ T3635] udevd[3635]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  129.165709][ T3499] udevd[3499]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[  129.241313][ T7914] 9pnet_virtio: no channels available for device syz
[  129.559439][ T3409] tipc: Node number set to 1448787406
[  129.690456][ T7918] ip6_vti0 speed is unknown, defaulting to 1000
[  129.812366][ T7937] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1580'.
[  129.830955][ T7937] hsr_slave_0: left promiscuous mode
[  129.957139][ T7937] hsr_slave_1: left promiscuous mode
[  129.993299][ T7941] loop2: detected capacity change from 0 to 512
[  130.012342][ T7941] EXT4-fs: Ignoring removed nobh option
[  130.228555][ T7941] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #3: comm syz.2.1582: corrupted inode contents
[  130.241776][ T7941] EXT4-fs (loop2): Remounting filesystem read-only
[  130.248870][ T7941] EXT4-fs (loop2): 1 truncate cleaned up
[  130.255271][ T7941] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  130.260670][ T7958] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1588'.
[  130.267937][ T7941] ext4 filesystem being mounted at /293/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  130.287343][ T7958] xt_time: unknown flags 0xf4
[  130.292414][ T7941] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.366819][ T7962] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1589'.
[  130.483267][ T7981] netlink: 'syz.5.1595': attribute type 1 has an invalid length.
[  130.509894][ T7981] 8021q: adding VLAN 0 to HW filter on device bond4
[  130.541758][ T7981] veth9: entered promiscuous mode
[  130.555087][ T7981] bond4: (slave veth9): Enslaving as an active interface with a down link
[  130.569896][ T7981] erspan0: entered allmulticast mode
[  130.577612][ T7981] bond4: (slave erspan0): making interface the new active one
[  130.592212][ T7981] erspan0: entered promiscuous mode
[  130.598599][ T7981] bond4: (slave erspan0): Enslaving as an active interface with an up link
[  130.694751][ T7994] loop2: detected capacity change from 0 to 512
[  130.734313][ T7994] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #3: comm syz.2.1601: corrupted inode contents
[  130.746784][ T7994] EXT4-fs error (device loop2): ext4_dirty_inode:6517: inode #3: comm syz.2.1601: mark_inode_dirty error
[  130.758750][ T7994] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #3: comm syz.2.1601: corrupted inode contents
[  130.778578][ T7994] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #3: comm syz.2.1601: mark_inode_dirty error
[  130.797710][ T7999] loop4: detected capacity change from 0 to 128
[  130.805033][ T7994] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.1601: Failed to acquire dquot type 0
[  130.822407][ T7994] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #16: comm syz.2.1601: corrupted inode contents
[  130.843878][ T7994] EXT4-fs error (device loop2): ext4_dirty_inode:6517: inode #16: comm syz.2.1601: mark_inode_dirty error
[  130.874453][ T7994] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #16: comm syz.2.1601: corrupted inode contents
[  130.878337][ T7999] bio_check_eod: 35 callbacks suppressed
[  130.878361][ T7999] syz.4.1602: attempt to access beyond end of device
[  130.878361][ T7999] loop4: rw=2049, sector=145, nr_sectors = 8 limit=128
[  130.905590][ T7994] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #16: comm syz.2.1601: mark_inode_dirty error
[  130.928272][ T7994] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #16: comm syz.2.1601: corrupted inode contents
[  130.940392][ T7994] EXT4-fs error (device loop2) in ext4_orphan_del:301: Corrupt filesystem
[  130.954559][ T7994] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #16: comm syz.2.1601: corrupted inode contents
[  130.961006][ T7999] syz.4.1602: attempt to access beyond end of device
[  130.961006][ T7999] loop4: rw=2049, sector=161, nr_sectors = 8 limit=128
[  130.966903][ T7994] EXT4-fs error (device loop2): ext4_truncate:4637: inode #16: comm syz.2.1601: mark_inode_dirty error
[  130.991320][ T7994] EXT4-fs error (device loop2) in ext4_process_orphan:343: Corrupt filesystem
[  131.023679][ T7994] EXT4-fs (loop2): 1 truncate cleaned up
[  131.035121][ T7994] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  131.046694][ T8017] syz.4.1602: attempt to access beyond end of device
[  131.046694][ T8017] loop4: rw=2049, sector=305, nr_sectors = 80 limit=128
[  131.053453][ T7994] ext4 filesystem being mounted at /298/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  131.109383][ T8017] syz.4.1602: attempt to access beyond end of device
[  131.109383][ T8017] loop4: rw=2049, sector=393, nr_sectors = 8 limit=128
[  131.175785][ T8017] syz.4.1602: attempt to access beyond end of device
[  131.175785][ T8017] loop4: rw=2049, sector=409, nr_sectors = 8 limit=128
[  131.187763][ T7999] syz.4.1602: attempt to access beyond end of device
[  131.187763][ T7999] loop4: rw=2049, sector=177, nr_sectors = 24 limit=128
[  131.189491][ T8017] syz.4.1602: attempt to access beyond end of device
[  131.189491][ T8017] loop4: rw=2049, sector=425, nr_sectors = 8 limit=128
[  131.222726][ T7994] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.1601: Failed to acquire dquot type 1
[  131.229363][ T7999] syz.4.1602: attempt to access beyond end of device
[  131.229363][ T7999] loop4: rw=2049, sector=209, nr_sectors = 8 limit=128
[  131.266278][ T8017] syz.4.1602: attempt to access beyond end of device
[  131.266278][ T8017] loop4: rw=2049, sector=441, nr_sectors = 8 limit=128
[  131.374729][ T8027] ip6_vti0 speed is unknown, defaulting to 1000
[  131.574780][ T7999] syz.4.1602: attempt to access beyond end of device
[  131.574780][ T7999] loop4: rw=2049, sector=225, nr_sectors = 8 limit=128
[  131.699156][   T52] Buffer I/O error on dev loop4, logical block 305, lost async page write
[  131.746392][ T8019] futex_wake_op: syz.5.1609 tries to shift op by -1; fix this program
[  131.761311][ T8032] netlink: 3 bytes leftover after parsing attributes in process `syz.4.1612'.
[  131.798170][ T8032] 0ªX¹¦À: renamed from caif0
[  131.813860][ T7994] EXT4-fs error (device loop2): ext4_find_dest_de:2052: inode #12: block 13: comm syz.2.1601: bad entry in directory: inode out of bounds - offset=24, inode=33554445, rec_len=16, size=4096 fake=0
[  131.835026][ T8032] 0ªX¹¦À: entered allmulticast mode
[  131.840284][ T8032] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[  131.871776][ T8034] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1613'.
[  131.910390][ T3327] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.001435][ T8037] xt_socket: unknown flags 0x40
[  132.125560][ T8045] veth4: entered promiscuous mode
[  132.130767][ T8045] veth4: entered allmulticast mode
[  132.423018][ T8043] loop2: detected capacity change from 0 to 256
[  132.437273][ T8043] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  132.583426][ T8058] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1622'.
[  132.597357][ T8058] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1622'.
[  132.708507][ T8068] netlink: 'syz.5.1626': attribute type 1 has an invalid length.
[  132.725778][ T8068] 8021q: adding VLAN 0 to HW filter on device bond5
[  132.761523][ T8068] ip6erspan0: entered promiscuous mode
[  132.777889][ T8068] bond5: (slave ip6erspan0): making interface the new active one
[  132.798308][ T8068] bond5: (slave ip6erspan0): Enslaving as an active interface with an up link
[  132.807365][ T8073] team0: Unable to change to the same mode the team is in
[  132.821796][ T8075] loop2: detected capacity change from 0 to 512
[  132.831301][ T8076] macvlan2: entered promiscuous mode
[  132.837089][ T8073] netlink: 'syz.4.1628': attribute type 10 has an invalid length.
[  132.849749][ T8076] bond5: entered promiscuous mode
[  132.867031][ T8076] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  132.875825][ T8076] bond5: (slave macvlan2): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[  132.918440][ T8077] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1628'.
[  132.928074][ T8075] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.944540][ T8075] ext4 filesystem being mounted at /303/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  132.957455][ T8075] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #4: comm syz.2.1629: corrupted inode contents
[  132.969557][ T8075] EXT4-fs error (device loop2): ext4_dirty_inode:6517: inode #4: comm syz.2.1629: mark_inode_dirty error
[  132.969653][ T8076] bond5: left promiscuous mode
[  132.996940][ T8075] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #4: comm syz.2.1629: corrupted inode contents
[  133.037474][ T8075] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #4: comm syz.2.1629: mark_inode_dirty error
[  133.058974][ T8075] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.1629: Failed to acquire dquot type 1
[  133.101362][ T3327] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.169913][ T8092] netdevsim netdevsim4 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  133.179820][ T8092] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  133.197931][ T8094] SELinux:  Context system_u:object_r:logrotate_exec_t:s0 is not valid (left unmapped).
[  133.235109][   T29] kauditd_printk_skb: 119 callbacks suppressed
[  133.235122][   T29] audit: type=1400 audit(1763103470.466:8902): avc:  denied  { unmount } for  pid=3318 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  133.280882][ T8092] netdevsim netdevsim4 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  133.290703][ T8092] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  133.316171][ T8098] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8098 comm=syz.3.1635
[  133.370636][ T8092] netdevsim netdevsim4 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  133.380607][ T8092] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  133.415509][ T8090] ip6_vti0 speed is unknown, defaulting to 1000
[  133.430613][ T8092] netdevsim netdevsim4 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  133.440489][ T8092] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  133.450940][ T8107] netlink: 1328 bytes leftover after parsing attributes in process `syz.3.1637'.
[  133.512470][   T31] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  133.520844][   T31] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 20004 - 0
[  133.548437][   T31] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  133.556739][   T31] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 20004 - 0
[  133.589459][   T31] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  133.597668][   T31] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 20004 - 0
[  133.619913][   T29] audit: type=1400 audit(1763103470.846:8903): avc:  denied  { append } for  pid=8110 comm="syz.2.1639" name="ptp0" dev="devtmpfs" ino=245 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  133.643140][   T29] audit: type=1400 audit(1763103470.846:8904): avc:  denied  { open } for  pid=8110 comm="syz.2.1639" path="/dev/ptp0" dev="devtmpfs" ino=245 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  133.646523][   T31] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  133.674765][   T31] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 20004 - 0
[  133.724970][ T8113] syzkaller0: entered promiscuous mode
[  133.730502][ T8113] syzkaller0: entered allmulticast mode
[  134.284384][ T8123] team0: Unable to change to the same mode the team is in
[  134.291990][ T8123] netlink: 'syz.3.1644': attribute type 10 has an invalid length.
[  134.300248][ T8123] 8021q: adding VLAN 0 to HW filter on device bond0
[  134.307990][ T8123] team0: Port device bond0 added
[  134.314521][ T8123] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1644'.
[  134.325576][ T8123] team0 (unregistering): Port device bond0 removed
[  134.428189][   T29] audit: type=1400 audit(1763103471.656:8905): avc:  denied  { nlmsg_read } for  pid=8124 comm="syz.3.1645" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  134.497975][ T8130] netlink: 161700 bytes leftover after parsing attributes in process `syz.2.1647'.
[  134.532008][ T8132] netlink: 'syz.2.1648': attribute type 12 has an invalid length.
[  134.670988][   T36] hid_parser_main: 8 callbacks suppressed
[  134.671007][   T36] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  134.684202][   T36] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  134.691674][   T36] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  134.700059][   T36] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  134.707523][   T36] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  134.714969][   T36] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  134.722371][   T36] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  134.729835][   T36] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  134.737216][   T36] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  134.744678][   T36] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  134.752866][   T36] hid-generic 0000:0000:0000.0003: hidraw0: <UNKNOWN> HID v8.00 Device [syz0] on syz0
[  134.777606][ T8146] fido_id[8146]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  134.851135][ T8150] team0: Unable to change to the same mode the team is in
[  134.870966][ T8150] netlink: 'syz.2.1656': attribute type 10 has an invalid length.
[  134.880372][ T8150] 8021q: adding VLAN 0 to HW filter on device .`
[  134.897132][ T8150] team0: Port device .` added
[  134.906101][ T8150] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1656'.
[  134.918528][ T8150] team0 (unregistering): Port device .` removed
[  135.290542][ T8173] 9pnet_virtio: no channels available for device syz
[  135.361016][ T8175] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=8175 comm=syz.0.1666
[  135.373577][ T8175] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=8175 comm=syz.0.1666
[  135.451239][ T8177] bond2: option all_slaves_active: invalid value (5)
[  135.471488][ T8177] bond2 (unregistering): Released all slaves
[  135.665500][ T8184] team0: Unable to change to the same mode the team is in
[  135.684107][ T8184] netlink: 'syz.0.1670': attribute type 10 has an invalid length.
[  135.725159][ T8184] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1670'.
[  136.097857][ T8212] netlink: 460 bytes leftover after parsing attributes in process `syz.2.1679'.
[  136.134239][ T8212] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1679'.
[  136.159373][   T29] audit: type=1326 audit(1763103473.376:8906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8213 comm="syz.4.1680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeabbcf6c9 code=0x7ffc0000
[  136.182957][   T29] audit: type=1326 audit(1763103473.376:8907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8213 comm="syz.4.1680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeabbcf6c9 code=0x7ffc0000
[  136.206440][   T29] audit: type=1326 audit(1763103473.376:8908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8213 comm="syz.4.1680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7feeabbcf6c9 code=0x7ffc0000
[  136.229857][   T29] audit: type=1326 audit(1763103473.376:8909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8213 comm="syz.4.1680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeabbcf6c9 code=0x7ffc0000
[  136.253510][   T29] audit: type=1326 audit(1763103473.376:8910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8213 comm="syz.4.1680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeabbcf6c9 code=0x7ffc0000
[  136.276910][   T29] audit: type=1326 audit(1763103473.376:8911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8213 comm="syz.4.1680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7feeabbcf6c9 code=0x7ffc0000
[  136.501934][ T8216] loop4: detected capacity change from 0 to 4096
[  136.511752][ T8216] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  136.536303][ T8216] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  136.673283][ T8221] loop2: detected capacity change from 0 to 128
[  136.711456][ T8223] netlink: 'syz.3.1684': attribute type 4 has an invalid length.
[  136.863493][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.289454][ T8240] 9pnet_virtio: no channels available for device syz
[  137.442603][ T8242] netdevsim netdevsim4 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  137.452527][ T8242] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  137.512369][ T8242] netdevsim netdevsim4 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  137.522216][ T8242] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  137.630699][ T8242] netdevsim netdevsim4 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  137.640590][ T8242] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  137.701025][ T8242] netdevsim netdevsim4 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  137.710875][ T8242] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  137.725998][ T8249] loop2: detected capacity change from 0 to 512
[  137.741019][ T8249] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  137.754021][ T8249] ext4 filesystem being mounted at /320/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  137.782183][ T8254] netlink: 'syz.3.1694': attribute type 1 has an invalid length.
[  137.796314][ T8254] 8021q: adding VLAN 0 to HW filter on device bond3
[  137.815455][ T8254] ip6erspan0: entered promiscuous mode
[  137.824032][ T8254] bond3: (slave ip6erspan0): making interface the new active one
[  137.833773][ T8254] bond3: (slave ip6erspan0): Enslaving as an active interface with an up link
[  137.846088][   T31] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  137.854361][   T31] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 20004 - 0
[  137.875270][ T8254] macvlan2: entered promiscuous mode
[  137.875975][ T3327] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.880987][ T8254] bond3: entered promiscuous mode
[  137.895091][ T8254] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  137.903216][ T8254] bond3: (slave macvlan2): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[  137.924850][ T8254] bond3: left promiscuous mode
[  137.945842][   T31] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  137.954139][   T31] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 20004 - 0
[  137.962797][   T31] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  137.971060][   T31] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 20004 - 0
[  137.995488][   T31] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  138.003734][   T31] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 20004 - 0
[  138.181605][ T8276] syzkaller0: entered promiscuous mode
[  138.187106][ T8276] syzkaller0: entered allmulticast mode
[  138.306272][ T8283] __nla_validate_parse: 1 callbacks suppressed
[  138.306303][ T8283] netlink: 96 bytes leftover after parsing attributes in process `syz.5.1705'.
[  138.322597][ T8283] netlink: 96 bytes leftover after parsing attributes in process `syz.5.1705'.
[  138.365854][ T8286] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1706'.
[  138.395110][ T8290] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1707'.
[  138.820452][ T8294] ip6_vti0 speed is unknown, defaulting to 1000
[  138.846092][ T8295] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1708'.
[  138.948266][ T8298] netlink: 'syz.2.1709': attribute type 4 has an invalid length.
[  139.281811][ T8305] ip6_vti0 speed is unknown, defaulting to 1000
[  139.369275][ T8315] netlink: 1328 bytes leftover after parsing attributes in process `syz.4.1713'.
[  139.452305][ T8312] set match dimension is over the limit!
[  139.905856][ T8320] team0: Mode changed to "loadbalance"
[  139.913905][ T8320] netlink: 'syz.5.1714': attribute type 10 has an invalid length.
[  139.922830][ T8320] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1714'.
[  139.993028][   T29] kauditd_printk_skb: 68 callbacks suppressed
[  139.993161][   T29] audit: type=1326 audit(1763103477.226:8980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8325 comm="syz.2.1717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8adfbf6c9 code=0x7ffc0000
[  140.025513][ T8326] loop2: detected capacity change from 0 to 256
[  140.038462][   T29] audit: type=1326 audit(1763103477.256:8981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8325 comm="syz.2.1717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fd8adfbf6c9 code=0x7ffc0000
[  140.061926][   T29] audit: type=1326 audit(1763103477.256:8982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8325 comm="syz.2.1717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fd8adfbf703 code=0x7ffc0000
[  140.085471][   T29] audit: type=1326 audit(1763103477.256:8983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8325 comm="syz.2.1717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fd8adfbe17f code=0x7ffc0000
[  140.108745][   T29] audit: type=1326 audit(1763103477.256:8984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8325 comm="syz.2.1717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fd8adfbf757 code=0x7ffc0000
[  140.132253][   T29] audit: type=1326 audit(1763103477.256:8985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8325 comm="syz.2.1717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd8adfbdf10 code=0x7ffc0000
[  140.155768][   T29] audit: type=1326 audit(1763103477.256:8986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8325 comm="syz.2.1717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd8adfbf2cb code=0x7ffc0000
[  140.179401][   T29] audit: type=1326 audit(1763103477.266:8987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8325 comm="syz.2.1717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fd8adfbe32a code=0x7ffc0000
[  140.202652][   T29] audit: type=1326 audit(1763103477.266:8988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8325 comm="syz.2.1717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fd8adfbe32a code=0x7ffc0000
[  140.208323][ T8326] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  140.225884][   T29] audit: type=1326 audit(1763103477.266:8989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8325 comm="syz.2.1717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fd8adfbde17 code=0x7ffc0000
[  140.445165][ T8340] netlink: 'syz.2.1725': attribute type 4 has an invalid length.
[  140.456578][ T8340] netlink: 'syz.2.1725': attribute type 4 has an invalid length.
[  140.524420][ T8342] netlink: 'syz.0.1727': attribute type 7 has an invalid length.
[  140.532211][ T8342] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1727'.
[  140.575478][ T8346] netlink: 'syz.2.1729': attribute type 10 has an invalid length.
[  140.636989][ T8354] veth14: entered promiscuous mode
[  140.642208][ T8354] veth14: entered allmulticast mode
[  140.766176][ T8365] loop2: detected capacity change from 0 to 4096
[  140.819891][ T8365] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  141.256688][ T8370] loop3: detected capacity change from 0 to 512
[  141.551498][ T8365] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  141.582230][ T8370] EXT4-fs error (device loop3): ext4_iget_extra_inode:5075: inode #15: comm syz.3.1739: corrupted in-inode xattr: e_value size too large
[  141.690230][ T8370] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.1739: couldn't read orphan inode 15 (err -117)
[  141.707653][ T8370] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  141.763355][ T3327] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.774179][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.809631][ T1902] erspan0: left promiscuous mode
[  141.859606][ T8384] loop2: detected capacity change from 0 to 128
[  142.048037][ T8405] wg2: entered promiscuous mode
[  142.053004][ T8405] wg2: entered allmulticast mode
[  142.173577][ T8413] netlink: 'syz.5.1755': attribute type 4 has an invalid length.
[  142.441947][ T8421] vlan1: entered allmulticast mode
[  142.447112][ T8421] bridge_slave_0: entered allmulticast mode
[  142.496050][ T8421] loop2: detected capacity change from 0 to 512
[  142.503195][ T8421] EXT4-fs: Ignoring removed nobh option
[  142.533286][ T8421] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #3: comm syz.2.1760: corrupted inode contents
[  142.545477][ T8421] EXT4-fs (loop2): Remounting filesystem read-only
[  142.552396][ T8421] EXT4-fs (loop2): 1 truncate cleaned up
[  142.558595][ T8421] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  142.571312][ T8421] ext4 filesystem being mounted at /335/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  142.582275][ T8421] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.818596][ T8436] wg2: entered promiscuous mode
[  142.823733][ T8436] wg2: entered allmulticast mode
[  142.857177][ T8442] netlink: 'syz.0.1768': attribute type 4 has an invalid length.
[  142.886722][ T8444] netlink: 'syz.4.1769': attribute type 83 has an invalid length.
[  142.980935][ T8452] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1773'.
[  143.002137][ T8454] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1774'.
[  143.033401][ T8454] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=8454 comm=syz.0.1774
[  143.090317][ T8458] loop4: detected capacity change from 0 to 512
[  143.104216][ T8458] EXT4-fs (loop4): blocks per group (95) and clusters per group (32768) inconsistent
[  143.220542][ T8470] loop3: detected capacity change from 0 to 1024
[  143.227440][ T8470] EXT4-fs: inline encryption not supported
[  143.270418][ T8470] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  143.316858][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.356287][ T8478] loop3: detected capacity change from 0 to 512
[  143.364669][ T8478] EXT4-fs (loop3): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  143.383273][ T8478] netlink: 1152 bytes leftover after parsing attributes in process `syz.3.1784'.
[  143.437973][ T3318] EXT4-fs (loop3): unmounting filesystem 00000005-0000-0000-0000-000000000000.
[  143.570876][ T8491] loop3: detected capacity change from 0 to 512
[  143.577907][ T8491] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  143.595120][ T8491] EXT4-fs (loop3): 1 truncate cleaned up
[  143.607208][ T8491] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  143.651131][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.698618][ T8499] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1793'.
[  143.808978][ T8519] syzkaller0: entered promiscuous mode
[  143.814507][ T8519] syzkaller0: entered allmulticast mode
[  143.823045][ T8521] netlink: 'syz.5.1795': attribute type 1 has an invalid length.
[  143.835590][ T8521] bond6: entered promiscuous mode
[  143.840856][ T8521] 8021q: adding VLAN 0 to HW filter on device bond6
[  143.863254][ T8521] 8021q: adding VLAN 0 to HW filter on device bond6
[  143.870375][ T8521] bond6: (slave wireguard0): The slave device specified does not support setting the MAC address
[  143.881086][ T8521] bond6: (slave wireguard0): Setting fail_over_mac to active for active-backup mode
[  143.892324][ T8521] bond6: (slave wireguard0): making interface the new active one
[  143.900167][ T8521] wireguard0: entered promiscuous mode
[  143.907117][ T8521] bond6: (slave wireguard0): Enslaving as an active interface with an up link
[  143.914338][ T8524] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  143.923216][ T8524] IPv6: NLM_F_CREATE should be set when creating new route
[  143.930406][ T8524] IPv6: NLM_F_CREATE should be set when creating new route
[  143.937827][ T8524] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  143.948541][ T8524] bond6: (slave wireguard1): The slave device specified does not support setting the MAC address
[  143.961391][ T8524] bond6: (slave wireguard1): Enslaving as a backup interface with an up link
[  144.075176][ T8539] veth4: left promiscuous mode
[  144.130573][ T8542] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1801'.
[  144.140453][ T8539] ip6erspan0: left promiscuous mode
[  144.220495][ T8547] Y­4��`Ò˜D™Ê†5�: renamed from lo
[  144.253089][ T8552] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1805'.
[  144.649902][ T8555] ip6_vti0 speed is unknown, defaulting to 1000
[  144.929622][ T8570] netlink: 'syz.0.1810': attribute type 12 has an invalid length.
[  145.235916][ T8572] ip6_vti0 speed is unknown, defaulting to 1000
[  145.518935][   T29] kauditd_printk_skb: 521 callbacks suppressed
[  145.518950][   T29] audit: type=1326 audit(1763103482.746:9509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8580 comm="syz.0.1812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47c305f6c9 code=0x7ffc0000
[  145.581851][   T29] audit: type=1326 audit(1763103482.786:9510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8580 comm="syz.0.1812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f47c305f6c9 code=0x7ffc0000
[  145.605410][   T29] audit: type=1326 audit(1763103482.786:9511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8580 comm="syz.0.1812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47c305f6c9 code=0x7ffc0000
[  145.628939][   T29] audit: type=1326 audit(1763103482.786:9512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8580 comm="syz.0.1812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47c305f6c9 code=0x7ffc0000
[  145.652353][   T29] audit: type=1326 audit(1763103482.786:9513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8580 comm="syz.0.1812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f47c305f6c9 code=0x7ffc0000
[  145.675853][   T29] audit: type=1326 audit(1763103482.786:9514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8580 comm="syz.0.1812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f47c305f703 code=0x7ffc0000
[  145.699143][   T29] audit: type=1326 audit(1763103482.806:9515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8580 comm="syz.0.1812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f47c305e17f code=0x7ffc0000
[  145.790964][ T8586] loop2: detected capacity change from 0 to 1024
[  145.804392][ T8590] loop4: detected capacity change from 0 to 1024
[  145.942980][   T29] audit: type=1326 audit(1763103482.906:9516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8580 comm="syz.0.1812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f47c305f757 code=0x7ffc0000
[  145.966574][   T29] audit: type=1326 audit(1763103482.916:9517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8580 comm="syz.0.1812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f47c305df10 code=0x7ffc0000
[  145.990228][   T29] audit: type=1326 audit(1763103482.916:9518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8580 comm="syz.0.1812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f47c305e32a code=0x7ffc0000
[  146.137846][ T8604] ip6_vti0 speed is unknown, defaulting to 1000
[  146.278499][ T8613] loop4: detected capacity change from 0 to 1024
[  146.329650][ T8613] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  146.339503][ T8613] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[  146.373141][ T8613] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  146.384254][ T8605] IPv6: NLM_F_CREATE should be specified when creating new route
[  146.419161][ T8613] EXT4-fs error (device loop4): ext4_get_journal_inode:5808: inode #5: comm syz.4.1824: unexpected bad inode w/o EXT4_IGET_BAD
[  146.473030][ T8613] EXT4-fs (loop4): no journal found
[  146.478277][ T8613] EXT4-fs (loop4): can't get journal size
[  146.489997][ T8613] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  146.788147][ T8621] loop3: detected capacity change from 0 to 256
[  146.806829][ T8621] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  147.010931][ T8632] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1829'.
[  147.046816][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  147.264566][ T8644] loop2: detected capacity change from 0 to 1024
[  147.299695][ T8644] EXT4-fs: inline encryption not supported
[  147.305543][ T8644] EXT4-fs: Ignoring removed orlov option
[  147.318485][ T8644] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  147.338339][ T8616] syz.5.1825 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  147.349076][ T8616] CPU: 1 UID: 0 PID: 8616 Comm: syz.5.1825 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  147.349184][ T8616] Tainted: [W]=WARN
[  147.349191][ T8616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  147.349204][ T8616] Call Trace:
[  147.349210][ T8616]  <TASK>
[  147.349217][ T8616]  __dump_stack+0x1d/0x30
[  147.349242][ T8616]  dump_stack_lvl+0xe8/0x140
[  147.349261][ T8616]  dump_stack+0x15/0x1b
[  147.349340][ T8616]  dump_header+0x81/0x220
[  147.349382][ T8616]  oom_kill_process+0x342/0x400
[  147.349411][ T8616]  out_of_memory+0x979/0xb80
[  147.349436][ T8616]  try_charge_memcg+0x610/0xa10
[  147.349492][ T8616]  charge_memcg+0x51/0xc0
[  147.349517][ T8616]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  147.349560][ T8616]  __read_swap_cache_async+0x17b/0x2d0
[  147.349655][ T8616]  swap_cluster_readahead+0x262/0x3c0
[  147.349683][ T8616]  swapin_readahead+0xde/0x6f0
[  147.349702][ T8616]  ? mod_memcg_lruvec_state+0x1fc/0x2c0
[  147.349729][ T8616]  ? __lruvec_stat_mod_folio+0xd6/0x120
[  147.349772][ T8616]  ? __rcu_read_unlock+0x4f/0x70
[  147.349798][ T8616]  ? swap_cache_get_folio+0x277/0x280
[  147.349856][ T8616]  do_swap_page+0x2ae/0x2370
[  147.349881][ T8616]  ? css_rstat_updated+0xb7/0x240
[  147.349961][ T8616]  ? __pfx_default_wake_function+0x10/0x10
[  147.350004][ T8616]  handle_mm_fault+0x9a5/0x2be0
[  147.350027][ T8616]  ? vma_start_read+0x141/0x1f0
[  147.350058][ T8616]  do_user_addr_fault+0x630/0x1080
[  147.350082][ T8616]  ? fpregs_restore_userregs+0xe2/0x1d0
[  147.350147][ T8616]  ? switch_fpu_return+0xe/0x20
[  147.350173][ T8616]  ? fpregs_assert_state_consistent+0xb4/0xe0
[  147.350282][ T8616]  exc_page_fault+0x62/0xa0
[  147.350320][ T8616]  asm_exc_page_fault+0x26/0x30
[  147.350340][ T8616] RIP: 0033:0x7f6cf574593c
[  147.350363][ T8616] Code: 66 0f 1f 44 00 00 69 3d 76 fd ea 00 e8 03 00 00 48 8d 1d 77 06 38 00 e8 f2 9c 12 00 eb 0c 48 81 c3 f0 00 00 00 48 39 eb 74 24 <80> 7b 20 00 74 ee 8b 43 0c 85 c0 74 e7 48 89 df 48 81 c3 f0 00 00
[  147.350487][ T8616] RSP: 002b:00007ffc4de7d7a0 EFLAGS: 00010202
[  147.350531][ T8616] RAX: 0000000000000000 RBX: 00007f6cf5ac5fa0 RCX: 0000000000000000
[  147.350596][ T8616] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00005555585b8808
[  147.350607][ T8616] RBP: 00007f6cf5ac7da0 R08: 0000000000000000 R09: 7fffffffffffffff
[  147.350618][ T8616] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000023fd1
[  147.350629][ T8616] R13: 00007ffc4de7d890 R14: ffffffffffffffff R15: 00007ffc4de7d8b0
[  147.350649][ T8616]  </TASK>
[  147.588979][ T8616] memory: usage 307200kB, limit 307200kB, failcnt 876
[  147.595749][ T8616] memory+swap: usage 307376kB, limit 9007199254740988kB, failcnt 0
[  147.603647][ T8616] kmem: usage 307184kB, limit 9007199254740988kB, failcnt 0
[  147.610983][ T8616] Memory cgroup stats for /syz5:
[  147.613135][ T8616] cache 0
[  147.621092][ T8616] rss 4096
[  147.624156][ T8616] shmem 0
[  147.627080][ T8616] mapped_file 0
[  147.630553][ T8616] dirty 0
[  147.633474][ T8616] writeback 12288
[  147.637093][ T8616] workingset_refault_anon 56
[  147.641773][ T8616] workingset_refault_file 128
[  147.646438][ T8616] swap 180224
[  147.649765][ T8616] swapcached 12288
[  147.650185][ T8644] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a840c019, mo2=0002]
[  147.653469][ T8616] pgpgin 178329
[  147.662049][ T8644] System zones: 
[  147.665046][ T8616] pgpgout 178325
[  147.665055][ T8616] pgfault 144502
[  147.665062][ T8616] pgmajfault 48
[  147.665069][ T8616] inactive_anon 12288
[  147.668590][ T8644] 0-1
[  147.672162][ T8616] active_anon 0
[  147.675682][ T8644] , 3-12
[  147.692063][ T8616] inactive_file 4096
[  147.695974][ T8616] active_file 0
[  147.699450][ T8616] unevictable 0
[  147.702960][ T8616] hierarchical_memory_limit 314572800
[  147.708027][ T8652] loop3: detected capacity change from 0 to 512
[  147.708399][ T8616] hierarchical_memsw_limit 9223372036854771712
[  147.715899][ T8644] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  147.720845][ T8616] total_cache 0
[  147.736278][ T8616] total_rss 4096
[  147.739855][ T8616] total_shmem 0
[  147.743304][ T8616] total_mapped_file 0
[  147.747282][ T8616] total_dirty 0
[  147.750751][ T8616] total_writeback 12288
[  147.751104][ T8652] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  147.754938][ T8616] total_workingset_refault_anon 56
[  147.772493][ T8616] total_workingset_refault_file 128
[  147.777681][ T8652] ext4 filesystem being mounted at /357/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  147.777753][ T8616] total_swap 180224
[  147.777761][ T8616] total_swapcached 12288
[  147.777769][ T8616] total_pgpgin 178329
[  147.777776][ T8616] total_pgpgout 178325
[  147.804363][ T8616] total_pgfault 144502
[  147.808422][ T8616] total_pgmajfault 48
[  147.812418][ T8616] total_inactive_anon 12288
[  147.816910][ T8616] total_active_anon 0
[  147.820906][ T8616] total_inactive_file 4096
[  147.825353][ T8616] total_active_file 0
[  147.829352][ T8616] total_unevictable 0
[  147.833320][ T8616] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz5,task_memcg=/syz5,task=syz.5.1825,pid=8616,uid=0
[  147.847974][ T8616] Memory cgroup out of memory: Killed process 8616 (syz.5.1825) total-vm:93824kB, anon-rss:1136kB, file-rss:22052kB, shmem-rss:0kB, UID:0 pgtables:132kB oom_score_adj:0
[  147.865526][ T8652] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  147.948486][ T8652] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  147.965455][ T3327] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  147.983264][ T8659] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1838'.
[  148.020631][ T8652] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  148.161766][ T8652] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  148.163895][ T8665] xt_connbytes: Forcing CT accounting to be enabled
[  148.205977][ T8665] Cannot find set identified by id 0 to match
[  148.235960][   T31] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 20004 - 0
[  148.249003][   T31] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 20004 - 0
[  148.274696][   T31] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 20004 - 0
[  148.355250][   T31] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 20004 - 0
[  148.490538][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  148.509275][ T8675] syz.2.1843 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  148.756867][ T8682] xt_CT: You must specify a L4 protocol and not use inversions on it
[  149.623889][ T8692] tipc: Started in network mode
[  149.628853][ T8692] tipc: Node identity 9a30a0ebdc7e, cluster identity 4711
[  149.636090][ T8692] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  149.660645][ T8692] syzkaller0: entered promiscuous mode
[  149.666181][ T8692] syzkaller0: entered allmulticast mode
[  149.686813][ T8692] tipc: Resetting bearer <eth:syzkaller0>
[  149.695378][ T8692] tipc: Resetting bearer <eth:syzkaller0>
[  149.703478][ T8692] tipc: Disabling bearer <eth:syzkaller0>
[  149.819225][ T8703] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  149.819225][ T8703]    program syz.2.1863 not setting count and/or reply_len properly
[  150.011480][ T8706] vlan1: entered allmulticast mode
[  150.016648][ T8706] bridge_slave_0: entered allmulticast mode
[  150.026355][ T8708] loop4: detected capacity change from 0 to 512
[  150.035883][ T8708] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  150.047723][ T8708] EXT4-fs (loop4): 1 truncate cleaned up
[  150.061454][ T8708] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  150.123931][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  150.156533][ T8715] loop4: detected capacity change from 0 to 512
[  150.179973][ T8715] EXT4-fs warning (device loop4): ext4_xattr_inode_get:560: inode #11: comm syz.4.1857: EA inode hash validation failed
[  150.196687][ T8715] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #15: comm syz.4.1857: corrupted inode contents
[  150.211422][ T8715] EXT4-fs error (device loop4): ext4_dirty_inode:6517: inode #15: comm syz.4.1857: mark_inode_dirty error
[  150.292387][ T8715] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #15: comm syz.4.1857: corrupted inode contents
[  150.344810][ T8715] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2996: inode #15: comm syz.4.1857: mark_inode_dirty error
[  150.373211][ T8715] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2999: inode #15: comm syz.4.1857: mark inode dirty (error -117)
[  150.393010][ T8733] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1865'.
[  150.396987][ T8715] EXT4-fs warning (device loop4): ext4_evict_inode:274: xattr delete (err -117)
[  150.417613][ T8715] EXT4-fs (loop4): 1 orphan inode deleted
[  150.424156][ T8715] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  150.483617][ T8715] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1857'.
[  150.509121][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  150.566844][ T8752] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1872'.
[  150.576173][ T8752] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1872'.
[  151.034937][   T29] kauditd_printk_skb: 149 callbacks suppressed
[  151.034952][   T29] audit: type=1400 audit(1763103488.266:9668): avc:  denied  { relabelfrom } for  pid=8763 comm="syz.3.1875" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  151.061215][   T29] audit: type=1400 audit(1763103488.266:9669): avc:  denied  { relabelto } for  pid=8763 comm="syz.3.1875" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  151.132186][   T29] audit: type=1326 audit(1763103488.366:9670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8765 comm="syz.3.1876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f287204f6c9 code=0x7ffc0000
[  151.155820][   T29] audit: type=1326 audit(1763103488.366:9671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8765 comm="syz.3.1876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f287204f6c9 code=0x7ffc0000
[  151.179259][   T29] audit: type=1326 audit(1763103488.366:9672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8765 comm="syz.3.1876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f287204f6c9 code=0x7ffc0000
[  151.202763][   T29] audit: type=1326 audit(1763103488.366:9673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8765 comm="syz.3.1876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f287204f6c9 code=0x7ffc0000
[  151.226208][   T29] audit: type=1326 audit(1763103488.366:9674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8765 comm="syz.3.1876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f287204f6c9 code=0x7ffc0000
[  151.249681][   T29] audit: type=1326 audit(1763103488.366:9675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8765 comm="syz.3.1876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f287204f6c9 code=0x7ffc0000
[  151.273166][   T29] audit: type=1326 audit(1763103488.366:9676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8765 comm="syz.3.1876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f287204f6c9 code=0x7ffc0000
[  151.296521][   T29] audit: type=1326 audit(1763103488.366:9677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8765 comm="syz.3.1876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f287204f6c9 code=0x7ffc0000
[  151.408563][ T8775] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1880'.
[  151.433112][ T8775] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1880'.
[  151.457706][ T8775] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1880'.
[  151.467679][ T8775] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1880'.
[  151.484947][ T8775] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1880'.
[  151.495247][ T8773] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'filter'
[  151.540937][ T8775] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1880'.
[  151.706649][ T8792] ip6_vti0 speed is unknown, defaulting to 1000
[  151.872004][ T8795] netlink: 'syz.2.1884': attribute type 13 has an invalid length.
[  152.166042][ T8815] loop4: detected capacity change from 0 to 512
[  152.182199][ T8815] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  152.194866][ T8815] ext4 filesystem being mounted at /373/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  152.199102][ T8821] netlink: 'syz.0.1892': attribute type 6 has an invalid length.
[  152.224688][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  152.266768][ T8824] syzkaller0: entered promiscuous mode
[  152.272350][ T8824] syzkaller0: entered allmulticast mode
[  152.376276][ T8832] netlink: 'syz.5.1896': attribute type 39 has an invalid length.
[  152.493548][ T8843] wg2: left promiscuous mode
[  152.498781][ T8843] bond0: left promiscuous mode
[  152.506076][ T8843] veth14: left promiscuous mode
[  152.510527][ T8844] xt_connbytes: Forcing CT accounting to be enabled
[  152.511499][ T8840] ip6_vti0 speed is unknown, defaulting to 1000
[  152.517651][ T8844] set match dimension is over the limit!
[  152.838360][ T8857] ip6_vti0 speed is unknown, defaulting to 1000
[  153.100072][ T8862] loop2: detected capacity change from 0 to 2048
[  153.111451][ T8862] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  153.222170][ T8862] IPv6: NLM_F_CREATE should be specified when creating new route
[  153.230732][ T8861] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  153.247154][ T8861] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 224 with max blocks 32 with error 28
[  153.259712][ T8861] EXT4-fs (loop2): This should not happen!! Data will be lost
[  153.259712][ T8861] 
[  153.269411][ T8861] EXT4-fs (loop2): Total free blocks count 0
[  153.275567][ T8861] EXT4-fs (loop2): Free/Dirty block details
[  153.281507][ T8861] EXT4-fs (loop2): free_blocks=2415919504
[  153.287225][ T8861] EXT4-fs (loop2): dirty_blocks=32
[  153.292359][ T8861] EXT4-fs (loop2): Block reservation details
[  153.298349][ T8861] EXT4-fs (loop2): i_reserved_data_blocks=2
[  153.342549][ T3327] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  153.364662][ T8871] loop2: detected capacity change from 0 to 1024
[  153.529062][ T8884] loop4: detected capacity change from 0 to 512
[  153.541292][ T8884] EXT4-fs (loop4): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  153.587764][ T3315] EXT4-fs (loop4): unmounting filesystem 00000005-0000-0000-0000-000000000000.
[  154.179352][ T3644] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  154.185529][ T3571] Bluetooth: hci0: command 0x1003 tx timeout
[  154.441128][ T8901] loop4: detected capacity change from 0 to 512
[  154.472891][ T8901] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  154.485764][ T8901] ext4 filesystem being mounted at /381/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  154.518209][ T8901] netdevsim netdevsim4 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  154.528044][ T8901] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  154.610330][ T8901] netdevsim netdevsim4 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  154.620164][ T8901] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  154.650987][ T8901] netdevsim netdevsim4 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  154.660886][ T8901] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  154.690390][ T8901] netdevsim netdevsim4 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  154.700230][ T8901] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  154.741330][ T8930] loop3: detected capacity change from 0 to 1024
[  154.748049][ T8930] EXT4-fs: inline encryption not supported
[  154.753910][ T8930] EXT4-fs: Ignoring removed orlov option
[  154.760146][ T8930] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  154.775699][   T12] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  154.783959][   T12] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 20004 - 0
[  154.797472][ T8930] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a840c019, mo2=0002]
[  154.805826][ T8930] System zones: 0-1, 3-12
[  154.810386][   T41] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  154.818591][   T41] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 20004 - 0
[  154.827366][ T8930] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  154.845444][   T41] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  154.853711][   T41] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 20004 - 0
[  154.889441][   T41] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  154.897629][   T41] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 20004 - 0
[  154.917028][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  154.960881][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  155.000752][ T8942] netlink: 'syz.3.1936': attribute type 13 has an invalid length.
[  156.084230][ T8961] syzkaller0: entered promiscuous mode
[  156.089745][ T8961] syzkaller0: entered allmulticast mode
[  156.281448][   T29] kauditd_printk_skb: 757 callbacks suppressed
[  156.281464][   T29] audit: type=1400 audit(1763103493.516:10435): avc:  denied  { write } for  pid=8968 comm="syz.4.1945" name="001" dev="devtmpfs" ino=171 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  156.389584][ T8974] loop4: detected capacity change from 0 to 1024
[  156.396479][ T8974] EXT4-fs: inline encryption not supported
[  156.402403][ T8974] EXT4-fs: Ignoring removed orlov option
[  156.408823][ T8974] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  156.532498][ T8974] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a840c019, mo2=0002]
[  156.554820][ T8974] System zones: 0-1, 3-12
[  156.585565][ T8974] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  156.704105][   T29] audit: type=1400 audit(1763103493.896:10436): avc:  denied  { read } for  pid=8979 comm="syz.2.1948" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  156.828206][ T8980] loop2: detected capacity change from 0 to 1024
[  156.850342][ T8980] EXT4-fs: Ignoring removed bh option
[  156.869453][ T8980] EXT4-fs (loop2): VFS: Can't find ext4 filesystem
[  156.877667][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.009214][ T8986] pim6reg1: entered promiscuous mode
[  157.014673][ T8986] pim6reg1: entered allmulticast mode
[  157.355985][   T29] audit: type=1400 audit(1763103494.576:10437): avc:  denied  { name_bind } for  pid=8993 comm="syz.2.1954" src=3618 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[  157.377685][   T29] audit: type=1400 audit(1763103494.586:10438): avc:  denied  { cmd } for  pid=8993 comm="syz.2.1954" path="socket:[29461]" dev="sockfs" ino=29461 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  157.493371][   T29] audit: type=1326 audit(1763103494.726:10439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8995 comm="syz.2.1955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8adfbf6c9 code=0x7ffc0000
[  157.520797][ T9001] netlink: 'syz.4.1957': attribute type 16 has an invalid length.
[  157.528658][ T9001] netlink: 'syz.4.1957': attribute type 17 has an invalid length.
[  157.559428][   T29] audit: type=1326 audit(1763103494.726:10440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8995 comm="syz.2.1955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8adfbf6c9 code=0x7ffc0000
[  157.619484][ T9001] 0ªX¹¦À: left allmulticast mode
[  157.624468][ T9001] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[  157.641530][ T3574] ip6_vti0 speed is unknown, defaulting to 1000
[  157.647826][ T3574] syz2: Port: 1 Link ACTIVE
[  157.652766][ T9007] loop3: detected capacity change from 0 to 1024
[  157.660023][ T3574] ip6_vti0 speed is unknown, defaulting to 1000
[  157.682511][ T9007] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  157.715681][   T29] audit: type=1400 audit(1763103494.946:10441): avc:  denied  { create } for  pid=9006 comm="syz.3.1959" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  157.738115][   T29] audit: type=1400 audit(1763103494.966:10442): avc:  denied  { getopt } for  pid=9006 comm="syz.3.1959" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  157.771277][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.797181][ T9011] ip6_vti0 speed is unknown, defaulting to 1000
[  157.838552][ T9016] sctp: [Deprecated]: syz.3.1962 (pid 9016) Use of struct sctp_assoc_value in delayed_ack socket option.
[  157.838552][ T9016] Use struct sctp_sack_info instead
[  157.974392][   T29] audit: type=1400 audit(1763103495.206:10443): avc:  denied  { read write } for  pid=9018 comm="syz.4.1964" name="rdma_cm" dev="devtmpfs" ino=251 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[  157.998795][   T29] audit: type=1400 audit(1763103495.206:10444): avc:  denied  { open } for  pid=9018 comm="syz.4.1964" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=251 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[  158.300576][ T9032] loop4: detected capacity change from 0 to 512
[  158.308968][ T9032] EXT4-fs error (device loop4): ext4_iget_extra_inode:5075: inode #15: comm syz.4.1968: corrupted in-inode xattr: e_value size too large
[  158.323564][ T9032] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.1968: couldn't read orphan inode 15 (err -117)
[  158.336285][ T9032] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  158.366593][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.382105][ T9038] loop2: detected capacity change from 0 to 512
[  158.388755][ T9038] EXT4-fs: Ignoring removed nobh option
[  158.405330][ T9038] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #3: comm syz.2.1970: corrupted inode contents
[  158.417885][ T9038] EXT4-fs (loop2): Remounting filesystem read-only
[  158.425522][ T9038] EXT4-fs (loop2): 1 truncate cleaned up
[  158.431977][ T9038] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  158.444759][ T9038] ext4 filesystem being mounted at /372/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  158.470302][ T9046] bridge0: port 1(gretap0) entered blocking state
[  158.476858][ T9046] bridge0: port 1(gretap0) entered disabled state
[  158.483472][ T9046] gretap0: entered allmulticast mode
[  158.489352][ T9046] gretap0: entered promiscuous mode
[  158.495784][ T9046] bridge0: port 1(gretap0) entered blocking state
[  158.502249][ T9046] bridge0: port 1(gretap0) entered forwarding state
[  158.526149][ T3327] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.560211][ T9057] __nla_validate_parse: 5 callbacks suppressed
[  158.560225][ T9057] netlink: 64 bytes leftover after parsing attributes in process `syz.2.1976'.
[  158.576033][ T9052] ip6_vti0 speed is unknown, defaulting to 1000
[  158.602993][ T9061] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1977'.
[  158.611992][ T9061] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1977'.
[  158.654107][ T9063] xt_CT: You must specify a L4 protocol and not use inversions on it
[  158.717784][ T9067] veth0_vlan: left promiscuous mode
[  158.726125][ T9067] veth0_vlan: entered promiscuous mode
[  158.889885][ T9080] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  158.889885][ T9080]    program syz.3.1994 not setting count and/or reply_len properly
[  159.071185][ T9083] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1987'.
[  159.099824][ T9083] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1987'.
[  159.165995][ T9085] syz_tun: entered allmulticast mode
[  159.172290][ T9084] syz_tun: left allmulticast mode
[  159.477092][ T9109] netlink: 'syz.2.2006': attribute type 1 has an invalid length.
[  159.501663][ T9111] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  159.609734][ T9128] loop2: detected capacity change from 0 to 512
[  159.681198][ T9122] loop4: detected capacity change from 0 to 1024
[  159.705873][ T9122] EXT4-fs: Ignoring removed bh option
[  159.722390][ T9122] EXT4-fs (loop4): VFS: Can't find ext4 filesystem
[  159.790834][ T9136] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2009'.
[  159.839747][ T9140] loop4: detected capacity change from 0 to 512
[  159.846441][ T9140] EXT4-fs: Ignoring removed nobh option
[  159.862273][ T9140] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #3: comm syz.4.2011: corrupted inode contents
[  159.874380][ T9140] EXT4-fs (loop4): Remounting filesystem read-only
[  159.883453][ T9140] EXT4-fs (loop4): 1 truncate cleaned up
[  159.889636][ T9140] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  159.902628][ T9140] ext4 filesystem being mounted at /401/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  159.926208][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  160.051506][ T9149] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  160.058739][ T9149] syzkaller0: entered promiscuous mode
[  160.064277][ T9149] syzkaller0: entered allmulticast mode
[  160.072919][ T9149] tipc: Resetting bearer <eth:syzkaller0>
[  160.239733][ T9149] tipc: Resetting bearer <eth:syzkaller0>
[  160.247211][ T9149] tipc: Disabling bearer <eth:syzkaller0>
[  160.762499][ T9164] vlan0: entered allmulticast mode
[  160.767885][ T9164] dummy0: entered allmulticast mode
[  161.291291][   T29] kauditd_printk_skb: 266 callbacks suppressed
[  161.291306][   T29] audit: type=1326 audit(1763103498.526:10707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9152 comm="syz.2.2016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd8adfb6567 code=0x7ffc0000
[  161.338032][   T29] audit: type=1326 audit(1763103498.556:10708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9152 comm="syz.2.2016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd8adf5b779 code=0x7ffc0000
[  161.361545][   T29] audit: type=1326 audit(1763103498.556:10709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9152 comm="syz.2.2016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd8adfb6567 code=0x7ffc0000
[  161.385018][   T29] audit: type=1326 audit(1763103498.556:10710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9152 comm="syz.2.2016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd8adf5b779 code=0x7ffc0000
[  161.408435][   T29] audit: type=1326 audit(1763103498.556:10711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9152 comm="syz.2.2016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=304 compat=0 ip=0x7fd8adfbf6c9 code=0x7ffc0000
[  161.431962][   T29] audit: type=1326 audit(1763103498.566:10712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9152 comm="syz.2.2016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd8adfb6567 code=0x7ffc0000
[  161.455491][   T29] audit: type=1326 audit(1763103498.566:10713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9152 comm="syz.2.2016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd8adf5b779 code=0x7ffc0000
[  161.478942][   T29] audit: type=1326 audit(1763103498.566:10714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9152 comm="syz.2.2016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=304 compat=0 ip=0x7fd8adfbf6c9 code=0x7ffc0000
[  161.589601][   T29] audit: type=1326 audit(1763103498.736:10715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9152 comm="syz.2.2016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd8adfb6567 code=0x7ffc0000
[  161.613048][   T29] audit: type=1326 audit(1763103498.736:10716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9152 comm="syz.2.2016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd8adf5b779 code=0x7ffc0000
[  161.951244][ T9191] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  162.234429][ T9205] ip6_vti0 speed is unknown, defaulting to 1000
[  163.230567][ T9230] netlink: 172 bytes leftover after parsing attributes in process `syz.2.2041'.
[  163.483715][ T9238] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  163.493182][ T9238] syzkaller0: entered promiscuous mode
[  163.498659][ T9238] syzkaller0: entered allmulticast mode
[  163.520650][ T9242] syz_tun: entered allmulticast mode
[  163.531814][ T9238] tipc: Resetting bearer <eth:syzkaller0>
[  163.540234][ T9241] syz_tun: left allmulticast mode
[  163.555455][ T9238] tipc: Resetting bearer <eth:syzkaller0>
[  163.568605][ T9238] tipc: Disabling bearer <eth:syzkaller0>
[  163.822424][ T9251] ip6_vti0 speed is unknown, defaulting to 1000
[  163.890900][ T9265] tipc: New replicast peer: 255.255.255.255
[  163.895311][ T9266] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2052'.
[  163.897079][ T9265] tipc: Enabled bearer <udp:syz2>, priority 10
[  164.131680][ T9275] dvmrp8: entered allmulticast mode
[  164.200802][ T9283] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2062'.
[  164.268960][ T9291] veth0_vlan: entered allmulticast mode
[  164.295521][ T9291] veth0_vlan: left promiscuous mode
[  164.320933][ T9291] veth0_vlan: entered promiscuous mode
[  164.640880][ T9309] loop4: detected capacity change from 0 to 512
[  164.655367][ T9311] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=53 sclass=netlink_route_socket pid=9311 comm=syz.5.2072
[  164.667945][ T9311] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9311 comm=syz.5.2072
[  164.685409][ T9309] EXT4-fs: Ignoring removed i_version option
[  164.691521][ T9309] EXT4-fs: Ignoring removed bh option
[  164.722041][ T9309] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  164.779554][ T9309] ext4 filesystem being mounted at /414/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  165.009389][   T36] tipc: Node number set to 1179558123
[  165.081472][ T9334] ip6_vti0 speed is unknown, defaulting to 1000
[  165.498958][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.580968][ T9351] ip6_vti0 speed is unknown, defaulting to 1000
[  165.751086][ T9357] loop2: detected capacity change from 0 to 128
[  165.769054][ T9357] bio_check_eod: 6 callbacks suppressed
[  165.769069][ T9357] syz.2.2082: attempt to access beyond end of device
[  165.769069][ T9357] loop2: rw=2049, sector=145, nr_sectors = 8 limit=128
[  165.789676][ T9357] syz.2.2082: attempt to access beyond end of device
[  165.789676][ T9357] loop2: rw=2049, sector=161, nr_sectors = 8 limit=128
[  165.810046][ T9357] syz.2.2082: attempt to access beyond end of device
[  165.810046][ T9357] loop2: rw=2049, sector=177, nr_sectors = 24 limit=128
[  165.910436][ T9358] ip6_vti0 speed is unknown, defaulting to 1000
[  166.136703][ T9357] syz.2.2082: attempt to access beyond end of device
[  166.136703][ T9357] loop2: rw=2049, sector=209, nr_sectors = 8 limit=128
[  166.207399][ T9357] syz.2.2082: attempt to access beyond end of device
[  166.207399][ T9357] loop2: rw=2049, sector=225, nr_sectors = 8 limit=128
[  166.226678][ T9360] syz.2.2082: attempt to access beyond end of device
[  166.226678][ T9360] loop2: rw=2049, sector=305, nr_sectors = 80 limit=128
[  166.245758][ T9360] syz.2.2082: attempt to access beyond end of device
[  166.245758][ T9360] loop2: rw=2049, sector=393, nr_sectors = 8 limit=128
[  166.263086][   T67] kworker/u8:4: attempt to access beyond end of device
[  166.263086][   T67] loop2: rw=1, sector=257, nr_sectors = 8 limit=128
[  166.276687][   T67] kworker/u8:4: attempt to access beyond end of device
[  166.276687][   T67] loop2: rw=1, sector=273, nr_sectors = 8 limit=128
[  166.294329][ T9360] syz.2.2082: attempt to access beyond end of device
[  166.294329][ T9360] loop2: rw=2049, sector=409, nr_sectors = 8 limit=128
[  166.312614][   T29] kauditd_printk_skb: 254 callbacks suppressed
[  166.312627][   T29] audit: type=1326 audit(1763103503.546:10971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9365 comm="syz.3.2083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f287204f6c9 code=0x7ffc0000
[  166.351104][   T29] audit: type=1326 audit(1763103503.576:10972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9365 comm="syz.3.2083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f2872081f85 code=0x7ffc0000
[  166.374827][   T29] audit: type=1326 audit(1763103503.576:10973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9365 comm="syz.3.2083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f2872081f85 code=0x7ffc0000
[  166.398458][   T29] audit: type=1326 audit(1763103503.576:10974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9365 comm="syz.3.2083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f2872081f85 code=0x7ffc0000
[  166.422031][   T29] audit: type=1326 audit(1763103503.576:10975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9365 comm="syz.3.2083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f2872081f85 code=0x7ffc0000
[  166.445772][   T29] audit: type=1326 audit(1763103503.586:10976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9365 comm="syz.3.2083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f2872081f85 code=0x7ffc0000
[  166.469436][   T29] audit: type=1326 audit(1763103503.586:10977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9365 comm="syz.3.2083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f2872081f85 code=0x7ffc0000
[  166.493523][   T29] audit: type=1326 audit(1763103503.586:10978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9365 comm="syz.3.2083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f2872081f85 code=0x7ffc0000
[  166.517177][   T29] audit: type=1326 audit(1763103503.586:10979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9365 comm="syz.3.2083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f2872081f85 code=0x7ffc0000
[  166.540653][   T29] audit: type=1326 audit(1763103503.586:10980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9365 comm="syz.3.2083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f2872081f85 code=0x7ffc0000
[  166.610750][   T31] Buffer I/O error on dev loop2, logical block 305, lost async page write
[  166.633873][ T9375] loop4: detected capacity change from 0 to 512
[  166.645140][ T9373] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2085'.
[  166.651745][ T9375] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  166.669831][ T9375] ext4 filesystem being mounted at /417/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  166.718365][ T9382] sch_fq: defrate 4294967295 ignored.
[  166.759282][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  166.773823][ T9384] vlan1: entered allmulticast mode
[  166.779406][ T9384] dummy0: entered allmulticast mode
[  166.795020][ T9388] loop4: detected capacity change from 0 to 128
[  166.852730][ T9392] loop4: detected capacity change from 0 to 1024
[  166.859383][ T9392] EXT4-fs: Ignoring removed orlov option
[  166.870327][ T9392] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  166.884248][ T9392] EXT4-fs (loop4): shut down requested (1)
[  166.891917][ T9392] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=12
[  166.901432][ T9392] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=12
[  166.910528][ T9392] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=12
[  166.928113][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.932104][ T9395] ip6_vti0 speed is unknown, defaulting to 1000
[  166.948899][ T9396] netlink: 1040 bytes leftover after parsing attributes in process `syz.2.2095'.
[  166.972713][ T9398] loop4: detected capacity change from 0 to 512
[  167.027402][ T9398] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  167.056934][ T9405] loop3: detected capacity change from 0 to 128
[  167.064353][ T9398] ext4 filesystem being mounted at /421/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  167.083950][ T9407] netlink: 'syz.2.2108': attribute type 1 has an invalid length.
[  167.115908][ T9407] 8021q: adding VLAN 0 to HW filter on device bond3
[  167.123579][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.137398][ T9411] macvlan2: entered promiscuous mode
[  167.142764][ T9411] macvlan2: entered allmulticast mode
[  167.161317][ T9407] bond3: (slave ip6gretap1): making interface the new active one
[  167.179889][ T9407] bond3: (slave ip6gretap1): Enslaving as an active interface with an up link
[  167.236173][ T9404] Buffer I/O error on dev loop3, logical block 305, async page read
[  167.244460][ T9404] Buffer I/O error on dev loop3, logical block 306, async page read
[  167.276126][ T9414] loop4: detected capacity change from 0 to 512
[  167.284948][ T9404] Buffer I/O error on dev loop3, logical block 307, async page read
[  167.294405][ T9404] Buffer I/O error on dev loop3, logical block 308, async page read
[  167.302637][ T9404] Buffer I/O error on dev loop3, logical block 309, async page read
[  167.310739][ T9404] Buffer I/O error on dev loop3, logical block 310, async page read
[  167.318932][ T9404] Buffer I/O error on dev loop3, logical block 311, async page read
[  167.329670][ T9404] Buffer I/O error on dev loop3, logical block 312, async page read
[  167.339830][ T9414] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  167.352660][ T9414] ext4 filesystem being mounted at /422/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  167.356414][ T9404] Buffer I/O error on dev loop3, logical block 305, async page read
[  167.363662][ T9414] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  167.509756][ T9422] ip6_vti0 speed is unknown, defaulting to 1000
[  167.880630][ T9429] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2101'.
[  167.896536][ T9427] veth8: entered promiscuous mode
[  167.901730][ T9427] veth8: entered allmulticast mode
[  168.163876][ T9451] netlink: 'syz.5.2114': attribute type 12 has an invalid length.
[  168.465773][ T9467] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2120'.
[  168.501801][ T9467] hsr_slave_0: left promiscuous mode
[  168.521853][ T9467] hsr_slave_1: left promiscuous mode
[  168.667518][ T9475] netlink: 123 bytes leftover after parsing attributes in process `syz.3.2122'.
[  168.688905][ T9475] loop3: detected capacity change from 0 to 512
[  168.703322][ T9475] EXT4-fs: Ignoring removed oldalloc option
[  168.711318][ T9475] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  168.759865][ T9475] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2856c018, mo2=0002]
[  168.768112][ T9475] System zones: 1-3, 19-19, 35-38
[  168.780487][ T9475] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.793473][ T9475] ext4 filesystem being mounted at /397/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  168.833034][ T9452] loop2: detected capacity change from 0 to 128
[  168.852030][ T9475] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000.
[  168.929503][ T9486] netlink: 'syz.0.2123': attribute type 30 has an invalid length.
[  168.976935][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.443971][ T9501] ip6_vti0 speed is unknown, defaulting to 1000
[  169.787229][ T9509] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  169.808757][ T9509] syzkaller0: entered promiscuous mode
[  169.814316][ T9509] syzkaller0: entered allmulticast mode
[  169.900893][ T9509] tipc: Resetting bearer <eth:syzkaller0>
[  169.961789][ T9498] tipc: Resetting bearer <eth:syzkaller0>
[  169.979043][ T9498] tipc: Disabling bearer <eth:syzkaller0>
[  170.013066][ T9485] netlink: 536 bytes leftover after parsing attributes in process `syz.4.2133'.
[  170.038196][ T9485] netlink: 104 bytes leftover after parsing attributes in process `syz.4.2133'.
[  170.192732][ T9553] netlink: 64 bytes leftover after parsing attributes in process `syz.4.2136'.
[  170.263845][ T9565] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2139'.
[  170.279880][ T9565] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2139'.
[  170.418355][ T9593] netlink: 24 bytes leftover after parsing attributes in process `wÞ£ÿ'.
[  170.436798][ T9593] netlink: 4 bytes leftover after parsing attributes in process `wÞ£ÿ'.
[  170.513032][ T9613] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[  171.157888][ T9627] program syz.3.2150 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  171.374561][   T29] kauditd_printk_skb: 747 callbacks suppressed
[  171.374576][   T29] audit: type=1400 audit(1763103508.606:11728): avc:  denied  { watch } for  pid=9636 comm="syz.2.2153" path="/file0" dev="ramfs" ino=32601 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=fifo_file permissive=1
[  171.548459][   T29] audit: type=1400 audit(1763103508.636:11729): avc:  denied  { execute } for  pid=9636 comm="syz.2.2153" name="file1" dev="ramfs" ino=32600 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=file permissive=1
[  171.570611][   T29] audit: type=1400 audit(1763103508.636:11730): avc:  denied  { execute_no_trans } for  pid=9636 comm="syz.2.2153" path="/file1" dev="ramfs" ino=32600 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=file permissive=1
[  171.667382][ T9651] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2157'.
[  171.787816][   T29] audit: type=1400 audit(1763103508.886:11731): avc:  denied  { write } for  pid=9640 comm="syz.5.2154" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  172.188339][   T29] audit: type=1400 audit(1763103509.416:11732): avc:  denied  { bind } for  pid=9655 comm="syz.5.2159" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  172.207893][   T29] audit: type=1400 audit(1763103509.416:11733): avc:  denied  { name_bind } for  pid=9655 comm="syz.5.2159" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[  172.228931][   T29] audit: type=1400 audit(1763103509.416:11734): avc:  denied  { node_bind } for  pid=9655 comm="syz.5.2159" saddr=ff02::1 src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[  172.320347][   T29] audit: type=1400 audit(1763103509.516:11735): avc:  denied  { unmount } for  pid=3318 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  172.359355][   T29] audit: type=1400 audit(1763103509.586:11736): avc:  denied  { write } for  pid=9652 comm="syz.2.2158" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  172.397551][ T9658] loop3: detected capacity change from 0 to 512
[  172.431059][ T9658] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.2160: couldn't read orphan inode 26 (err -116)
[  172.463748][ T9658] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  172.499499][ T9658] ext4 filesystem being mounted at /403/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  172.527204][ T9658] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #3: comm syz.3.2160: corrupted inode contents
[  172.571834][ T9658] EXT4-fs error (device loop3): ext4_dirty_inode:6517: inode #3: comm syz.3.2160: mark_inode_dirty error
[  172.587474][ T9673] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2164'.
[  172.597337][ T9658] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2160: bg 0: block 64: padding at end of block bitmap is not set
[  172.612673][ T9673] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2164'.
[  172.622306][ T9658] Quota error (device loop3): write_blk: dquota write failed
[  172.633777][ T9658] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.2160: Failed to acquire dquot type 0
[  172.777693][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.789042][ T9684] netlink: 'syz.0.2168': attribute type 1 has an invalid length.
[  172.805463][ T9684] bond2: entered promiscuous mode
[  172.810889][ T9684] 8021q: adding VLAN 0 to HW filter on device bond2
[  172.826407][ T9684] bond2: entered allmulticast mode
[  172.840155][ T9684] bond2: (slave bridge3): making interface the new active one
[  172.847663][ T9684] bridge3: entered promiscuous mode
[  172.853112][ T9684] bridge3: entered allmulticast mode
[  172.859935][ T9684] bond2: (slave bridge3): Enslaving as an active interface with an up link
[  173.045712][ T9731] netlink: 'syz.2.2171': attribute type 1 has an invalid length.
[  173.064332][ T9731] 8021q: adding VLAN 0 to HW filter on device bond4
[  173.076604][ T9731] bond4: entered allmulticast mode
[  173.087306][ T9731] bond4: (slave ip6gretap2): making interface the new active one
[  173.095115][ T9731] ip6gretap2: entered allmulticast mode
[  173.101249][ T9731] bond4: (slave ip6gretap2): Enslaving as an active interface with an up link
[  173.179745][ T9772] ip6_vti0 speed is unknown, defaulting to 1000
[  173.225226][ T9778] vlan1: entered allmulticast mode
[  173.387457][ T9810] loop4: detected capacity change from 0 to 512
[  173.395834][ T9810] EXT4-fs error (device loop4): ext4_iget_extra_inode:5075: inode #15: comm syz.4.2179: corrupted in-inode xattr: e_value size too large
[  173.410464][ T9810] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.2179: couldn't read orphan inode 15 (err -117)
[  173.423064][ T9810] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  173.575440][ T9825] loop2: detected capacity change from 0 to 1024
[  173.582582][ T9825] EXT4-fs: Ignoring removed orlov option
[  173.590335][ T9825] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  173.696088][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  173.717768][ T3327] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  173.789764][ T9852] syzkaller0: entered allmulticast mode
[  173.795661][ T9852] syzkaller0: entered promiscuous mode
[  173.803041][ T9852] syzkaller0 (unregistering): left allmulticast mode
[  173.809763][ T9852] syzkaller0 (unregistering): left promiscuous mode
[  174.204384][ T9872] 0ªX¹¦À: renamed from caif0
[  174.224512][ T9872] 0ªX¹¦À: entered allmulticast mode
[  174.229778][ T9872] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[  174.254717][ T9856] ip6_vti0 speed is unknown, defaulting to 1000
[  174.361546][ T9884] netlink: 'syz.3.2196': attribute type 4 has an invalid length.
[  174.390235][ T9884] netlink: 'syz.3.2196': attribute type 4 has an invalid length.
[  174.421849][ T9858] netlink: 'syz.0.2190': attribute type 2 has an invalid length.
[  174.854689][ T9928] xt_CT: You must specify a L4 protocol and not use inversions on it
[  174.981522][ T9938] loop3: detected capacity change from 0 to 1024
[  174.994142][ T9938] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  175.047263][ T9944] ip6_vti0 speed is unknown, defaulting to 1000
[  175.331195][ T9987] __nla_validate_parse: 5 callbacks suppressed
[  175.331227][ T9987] netlink: 64 bytes leftover after parsing attributes in process `syz.2.2216'.
[  175.357974][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  175.377115][ T9993] netlink: 96 bytes leftover after parsing attributes in process `syz.3.2218'.
[  175.702049][T10010] netdevsim netdevsim4 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  175.711916][T10010] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  175.782518][T10010] netdevsim netdevsim4 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  175.792400][T10010] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  175.860967][T10010] netdevsim netdevsim4 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  175.870855][T10010] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  175.896271][T10022] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2227'.
[  175.920404][T10010] netdevsim netdevsim4 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  175.930303][T10010] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  175.985502][   T67] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  175.993769][   T67] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 20004 - 0
[  176.004559][   T67] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  176.012809][   T67] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 20004 - 0
[  176.024322][   T52] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  176.032549][   T52] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 20004 - 0
[  176.043798][   T52] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  176.052032][   T52] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 20004 - 0
[  176.094607][T10049] syzkaller1: entered promiscuous mode
[  176.100154][T10049] syzkaller1: entered allmulticast mode
[  176.296246][T10055] netlink: 64 bytes leftover after parsing attributes in process `syz.0.2230'.
[  176.383263][   T29] kauditd_printk_skb: 142 callbacks suppressed
[  176.383279][   T29] audit: type=1400 audit(1763103513.616:11878): avc:  denied  { connect } for  pid=10065 comm="syz.3.2234" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  176.613669][T10079] loop3: detected capacity change from 0 to 1024
[  176.621491][T10079] EXT4-fs: inline encryption not supported
[  176.662625][T10079] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  176.711247][T10079] usb usb8: usbfs: process 10079 (syz.3.2238) did not claim interface 0 before use
[  176.747494][T10079] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4193: comm syz.3.2238: Allocating blocks 385-513 which overlap fs metadata
[  176.796515][T10078] EXT4-fs (loop3): pa ffff8881072e7380: logic 16, phys. 129, len 24
[  176.804581][T10078] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 8
[  176.913969][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.933662][   T29] audit: type=1326 audit(1763103514.166:11879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10088 comm="syz.3.2240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f287204f6c9 code=0x7ffc0000
[  176.957432][   T29] audit: type=1326 audit(1763103514.166:11880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10088 comm="syz.3.2240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=208 compat=0 ip=0x7f287204f6c9 code=0x7ffc0000
[  176.981108][   T29] audit: type=1326 audit(1763103514.166:11881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10088 comm="syz.3.2240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f287204f6c9 code=0x7ffc0000
[  177.004740][   T29] audit: type=1326 audit(1763103514.166:11882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10088 comm="syz.3.2240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f287204f6c9 code=0x7ffc0000
[  177.028260][T10089] veth0_vlan: left allmulticast mode
[  177.047582][T10089] gretap1: left allmulticast mode
[  177.071714][T10089] veth4: left allmulticast mode
[  177.083590][   T31] netdevsim netdevsim3 eth0: unset [1, 0] type 2 family 0 port 20004 - 0
[  177.083638][   T29] audit: type=1326 audit(1763103514.316:11883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10088 comm="syz.3.2240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f287204f6c9 code=0x7ffc0000
[  177.115780][   T29] audit: type=1326 audit(1763103514.316:11884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10088 comm="syz.3.2240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f287204f6c9 code=0x7ffc0000
[  177.131220][   T31] netdevsim netdevsim3 eth1: unset [1, 0] type 2 family 0 port 20004 - 0
[  177.170382][   T31] netdevsim netdevsim3 eth2: unset [1, 0] type 2 family 0 port 20004 - 0
[  177.179056][   T31] netdevsim netdevsim3 eth3: unset [1, 0] type 2 family 0 port 20004 - 0
[  177.202509][T10094] dvmrp1: entered allmulticast mode
[  177.220332][T10094] dvmrp1: left allmulticast mode
[  177.225493][T10094] dvmrp8: left allmulticast mode
[  178.174396][T10134] netlink: 64 bytes leftover after parsing attributes in process `syz.0.2251'.
[  178.213767][T10137] netlink: 'syz.5.2252': attribute type 10 has an invalid length.
[  178.222195][T10137] ipvlan0: entered allmulticast mode
[  178.227578][T10137] veth0_vlan: entered allmulticast mode
[  178.234345][T10137] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2252'.
[  178.283079][T10145] netlink: 'syz.5.2254': attribute type 4 has an invalid length.
[  178.291429][T10139] ip6_vti0 speed is unknown, defaulting to 1000
[  178.409378][   T29] audit: type=1326 audit(1763103515.636:11885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10174 comm="syz.5.2258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6cf586f6c9 code=0x7ffc0000
[  178.433034][   T29] audit: type=1326 audit(1763103515.636:11886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10174 comm="syz.5.2258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6cf586f6c9 code=0x7ffc0000
[  178.498242][   T29] audit: type=1326 audit(1763103515.686:11887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10174 comm="syz.5.2258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6cf586f6c9 code=0x7ffc0000
[  178.544511][T10170] ip6_vti0 speed is unknown, defaulting to 1000
[  178.594892][T10189] netlink: 'syz.0.2261': attribute type 1 has an invalid length.
[  178.604923][T10196] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2263'.
[  178.621555][T10189] 8021q: adding VLAN 0 to HW filter on device bond3
[  178.629919][T10196] netlink: 88 bytes leftover after parsing attributes in process `syz.3.2263'.
[  178.650331][T10189] 8021q: adding VLAN 0 to HW filter on device bond3
[  178.660590][T10189] bond3: (slave vxcan3): The slave device specified does not support setting the MAC address
[  178.671736][T10189] bond3: (slave vxcan3): Error -95 calling set_mac_address
[  178.742777][T10250] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2265'.
[  178.858062][T10318] syzkaller0: entered allmulticast mode
[  178.953408][T10334] xt_CT: You must specify a L4 protocol and not use inversions on it
[  179.324811][T10362] loop2: detected capacity change from 0 to 8192
[  179.381737][ T3327] FAT-fs (loop2): error, invalid access to FAT (entry 0x0000e1b1)
[  179.389636][ T3327] FAT-fs (loop2): Filesystem has been set read-only
[  179.445015][T10375] loop3: detected capacity change from 0 to 512
[  179.491865][T10391] loop3: detected capacity change from 0 to 512
[  179.498940][T10391] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  179.501278][T10373] ip6_vti0 speed is unknown, defaulting to 1000
[  179.511935][T10391] EXT4-fs (loop3): 1 truncate cleaned up
[  179.521688][T10391] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  179.576065][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  179.841332][T10430] netlink: 3 bytes leftover after parsing attributes in process `syz.5.2295'.
[  179.869419][T10430] 1ªX¹¦À: renamed from 
60ªX¹¦À
[  179.876436][T10430] A link change request failed with some changes committed already. Interface 
61ªX¹¦À may have been left with an inconsistent configuration, please check.
[  179.905662][T10433] loop2: detected capacity change from 0 to 1024
[  179.918064][T10433] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  180.019642][T10445] ==================================================================
[  180.027762][T10445] BUG: KCSAN: data-race in __mark_inode_dirty / writeback_single_inode
[  180.036030][T10445] 
[  180.038351][T10445] write to 0xffff88811a4ba8b8 of 4 bytes by task 10433 on cpu 1:
[  180.046061][T10445]  writeback_single_inode+0x150/0x3f0
[  180.051444][T10445]  sync_inode_metadata+0x5b/0x90
[  180.056388][T10445]  generic_buffers_fsync_noflush+0xd9/0x120
[  180.062285][T10445]  ext4_sync_file+0x1ab/0x690
[  180.066963][T10445]  vfs_fsync_range+0x10d/0x130
[  180.071737][T10445]  ext4_buffered_write_iter+0x34f/0x3c0
[  180.077285][T10445]  ext4_file_write_iter+0x387/0xf60
[  180.082492][T10445]  iter_file_splice_write+0x666/0xa60
[  180.087883][T10445]  direct_splice_actor+0x156/0x2a0
[  180.092996][T10445]  splice_direct_to_actor+0x312/0x680
[  180.098364][T10445]  do_splice_direct+0xda/0x150
[  180.103136][T10445]  do_sendfile+0x380/0x650
[  180.107569][T10445]  __x64_sys_sendfile64+0x105/0x150
[  180.112778][T10445]  x64_sys_call+0x2bb4/0x3000
[  180.117459][T10445]  do_syscall_64+0xd2/0x200
[  180.121961][T10445]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  180.127863][T10445] 
[  180.130181][T10445] read to 0xffff88811a4ba8b8 of 4 bytes by task 10445 on cpu 0:
[  180.137806][T10445]  __mark_inode_dirty+0x191/0x750
[  180.142835][T10445]  file_modified_flags+0x324/0x350
[  180.147958][T10445]  file_modified+0x17/0x20
[  180.152385][T10445]  ext4_buffered_write_iter+0x1d0/0x3c0
[  180.157932][T10445]  ext4_file_write_iter+0x387/0xf60
[  180.163127][T10445]  iter_file_splice_write+0x666/0xa60
[  180.168501][T10445]  direct_splice_actor+0x156/0x2a0
[  180.173618][T10445]  splice_direct_to_actor+0x312/0x680
[  180.179005][T10445]  do_splice_direct+0xda/0x150
[  180.183780][T10445]  do_sendfile+0x380/0x650
[  180.188209][T10445]  __x64_sys_sendfile64+0x105/0x150
[  180.193419][T10445]  x64_sys_call+0x2bb4/0x3000
[  180.198100][T10445]  do_syscall_64+0xd2/0x200
[  180.202606][T10445]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  180.208510][T10445] 
[  180.210829][T10445] value changed: 0x00000070 -> 0x00000002
[  180.216548][T10445] 
[  180.218867][T10445] Reported by Kernel Concurrency Sanitizer on:
[  180.225019][T10445] CPU: 0 UID: 0 PID: 10445 Comm: syz.2.2296 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  180.236399][T10445] Tainted: [W]=WARN
[  180.240197][T10445] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  180.250253][T10445] ==================================================================
[  180.935192][ T3327] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.