last executing test programs:

8m25.221330594s ago: executing program 4 (id=430):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000006020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b70300000000ecff8500000004000000181100", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socket$netlink(0x10, 0x3, 0x7)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x100}, 0x94)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r0 = socket$inet(0xa, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f00000002c0)=@mangle={'mangle\x00', 0x44, 0x6, 0x3c8, 0x238, 0x238, 0x238, 0x98, 0x98, 0x378, 0x378, 0x378, 0x378, 0x378, 0x6, 0x0, {[{{@ip={@loopback, @multicast1=0xe0007600, 0x0, 0x0, 'gre0\x00', 'ip6gre0\x00', {}, {}, 0x0, 0x0, 0x11}, 0x7a00, 0x70, 0x98}, @inet=@DSCP={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @local, 0x0, 0x0, 'wg1\x00', 'nicvf0\x00', {}, {}, 0x11}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @local}}}, {{@ip={@broadcast, @multicast2, 0x0, 0x0, 'vlan1\x00', 'nr0\x00'}, 0x0, 0x70, 0xb8}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@dev={0xfe, 0x80, '\x00', 0x18}, 'veth0_virt_wifi\x00', {0x7}}}}, {{@ip={@rand_addr, @private, 0xffffffff, 0xff, 'syzkaller0\x00', 'veth1_to_team\x00', {}, {0xff}}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @empty}}}, {{@ip={@empty, @empty, 0xff000000, 0x0, 'lo\x00', 'batadv_slave_1\x00'}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x4, 0x0, @loopback}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x428)

8m24.749478035s ago: executing program 4 (id=441):
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000200)=[@in6={0xa, 0x4e24, 0x4, @loopback}], 0x1c)
r0 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
r1 = openat$binfmt(0xffffffffffffff9c, r0, 0x42, 0x1ff)
write$binfmt_script(r1, &(0x7f0000000080)={'#! ', './file1', [{}]}, 0x2)
write$binfmt_elf64(r1, &(0x7f0000000200)=ANY=[], 0x1cb)
close(r1)
execveat$binfmt(0xffffffffffffff9c, r0, 0x0, 0x0, 0x0)

8m24.70622477s ago: executing program 4 (id=443):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x2}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x2}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_DELTABLE={0x14, 0x2, 0xa, 0x5}], {0x14}}, 0x88}}, 0x0)

8m24.612515633s ago: executing program 4 (id=445):
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000010000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = epoll_create(0x3ff)
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000240)={0xa0000000, 0x1b54c8})
epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r3, &(0x7f0000000440)={0x2000000})

8m24.603066414s ago: executing program 4 (id=446):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r0}, &(0x7f0000000400), &(0x7f00000005c0)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30)
mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0)

8m24.520817225s ago: executing program 4 (id=449):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000004c0)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@usrquota}, {@data_err_ignore}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@oldalloc}, {@grpquota}, {@noload}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000000600)=ANY=[@ANYBLOB="0200000001000000000000000400000000000000100000000000000020"], 0x24, 0x0)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
rmdir(&(0x7f0000000040)='./bus\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r0, &(0x7f0000000180), 0x40010)

8m9.394223709s ago: executing program 32 (id=449):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000004c0)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@usrquota}, {@data_err_ignore}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@oldalloc}, {@grpquota}, {@noload}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000000600)=ANY=[@ANYBLOB="0200000001000000000000000400000000000000100000000000000020"], 0x24, 0x0)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
rmdir(&(0x7f0000000040)='./bus\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r0, &(0x7f0000000180), 0x40010)

7m53.533305999s ago: executing program 1 (id=940):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x80, 0x7, 0x28}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x18)
r2 = memfd_secret(0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000740)=ANY=[@ANYBLOB="61124c000000000061138c0000000000bf200000000000000703000008ff0200ad0301000000000095000000000000006916000000000000bf67000000000000170600000fff07006706000002000000070600000ee60000bf050000000000001f650000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070500000419311f2d3001000000000095000000000000000500000000000000950000000000000032ed3c5be95e76b67754bb12dc8c27df8ecf264e0f84f9f17d3c30e3c72fe9751f008554bb4f2278af6d71d79a5e12810a089dc1d4681d295c45a674f888a08034b7dd399703d6c4f633a9a4f16d0a3e1282ee45a010fb94fa9de56c9d8a814261bdb94a65f78238b89dc6c60bf70d742a81b72bab8395fa64810b5b1bfd3782519518c505000000b8fab4d4d897db2c544c0e0895a9044f50c50b8eac8c63d2b1cd06a39702bd547f5ebaa69520bbb15f4f01cef3c9bacec15e2e3b2bd352e93a22adfe8efe33ff2f8ee5476d4ef7a6f0c4704403b9bad2b648e90fff24f69a5ef05f5408ea197ed09a9510ee6063229de2984abdd46ea3ec78e3127002ed37c2564bd98a621483fb2a5ff221e0d831f24759d17b8c59d0f2b0727f6b7958fb5b939af4be5e55a95f8c6d785a91c7c3f0c17ae7f9ac5ff05f5ecddf0cef90d50e763be96496661c749e21ab63a1f50b30a65a9027ba357bf8c614497ee59b68bf6a5d45c81c567e347d54574164bbea3e7b7f8a13cce7014137f250370b8a70ae3eaf6d6f17759c3886871e97d063b7f26eed3226bb0b9ee6320a2b02fea7a06a0e37182adf4b1be6f29358d4f5dfec405bde000000000000000000000000000000902e647cc5962eccaad64429335f3ce2a10ce72da82875427c1d16db24dca08487ba41a3fb337f8432d8176a515229e32ee11a1dd23dac038f989eafdd67f60b63f7be4d1bf325b57335b9973c73bfa89517a98b1fc15f8a2713718feb01059d570a0000e3b2a93bd745a74f9bf7f7abc5d15d56331055cc0820c5c9d676d92557c4e47cfbe27f91e0eb18e21dfdab3c84ec11377fbb00000000848060962bcbc47cefd1a2a7bd3b646614bf7cd3495663de5b63f6b5910daee8ebb7ba84a8b5b6f2d1fbc22a51a500f94c871d5e1d31ab5d7a89965bbdbf355a8544e1688a61f459f3618b3a5416eb143180d3d2c5f4e0b1a556422038801703e109e23944e53f230a3537a5412c7d0bf278c6c1684dd8de90aaa33f47dc2c7b5e4f73784fd31aa2f9d1b1623734f9cf84718b2bad31f651e3607f3ac6c427cb6c0652d21ecd4b29e96c0a3781ee820faab71040768f6b08a69fdfd0b2b7be25f19500c1b8330994efb57a53c1a67bda909630f75738ab40e7ab63d527d6c1e8cf611f05c1b6d0da1ba84d405b4d834162c88022a4625a5f7c431c39f3f9a7789f9b668ec4da9f1a981086dcf4c5a940691f9638ce34dba904483f2ed4e7a713b7eac29c5e122f1b6acd6f1da2"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000280)={r3, r2, 0x2e, 0x4608, @void}, 0x10)
close_range(r3, 0xffffffffffffffff, 0x0)

7m53.460419968s ago: executing program 1 (id=943):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = syz_io_uring_setup(0x1714, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r2, 0x16, &(0x7f0000000380)={&(0x7f0000001000)={[{0x0}, {0x0}, {0x0}, {0x0}]}, 0x4}, 0x1)
syz_io_uring_submit(r3, r4, &(0x7f00000001c0)=@IORING_OP_RECVMSG={0xa, 0x20, 0x2, r0, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x22}})
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000340)={0x8, {"eb9d8988e81b395b45bd0cba3a8483077474dd3dd0c47bc253e5f8e8b4292aac2796001366e4c71f9f35008b53e42578e610c78571ad7fd714bbf1d6fd513c82063c7b62f80247dae47c5c719fcb141465938af815fb5f2695978afaf02bc89e649ba154d25cd9128fa00c4655085aaa52d42552f2b09df1d9bb0e372396aa8bcb1358797975d0f0609075102a2744764709002ff83c2341d3365f98a022a3adb2984c475f59af4129dbfd9a93d73ebd4e3cb4f1e4ab97495820ac3a2091f1a472e09074da690ef8a1271c19fa97898e3be7b5000d91bbc78a0e2415b557a6ac425159469271188e5adbb631ee32f1c01b8aab308dad8548079f00eb770e058ec6480cb78a47d832ff6f7d23348118d2a8a317c1d0cb05299e4541dd566ca584cbe7508ab24fa6fdd1e5fd301a57f7b01f55543d5289911b1040011acfa9247e9f2b08635fc066b8725bc114c59fdbdd3a35903b19613e3f29ce4457a59c64567f1fea4a17185e7edde0ccc64cf9d0086ef292c318c8a56b28406cdcfd091245a8e0fa721e11aa064b642d9afbcf3dd23c79c466e634e84e0ccf866e8bcc03a6e6ac823fe6056a7aa6aa8622969e263eff3fb74ea46e0bd6a1ce08244e39f59df03e6cdd7fdc2811c4c1719099a56f1c5e07ab0e7d6a07192dcc0d03f6bcbc2323f4606b52950e3ebf54b379a97bb4c0c27db1e0824068a353aa025258f16eec23148997eb0f14ade49c1216cfd2ce324f289ddcf0ff8247984c4567692e9b64c2fbbc1272a3e532122e65f97cec13564ece0b7029c2c34ca9c7a9557d487336d849513afaaaa6c1a0388e72dba891750cebb09747cdadd4228b66ce5972f9c67bc4bd795753bc83fd36897edb29a4d9ca5c5cbb0e92dab163d6c980ef76a5f79f6f05f9a7e0e745a129cbbfc12281f9566f656b1f9de9bec23d3a2bec3852430fb7dcbc692e0fcccb69402639a0e1693a70a5983a462b001131a4774e5e3d8bd9a19389ab7e819a77ae145d2ca8e4477215905e8e1dce02ccd3f8942744313a30b68025844e5a68a9a2dd382a3a32042c232459a776d6e1741eec549b4d2867580fc511393281917f5145952997aebd29d8056d4282586ccd91d633a7c1764012e09d7746fef7246eb56640fef2bdd74b78fbcaa32e6b6f4136431a51229956a8a8149de241511e2760f997886e098fc1847adee880f3ae61a1240581e13758be18a33bde20ffad43a0ae9a4f7144a16993858e445c7c5bc83e13dfeb81ae6fc11be70e0ab490ab976106e3d8e627c44df3ac588239fbf885a2439b69e5a121245fd3c42c86555b198452ffcac7168d789ff3f61da76d389b0fc1e6c39df6608824babcb098c509e0def7f1701e67ab7d6c64ab5150eaaadbe38a11673fee8d286d88ae6f39241966fa6df46464166db4f41d67596d9d67382f1069042ee118b0af630a5e12f07d8cfa4183f2c28b27a6105d69804508235f877693cf1f359ffb95b585496b941c2e3f2170d916ded547beee1ae24e1724f17cb85cfcba15e1cbabe44e60b16c2ac4f4afed9506e25bd35a8897de4ae4a4c929b25289f75b2da34a1b65edfc2dd74b74b8f3d74f1387805cf5933a616798fa890718c9ebd6079c26a5f732298f8e8a2e378fccffd7fc3ecc8b10d1cd013a7340b7842c4b1dff0e9f2ea70329fb9c3013151f43fa5bad0dd5f61a92da5a78e68052ab72c38d915136184a49da2a6b6e248e9d106777c1bde4dfc94f8a4a29dfa95fe7681516061a83650c8b39968bd3a7a34b34e93844fc8ed8a84b59f7e657a025592db7a7252491b18695693a68d178564909e5971b8956479e518a1202af31718fe22f4e65c93a9a08e802e07fd274e5a23cb466a7b48cf344a2176d61ef27d348b40a510e8cc8e372693cb6c1c7cfb4e3972fbe4204f0048bc53793e049b0484b3bbe6d3b6a986bc2c95fdb63f60ebfdbea38b48405a8b85ee84568fb6921a75fb54e9026671ed43b923286d64d60c9060a86c2217f98f049259d99d0c5ce4889b165557fa4536a6d5222eb289a6dd83ff235dbde83897d1627f6d85c3e551997007b5219c5b010d53b92879e19951ba21db665f724d7c45da7c635f3a982047a1ebed638dca4f3e97ee036e18ae68d37cd8fda64fac7dce84587311b2e17420c31d50a5da4d052052ea1b4116aa9a0ef20434420c51887cf2d03a1d578925f19e700451f404413f7371693f2e0a622e1ae49daccd12de5ec59d2acbb635d854ce22a418f143c3a637dc731d45c5d1c38adcb770602a92f3de006a4eef1d838b91178476ff168fa639eb5b420da8a343a0ec6e6144cc802eb08d1833beb6ca18ffa1fd7b019bb2d02c97d62963a8a9180769323d8e45639b68aaa56775306bdc6c020678ecd64e751fb92c85dc474bbde8f94c029d92dea48b837c7b5524dc061374e637e299fef6b1355ce23d0f649f0e61402d375bb444a37a22a812821ade48df3be021ecacff6873654bf21e111d079f5bb140568b5c4b77f1aaa22416ab983eb8fe903286fdf114024622f443686078c8318329aebe5df891a9a91bd5512b3aed59557de62d1a9586e10fa07306f815fc10204200d6282813f729c3f8e8af7c450f55037397125ef5e806306a9ba351a6f3e1dede486bc75ae897581b649ef55f19c97b330c5a61a6f76674722429ea894d1c638074cedb0b863514c19166a5c2baf4ee6d1eaeee85155afd10fdd4361c78b3c0d00d01a37df52be0ed3458bc7a1afa0c8c9a2f3406b1e4607e955f57f626c7ed2efac888e72110e0dc0f79cfdd02bc245f0b3a7939bbdc31229ab99ecd36927e1fdd7b17b5037457856fe3f773b6af24af6d67cbd7978e2f127b86b50153e9b0f13f4942006198d6a6ac335cf7560676fd607e6a3a7b518fa815def5eca1372813f97d6ea9d62b848db37015aa648c8426f26776728332fad5f72c919a6f96d1c3b0a97df4c1892ff814e2e57979da7f7098c42b963ca5929765b1ad2284abd2c1f7ef9570b8c97a513da8f4078130e70f31327708619331571d78d3475b6b41e835dc948f0e809c6610942e4c7d515d9303e6281a3980a742dc85f4528fddc34d22bbd9aa4b4b2351df10884f1dbc877717d984b0b3bafda47801103cda459d006a9a9982f5cf67fc0face3def54d579358e623dae4d9b4248cebd82111cf4c431f8852bcf862a65a124ca709cec2454e4c65514128bc2d6f8cc92624f20c02b008081d334cc7fa0b8e8d9d3dfe2a283600e875c7ecb8e4949f958f6f84f8e52b78e3eae58fa02d85bb8ac52ddf3b262ec52eca50d6d590139c24c042e1c040d8da6c9a2e95055dc91ed65881bc4c43c13c240eb9f6ef9a4cffb44e96c9c055cbbc10b5d63850bc3e2fa46aabb2c732c0c31bf1dba3ad1ce2b1b671259aaaef955d39c420b18d78828248563cacd9417ef2cb63859ebef3936e26803e7ccf5233cb3c0a2f440d898ff258cb03a783415a6f81b1b1a07bb5cef530c78c30ec9adfd2df246d581bc662336d5029f65588995adc3190e97a418c15fa3620eb68cdcc6233f1aa0009ab558b22ae9316003c6af1fe0d7807e583943e48692fcd9fa2525fefe3467d099951c83943312f0e889cef4c1ecf17ad469f5ad683b405eb59230e89df96e8dd94e41e5f62822ba957e065f22d96b1c0c2b83f5a57fbb04d5af399ece3ddd52e5afff783a876e2066fbe30963421acb427c95fd3e7bc6b7d3d731a7e347052cd9636805cab94ad40bdb63a264b3127c7f8d21d25810bd2eadb2c3e31b5c807283ad062d750e5b21ec1e20cc3ac5753ac536faf23e2b5c37e9d021870b0350ecea7187643a00a08ec3ffaf7e6c236c4d694ff41af7b5fbf8a554949f5026a8b2adcf377f94848cd17fbcc0249e796008962d3db16b4bb85483dbe75ef5b301175e052203436b38248fbd1a28a5e2b3ab75c77eb8f853e60e95d5f16cb9858b33b3752b4c69776ec4506ba2bd490a6f17aae1152d8762d86cc0ef32788cf149e8fa9464c3ea588f15d8eb2092254c470acf221cfe680845167fc6778b8af1609681ae4f4e65426ce059b9768eb2e0c89f29de7b91db89a72e4c677c65dd980f9a6bfa656ed01d5e683a33e6b80462139476225cc0fcc309d926c36aa250bdad1454db46cd2536046f909a05b08829cad973bc705231a32a5f2e7ac5e96e2315cb175724607a5af02073fc936272aa724990ba6dcc4ea79da6eb7ec0bbdbd0a878114c493bc4b3e26e24b18553bd0a617981d8ea9e91ed2e3bcbd48f5d67aa913790bf52c31435184d6c73079e964e9ef05194e88b072b372d48cb70dbca99238c4474ed0b6932cc1b233bce0c87d48d478fa3c937c42c8637714e9995041f8b2b7dce17eb2f26c730f5559cf5919b88ee00bbf40726f90e1cf29e0f5fadc64de1bf28d447e8996948dc2fe658620b6fb8cfc592d5e0621b66057eb774c31ab16235456210c5ee7990b71b5b3d51cf13e30361a8cdaa107b13fa6a1c84b172efece3b70753e81e7e9e572d228c7bbcdaba40d8d0eb4de13bda1fca38d3ed667bb0897335aadaa0c3905a1283292c89ef5747ad5462db4011c3f8a4a476aa78d74badf8bf3785997ba9824e21256eed4c2805331fa24c81e28f21e895a0b03e7de52787065faded0f1b59eba1c922dce5576e8ab190ef716c021d8dfa13a1e73b8962d9f9238ba8b9fa2cf84addfe37e78cdb398ee4c0642a716fb8db1e332f873a16c6225ebc51fe05f33273380e64272159bb808336e87b4b0cddb492a992b2e7f423bf37725e1d9dda0dc6b4426172c2a93ee1cc9acea7fe1ece9ba0ddee3e232efb11fc4d4e266cd2a83c017e32315c434b73e9729d5a3a7fe993e72f9bb70d78672493263a2653fe1bfd42d1f97cbf0fffb6705b2e35fe65ceb9ad7ddc525b689027352db9c194939559ebb3b505a58e0404103482ce10f7d67761c13b235b52ad1b25803aa94cf7df5ca8d8bd0d4e6d0ab8bcfb8f72a26cecf071e31c02a1034c0144d850f1732926981dca7a18f0a197da3703d74d3e951ed510ed38a8fcae93eb2bebdf92e0feb0f06dbe1331cb43cfa548ca294ea479ecb325aea7aff8d924745298a3d34f23f40b992995a908130165b44beb8cc9da8390dae2a09cb7e1ac7e95b84f35e7be147b4be04883047cdcaec662aa8b66694ae8914e65edb63696494bff66eacb3aecdb23746a36cec7f832d628d38698ba6b3d4020095eae2a5b36a21039ce50901cdf2582b88ab8c86c6f4a8c345618f10d7aab081edb3ce8e4479e0ac476112d4b261cb8ed952221fb660898491fc7134b091c0565173bebf014caffae12852b5314c930d41e27bcfa7bc536fc4da3b714630e1ac7aaf006755da1da792dcad08f796c2ebdd6427ad3374e25132a103d62f98584462aa164d742b4d7c668a85119480199dd90f0a903f6c76cfca28b84a2279ae6965fdec403072be146d2d1f39b122113fbcfb52cf8c7c1d47a32f437b895bcd7a67ad08f196112a15b07e5b57b4db2b7c7f70a42923d6d0625515375b9281d331bd1e5dd75ff3a6e1ca5b75eb328e6c935f2c8f0c57b0aaf2ad85983160b0e53fca44d95e956ef2726d97acb2da34ca4482bb86aabde6d8b8b85da2e44ae89b8359f7edb88a3e2a9aad23125b8c2bd0c7be0847ac9b1e16db2c395e0c9eb040af710c31d32f7b356bfb6f1704f4d884f37c15b865eda87685ae8926fbf3a4465e7e2968ee18ea1ff5d4f4cbfb55634089687b9f0bce5b9cf10779299893cf64980193fd3a1096507e7a8be", 0x1000}}, 0x1006)
io_uring_enter(r2, 0x27e2, 0x0, 0x0, 0x0, 0x0)
writev(r1, &(0x7f0000004400)=[{&(0x7f0000002000)="87", 0x1}], 0x1)

7m53.407173405s ago: executing program 1 (id=947):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000200), &(0x7f0000000280)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='rxrpc_local\x00', r1, 0x0, 0x80000001}, 0x18)
r2 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r2, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @broadcast}}, 0x80, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18}, 0x0)

7m53.269666483s ago: executing program 1 (id=951):
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x2151090, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8f101a, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$tmpfs(0x0, &(0x7f00000004c0)='./file0/../file0\x00', &(0x7f0000000440), 0x10, 0x0)

7m53.21265727s ago: executing program 1 (id=953):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r1}, 0x10)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)

7m52.921346638s ago: executing program 1 (id=960):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000005000000005e002200850000006d00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x3, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x18)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100}, 0x94)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@local, @local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x66, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @multicast1}, {0x0, 0x4e20, 0x8}}}}}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0x63, 0x0, &(0x7f0000000000)="ff", 0x0, 0x149d, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe}, 0x50)

7m52.895446931s ago: executing program 33 (id=960):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000005000000005e002200850000006d00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x3, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x18)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100}, 0x94)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@local, @local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x66, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @multicast1}, {0x0, 0x4e20, 0x8}}}}}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0x63, 0x0, &(0x7f0000000000)="ff", 0x0, 0x149d, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe}, 0x50)

3m39.704929177s ago: executing program 6 (id=7801):
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket$nl_netfilter(0x10, 0x3, 0xc)
write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc)
io_setup(0x5, &(0x7f0000000440)=<r3=>0x0)
io_submit(r3, 0x1, &(0x7f00000005c0)=[&(0x7f0000000600)={0x0, 0x0, 0x0, 0x5, 0x404, r1, 0x0, 0x0, 0x0, 0x0, 0x2}])
splice(r0, 0x0, r2, 0x0, 0x7151, 0x0)

3m38.734338852s ago: executing program 6 (id=7831):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xd, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
rt_sigtimedwait(0x0, 0x0, 0x0, 0x0)
tkill(0x0, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f00000002c0)='rxrpc_peer\x00', r1}, 0x18)
r2 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r2, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @broadcast}}, 0x80, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18}, 0x0)

3m38.633407835s ago: executing program 6 (id=7835):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000000)='io_uring_fail_link\x00', r1, 0x0, 0x4}, 0x18)
r2 = syz_io_uring_setup(0x4e0, &(0x7f00000000c0)={0x0, 0x79af, 0x3180, 0x8000, 0x400252}, &(0x7f0000000640)=<r3=>0x0, &(0x7f0000000340)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000500)=@IORING_OP_MKDIRAT={0x25, 0x17, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1f, 0x0, 0xf9b7a26b18f77d51})
io_uring_enter(r2, 0x627, 0x4c1, 0x43, 0x0, 0x0)

3m38.514254511s ago: executing program 6 (id=7843):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001380)=ANY=[@ANYBLOB="0f000000040000000800000001"], 0x50)
creat(&(0x7f0000000d00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x123)
r1 = fsopen(&(0x7f00000001c0)='bpf\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x0)
fchdir(r2)
fchmodat(0xffffffffffffff9c, &(0x7f0000000300)='.\x00', 0xffffff70)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)=@generic={&(0x7f0000000000)='./file0\x00', r0}, 0x18)

3m38.471618416s ago: executing program 6 (id=7846):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1/file3\x00', 0x11e)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10)
renameat2(0xffffffffffffff9c, &(0x7f0000000400)='./file1/file3\x00', 0xffffffffffffff9c, &(0x7f0000000600)='./file0\x00', 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30)
sendmsg$TIPC_CMD_SET_NODE_ADDR(0xffffffffffffffff, 0x0, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0)

3m38.423718573s ago: executing program 6 (id=7848):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x42}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@newtfilter={0x30, 0x2c, 0xd27, 0x70bd24, 0x25dfdbfc, {0x0, 0x0, 0x0, r3, {0x4, 0xfffb}, {}, {0xfff2, 0x2}}, [@filter_kind_options=@f_fw={{0x7}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x8848}, 0x80)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@gettfilter={0x24, 0x2e, 0x205, 0x70bd2c, 0x25dfdafd, {0x0, 0x0, 0x0, r3, {0xc, 0xc}, {0x0, 0xfff1}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000801}, 0x4041080)

3m22.952252272s ago: executing program 34 (id=7848):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x42}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@newtfilter={0x30, 0x2c, 0xd27, 0x70bd24, 0x25dfdbfc, {0x0, 0x0, 0x0, r3, {0x4, 0xfffb}, {}, {0xfff2, 0x2}}, [@filter_kind_options=@f_fw={{0x7}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x8848}, 0x80)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@gettfilter={0x24, 0x2e, 0x205, 0x70bd2c, 0x25dfdafd, {0x0, 0x0, 0x0, r3, {0xc, 0xc}, {0x0, 0xfff1}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000801}, 0x4041080)

2m45.234421585s ago: executing program 3 (id=9020):
r0 = syz_io_uring_setup(0x5c6, &(0x7f0000000140)={0x0, 0xe357, 0x0, 0x4, 0x1000000}, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000580)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000004c0)=@IORING_OP_TIMEOUT={0xb, 0x18, 0x0, 0x0, 0x4, &(0x7f0000000280)={0x0, 0x989680}, 0x1, 0x4})
io_uring_enter(r0, 0x6e2, 0x3900, 0x1, 0x0, 0xe00)
rt_sigsuspend(&(0x7f00000002c0)={[0x225c17d03]}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r3}, 0x10)

2m44.211823778s ago: executing program 3 (id=9021):
open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
pipe2$9p(&(0x7f0000001900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r3}, 0x10)
r4 = dup(r2)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[], [], 0x6b}})

2m43.869141452s ago: executing program 3 (id=9027):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffaa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_udp_int(r2, 0x11, 0x67, &(0x7f0000000040)=0x91, 0x4)
connect$inet6(r2, &(0x7f0000002140)={0xa, 0x4e28, 0x8, @mcast2, 0x5}, 0x1c)
sendmmsg$inet6(r2, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)

2m43.785988592s ago: executing program 3 (id=9030):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000380)='percpu_alloc_percpu\x00', 0xffffffffffffffff, 0x0, 0x5}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x18, 0xc, &(0x7f00000005c0)=ANY=[@ANYRES16=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000200"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x33, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffa}, 0x94)
r3 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet(r3, &(0x7f0000000880)=[{{&(0x7f0000000080)={0x2, 0x4e22, @rand_addr=0xac1414bb}, 0x10, &(0x7f0000000100)=[{&(0x7f00000000c0)='Q', 0x1}], 0x1}, 0x20000000}, {{0x0, 0x0, &(0x7f0000000400)}}], 0x2, 0x0)

2m43.775159054s ago: executing program 3 (id=9040):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000008b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x8}, 0x18)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1/file3\x00', 0x11e)
renameat2(0xffffffffffffff9c, &(0x7f0000000400)='./file1/file3\x00', 0xffffffffffffff9c, &(0x7f0000000600)='./file0\x00', 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30)
mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0)

2m43.745542568s ago: executing program 3 (id=9032):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000200180000000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000500)={0x3, 0x1, 0x6, 0x2, 0x8})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0xfffffffffffffffc}, 0x18)
syz_usb_connect(0x3, 0x0, 0x0, 0x0)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)={0x2, 0x7, 0x0, 0x0, 0x2, 0x0, 0x70bd29}, 0x10}}, 0x0)

2m28.598905885s ago: executing program 35 (id=9032):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000200180000000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000500)={0x3, 0x1, 0x6, 0x2, 0x8})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0xfffffffffffffffc}, 0x18)
syz_usb_connect(0x3, 0x0, 0x0, 0x0)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)={0x2, 0x7, 0x0, 0x0, 0x2, 0x0, 0x70bd29}, 0x10}}, 0x0)

1m52.273590193s ago: executing program 2 (id=10269):
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r0, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
setsockopt$MRT_ADD_VIF(r0, 0x0, 0xca, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev}, 0x10)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_mreq(r1, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8)
syz_emit_ethernet(0x3e, &(0x7f0000000040)={@local, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x20, 0xfc, 0x2, 0x0, @rand_addr=0x1c, @multicast1=0xe0000300}, @dest_unreach={0x3, 0x6, 0x0, 0x0, 0xfa, 0x9, {0x5, 0x4, 0x0, 0x3d, 0xfff6, 0x65, 0x5, 0x1, 0x4, 0x3, @private=0xa010102, @local}}}}}}, 0x0)
r2 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC_PROXY(r2, 0x0, 0xd2, &(0x7f00000000c0)={@multicast1=0x1c, @empty=0xe0000300, 0x0, "8a79348df081496d0420922f45a71c1daa8b610468cd140526c41efcd3a4a422", 0x3, 0x1, 0x85}, 0x3c)

1m52.144160189s ago: executing program 2 (id=10271):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r0}, 0x18)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r1}, 0x18)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r2, 0x28, 0x1, &(0x7f0000000100)=0xfffffffffffffffe, 0x112)

1m52.074750918s ago: executing program 2 (id=10273):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2, 0x4}, 0x1c)
connect$pppl2tp(r0, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r1, 0x8, 0x0, 0x1003, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}, 0x32)
writev(r0, &(0x7f0000000180)=[{&(0x7f0000000080)='v', 0x180204}], 0x1)

1m51.951716074s ago: executing program 2 (id=10275):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x4)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1/file4\x00', 0x1c0)
mknodat(r1, &(0x7f0000000040)='./file1/file4/file5\x00', 0x100, 0xfffffffc)
renameat2(0xffffffffffffff9c, &(0x7f0000000600)='./file1/file4/file5\x00', 0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00', 0x2)

1m51.911615569s ago: executing program 2 (id=10277):
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000200)={'bridge_slave_1\x00', <r3=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="7c0000001000010400"/20, @ANYRES32=r3, @ANYBLOB="00000000000000005c001280110001006272696467655f736c61766500000000440005800500050000000000050020000100000005000800000000000600", @ANYRES32=r1], 0x7c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
sendmmsg(r0, &(0x7f0000000000), 0x400000000000235, 0x0)

1m51.095663615s ago: executing program 2 (id=10288):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x2000, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r1}, 0x18)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r2}, 0x18)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r3, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10)

1m51.052917581s ago: executing program 36 (id=10288):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x2000, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r1}, 0x18)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r2}, 0x18)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r3, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10)

2.579954866s ago: executing program 8 (id=12568):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
kcmp(0x0, 0x0, 0xde6c8001d5ed5ea6, 0xffffffffffffffff, 0xffffffffffffffff)
r0 = socket$l2tp6(0xa, 0x2, 0x73)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
recvmmsg(r0, &(0x7f0000000c00)=[{{0x0, 0x0, 0x0}, 0x7ec62c73}], 0x1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x20001c34}], 0x1, 0x0)

2.391402191s ago: executing program 5 (id=12574):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000005000000005e002200850000006d00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000340)='kmem_cache_free\x00', r0}, 0x18)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
setsockopt$inet_udp_encap(r1, 0x11, 0x64, &(0x7f0000000000)=0x2, 0x4)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @rand_addr=0x64010101, @dev={0xac, 0x14, 0x14, 0x21}}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698dfa871c51852e4451b57d037ad3c045942824251d7d17b5191584cdd4fbe40a27424d", "bcfd56f1373669caaa2f19935e6996c7096ffe4f3a4745a8f762b964", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3}, 0x94)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

2.123266115s ago: executing program 0 (id=12579):
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000001480))
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x19, 0x3, 0x0, &(0x7f0000000000)='GPL\x00', 0x5, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x25}, 0x94)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000000)=0x4b)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'veth1_virt_wifi\x00'})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x8946, &(0x7f0000000080))

2.098336319s ago: executing program 5 (id=12582):
gettid()
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffff05850000000400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback=0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a00)={&(0x7f0000000d00)='sched_switch\x00', r0}, 0x10)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x1022002, 0x0)
r2 = dup(r1)
r3 = openat$random(0xffffffffffffff9c, &(0x7f00000000c0), 0x8000, 0x0)
sendfile(r2, r3, 0x0, 0x13c42)
ioctl$TIOCVHANGUP(r2, 0x5437, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

2.066473653s ago: executing program 7 (id=12583):
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000240), 0x40900, 0x0)
r1 = syz_io_uring_setup(0x49a, &(0x7f0000000180)={0x0, 0x5ea3, 0x8, 0x8000, 0x80400251}, &(0x7f0000000080)=<r2=>0x0, &(0x7f0000000400)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000040)=@IORING_OP_READ=@pass_buffer={0x16, 0x40, 0x0, @fd=r0, 0x8006, &(0x7f0000000300)=""/210, 0xd2, 0x2, 0x1})
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7dc470d00281f324, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5, 0x0, 0x7fff}, 0x18)
io_uring_enter(r1, 0x4be7, 0x4c3, 0x43, 0x0, 0x0)

2.051038645s ago: executing program 0 (id=12585):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009e0000000b"], 0x50)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000000), &(0x7f0000000180)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={&(0x7f00000007c0)='skb_copy_datagram_iovec\x00', r1}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000003c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x0)
recvmsg$unix(r2, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdc8}, 0x0)

2.027252738s ago: executing program 5 (id=12586):
bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x1, 0xb, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffff"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x94)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb01063d00000000000000280000002800000002000000000000000000000300000200000002000000000000000100000000000001"], 0x0, 0x42, 0x0, 0x0, 0xfffffff8}, 0x28)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000180)='syzkaller\x00'}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00"/47], 0xfdef)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000050000000200"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x18)

1.952836597s ago: executing program 7 (id=12587):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_sctp(0xa, 0x1, 0x84)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x4}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000}, 0x94)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x42, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000000)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0xfffffdab)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)

1.950515788s ago: executing program 0 (id=12597):
syz_open_dev$sg(0x0, 0x0, 0x5)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x10, &(0x7f0000000d40)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
setresuid(0x0, 0xee00, 0x0)
request_key(&(0x7f00000001c0)='rxrpc_s\x00', &(0x7f0000001ffb)={'syz', 0x1, 0x7}, &(0x7f0000001fee)='y\xa9rustV\x1eS=\xd4\x16\x95:e\x00\x00\x00', 0x0)

1.838822152s ago: executing program 0 (id=12588):
r0 = syz_io_uring_setup(0x5c2, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x4}, &(0x7f0000000300)=<r1=>0x0, &(0x7f0000000580)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000004c0)=@IORING_OP_TIMEOUT={0xb, 0x49, 0x0, 0x0, 0x4, &(0x7f0000000280)={0x0, 0x989680}, 0x1, 0x40, 0x1})
io_uring_enter(r0, 0x6e2, 0x3900, 0x3, 0x0, 0x0)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
sendto$inet(r3, &(0x7f0000000140)='^', 0x34000, 0x0, &(0x7f0000004ff0)={0x2, 0x0, @rand_addr=0xfffffffffffffffe}, 0x10)
listen(r3, 0xda90)
r4 = accept4(r3, 0x0, 0x0, 0x0)
sendto$inet_nvme_of_msg(r4, &(0x7f00000001c0)={@data_h2c={{0x6, 0x2, 0x18, 0x3}, 0x1, 0x8, 0x7ff, 0x7, "103fcafa"}, @val=0x0}, 0x88, 0x0, 0x0, 0x0)

1.46784499s ago: executing program 8 (id=12591):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000080)='9p_client_res\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000080)='9p_client_res\x00', r2}, 0x10)
pipe2$9p(&(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])

1.441592624s ago: executing program 5 (id=12592):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0xe, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x95255000)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)

1.329605968s ago: executing program 8 (id=12594):
r0 = socket(0x2c, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="110000000400000004000000ff"], 0x17)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, 0x0, 0x2, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r1, &(0x7f0000000140), &(0x7f0000000080)=@udp6=r0}, 0x20)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000340)={r1, &(0x7f0000000200), &(0x7f0000001500)=@tcp=r0}, 0x20)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xd, &(0x7f0000000780)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, @fallback=0x36e084fcb6392193, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kfree\x00', r3, 0x0, 0xfffffffffffffffd}, 0x18)
close(r0)

1.264080616s ago: executing program 8 (id=12596):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r3)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r4, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000740)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{}, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0xa7}}}}]}, 0x78}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=@newtfilter={0x6c, 0x2c, 0xd27, 0xf2ff, 0x0, {0x0, 0x0, 0x0, r4, {}, {}, {0xd}}, [@filter_kind_options=@f_basic={{0xa}, {0x3c, 0x2, [@TCA_BASIC_EMATCHES={0x38, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xffff}}, @TCA_EMATCH_TREE_LIST={0x2c, 0x2, 0x0, 0x1, [@TCF_EM_NBYTE={0x10, 0x1, 0x0, 0x0, {{0x3}}}, @TCF_EM_META={0x7, 0x2, 0x0, 0x0, {{}, [@TCA_EM_META_HDR={0xc, 0x1, {{0x0, 0xe, 0x2}, {0x9, 0x8}}}]}}]}]}]}}]}, 0x6c}, 0x1, 0x0, 0x0, 0x400c040}, 0x0)

971.860134ms ago: executing program 8 (id=12598):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00'}, 0x10)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94)
r1 = socket$packet(0x11, 0x2, 0x300)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000180)=r2, 0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x43}, 0x94)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0xf5ffffff, &(0x7f0000000000)='%', 0x0, 0xd01, 0xbe02, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

940.735948ms ago: executing program 7 (id=12600):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000005"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='rss_stat\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r2 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
write$cgroup_int(r2, &(0x7f0000000540), 0xfffffdd8)

929.22381ms ago: executing program 0 (id=12601):
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x23}, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xc}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @broadcast}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698d0a881c51852e4451b57d037ad3c045942824251d7d17b5191584bcd4fbe40a23424d", "bcfd56f1375461caaa2f19935e6996c7096ffeeb0300000000000064", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xb, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x2e, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x330b9072}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='kmem_cache_free\x00', r2}, 0x18)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
read(r0, &(0x7f0000000300)=""/212, 0xd4)

751.612643ms ago: executing program 8 (id=12603):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000750000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000e00000095"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r1}, 0x10)
syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x0, 0x2, 0x4}, 0x0, 0x0)

739.593964ms ago: executing program 5 (id=12604):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000080)=0x654a, 0x4)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$sock_int(r0, 0x1, 0xc, &(0x7f0000000000)=0x1, 0x4)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000002c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xf, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r2}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)

531.418321ms ago: executing program 9 (id=12607):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x27, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r2, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
sendmsg$rds(r2, &(0x7f0000000080)={&(0x7f0000000180)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x24000051}, 0x0)
sendmsg$rds(r2, &(0x7f0000000680)={&(0x7f00000002c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x1a, 0x0, 0x0, 0x0, 0x0, 0x8040}, 0x0)
setsockopt$RDS_CANCEL_SENT_TO(r2, 0x114, 0x1, &(0x7f0000000100)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)

417.990636ms ago: executing program 7 (id=12608):
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = syz_open_dev$evdev(0x0, 0x3, 0x8402)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="18000000", @ANYRES16=r3, @ANYBLOB="c902c46000000000000017"], 0x18}, 0x1, 0x0, 0x0, 0x4}, 0x4000004)

411.891547ms ago: executing program 9 (id=12609):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r0, 0x8946, &(0x7f0000000040)={'syz_tun\x00', @random='\x00\x00\x00\x00\x00 '})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000340)=[{0x6, 0x5, 0x7, 0x7ffc0001}]})
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r2, &(0x7f0000000040)=0xfe8e, 0x12)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x18)
getgid()

285.206833ms ago: executing program 9 (id=12610):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000480)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28, 0x3}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000140)=@newtfilter={0x38, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, r3, {}, {}, {0xfff1, 0xfff3}}, [@TCA_RATE={0x6, 0x5, {0x5, 0x7}}, @filter_kind_options=@f_fw={{0x7}, {0xfffffffffffffc8a}}]}, 0x38}, 0x1, 0x0, 0x0, 0xe8728ce82d5df8ab}, 0x0)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r4, 0xffffffffffffffff, 0x100000000000000)

282.318423ms ago: executing program 7 (id=12611):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x200000}, 0x1c)
listen(r0, 0x9)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
sendmmsg(r1, &(0x7f0000002840)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20044000)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)={0x14, r3, 0x1, 0x70bd2c, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x20000800}, 0x800)

170.222168ms ago: executing program 7 (id=12612):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xc5c, &(0x7f00000005c0), 0x3, 0x445, &(0x7f0000000b00)="$eJzs28+PE1UcAPDvTLeLCLgr4g9+qKto3PhjlwVUDh7UaOIBExM96HGzuxCksIZdEyFEwRg8GWPi3Xj0X/CkF2M8mXjVuyEhhgvgqWbaGbYtbdktLUX6+SQD78282fe+nXnte/PaAEbWVPZPErE1Iv6MiIl6trnAVP2/q5fPLly7fHYhiWr13X+SWrkrl88uFEWL87bkmek0Iv0iid1t6l05feb4fKWydCrPz66e+Gh25fSZF46dmD+6dHTp5P5Dhw4emHv5pf0v9iXOrE1Xdn26vGfnWx988/bhr5rib4mjT6a6HXy6Wu1zdcO1rSGdjA2xIWxIKSKyy1Wu9f+JKMXaxZuINz8fauOAgapWq9UtnQ+fqwJ3sSSa87o8jIrigz6b/xZb6yDg1cENP4bu0mv1CVAW99V8qx8ZizQvU26Z3/bTVES8f+7f77ItBvMcAgCgyU/Z+Of5duO/NB5qKHdfvjY0GRH3R8T2iHggInZExIMRtbIPR8QjG6y/dZHkxvFPerGnwNYpG/+9kq9tNY//itFfTJby3LZa/OXkyLHK0r78NZmO8qYsP9eljp/f+OPrTscax3/ZltVfjAXzdlwc29R8zuL86vytxNzo0vmIXWPt4k+urwQkEbEzInb1WMexZ3/Y0+nYzePvog/rTNXvI56pX/9z0RJ/Iem+Pjl7T1SW9s0Wd8WNfvv9wjud6r+l+Psgu/73tr3/r8c/mTSu165svI4Lf33ZcU7T6/0/nrxXS4/n+z6ZX109NRcxnhyuN7px//61c4t8UT6Lf3pv+/6/PdZeid0Rkd3Ej0bEYxHxeN72JyLiyYjY2yX+X19/6sPe4x+sLP7FDV3/tcR4tO5pnygd/+XHpkonb4j/Wvfrf7CWms73rOf9bz3t6u1uBgAAgP+fNCK2RpLOXE+n6cxM/fvyOyLSyvLK6nNHlj8+uVj/jcBklNPiSddEw/PQuXxaX8+fj4j6VwuK4wfy58bfljbX8jMLy5XFYQcPI25Lh/6f+bs07NYBA+f3WjC69H8YXfo/jC79H0ZXm/6/eRjtAG6/dp//nw2hHcDt19L/LfvBCDH/h9Gl/8Po0v9hJK1sjpv/SL5rovhLPZ5+1yaifEc0Y2CJSO+IZkgMKDHc9yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB++S8AAP///fHg0g==")
r2 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file2\x00', 0x42, 0x0)
pwrite64(r2, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
lseek(r2, 0x3, 0x3)
tkill(0x0, 0x1b)

167.413028ms ago: executing program 9 (id=12613):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000008000000004"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x11, 0x8, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000000000000000000008000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000010000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41002, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0026}]})
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f00000005c0)={@in6={{0xa, 0x0, 0x0, @mcast1, 0xfffffffc}}, 0x0, 0x0, 0x16, 0x0, "0af5a212a1bd3bbda613efd9c8b4965dca66db42f66a86e5781cf86717055a7c1d1408407e5a774ef95f2fc1b947e00f000000123f2f1d34b0882e83d41b67cb9ff147c6d33a097d2269351b3ed300"}, 0xd8)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f00000012c0)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x34, 0x0, "0c9e089c1b4a04000bde79f04103c458187eb46c2d996aff287154e786455261c425a7519cc275d04e6205abd307a0c4fa3838bf399ad5bd35f21907c7988d1300"}, 0xd8)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000200)={@in6={{0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x3d}}}, 0x0, 0x0, 0x11, 0x0, "a1c1dd75a68473ba07d945c3b03e10950cd4b347113e55eb4285bf274bca67efbff2fdf98328de9434031348589bf28046d1000000000000000000000000000000edffffff000000e9ffffffffffffff"}, 0xd8)
close_range(r2, 0xffffffffffffffff, 0x0)

144.737231ms ago: executing program 5 (id=12614):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB='\v\x00\x00\x00\a\x00\x00\x00\b\x00\x00\x00\b\x00\x00\x00'], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000027b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r3 = mq_open(&(0x7f0000001600)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\x01\x00\x00\x00a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\aXg\xbb\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x8a=\x0f\n*\x8a\x99\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5\x00\x00\x00\x00\x00\x00\x00\x01\xc0\xa3\xd5\xf9\xaa\x98/\xa4v\xe4)I\xf3+[e\x95\x89\x99\xca\x8e\xc5\xd3\\T\xf0\x1a|5\xfff\xff\x99\xa4\xbbV\x1a\x8a\x03#T\x9e#oR\xa4\xf1\xba\x04c\xb3-\xf7R\xb85\xb5\xdb\xe9?\xfa/\xdf\xb4R\xbfx=\v_j\x8e\xb0\'\xf4\xe5\xff!\xe1\xbf\x82e\xb1\x9b\x8d\xf3L\t\xd21\x9cbwV\xc8\xcc\xe4\x96M_w\xbc\xdf9\b\r\xf6\x95\xae\xb5,\x92\x8c\xc0DQm\x80\xd1w\xa2\x1a\x12Z\xe5\xf4H\xf7D\n\x96J\x93\xfb\xf0$\x9f\xf7\xa2\xae$O\xa3\xb6\xf5\x98\xd3\v\x00\x86\xa5\x8b\x81\x04\xaf\x03s\xe5\x86>\x0e\xa6\xe6\x1aV\x17\x8b\xed\xa7\'\xd0\r_\xe8,XVR\x13\xe5%\xb9\x88\xb8W@D\'\x17A\xc8\x80\x02J\xd4V\x00wH(\xc5v\f\xc9\xb6\xdf..$\xe6P(_\xf1\'\xc1:\xa3\xcb\xd9\xd1\xc7\x13\x99Md\x1dc\xf1\'j\x03!\x13\xd1\xb8', 0x40, 0xb, 0x0)
fcntl$setlease(r3, 0x400, 0x0)
mq_open(&(0x7f0000000780)='eth0\x00\xdd\xad4=2k\xf1\x05\x9b\x91y\xe1;F\xa2\x8df\xe9\x04\x00\x00\x00\t\x0078z=\x8f\xd5F\xa4AR\xc7\x9f.\xdc\xdb\"A\x16\xd8\x19\xf1lZ\xc8\x93\xda\xf2\xc9\xe8h[u8\xc6\xfa\x9ep\xbe\a\xe2\xf5\xa3Y\x9f\xe1\x04gM\x99K$\r\xf1G\xee\xe1\xbd\x1e\xdf\xe1\x9c\x19\xda\xd3\x94EL\xca\x88\x85Q\x02\xd9L\x90\xeb%/\xb1\xeb\x11uP7\x1f\xd9b\xebF\xf8\x88\xf0\xac.\x94\xfc\v\xb1W\xef~+n\xb1\x9b\x02n]xr\xb3\x80\xbc>\xe8XX\xe6\x12\xf3\xc9\xd5\xf8\xd1\x8d\xcb9\xbf\xb0(<\xeb\x92\x8a\x16\xb7\x11^\xb6\xb7n\xd5\xb5\x00[\xdf\x94\x00\r\x95\x17\xa1h\xf8\x00\x00\x00\"\xa0\x05\xcc^\x90c\xc9}\xb8\ny\xf4\xe1\xb4.\xa4\a\x05\xbb}\x91\xf4C\xf5O\xf1a\x12\b\x86\xa16\xbb}C\xc9\x1d\\\xedD\x14\xb1w\x1e\xa0\xc1E\xb5\xf8\xab\xfb\xd9\x93\xb8vJ\x85p\xb5n\x1b\xe4\xd5g\xae\xe4\xeb\xca\xae\x1bs\xd4\xf0\xc0\xdag\x19R4\xd4\xd4\x04\xfc\x04Zb\xf6\xba\xf8B\xf6YU\xcd\xf2\xdb\xb5\xa2\xda\xdf\x8dD\xef`\x13\x15$\xceq\xd7j\xd7\xe3V\xf2\xa2\x95\xcf\x18T\xf1\xb0\xf3\xf8O', 0x2, 0x136, 0x0)

120.671924ms ago: executing program 9 (id=12615):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000000180), r0)
clock_adjtime(0x0, &(0x7f0000000100)={0x5f0827ef, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000000000002, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe})
fcntl$lock(0xffffffffffffffff, 0x5, &(0x7f00000000c0)={0x1, 0x1, 0x3, 0xffffffffffffffff})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_FLUSH(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000100)=ANY=[@ANYBLOB="c4000000", @ANYRES16=r1, @ANYBLOB="0100000000000000000011"], 0xc4}}, 0x4008800)

16.690518ms ago: executing program 0 (id=12616):
recvmsg(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
getsockopt$IP_SET_OP_GET_FNAME(0xffffffffffffffff, 0x1, 0x53, 0x0, 0x0)
syz_pidfd_open(0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x18)
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = syz_pidfd_open(r1, 0x0)
fcntl$setlease(r2, 0x400, 0x1)
syz_pidfd_open(r1, 0x0)

0s ago: executing program 9 (id=12617):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0x1ffffffffffffffd}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000240)='./file1\x00', 0x200000, &(0x7f0000000080), 0x1, 0x566, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9GajdN4o8KgvUiiBYLeq9LMg0lm27JbkoTC20P9uJFiiBiQfwDvHss/gP+FQUtFClBD14is5lNt81ukqYbN3U+H5j2vZnZvPnum+/bNzu7bACFNZL9U4p4OSK+SSIOt20bjHzjyOp+yw+vTWVLEisrn/2ZRJKva+2f5P8fzCsvRcSvX0WcKK1vt764NFupVtP5vD7WmLs8Vl9cOnlxrjKTzqSXJiYnT781OfHuO2/3LNbXz/39/ad3Pzr99fHl736+f+R2EmfiUL6tPY5ncKO9MhIj+XMyFGee2HG8B43tJkm/D4BtGcjzfCiyMeBwDORZD/z/XY+IFaCgEvkPBdWaB7Su7Xt0HfzcePDB6gXQ+vgHV98biX3Na6MDy8ljV0bZ9e5wD9rP2vjljzu3syU2eR/ieg/aA2i5cTMiTg0Orh//knz8275TzTePN/ZkG0V7/YF+upvNf97oNP8prc1/osP852CH3N2OzfO/dL8HzXSVzf/e6zj/XRu6hgfy2gvNOd9QcuFiNT0VES9GxGgM7c3qG93POb18b6Xbtvb5X7Zk7bfmgvlx3B/c+/hjpiuNyrPE3O7BzYhXOs5/k7X+Tzr0f/Z8nNtiG8fSO69227Z5/Dtr5aeI1zr2/6M7WsnG9yfHmufDWOusWO+vW8d+69b+6If9jT/r/wMbxz+ctN+vrT99Gz/u+yfttm275/+e5PNmeU++7mql0Zgfj9iTfLJ+/cSjx7bqrf2z+EePbzz+dTr/90fEF1uM/9bRW1137ff5n8U//VT9//SFex9/+UO39rfW/282S6P5mq2Mf1s9wGd57gAAAAAAAGC3KUXEoUhK5bVyqVQur36+42gcKFVr9caJC7WFS9PR/K7scAyVWne6D7d9HmI8/zxsqz7xRH0yIo5ExLcD+5v18lStOt3v4AEAAAAAAAAAAAAAAAAAAGCXONjl+/+Z3wf6fXTAjvOT31Bcm+Z/L37pCdiVvP5Dccl/KC75D8Ul/6G45D8Ul/yH4pL/UFzyHwAAAAAAAAAAAAAAAAAAAAAAAAAAAHrq3Nmz2bKy/PDaVFafvrK4MFu7cnI6rc+W5xamylO1+cvlmVptppqWp2pzm/29aq12eXwiFq6ONdJ6Y6y+uHR+rrZwqXH+4lxlJj2fDv0nUQEAAAAAAAAAAAAAAAAAAMDzpb64NFupVtN5ha6F92NXHMZOBrhqWw8f3C1RKHQt7NtG5/Z5YAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACANv8GAAD//04mM/E=")
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000020500000a3c000000090a010400000000000000000a0000040900010073797a3100000000080005400000002b0900020073"], 0x64}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000000)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x3f, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b00010062726964676500001800028005001900840000000c001e"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x4000000)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000001b80)=@newqdisc={0x24, 0x24, 0x1, 0x70bd26, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0x2}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0xc020)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r1, &(0x7f00000002c0), 0x40000000000009f, 0x0)

kernel console output (not intermixed with test programs):

 change from 0 to 1024
[  483.930643][T31424] EXT4-fs: Ignoring removed orlov option
[  483.946466][T31424] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  484.282869][T31446] loop7: detected capacity change from 0 to 2048
[  484.404218][T31458] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8192 sclass=netlink_route_socket pid=31458 comm=syz.0.11128
[  484.530859][T27038] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  484.565612][T31470] loop8: detected capacity change from 0 to 512
[  484.577552][T31470] EXT4-fs warning (device loop8): ext4_enable_quotas:7221: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  484.592941][T31470] EXT4-fs (loop8): mount failed
[  485.774615][T31488] loop8: detected capacity change from 0 to 32768
[  485.797947][T31506] openvswitch: netlink: Missing key (keys=40, expected=2000)
[  485.807798][T31488]  loop8: p1 p2 p3 < p5 p6 >
[  485.813300][T31488] loop8: p2 size 16775168 extends beyond EOD, truncated
[  485.823998][T31488] loop8: p5 start 4294970168 is beyond EOD, truncated
[  486.007705][T31513] lo speed is unknown, defaulting to 1000
[  486.048250][T31513] lo speed is unknown, defaulting to 1000
[  486.121804][T31521] netlink: 'syz.0.11153': attribute type 12 has an invalid length.
[  486.135479][T31521] netlink: 132 bytes leftover after parsing attributes in process `syz.0.11153'.
[  486.972124][T31553] netlink: 'syz.9.11177': attribute type 4 has an invalid length.
[  487.617971][T31588] netlink: 'syz.0.11180': attribute type 4 has an invalid length.
[  487.651251][T31590] netlink: 48 bytes leftover after parsing attributes in process `syz.5.11181'.
[  487.729778][T31599] netlink: 12 bytes leftover after parsing attributes in process `syz.5.11185'.
[  487.878400][   T29] kauditd_printk_skb: 436 callbacks suppressed
[  487.878419][   T29] audit: type=1400 audit(1768380508.406:18035): avc:  denied  { write } for  pid=31603 comm="syz.0.11187" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  487.943695][T31606] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=31606 comm=syz.0.11188
[  487.996856][T31608] ip6gre0: entered promiscuous mode
[  488.018322][T31608] team0: Device ip6gre0 is of different type
[  488.047169][T31612] netlink: 4 bytes leftover after parsing attributes in process `syz.5.11191'.
[  488.064581][T31614] Cannot find add_set index 0 as target
[  488.116465][T31619] netlink: 'syz.8.11193': attribute type 4 has an invalid length.
[  488.206164][ T4979] batadv1: left promiscuous mode
[  488.277892][   T29] audit: type=1326 audit(1768380508.816:18036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31631 comm="syz.7.11199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6950df749 code=0x7ffc0000
[  488.367896][   T29] audit: type=1326 audit(1768380508.846:18037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31631 comm="syz.7.11199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6950df749 code=0x7ffc0000
[  488.391774][   T29] audit: type=1326 audit(1768380508.846:18038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31631 comm="syz.7.11199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6950df749 code=0x7ffc0000
[  488.415593][   T29] audit: type=1326 audit(1768380508.846:18039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31631 comm="syz.7.11199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6950df749 code=0x7ffc0000
[  488.439401][   T29] audit: type=1326 audit(1768380508.846:18040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31631 comm="syz.7.11199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=426 compat=0 ip=0x7fa6950df749 code=0x7ffc0000
[  488.463147][   T29] audit: type=1326 audit(1768380508.856:18041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31631 comm="syz.7.11199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6950df749 code=0x7ffc0000
[  488.467353][T31646] usb usb1: usbfs: process 31646 (syz.8.11207) did not claim interface 0 before use
[  488.486945][   T29] audit: type=1107 audit(1768380508.886:18042): pid=31641 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg=''
[  488.487122][   T29] audit: type=1326 audit(1768380508.906:18043): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31631 comm="syz.7.11199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6950df749 code=0x7ffc0000
[  488.487166][   T29] audit: type=1326 audit(1768380508.906:18044): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31631 comm="syz.7.11199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6950df749 code=0x7ffc0000
[  488.648148][T31644] lo speed is unknown, defaulting to 1000
[  488.739412][T31658] bridge: RTM_NEWNEIGH with invalid ether address
[  488.770296][T31644] lo speed is unknown, defaulting to 1000
[  488.949235][T31671] netlink: 4 bytes leftover after parsing attributes in process `syz.8.11215'.
[  488.999236][T31671] netlink: 4 bytes leftover after parsing attributes in process `syz.8.11215'.
[  489.116432][T31682] sd 0:0:1:0: device reset
[  489.242593][T31692] bridge: RTM_NEWNEIGH with invalid ether address
[  489.327044][T31701] netlink: 28 bytes leftover after parsing attributes in process `syz.9.11229'.
[  489.336237][T31701] netlink: 28 bytes leftover after parsing attributes in process `syz.9.11229'.
[  489.395847][T31704] netlink: 4 bytes leftover after parsing attributes in process `syz.7.11228'.
[  489.428670][T31706] netlink: 8 bytes leftover after parsing attributes in process `syz.9.11230'.
[  489.540022][T31711] serio: Serial port ptm0
[  489.583678][T31719] netlink: 'syz.5.11236': attribute type 15 has an invalid length.
[  489.685122][T31731] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8192 sclass=netlink_route_socket pid=31731 comm=syz.8.11240
[  489.752072][T31711] serio: Serial port ptm0
[  489.772236][T31733] netlink: 'syz.7.11242': attribute type 7 has an invalid length.
[  489.780129][T31733] netlink: 'syz.7.11242': attribute type 8 has an invalid length.
[  489.976820][T31744] netlink: 'syz.9.11247': attribute type 1 has an invalid length.
[  489.992802][T31744] 8021q: adding VLAN 0 to HW filter on device bond1
[  490.013918][T31744] bond1: (slave dummy0): making interface the new active one
[  490.022974][T31744] bond1: (slave dummy0): Enslaving as an active interface with an up link
[  490.281079][T31762] ip6gre0: entered promiscuous mode
[  490.289820][T31762] team0: Device ip6gre0 is of different type
[  490.303721][T31764] netlink: 'syz.9.11255': attribute type 1 has an invalid length.
[  490.341843][T31764] 8021q: adding VLAN 0 to HW filter on device bond2
[  490.369449][T31764] bond2 (unregistering): Released all slaves
[  490.575792][T31789] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8192 sclass=netlink_route_socket pid=31789 comm=syz.8.11261
[  490.606986][T31788] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  490.613800][T31783] lo speed is unknown, defaulting to 1000
[  490.669865][T31788] syzkaller0: entered promiscuous mode
[  490.675590][T31788] syzkaller0: entered allmulticast mode
[  490.703714][T31788] tipc: Resetting bearer <eth:syzkaller0>
[  490.710214][T31783] lo speed is unknown, defaulting to 1000
[  490.746986][T31787] tipc: Resetting bearer <eth:syzkaller0>
[  490.799238][T31787] tipc: Disabling bearer <eth:syzkaller0>
[  490.869260][T31800] netlink: 'syz.5.11269': attribute type 1 has an invalid length.
[  490.930208][T31800] 8021q: adding VLAN 0 to HW filter on device bond8
[  490.957663][T31813] vlan3: entered allmulticast mode
[  490.962921][T31813] dummy0: entered allmulticast mode
[  490.983720][T31811] bond8 (unregistering): Released all slaves
[  491.033945][T31817] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8192 sclass=netlink_route_socket pid=31817 comm=syz.9.11272
[  491.210044][T31827] lo speed is unknown, defaulting to 1000
[  491.250098][T31827] lo speed is unknown, defaulting to 1000
[  491.445979][T31844] __nla_validate_parse: 11 callbacks suppressed
[  491.445998][T31844] netlink: 4 bytes leftover after parsing attributes in process `syz.0.11286'.
[  491.716749][T31859] netlink: 'syz.0.11294': attribute type 1 has an invalid length.
[  491.733641][T31859] 8021q: adding VLAN 0 to HW filter on device bond9
[  491.748386][T31859] batman_adv: batadv0: Removing interface: dummy0
[  491.760707][T31859] bond9: (slave dummy0): making interface the new active one
[  491.770331][T31859] bond9: (slave dummy0): Enslaving as an active interface with an up link
[  491.822661][T31866] netlink: 24 bytes leftover after parsing attributes in process `syz.7.11297'.
[  492.012400][T31882] netlink: 83992 bytes leftover after parsing attributes in process `syz.0.11304'.
[  492.021940][T31882] netlink: zone id is out of range
[  492.027452][T31882] netlink: zone id is out of range
[  492.032850][T31882] netlink: zone id is out of range
[  492.038064][T31882] netlink: zone id is out of range
[  492.044298][T31882] netlink: zone id is out of range
[  492.049529][T31882] netlink: zone id is out of range
[  492.054655][T31882] netlink: zone id is out of range
[  492.059862][T31882] netlink: zone id is out of range
[  492.065066][T31882] netlink: zone id is out of range
[  492.070252][T31882] netlink: zone id is out of range
[  492.309171][T31892] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8192 sclass=netlink_route_socket pid=31892 comm=syz.5.11306
[  492.704480][T31909] loop8: detected capacity change from 0 to 32768
[  492.746193][T31909]  loop8: p1 p2 p3 < > p4 < p5 p6 >
[  492.751619][T31909] loop8: p1 start 460800 is beyond EOD, truncated
[  492.758158][T31909] loop8: p2 size 83886080 extends beyond EOD, truncated
[  492.769239][T31909] loop8: p5 start 460800 is beyond EOD, truncated
[  492.775875][T31909] loop8: p6 size 83886080 extends beyond EOD, truncated
[  492.793546][T31907] netlink: 27 bytes leftover after parsing attributes in process `wg1'.
[  492.886341][T31921] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  492.895869][T31921] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  492.939165][T31924] loop7: detected capacity change from 0 to 512
[  492.946250][T31924] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  492.958950][T31924] EXT4-fs (loop7): 1 truncate cleaned up
[  492.965255][T31924] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  493.053060][T23640] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  493.117311][   T29] kauditd_printk_skb: 104 callbacks suppressed
[  493.117330][   T29] audit: type=1326 audit(1768380513.656:18149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31933 comm="syz.5.11325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88dab0f749 code=0x7ffc0000
[  493.163947][   T29] audit: type=1326 audit(1768380513.656:18150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31933 comm="syz.5.11325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88dab0f749 code=0x7ffc0000
[  493.182587][T31938] netlink: 8 bytes leftover after parsing attributes in process `syz.5.11327'.
[  493.189992][   T29] audit: type=1326 audit(1768380513.656:18151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31933 comm="syz.5.11325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f88dab0f749 code=0x7ffc0000
[  493.197412][T31938] netlink: 8 bytes leftover after parsing attributes in process `syz.5.11327'.
[  493.222827][   T29] audit: type=1326 audit(1768380513.656:18152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31933 comm="syz.5.11325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88dab0f749 code=0x7ffc0000
[  493.254500][   T29] audit: type=1326 audit(1768380513.666:18153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31933 comm="syz.5.11325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88dab0f749 code=0x7ffc0000
[  493.278360][   T29] audit: type=1326 audit(1768380513.666:18154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31933 comm="syz.5.11325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f88dab0f749 code=0x7ffc0000
[  493.303026][   T29] audit: type=1326 audit(1768380513.666:18155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31933 comm="syz.5.11325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88dab0f749 code=0x7ffc0000
[  493.327706][   T29] audit: type=1326 audit(1768380513.666:18156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31933 comm="syz.5.11325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88dab0f749 code=0x7ffc0000
[  493.351450][   T29] audit: type=1326 audit(1768380513.666:18157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31933 comm="syz.5.11325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f88dab0f749 code=0x7ffc0000
[  493.376271][   T29] audit: type=1326 audit(1768380513.666:18158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31933 comm="syz.5.11325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88dab0f749 code=0x7ffc0000
[  493.447161][T31947] netlink: 'syz.0.11330': attribute type 1 has an invalid length.
[  493.466059][T31947] 8021q: adding VLAN 0 to HW filter on device bond10
[  493.492002][T31947] bond10: (slave veth27): Enslaving as an active interface with a down link
[  493.519061][T31947] bond9: (slave dummy0): Releasing active interface
[  493.532894][T31947] bond10: (slave dummy0): making interface the new active one
[  493.542275][T31947] dummy0: entered promiscuous mode
[  493.547779][T31947] bond10: (slave dummy0): Enslaving as an active interface with an up link
[  493.609592][T31947] bond10 (unregistering): (slave veth27): Releasing active interface
[  493.646833][T31962] loop8: detected capacity change from 0 to 1024
[  493.651083][T31947] bond10 (unregistering): (slave dummy0): Releasing active interface
[  493.667272][T31947] bond10 (unregistering): Released all slaves
[  493.680793][T31962] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=2802c09c, mo2=0002]
[  493.695767][T31962] System zones: 0-1, 3-12
[  493.713623][T31962] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  493.759497][T31962] EXT4-fs error (device loop8): ext4_validate_block_bitmap:441: comm syz.8.11338: bg 0: block 88: padding at end of block bitmap is not set
[  493.820599][T27038] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  493.960364][T31989] netlink: 'syz.0.11348': attribute type 7 has an invalid length.
[  494.267917][T32005] netlink: 8 bytes leftover after parsing attributes in process `syz.0.11354'.
[  494.288069][T32007] netlink: 'syz.8.11355': attribute type 1 has an invalid length.
[  494.316926][T32005] netlink: 4 bytes leftover after parsing attributes in process `syz.0.11354'.
[  494.329663][T32007] bond3: entered promiscuous mode
[  494.340072][T32007] 8021q: adding VLAN 0 to HW filter on device bond3
[  494.435542][T32009] 8021q: adding VLAN 0 to HW filter on device bond4
[  494.444480][T32009] bond3: (slave bond4): making interface the new active one
[  494.452022][T32009] bond4: entered promiscuous mode
[  494.458245][T32009] bond3: (slave bond4): Enslaving as an active interface with an up link
[  494.510438][T32020] loop8: detected capacity change from 0 to 128
[  494.621526][T32034] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  494.750792][T32041] netlink: 'syz.0.11364': attribute type 7 has an invalid length.
[  494.758895][T32041] netlink: 8 bytes leftover after parsing attributes in process `syz.0.11364'.
[  495.465366][T32057] netdevsim netdevsim5 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  495.475253][T32057] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  495.545413][T32063] IPVS: Error connecting to the multicast addr
[  495.571380][T32057] netdevsim netdevsim5 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  495.581427][T32057] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  495.606783][T32068] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8192 sclass=netlink_route_socket pid=32068 comm=syz.7.11372
[  495.697271][T32057] netdevsim netdevsim5 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  495.707387][T32057] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  495.746219][T32080] loop9: detected capacity change from 0 to 128
[  495.759803][T32080] msdos: Unknown parameter '0x00000000000000030xffffffffffffffff'
[  495.774428][T32057] netdevsim netdevsim5 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  495.785527][T32057] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  495.902945][ T1711] netdevsim netdevsim5 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  495.911259][ T1711] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  495.936636][ T1711] netdevsim netdevsim5 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  495.944961][ T1711] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  495.960744][ T1711] netdevsim netdevsim5 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  495.969145][ T1711] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  496.003196][ T1711] netdevsim netdevsim5 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  496.011655][ T1711] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  496.347329][T32088] netlink: 27 bytes leftover after parsing attributes in process `wg1'.
[  496.474212][T32095] loop9: detected capacity change from 0 to 32768
[  496.516182][T32107] macsec1: entered promiscuous mode
[  496.521461][T32107] bridge0: entered promiscuous mode
[  496.535737][T32107] bridge0: port 1(macsec1) entered blocking state
[  496.542315][T32107] bridge0: port 1(macsec1) entered disabled state
[  496.549560][T32095]  loop9: p1 p2 p3 < > p4 < p5 p6 >
[  496.562590][T32095] loop9: p1 start 460800 is beyond EOD, truncated
[  496.566397][T32107] macsec1: entered allmulticast mode
[  496.569335][T32095] loop9: p2 size 83886080 extends beyond EOD, truncated
[  496.581713][T32107] bridge0: entered allmulticast mode
[  496.582125][T32095] loop9: p5 start 460800 is beyond EOD, truncated
[  496.594526][T32095] loop9: p6 size 83886080 extends beyond EOD, truncated
[  496.612185][T32107] macsec1: left allmulticast mode
[  496.617330][T32107] bridge0: left allmulticast mode
[  496.653828][T32107] bridge0: left promiscuous mode
[  496.953120][T32124] x_tables: duplicate underflow at hook 3
[  497.025024][T32131] netlink: 'syz.9.11406': attribute type 1 has an invalid length.
[  497.066909][T32131] 8021q: adding VLAN 0 to HW filter on device bond2
[  497.137209][T32133] bond2: (slave veth1): Enslaving as an active interface with a down link
[  497.158584][T32131] bond1: (slave dummy0): Releasing active interface
[  497.180099][T32131] bond2: (slave dummy0): making interface the new active one
[  497.196077][T32131] dummy0: entered promiscuous mode
[  497.215196][T32131] bond2: (slave dummy0): Enslaving as an active interface with an up link
[  497.243070][T32126] loop8: detected capacity change from 0 to 32768
[  497.268149][T32133] bond2 (unregistering): (slave veth1): Releasing active interface
[  497.282434][T32133] bond2 (unregistering): (slave dummy0): Releasing active interface
[  497.292527][T32133] bond2 (unregistering): Released all slaves
[  497.306757][T32126]  loop8: p1 p2 p3 < p5 p6 >
[  497.317460][T32126] loop8: p2 size 16775168 extends beyond EOD, truncated
[  497.338499][T32126] loop8: p5 start 4294970168 is beyond EOD, truncated
[  497.362301][T32135] lo speed is unknown, defaulting to 1000
[  497.477109][T32135] lo speed is unknown, defaulting to 1000
[  497.494922][T32149] loop9: detected capacity change from 0 to 1024
[  497.561597][T32149] EXT4-fs: inline encryption not supported
[  497.587930][T32149] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  497.721417][T32167] Invalid ELF header magic: != ELF
[  497.796643][T29408] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  497.817337][T32174] netlink: 'syz.8.11422': attribute type 1 has an invalid length.
[  497.835872][T32174] 8021q: adding VLAN 0 to HW filter on device bond5
[  497.859400][T32174] bond5: (slave veth9): Enslaving as an active interface with a down link
[  497.910484][T32174] batman_adv: batadv0: Removing interface: dummy0
[  497.930345][T32174] bond5: (slave dummy0): making interface the new active one
[  497.957300][T32174] dummy0: entered promiscuous mode
[  497.962693][T32174] bond5: (slave dummy0): Enslaving as an active interface with an up link
[  497.977692][T32187] bond5 (unregistering): (slave veth9): Releasing active interface
[  498.000270][T32187] bond5 (unregistering): (slave dummy0): Releasing active interface
[  498.011620][T32187] bond5 (unregistering): Released all slaves
[  498.195247][T32206] random: crng reseeded on system resumption
[  498.274592][   T29] kauditd_printk_skb: 307 callbacks suppressed
[  498.274610][   T29] audit: type=1326 audit(1768380518.806:18466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32212 comm="syz.0.11438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb984fcf749 code=0x7ffc0000
[  498.310655][   T29] audit: type=1326 audit(1768380518.846:18467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32212 comm="syz.0.11438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fb984fcf749 code=0x7ffc0000
[  498.334639][   T29] audit: type=1326 audit(1768380518.846:18468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32212 comm="syz.0.11438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb984fcf749 code=0x7ffc0000
[  498.359612][   T29] audit: type=1326 audit(1768380518.846:18469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32212 comm="syz.0.11438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb984fcf749 code=0x7ffc0000
[  498.383543][   T29] audit: type=1326 audit(1768380518.846:18470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32212 comm="syz.0.11438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fb984fcf749 code=0x7ffc0000
[  498.408234][   T29] audit: type=1326 audit(1768380518.846:18471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32212 comm="syz.0.11438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb984fcf749 code=0x7ffc0000
[  498.432110][   T29] audit: type=1326 audit(1768380518.846:18472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32212 comm="syz.0.11438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7fb984fcf749 code=0x7ffc0000
[  498.456834][   T29] audit: type=1326 audit(1768380518.846:18473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32212 comm="syz.0.11438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb984fcf749 code=0x7ffc0000
[  498.480539][   T29] audit: type=1326 audit(1768380518.846:18474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32212 comm="syz.0.11438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb984fcf749 code=0x7ffc0000
[  498.505064][   T29] audit: type=1326 audit(1768380518.846:18475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32212 comm="syz.0.11438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7fb984fcf749 code=0x7ffc0000
[  498.539427][T32216] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  498.546943][T32216] batman_adv: batadv0: Removing interface: batadv_slave_0
[  498.555255][T32216] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  498.562707][T32216] batman_adv: batadv0: Removing interface: batadv_slave_1
[  498.873988][T32231] netlink: 'syz.5.11443': attribute type 1 has an invalid length.
[  498.907622][T32231] 8021q: adding VLAN 0 to HW filter on device bond8
[  498.932434][T32231] bond8: (slave veth1): Enslaving as an active interface with a down link
[  498.952270][T32231] .`: (slave dummy0): Releasing backup interface
[  498.963363][T32231] bond8: (slave dummy0): making interface the new active one
[  498.979343][T32231] dummy0: entered promiscuous mode
[  498.985712][T32231] bond8: (slave dummy0): Enslaving as an active interface with an up link
[  499.010670][T32231] bond8 (unregistering): (slave veth1): Releasing active interface
[  499.031083][T32237] netlink: 'syz.8.11446': attribute type 10 has an invalid length.
[  499.048515][T32231] bond8 (unregistering): (slave dummy0): Releasing active interface
[  499.072842][T32231] bond8 (unregistering): Released all slaves
[  499.085953][T32238] netlink: 'syz.8.11446': attribute type 10 has an invalid length.
[  499.123822][T32237] team0: Failed to send options change via netlink (err -105)
[  499.131391][T32237] team0: Port device dummy0 added
[  499.169745][T32238] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  499.181213][T32238] team0: Failed to send options change via netlink (err -105)
[  499.189007][T32238] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  499.199048][T32238] team0: Port device dummy0 removed
[  499.217180][T32238] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  499.320334][T32254] netlink: 12 bytes leftover after parsing attributes in process `syz.8.11452'.
[  499.758410][T32262] bridge0: port 1(vlan0) entered blocking state
[  499.764943][T32262] bridge0: port 1(vlan0) entered disabled state
[  499.771459][T32262] vlan0: entered allmulticast mode
[  499.776702][T32262] bridge0: entered allmulticast mode
[  499.782740][T32262] vlan0: left allmulticast mode
[  499.788597][T32262] bridge0: left allmulticast mode
[  499.935716][T32273] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  499.965039][T32273] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  499.988877][T32273] ref_ctr_offset mismatch. inode: 0xc94 offset: 0x0 ref_ctr_offset(old): 0x100 ref_ctr_offset(new): 0x0
[  500.056824][T32279] netdevsim netdevsim9 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  500.118099][T32279] netdevsim netdevsim9 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  500.179089][T32279] netdevsim netdevsim9 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  500.239878][T32279] netdevsim netdevsim9 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  500.325663][ T1711] netdevsim netdevsim9 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  500.344829][ T1711] netdevsim netdevsim9 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  500.372519][ T1711] netdevsim netdevsim9 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  500.393810][ T1711] netdevsim netdevsim9 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  501.140421][T32312] netdevsim netdevsim5 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  501.150461][T32312] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  501.300510][T32320] sg_write: data in/out 49276/1 bytes for SCSI command 0x1c-- guessing data in;
[  501.300510][T32320]    program syz.8.11480 not setting count and/or reply_len properly
[  501.349349][T32312] netdevsim netdevsim5 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  501.360123][T32312] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  501.407935][T32312] netdevsim netdevsim5 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  501.418729][T32312] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  501.470206][T32312] netdevsim netdevsim5 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  501.480954][T32312] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  501.539212][ T1711] netdevsim netdevsim5 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  501.547551][ T1711] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  501.560350][ T1711] netdevsim netdevsim5 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  501.568677][ T1711] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  501.587421][ T1711] netdevsim netdevsim5 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  501.595928][ T1711] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  501.604214][ T1711] netdevsim netdevsim5 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  501.612494][ T1711] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  501.659454][T32341] netlink: 'syz.7.11487': attribute type 1 has an invalid length.
[  501.676057][T32341] 8021q: adding VLAN 0 to HW filter on device bond3
[  501.701941][T32341] bond3: (slave veth17): Enslaving as an active interface with a down link
[  501.728547][T32339] lo speed is unknown, defaulting to 1000
[  501.742544][T32341] bond0: (slave dummy0): Releasing backup interface
[  501.763709][T32341] bond3: (slave dummy0): making interface the new active one
[  501.783192][T32341] dummy0: entered promiscuous mode
[  501.788593][T32341] bond3: (slave dummy0): Enslaving as an active interface with an up link
[  501.801542][T32344] bond3 (unregistering): (slave veth17): Releasing active interface
[  501.811704][T32344] bond3 (unregistering): (slave dummy0): Releasing active interface
[  501.821409][T32344] bond3 (unregistering): Released all slaves
[  501.837640][T32339] lo speed is unknown, defaulting to 1000
[  502.352408][T32371] geneve2: entered promiscuous mode
[  502.357717][T32371] geneve2: entered allmulticast mode
[  502.853084][T32392] netlink: 8 bytes leftover after parsing attributes in process `syz.5.11507'.
[  502.862146][T32392] netlink: 8 bytes leftover after parsing attributes in process `syz.5.11507'.
[  502.878028][T32388] bridge: RTM_NEWNEIGH with invalid ether address
[  503.025990][T32339] net_ratelimit: 42 callbacks suppressed
[  503.026013][T32339] Set syz1 is full, maxelem 65536 reached
[  503.146681][T32411] netlink: 'syz.9.11514': attribute type 16 has an invalid length.
[  503.154942][T32411] netlink: 4 bytes leftover after parsing attributes in process `syz.9.11514'.
[  503.179099][T32411] bridge_slave_1: left allmulticast mode
[  503.185113][T32411] bridge_slave_1: left promiscuous mode
[  503.191047][T32411] bridge0: port 2(bridge_slave_1) entered disabled state
[  503.205989][T32411] bridge_slave_0: left allmulticast mode
[  503.211688][T32411] bridge_slave_0: left promiscuous mode
[  503.217970][T32411] bridge0: port 1(bridge_slave_0) entered disabled state
[  503.458579][T32417] lo speed is unknown, defaulting to 1000
[  503.498896][T32417] lo speed is unknown, defaulting to 1000
[  503.674810][   T29] kauditd_printk_skb: 518 callbacks suppressed
[  503.674833][   T29] audit: type=1400 audit(1768380524.156:18994): avc:  denied  { getopt } for  pid=32430 comm="syz.7.11522" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  503.903219][T32440] netlink: 'syz.8.11525': attribute type 12 has an invalid length.
[  503.934993][    T9] IPVS: starting estimator thread 0...
[  504.025337][T32443] IPVS: using max 2304 ests per chain, 115200 per kthread
[  504.033992][T32451] netlink: 'syz.0.11530': attribute type 1 has an invalid length.
[  504.144309][T32454] netlink: 8 bytes leftover after parsing attributes in process `syz.7.11531'.
[  504.159872][T32451] 8021q: adding VLAN 0 to HW filter on device bond10
[  504.205948][T32459] netlink: 8 bytes leftover after parsing attributes in process `syz.7.11531'.
[  504.248995][T32455] bond10: (slave veth29): Enslaving as an active interface with a down link
[  504.272444][T32451] bond10: (slave dummy0): making interface the new active one
[  504.281691][T32451] bond10: (slave dummy0): Enslaving as an active interface with an up link
[  504.430206][T32457] bond10 (unregistering): (slave veth29): Releasing active interface
[  504.448539][T32457] bond10 (unregistering): (slave dummy0): Releasing active interface
[  504.468038][T32457] bond10 (unregistering): Released all slaves
[  504.514552][T32472] netlink: 16 bytes leftover after parsing attributes in process `syz.5.11535'.
[  504.857093][T32497] netlink: 9 bytes leftover after parsing attributes in process `syz.0.11542'.
[  504.867438][T32497] netlink: 9 bytes leftover after parsing attributes in process `syz.0.11542'.
[  504.879956][T32501] siw: device registration error -23
[  504.934445][T32507] netlink: 'syz.5.11548': attribute type 1 has an invalid length.
[  504.950989][T32507] 8021q: adding VLAN 0 to HW filter on device bond8
[  504.976267][T32507] bond8: (slave veth23): Enslaving as an active interface with a down link
[  504.995861][T32507] bond8: (slave dummy0): making interface the new active one
[  505.006040][T32507] bond8: (slave dummy0): Enslaving as an active interface with an up link
[  505.030471][T32507] bond8 (unregistering): (slave veth23): Releasing active interface
[  505.049275][T32507] bond8 (unregistering): (slave dummy0): Releasing active interface
[  505.065365][T32507] bond8 (unregistering): Released all slaves
[  505.262335][   T29] audit: type=1326 audit(1768380525.796:18995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32525 comm="syz.0.11564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb984fcf749 code=0x7ffc0000
[  505.287132][   T29] audit: type=1326 audit(1768380525.796:18996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32525 comm="syz.0.11564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb984fcf749 code=0x7ffc0000
[  505.313702][T32528] netdevsim netdevsim9 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  505.327353][   T29] audit: type=1326 audit(1768380525.846:18997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32525 comm="syz.0.11564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fb984fcf749 code=0x7ffc0000
[  505.351262][   T29] audit: type=1326 audit(1768380525.846:18998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32525 comm="syz.0.11564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb984fcf749 code=0x7ffc0000
[  505.375065][   T29] audit: type=1326 audit(1768380525.846:18999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32525 comm="syz.0.11564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb984fcf749 code=0x7ffc0000
[  505.399731][   T29] audit: type=1326 audit(1768380525.846:19000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32525 comm="syz.0.11564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb984fcf749 code=0x7ffc0000
[  505.423595][   T29] audit: type=1326 audit(1768380525.846:19001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32525 comm="syz.0.11564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb984fcf749 code=0x7ffc0000
[  505.447457][   T29] audit: type=1326 audit(1768380525.846:19002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32525 comm="syz.0.11564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb984fcf749 code=0x7ffc0000
[  505.472108][   T29] audit: type=1326 audit(1768380525.846:19003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32525 comm="syz.0.11564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb984fcf749 code=0x7ffc0000
[  505.568662][T32528] netdevsim netdevsim9 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  505.612833][T32549] loop8: detected capacity change from 0 to 1024
[  505.639604][T32549] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  505.665761][T32528] netdevsim netdevsim9 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  505.710339][T32554] EXT4-fs error (device loop8): ext4_xattr_inode_iget:441: inode #11: comm syz.8.11563: missing EA_INODE flag
[  505.724112][T32554] EXT4-fs (loop8): Remounting filesystem read-only
[  505.737985][T32528] netdevsim netdevsim9 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  505.797153][T27244] netdevsim netdevsim9 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  505.809001][T16204] netdevsim netdevsim9 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  505.821187][T16204] netdevsim netdevsim9 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  505.833030][T16204] netdevsim netdevsim9 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  505.873065][T27038] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  505.987055][T32562] lo speed is unknown, defaulting to 1000
[  506.047990][T32562] lo speed is unknown, defaulting to 1000
[  506.177689][T32584] netlink: 4 bytes leftover after parsing attributes in process `syz.0.11573'.
[  506.186746][T32584] netlink: 348 bytes leftover after parsing attributes in process `syz.0.11573'.
[  506.196011][T32584] netlink: 4 bytes leftover after parsing attributes in process `syz.0.11573'.
[  506.204992][T32584] netlink: 348 bytes leftover after parsing attributes in process `syz.0.11573'.
[  506.288231][T32584] netlink: 4 bytes leftover after parsing attributes in process `syz.0.11573'.
[  506.347831][T32584] netlink: 4 bytes leftover after parsing attributes in process `syz.0.11573'.
[  506.357125][T32584] netlink: 348 bytes leftover after parsing attributes in process `syz.0.11573'.
[  507.039598][T32626] lo speed is unknown, defaulting to 1000
[  507.127020][T32605] loop8: detected capacity change from 0 to 512
[  507.128232][T32626] lo speed is unknown, defaulting to 1000
[  507.146995][T32605] EXT4-fs warning (device loop8): ext4_enable_quotas:7221: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  507.177383][T32605] EXT4-fs (loop8): mount failed
[  507.340128][T32638] ref_ctr_offset mismatch. inode: 0x2db9 offset: 0x0 ref_ctr_offset(old): 0x100 ref_ctr_offset(new): 0x0
[  507.595771][T32647] vlan2: entered allmulticast mode
[  507.601465][T32647] dummy0: entered allmulticast mode
[  507.649417][T32651] vlan3: entered promiscuous mode
[  507.654593][T32651] syz_tun: entered promiscuous mode
[  507.752636][T32661] netlink: 'syz.8.11604': attribute type 16 has an invalid length.
[  507.763660][T32661] bridge_slave_1: left allmulticast mode
[  507.769611][T32661] bridge_slave_1: left promiscuous mode
[  507.775481][T32661] bridge0: port 2(bridge_slave_1) entered disabled state
[  507.795198][T32661] bridge_slave_0: left promiscuous mode
[  507.800958][T32661] bridge0: port 1(bridge_slave_0) entered disabled state
[  508.252367][T32697] lo speed is unknown, defaulting to 1000
[  508.316779][T32712] vlan0: entered allmulticast mode
[  508.427390][T32697] lo speed is unknown, defaulting to 1000
[  508.775870][   T29] kauditd_printk_skb: 128 callbacks suppressed
[  508.775892][   T29] audit: type=1326 audit(1768380529.306:19131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32748 comm="syz.0.11629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb984fcf749 code=0x7ffc0000
[  508.886056][   T29] audit: type=1326 audit(1768380529.346:19132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32748 comm="syz.0.11629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb984fcf749 code=0x7ffc0000
[  508.887729][T32761] team2: entered promiscuous mode
[  508.910250][   T29] audit: type=1326 audit(1768380529.346:19133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32748 comm="syz.0.11629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7fb984fcf749 code=0x7ffc0000
[  508.917099][T32761] team2: entered allmulticast mode
[  508.938685][   T29] audit: type=1326 audit(1768380529.346:19134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32757 comm="syz.0.11629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fb985002005 code=0x7ffc0000
[  508.967317][   T29] audit: type=1326 audit(1768380529.346:19135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32748 comm="syz.0.11629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb984fcf749 code=0x7ffc0000
[  508.991155][   T29] audit: type=1326 audit(1768380529.346:19136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32748 comm="syz.0.11629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7fb984fcf749 code=0x7ffc0000
[  509.006896][T32761] 8021q: adding VLAN 0 to HW filter on device team2
[  509.014868][   T29] audit: type=1326 audit(1768380529.346:19137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32748 comm="syz.0.11629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb984f6b829 code=0x7ffc0000
[  509.014922][   T29] audit: type=1326 audit(1768380529.346:19138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32748 comm="syz.0.11629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb984fcf749 code=0x7ffc0000
[  509.015046][   T29] audit: type=1326 audit(1768380529.346:19139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32748 comm="syz.0.11629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb984fcf749 code=0x7ffc0000
[  509.015089][   T29] audit: type=1326 audit(1768380529.346:19140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32748 comm="syz.0.11629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb984fcf749 code=0x7ffc0000
[  509.147383][ T3406] IPVS: starting estimator thread 0...
[  509.235241][  T304] IPVS: using max 2256 ests per chain, 112800 per kthread
[  509.474611][  T314] lo speed is unknown, defaulting to 1000
[  509.533740][  T333] loop9: detected capacity change from 0 to 512
[  509.555290][  T333] EXT4-fs: Ignoring removed nomblk_io_submit option
[  509.576058][  T333] EXT4-fs (loop9): revision level too high, forcing read-only mode
[  509.584072][  T333] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=c000e128, mo2=0002]
[  509.614876][  T333] EXT4-fs (loop9): orphan cleanup on readonly fs
[  509.621293][  T333] EXT4-fs warning (device loop9): ext4_enable_quotas:7221: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  509.636798][  T333] EXT4-fs (loop9): Cannot turn on quotas: error -22
[  509.660865][  T333] EXT4-fs error (device loop9): ext4_validate_block_bitmap:441: comm syz.9.11647: bg 0: block 40: padding at end of block bitmap is not set
[  509.680522][  T314] lo speed is unknown, defaulting to 1000
[  509.691547][  T333] EXT4-fs (loop9): Remounting filesystem read-only
[  509.713143][  T333] EXT4-fs (loop9): 1 truncate cleaned up
[  509.719477][  T333] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  509.759534][T29408] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  509.919419][  T358] 9pnet: p9_errstr2errno: server reported unknown error 
[  509.963358][  T362] loop7: detected capacity change from 0 to 512
[  510.913008][  T378] lo speed is unknown, defaulting to 1000
[  511.000835][  T314] Set syz1 is full, maxelem 65536 reached
[  511.146218][  T378] lo speed is unknown, defaulting to 1000
[  511.233141][  T404] __nla_validate_parse: 18 callbacks suppressed
[  511.233239][  T404] netlink: 8 bytes leftover after parsing attributes in process `syz.0.11678'.
[  511.249100][  T404] netlink: 8 bytes leftover after parsing attributes in process `syz.0.11678'.
[  511.555033][  T427] netlink: 'syz.0.11689': attribute type 1 has an invalid length.
[  511.583814][  T427] bond10: entered promiscuous mode
[  511.595268][  T427] 8021q: adding VLAN 0 to HW filter on device bond10
[  511.846564][  T430] bond10: (slave bridge9): making interface the new active one
[  511.854237][  T430] bridge9: entered promiscuous mode
[  511.870404][  T430] bond10: (slave bridge9): Enslaving as an active interface with an up link
[  511.901580][  T438] vlan2: entered allmulticast mode
[  511.910405][  T438] dummy0: entered allmulticast mode
[  512.000616][  T450] vlan3: entered allmulticast mode
[  512.005965][  T450] bridge_slave_0: entered allmulticast mode
[  512.130509][  T467] netlink: 'syz.7.11701': attribute type 7 has an invalid length.
[  512.138783][  T467] netlink: 8 bytes leftover after parsing attributes in process `syz.7.11701'.
[  512.288220][  T480] loop7: detected capacity change from 0 to 512
[  512.318505][  T480] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  512.332394][  T480] ext4 filesystem being mounted at /670/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  512.359781][T23640] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  512.769592][  T501] bridge: RTM_NEWNEIGH with invalid ether address
[  512.836878][  T500] vlan3: entered allmulticast mode
[  513.092031][  T536] atomic_op ffff88810341ed28 conn xmit_atomic 0000000000000000
[  513.252031][  T552] netlink: 204 bytes leftover after parsing attributes in process `syz.5.11733'.
[  513.461696][  T576] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  513.471694][  T576] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  514.305223][  T610] sctp: [Deprecated]: syz.0.11756 (pid 610) Use of int in max_burst socket option deprecated.
[  514.305223][  T610] Use struct sctp_assoc_value instead
[  514.467903][  T614] lo speed is unknown, defaulting to 1000
[  514.660745][  T631] loop7: detected capacity change from 0 to 512
[  514.702907][  T614] lo speed is unknown, defaulting to 1000
[  514.711400][  T618] lo speed is unknown, defaulting to 1000
[  514.720138][  T631] __quota_error: 84 callbacks suppressed
[  514.720156][  T631] Quota error (device loop7): v2_read_file_info: Free block number 1 out of range (1, 6).
[  514.772895][  T631] EXT4-fs warning (device loop7): ext4_enable_quotas:7221: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  514.808296][  T631] EXT4-fs (loop7): mount failed
[  514.908235][  T618] lo speed is unknown, defaulting to 1000
[  514.926111][  T626] lo speed is unknown, defaulting to 1000
[  515.034377][  T626] lo speed is unknown, defaulting to 1000
[  515.045534][   T29] audit: type=1326 audit(1768380791.587:19224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=643 comm="syz.7.11769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6950df749 code=0x7ffc0000
[  515.116322][   T29] audit: type=1326 audit(1768380791.617:19225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=643 comm="syz.7.11769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fa6950df749 code=0x7ffc0000
[  515.139976][   T29] audit: type=1326 audit(1768380791.617:19226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=643 comm="syz.7.11769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6950df749 code=0x7ffc0000
[  515.163727][   T29] audit: type=1326 audit(1768380791.617:19227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=643 comm="syz.7.11769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa6950df749 code=0x7ffc0000
[  515.187398][   T29] audit: type=1326 audit(1768380791.617:19228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=643 comm="syz.7.11769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6950df749 code=0x7ffc0000
[  515.211107][   T29] audit: type=1326 audit(1768380791.617:19229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=643 comm="syz.7.11769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa6950df749 code=0x7ffc0000
[  515.234728][   T29] audit: type=1326 audit(1768380791.617:19230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=643 comm="syz.7.11769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6950df749 code=0x7ffc0000
[  515.258294][   T29] audit: type=1326 audit(1768380791.617:19231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=643 comm="syz.7.11769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa6950df749 code=0x7ffc0000
[  515.281831][   T29] audit: type=1326 audit(1768380791.617:19232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=643 comm="syz.7.11769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6950df749 code=0x7ffc0000
[  515.652540][  T661] netlink: 8 bytes leftover after parsing attributes in process `syz.7.11776'.
[  515.692433][  T661] netlink: 4 bytes leftover after parsing attributes in process `syz.7.11776'.
[  515.712719][  T661] batman_adv: batadv0: Removing interface: batadv_slave_0
[  515.813665][  T670] veth1_to_bond: entered promiscuous mode
[  515.861978][  T673] loop7: detected capacity change from 0 to 512
[  515.918106][  T673] EXT4-fs warning (device loop7): ext4_enable_quotas:7221: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  515.951800][  T673] EXT4-fs (loop7): mount failed
[  516.214854][  T668] veth1_to_bond: left promiscuous mode
[  516.636046][  T718] lo: Caught tx_queue_len zero misconfig
[  516.641905][  T718] netlink: 4 bytes leftover after parsing attributes in process `syz.0.11802'.
[  516.661581][  T720] netlink: 4 bytes leftover after parsing attributes in process `syz.5.11803'.
[  516.686449][  T720] netlink: 12 bytes leftover after parsing attributes in process `syz.5.11803'.
[  517.081130][  T737] lo speed is unknown, defaulting to 1000
[  517.349304][  T737] lo speed is unknown, defaulting to 1000
[  517.537510][  T760] loop8: detected capacity change from 0 to 512
[  517.597681][  T760] EXT4-fs warning (device loop8): ext4_enable_quotas:7221: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  517.650937][  T760] EXT4-fs (loop8): mount failed
[  518.427272][  T816] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  518.486868][  T818] netlink: 64 bytes leftover after parsing attributes in process `syz.7.11843'.
[  518.537270][  T820] lo speed is unknown, defaulting to 1000
[  518.588222][  T820] lo speed is unknown, defaulting to 1000
[  519.145356][  T842] netlink: 16 bytes leftover after parsing attributes in process `syz.7.11852'.
[  519.548199][  T868] netdevsim netdevsim5 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  519.558231][  T868] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  519.578836][  T869] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  519.597301][  T868] netdevsim netdevsim5 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  519.607225][  T868] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  519.641132][  T870] veth1_to_bond: entered promiscuous mode
[  519.707305][  T868] netdevsim netdevsim5 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  519.718084][  T868] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  519.767763][  T868] netdevsim netdevsim5 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  519.777835][  T868] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  519.837044][  T879] loop7: detected capacity change from 0 to 128
[  519.961031][  T866] veth1_to_bond: left promiscuous mode
[  520.003986][ T1711] netdevsim netdevsim5 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  520.012472][ T1711] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  520.022712][  T881] bridge0: port 1(gretap0) entered blocking state
[  520.029987][  T881] bridge0: port 1(gretap0) entered disabled state
[  520.042626][  T877] loop8: detected capacity change from 0 to 2048
[  520.051819][  T881] gretap0: entered allmulticast mode
[  520.060126][  T883] netlink: 24 bytes leftover after parsing attributes in process `syz.9.11868'.
[  520.070051][  T881] gretap0: entered promiscuous mode
[  520.076347][  T877] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  520.077497][ T1711] netdevsim netdevsim5 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  520.097736][ T1711] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  520.120698][  T877] EXT4-fs error (device loop8): ext4_find_extent:939: inode #2: comm syz.8.11865: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  520.140603][  T887] gretap0: left allmulticast mode
[  520.145279][  T877] EXT4-fs (loop8): Remounting filesystem read-only
[  520.148310][  T887] gretap0: left promiscuous mode
[  520.157432][  T887] bridge0: port 1(gretap0) entered disabled state
[  520.165239][   T29] kauditd_printk_skb: 194 callbacks suppressed
[  520.165254][   T29] audit: type=1326 audit(1768380796.707:19425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=876 comm="syz.8.11865" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55d4d6f749 code=0x7ffc0000
[  520.201425][   T29] audit: type=1326 audit(1768380796.737:19426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=876 comm="syz.8.11865" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f55d4d6f749 code=0x7ffc0000
[  520.225262][   T29] audit: type=1326 audit(1768380796.737:19427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=876 comm="syz.8.11865" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55d4d6f749 code=0x7ffc0000
[  520.248897][   T29] audit: type=1326 audit(1768380796.737:19428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=876 comm="syz.8.11865" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55d4d6f749 code=0x7ffc0000
[  520.272590][   T29] audit: type=1326 audit(1768380796.737:19429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=876 comm="syz.8.11865" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f55d4d6f749 code=0x7ffc0000
[  520.296389][   T29] audit: type=1326 audit(1768380796.737:19430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=876 comm="syz.8.11865" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55d4d6f749 code=0x7ffc0000
[  520.319987][   T29] audit: type=1326 audit(1768380796.737:19431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=876 comm="syz.8.11865" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55d4d6f749 code=0x7ffc0000
[  520.338882][  T891] netlink: 12 bytes leftover after parsing attributes in process `syz.0.11870'.
[  520.343900][   T29] audit: type=1326 audit(1768380796.737:19432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=876 comm="syz.8.11865" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f55d4d6f749 code=0x7ffc0000
[  520.376409][   T29] audit: type=1326 audit(1768380796.737:19433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=876 comm="syz.8.11865" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55d4d6f749 code=0x7ffc0000
[  520.400078][   T29] audit: type=1326 audit(1768380796.737:19434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=876 comm="syz.8.11865" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55d4d6f749 code=0x7ffc0000
[  520.436522][T27244] netdevsim netdevsim5 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  520.444914][T27244] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  520.463903][T27038] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  520.508593][T27244] netdevsim netdevsim5 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  520.518065][T27244] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  520.593962][  T907] netlink: 'syz.9.11877': attribute type 30 has an invalid length.
[  520.809981][  T924] loop8: detected capacity change from 0 to 1024
[  520.852290][  T924] EXT4-fs (loop8): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  520.877983][  T924] ext4 filesystem being mounted at /494/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  520.893844][  T934] netlink: 12 bytes leftover after parsing attributes in process `syz.7.11884'.
[  520.907074][  T924] EXT4-fs error (device loop8): ext4_map_blocks:825: inode #15: block 3: comm syz.8.11883: lblock 3 mapped to illegal pblock 3 (length 3)
[  520.933783][  T926] netlink: 'syz.0.11885': attribute type 4 has an invalid length.
[  520.966036][  T924] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  520.978468][  T924] EXT4-fs (loop8): This should not happen!! Data will be lost
[  520.978468][  T924] 
[  521.041885][T27244] EXT4-fs error (device loop8): ext4_map_blocks:825: inode #15: comm kworker/u8:71: lblock 0 mapped to illegal pblock 0 (length 3)
[  521.070474][T27244] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 3 with error 117
[  521.082829][T27244] EXT4-fs (loop8): This should not happen!! Data will be lost
[  521.082829][T27244] 
[  521.095811][T27244] EXT4-fs error (device loop8): ext4_map_blocks:825: inode #15: block 8: comm kworker/u8:71: lblock 8 mapped to illegal pblock 8 (length 8)
[  521.111097][T27244] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[  521.124568][T27244] EXT4-fs (loop8): This should not happen!! Data will be lost
[  521.124568][T27244] 
[  521.136103][T27038] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  521.227497][  T947] lo speed is unknown, defaulting to 1000
[  521.296853][  T947] lo speed is unknown, defaulting to 1000
[  521.507661][  T951] lo speed is unknown, defaulting to 1000
[  521.652944][  T971] loop9: detected capacity change from 0 to 1024
[  521.691497][  T951] lo speed is unknown, defaulting to 1000
[  521.702370][  T971] EXT4-fs (loop9): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  521.718107][  T976] netlink: 28 bytes leftover after parsing attributes in process `syz.8.11903'.
[  521.731766][  T971] ext4 filesystem being mounted at /289/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  521.766357][  T971] EXT4-fs error (device loop9): ext4_map_blocks:825: inode #15: block 3: comm syz.9.11901: lblock 3 mapped to illegal pblock 3 (length 3)
[  521.811115][  T971] EXT4-fs (loop9): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  521.823566][  T971] EXT4-fs (loop9): This should not happen!! Data will be lost
[  521.823566][  T971] 
[  521.866948][ T4938] EXT4-fs error (device loop9): ext4_map_blocks:825: inode #15: comm kworker/u8:18: lblock 0 mapped to illegal pblock 0 (length 3)
[  521.881164][ T4938] EXT4-fs (loop9): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 3 with error 117
[  521.893782][ T4938] EXT4-fs (loop9): This should not happen!! Data will be lost
[  521.893782][ T4938] 
[  521.910315][ T4988] EXT4-fs error (device loop9): ext4_map_blocks:825: inode #15: block 8: comm kworker/u8:66: lblock 8 mapped to illegal pblock 8 (length 8)
[  521.947718][ T4988] EXT4-fs (loop9): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[  521.960204][ T4988] EXT4-fs (loop9): This should not happen!! Data will be lost
[  521.960204][ T4988] 
[  521.978184][T29408] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  522.341668][ T1014] netlink: 'syz.8.11927': attribute type 4 has an invalid length.
[  522.856032][ T1021] loop8: detected capacity change from 0 to 256
[  522.862964][ T1022] loop7: detected capacity change from 0 to 128
[  522.900096][ T1022] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  522.946168][ T1022] ext4 filesystem being mounted at /711/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  523.070544][ T1031] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  523.086046][T23640] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  523.103948][ T1033] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  523.692290][ T1052] lo speed is unknown, defaulting to 1000
[  523.864495][ T1052] lo speed is unknown, defaulting to 1000
[  524.301478][ T1079] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  524.447067][ T1087] netlink: 12 bytes leftover after parsing attributes in process `syz.7.11941'.
[  524.517216][ T1089] netlink: 9 bytes leftover after parsing attributes in process `syz.7.11942'.
[  524.551604][ T1089] netlink: 9 bytes leftover after parsing attributes in process `syz.7.11942'.
[  524.640426][ T1097] loop9: detected capacity change from 0 to 512
[  524.668169][ T1097] EXT4-fs error (device loop9): ext4_orphan_get:1391: inode #15: comm syz.9.11945: inode has both inline data and extents flags
[  524.708309][ T1097] EXT4-fs error (device loop9): ext4_orphan_get:1396: comm syz.9.11945: couldn't read orphan inode 15 (err -117)
[  524.736670][ T1097] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  525.131078][T29408] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  525.176361][ T1116] loop9: detected capacity change from 0 to 512
[  525.214343][ T1116] EXT4-fs: Ignoring removed bh option
[  525.250941][   T29] kauditd_printk_skb: 111 callbacks suppressed
[  525.250960][   T29] audit: type=1326 audit(1768380801.787:19546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1118 comm="syz.8.11955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55d4d6f749 code=0x7ffc0000
[  525.252146][ T1116] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  525.285981][   T29] audit: type=1326 audit(1768380801.827:19547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1118 comm="syz.8.11955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55d4d6f749 code=0x7ffc0000
[  525.318049][ T1116] ext4 filesystem being mounted at /300/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  525.329856][   T29] audit: type=1326 audit(1768380801.867:19548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1118 comm="syz.8.11955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f55d4d6f749 code=0x7ffc0000
[  525.356987][   T29] audit: type=1326 audit(1768380801.867:19549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1118 comm="syz.8.11955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55d4d6f749 code=0x7ffc0000
[  525.380808][   T29] audit: type=1326 audit(1768380801.867:19550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1118 comm="syz.8.11955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f55d4d6f749 code=0x7ffc0000
[  525.404295][   T29] audit: type=1326 audit(1768380801.867:19551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1118 comm="syz.8.11955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55d4d6f749 code=0x7ffc0000
[  525.427988][   T29] audit: type=1326 audit(1768380801.867:19552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1118 comm="syz.8.11955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=216 compat=0 ip=0x7f55d4d6f749 code=0x7ffc0000
[  525.451809][   T29] audit: type=1326 audit(1768380801.867:19553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1118 comm="syz.8.11955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55d4d6f749 code=0x7ffc0000
[  525.492827][   T29] audit: type=1326 audit(1768380801.917:19554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1118 comm="syz.8.11955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55d4d6f749 code=0x7ffc0000
[  525.553423][T29408] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  525.754771][ T1136] loop7: detected capacity change from 0 to 1024
[  525.761631][ T1138] netlink: 8 bytes leftover after parsing attributes in process `syz.8.11971'.
[  525.768099][ T1139] loop9: detected capacity change from 0 to 1024
[  525.794190][ T1139] EXT4-fs: Ignoring removed orlov option
[  525.811545][ T1136] EXT4-fs (loop7): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  525.824066][ T1136] ext4 filesystem being mounted at /722/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  525.837331][ T1139] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  525.893265][ T1136] EXT4-fs error (device loop7): ext4_map_blocks:825: inode #15: block 3: comm syz.7.11961: lblock 3 mapped to illegal pblock 3 (length 3)
[  525.991450][ T1136] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  526.003851][ T1136] EXT4-fs (loop7): This should not happen!! Data will be lost
[  526.003851][ T1136] 
[  526.124978][ T4939] EXT4-fs error (device loop7): ext4_map_blocks:825: inode #15: comm kworker/u8:19: lblock 0 mapped to illegal pblock 0 (length 3)
[  526.166846][ T4939] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 3 with error 117
[  526.180048][ T4939] EXT4-fs (loop7): This should not happen!! Data will be lost
[  526.180048][ T4939] 
[  526.245678][ T4939] EXT4-fs error (device loop7): ext4_map_blocks:825: inode #15: block 8: comm kworker/u8:19: lblock 8 mapped to illegal pblock 8 (length 8)
[  526.287419][ T4939] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[  526.299770][ T4939] EXT4-fs (loop7): This should not happen!! Data will be lost
[  526.299770][ T4939] 
[  526.311893][T23640] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  526.441203][ T1161] netlink: 'syz.8.11968': attribute type 27 has an invalid length.
[  526.444901][   T29] audit: type=1326 audit(1768380802.977:19555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1163 comm="syz.7.11969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6950df749 code=0x7ffc0000
[  526.493417][ T1161] bond3: left promiscuous mode
[  526.498457][ T1161] bond4: left promiscuous mode
[  526.557551][ T1166] 8021q: adding VLAN 0 to HW filter on device bond0
[  526.608447][ T1166] 8021q: adding VLAN 0 to HW filter on device team0
[  526.616688][T29408] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  526.627700][ T1166] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  526.779813][ T1182] loop9: detected capacity change from 0 to 1024
[  526.791996][ T1182] EXT4-fs: Ignoring removed bh option
[  526.818806][ T1182] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  526.856406][ T1182] EXT4-fs error (device loop9): mb_free_blocks:2037: group 0, inode 15: block 273:freeing already freed block (bit 17); block bitmap corrupt.
[  526.878875][ T1182] EXT4-fs (loop9): Remounting filesystem read-only
[  526.889084][ T1182] EXT4-fs warning (device loop9): ext4_convert_unwritten_extents:4984: inode #15: block 64: len 64: ext4_ext_map_blocks returned -30
[  527.154278][ T1208] team_slave_1: Caught tx_queue_len zero misconfig
[  527.610441][T29408] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  527.747946][ T1225] lo speed is unknown, defaulting to 1000
[  527.822634][ T1225] lo speed is unknown, defaulting to 1000
[  528.174411][ T1241] tipc: Started in network mode
[  528.179407][ T1241] tipc: Node identity ea31f41a4014, cluster identity 4711
[  528.186692][ T1241] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  528.224877][ T1241] tipc: Disabling bearer <eth:syzkaller0>
[  528.642537][ T1255] netlink: 4 bytes leftover after parsing attributes in process `syz.5.12002'.
[  528.804127][ T1272] veth1_virt_wifi: Caught tx_queue_len zero misconfig
[  529.291818][ T1303] netlink: 4 bytes leftover after parsing attributes in process `syz.8.12017'.
[  529.548059][ T1311] loop8: detected capacity change from 0 to 1024
[  529.562802][ T1311] EXT4-fs: Ignoring removed bh option
[  529.589868][ T1311] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  529.636618][ T1311] EXT4-fs error (device loop8): mb_free_blocks:2037: group 0, inode 15: block 273:freeing already freed block (bit 17); block bitmap corrupt.
[  529.678506][ T1311] EXT4-fs (loop8): Remounting filesystem read-only
[  529.685651][ T1311] EXT4-fs warning (device loop8): ext4_convert_unwritten_extents:4984: inode #15: block 64: len 64: ext4_ext_map_blocks returned -30
[  529.916958][ T1323] loop7: detected capacity change from 0 to 512
[  529.930928][ T1323] EXT4-fs: Ignoring removed bh option
[  529.957882][ T1323] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  529.997314][ T1323] ext4 filesystem being mounted at /733/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  530.186649][T23640] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  530.415803][T27038] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  530.493424][ T1310] lo speed is unknown, defaulting to 1000
[  530.560558][ T1310] lo speed is unknown, defaulting to 1000
[  530.727521][   T29] kauditd_printk_skb: 67 callbacks suppressed
[  530.727659][   T29] audit: type=1326 audit(1768380807.267:19623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1350 comm="syz.9.12033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb48be6f749 code=0x7ffc0000
[  530.812769][   T29] audit: type=1326 audit(1768380807.267:19624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1350 comm="syz.9.12033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb48be6f749 code=0x7ffc0000
[  530.836598][   T29] audit: type=1326 audit(1768380807.297:19625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1350 comm="syz.9.12033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb48be6f749 code=0x7ffc0000
[  530.860348][   T29] audit: type=1326 audit(1768380807.297:19626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1350 comm="syz.9.12033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb48be6f749 code=0x7ffc0000
[  530.884267][   T29] audit: type=1326 audit(1768380807.297:19627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1350 comm="syz.9.12033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb48be6f749 code=0x7ffc0000
[  530.908146][   T29] audit: type=1326 audit(1768380807.307:19628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1350 comm="syz.9.12033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb48be6f749 code=0x7ffc0000
[  530.931803][   T29] audit: type=1326 audit(1768380807.307:19629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1350 comm="syz.9.12033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb48be6f749 code=0x7ffc0000
[  530.955499][   T29] audit: type=1326 audit(1768380807.307:19630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1350 comm="syz.9.12033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb48be6f749 code=0x7ffc0000
[  530.979294][   T29] audit: type=1326 audit(1768380807.317:19631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1350 comm="syz.9.12033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb48be6f749 code=0x7ffc0000
[  531.002929][   T29] audit: type=1326 audit(1768380807.327:19632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1350 comm="syz.9.12033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb48be6f749 code=0x7ffc0000
[  531.382159][ T1371] syzkaller0: entered promiscuous mode
[  531.388021][ T1371] syzkaller0: entered allmulticast mode
[  531.931087][ T1411] ref_ctr_offset mismatch. inode: 0x2f91 offset: 0x0 ref_ctr_offset(old): 0x72 ref_ctr_offset(new): 0x0
[  532.159969][ T1422] wg2: entered promiscuous mode
[  532.164947][ T1422] wg2: entered allmulticast mode
[  532.386820][ T1435] loop7: detected capacity change from 0 to 1024
[  532.415167][ T1435] EXT4-fs: Ignoring removed bh option
[  532.439630][ T1435] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  532.548063][ T1442] netlink: 'syz.5.12070': attribute type 27 has an invalid length.
[  532.566693][T23640] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  532.597505][ T1442] geneve3: left promiscuous mode
[  532.658201][ T1442] ip6gre2: left allmulticast mode
[  532.680426][ T1442] veth8: left promiscuous mode
[  532.705246][ T1442] ip6tnl1: left promiscuous mode
[  532.722580][ T1442] bond7: left allmulticast mode
[  532.727682][ T1442] ip6gretap0: left allmulticast mode
[  532.735960][ T1442] team2: left promiscuous mode
[  532.740789][ T1442] team2: left allmulticast mode
[  532.763767][ T4970] netdevsim netdevsim5 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[  532.772898][ T4970] netdevsim netdevsim5 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  532.789957][ T1447] gretap0: left promiscuous mode
[  532.852144][ T1458] loop7: detected capacity change from 0 to 1024
[  532.872165][ T1447] 8021q: adding VLAN 0 to HW filter on device .`
[  532.876985][ T1458] EXT4-fs: inline encryption not supported
[  532.891326][ T1447] 8021q: adding VLAN 0 to HW filter on device team0
[  532.912871][ T1447] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  532.931027][ T4970] netdevsim netdevsim5 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[  532.939472][ T4970] netdevsim netdevsim5 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  532.966619][ T1458] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  532.981324][ T4970] netdevsim netdevsim5 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[  532.990822][ T4970] netdevsim netdevsim5 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  533.046144][T23640] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  533.077117][ T4970] netdevsim netdevsim5 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[  533.085579][ T4970] netdevsim netdevsim5 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  533.126068][ T1464] loop7: detected capacity change from 0 to 128
[  533.152553][ T1464] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  533.166840][ T1469] netlink: 212892 bytes leftover after parsing attributes in process `syz.5.12080'.
[  533.181773][ T1464] ext4 filesystem being mounted at /746/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  533.322738][T23640] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  533.387485][ T1485] netlink: 12 bytes leftover after parsing attributes in process `syz.7.12085'.
[  533.409719][ T4532] netdevsim netdevsim7 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  533.409717][ T1485] netlink: 12 bytes leftover after parsing attributes in process `syz.7.12085'.
[  533.427421][ T4532] netdevsim netdevsim7 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  533.443178][ T4532] netdevsim netdevsim7 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  533.458083][ T4532] netdevsim netdevsim7 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  533.655027][ T1507] netlink: 1300 bytes leftover after parsing attributes in process `syz.9.12095'.
[  533.836403][ T1523] lo speed is unknown, defaulting to 1000
[  533.843176][ T1535] netlink: 24 bytes leftover after parsing attributes in process `syz.0.12109'.
[  533.907876][ T1523] lo speed is unknown, defaulting to 1000
[  534.213184][ T1560] loop8: detected capacity change from 0 to 1024
[  534.221019][ T1560] EXT4-fs: Ignoring removed oldalloc option
[  534.258409][ T1560] EXT4-fs (loop8): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: writeback.
[  534.271328][ T1560] ext4 filesystem being mounted at /552/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  534.309667][T27038] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  534.510122][ T1573] netlink: 'syz.9.12119': attribute type 1 has an invalid length.
[  534.538547][ T1573] 8021q: adding VLAN 0 to HW filter on device bond2
[  534.567365][ T1573] ip6erspan0: entered promiscuous mode
[  534.587955][ T1573] bond2: (slave ip6erspan0): making interface the new active one
[  534.610696][ T1573] bond2: (slave ip6erspan0): Enslaving as an active interface with an up link
[  535.308583][ T1570] lo speed is unknown, defaulting to 1000
[  535.350032][ T1570] lo speed is unknown, defaulting to 1000
[  535.485607][ T1606] netlink: 'syz.9.12131': attribute type 1 has an invalid length.
[  535.493510][ T1606] netlink: 'syz.9.12131': attribute type 2 has an invalid length.
[  535.520470][ T1606] netlink: 4 bytes leftover after parsing attributes in process `syz.9.12131'.
[  535.670552][ T1612] loop8: detected capacity change from 0 to 4096
[  535.686524][ T1612] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  535.783490][ T3490] kernel write not supported for file bpf-prog (pid: 3490 comm: kworker/1:6)
[  535.814101][ T1626] loop9: detected capacity change from 0 to 128
[  535.827481][ T1626] EXT4-fs (loop9): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  535.852394][ T1629] netlink: 8 bytes leftover after parsing attributes in process `syz.7.12141'.
[  535.961144][T29408] EXT4-fs (loop9): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  536.004653][T27038] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  536.076999][   T29] kauditd_printk_skb: 278 callbacks suppressed
[  536.077037][   T29] audit: type=1326 audit(536.064:19911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1635 comm="syz.8.12144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55d4d6f749 code=0x7ffc0000
[  536.136431][   T29] audit: type=1326 audit(536.064:19912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1635 comm="syz.8.12144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55d4d6f749 code=0x7ffc0000
[  536.159603][   T29] audit: type=1326 audit(536.064:19913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1635 comm="syz.8.12144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f55d4d6f749 code=0x7ffc0000
[  536.182817][   T29] audit: type=1326 audit(536.064:19914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1635 comm="syz.8.12144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55d4d6f749 code=0x7ffc0000
[  536.205972][   T29] audit: type=1326 audit(536.064:19915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1635 comm="syz.8.12144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55d4d6f749 code=0x7ffc0000
[  536.229080][   T29] audit: type=1326 audit(536.064:19916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1635 comm="syz.8.12144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f55d4d6f749 code=0x7ffc0000
[  536.267411][   T29] audit: type=1326 audit(536.144:19917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1635 comm="syz.8.12144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55d4d6f749 code=0x7ffc0000
[  536.290812][   T29] audit: type=1326 audit(536.144:19918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1635 comm="syz.8.12144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55d4d6f749 code=0x7ffc0000
[  536.313952][   T29] audit: type=1326 audit(536.174:19919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1635 comm="syz.8.12144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=81 compat=0 ip=0x7f55d4d6f749 code=0x7ffc0000
[  536.337041][   T29] audit: type=1326 audit(536.174:19920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1635 comm="syz.8.12144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55d4d6f749 code=0x7ffc0000
[  536.877685][ T1677] netlink: 28 bytes leftover after parsing attributes in process `syz.7.12161'.
[  536.910386][ T1677] netlink: 'syz.7.12161': attribute type 13 has an invalid length.
[  537.087389][  T411] netdevsim netdevsim7 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[  537.126129][  T411] netdevsim netdevsim7 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[  537.152053][  T411] netdevsim netdevsim7 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[  537.173328][  T411] netdevsim netdevsim7 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[  537.198404][ T4977] Bluetooth: hci0: Frame reassembly failed (-84)
[  537.475191][ T1697] netlink: 28 bytes leftover after parsing attributes in process `syz.0.12180'.
[  537.484302][ T1697] netlink: 28 bytes leftover after parsing attributes in process `syz.0.12180'.
[  537.501018][ T1700] netlink: 'syz.8.12171': attribute type 3 has an invalid length.
[  537.531340][ T1703] loop8: detected capacity change from 0 to 128
[  537.537897][ T1701] loop9: detected capacity change from 0 to 1024
[  537.548552][ T1701] EXT4-fs error (device loop9): ext4_orphan_get:1417: comm syz.9.12170: bad orphan inode 134217728
[  537.560255][ T1703] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  537.573591][ T1701] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  537.714076][T27038] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  537.912017][ T1720] netlink: 16 bytes leftover after parsing attributes in process `syz.8.12178'.
[  537.929293][ T1720] netlink: 16 bytes leftover after parsing attributes in process `syz.8.12178'.
[  538.052259][T29408] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  538.093313][ T1731] loop8: detected capacity change from 0 to 2048
[  538.135977][ T1731]  loop8: p2 < > p4
[  538.141153][ T1731] loop8: p4 size 262144 extends beyond EOD, truncated
[  538.312536][ T1748] loop8: detected capacity change from 0 to 512
[  538.338097][ T1748] FAT-fs (loop8): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  538.363289][ T1748] FAT-fs (loop8): error, fat_get_cluster: invalid cluster chain (i_pos 548)
[  538.372155][ T1748] FAT-fs (loop8): Filesystem has been set read-only
[  538.384194][ T1748] FAT-fs (loop8): error, fat_free: invalid cluster chain (i_pos 548)
[  538.393187][ T1748] FAT-fs (loop8): error, fat_free: invalid cluster chain (i_pos 548)
[  538.531531][ T1769] bridge0: entered promiscuous mode
[  538.542491][ T1769] bridge0: left promiscuous mode
[  538.600239][ T1772] bond0: (slave dummy0): Releasing backup interface
[  538.629461][ T1772] bond0: (slave bond_slave_0): Releasing backup interface
[  538.646887][ T1772] bond0: (slave bond_slave_1): Releasing backup interface
[  538.661541][ T1772] team0: Port device team_slave_0 removed
[  538.677591][ T1772] team0: Port device team_slave_1 removed
[  538.685425][ T1772] batman_adv: batadv0: Removing interface: batadv_slave_0
[  538.697540][ T1772] batman_adv: batadv0: Removing interface: batadv_slave_1
[  538.706400][ T1772] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  539.244763][ T6121] Bluetooth: hci0: command 0x1003 tx timeout
[  539.246934][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  539.800411][ T1816] sch_tbf: peakrate 7 is lower than or equals to rate 19 !
[  539.821037][ T1815] loop8: detected capacity change from 0 to 2048
[  539.856411][ T1815] Alternate GPT is invalid, using primary GPT.
[  539.862903][ T1815]  loop8: p1 p2 p3
[  539.866693][ T1815] loop8: partition table partially beyond EOD, truncated
[  540.065705][ T1833] SELinux: failed to load policy
[  540.292979][ T1853] netlink: 28 bytes leftover after parsing attributes in process `syz.9.12233'.
[  540.414657][ T1865] loop9: detected capacity change from 0 to 512
[  540.436733][ T1865] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  540.490077][T29408] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  540.544183][ T1875] loop9: detected capacity change from 0 to 2048
[  540.575637][ T1875] [EXT4 FS bs=2048, gc=1, bpg=262144, ipg=32, mo=a842c028, mo2=0002]
[  540.588898][ T1875] System zones: 0-7
[  540.593546][ T1875] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  540.609706][ T1875] EXT4-fs error (device loop9): ext4_ext_precache:632: inode #2: comm syz.9.12240: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 5(5)
[  540.628470][ T1875] EXT4-fs (loop9): Remounting filesystem read-only
[  540.646160][T29408] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  541.172653][ T1905] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  541.251291][ T1907] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  541.284208][ T1907] syzkaller0: entered promiscuous mode
[  541.289860][ T1907] syzkaller0: entered allmulticast mode
[  541.297868][ T1907] tipc: Resetting bearer <eth:syzkaller0>
[  541.313927][ T1906] tipc: Resetting bearer <eth:syzkaller0>
[  541.342666][ T1906] tipc: Disabling bearer <eth:syzkaller0>
[  541.885992][   T29] kauditd_printk_skb: 172 callbacks suppressed
[  541.886012][   T29] audit: type=1326 audit(541.804:20093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1926 comm="syz.5.12259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88dab0f749 code=0x7ffc0000
[  541.915401][   T29] audit: type=1326 audit(541.804:20094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1926 comm="syz.5.12259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f88dab0f749 code=0x7ffc0000
[  541.938511][   T29] audit: type=1326 audit(541.804:20095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1926 comm="syz.5.12259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88dab0f749 code=0x7ffc0000
[  541.961529][   T29] audit: type=1326 audit(541.804:20096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1926 comm="syz.5.12259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f88dab0f749 code=0x7ffc0000
[  541.984542][   T29] audit: type=1326 audit(541.804:20097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1926 comm="syz.5.12259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88dab0f749 code=0x7ffc0000
[  542.007620][   T29] audit: type=1326 audit(541.804:20098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1926 comm="syz.5.12259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f88dab0f749 code=0x7ffc0000
[  542.030658][   T29] audit: type=1326 audit(541.804:20099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1926 comm="syz.5.12259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88dab0f749 code=0x7ffc0000
[  542.053701][   T29] audit: type=1326 audit(541.804:20100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1926 comm="syz.5.12259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f88dab0f749 code=0x7ffc0000
[  542.076718][   T29] audit: type=1326 audit(541.804:20101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1926 comm="syz.5.12259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88dab0f749 code=0x7ffc0000
[  542.099700][   T29] audit: type=1326 audit(541.814:20102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1926 comm="syz.5.12259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f88dab0f749 code=0x7ffc0000
[  542.721729][ T1915] Set syz1 is full, maxelem 65536 reached
[  542.826809][ T1943] netlink: 8 bytes leftover after parsing attributes in process `syz.8.12265'.
[  543.382109][ T1968] xt_hashlimit: max too large, truncated to 1048576
[  543.406230][ T1968] xt_CT: You must specify a L4 protocol and not use inversions on it
[  543.490212][ T1976] netlink: 12 bytes leftover after parsing attributes in process `syz.7.12280'.
[  543.598831][ T1984] netlink: 12 bytes leftover after parsing attributes in process `syz.8.12284'.
[  543.990031][ T2007] netlink: 12 bytes leftover after parsing attributes in process `syz.8.12294'.
[  544.367184][ T2020] netlink: 'syz.8.12299': attribute type 1 has an invalid length.
[  545.048843][ T2055] netlink: 'syz.0.12314': attribute type 30 has an invalid length.
[  545.154506][ T2058] loop7: detected capacity change from 0 to 1024
[  545.217385][ T2058] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: none.
[  545.357684][T23640] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-001000000000.
[  545.595538][ T2079] netlink: 'syz.7.12323': attribute type 30 has an invalid length.
[  545.686139][ T3321] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  545.697138][ T3321] CPU: 1 UID: 0 PID: 3321 Comm: syz-executor Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  545.697251][ T3321] Tainted: [W]=WARN
[  545.697260][ T3321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  545.697278][ T3321] Call Trace:
[  545.697287][ T3321]  <TASK>
[  545.697296][ T3321]  __dump_stack+0x1d/0x30
[  545.697397][ T3321]  dump_stack_lvl+0x95/0xd0
[  545.697444][ T3321]  dump_stack+0x15/0x1b
[  545.697469][ T3321]  dump_header+0x81/0x240
[  545.697529][ T3321]  oom_kill_process+0x295/0x350
[  545.697559][ T3321]  out_of_memory+0x97b/0xb80
[  545.697596][ T3321]  try_charge_memcg+0x610/0xa10
[  545.697642][ T3321]  charge_memcg+0x51/0xc0
[  545.697752][ T3321]  __mem_cgroup_charge+0x28/0xb0
[  545.697786][ T3321]  filemap_add_folio+0x111/0x360
[  545.697855][ T3321]  __filemap_get_folio_mpol+0x326/0x650
[  545.697910][ T3321]  filemap_fault+0x44d/0xb70
[  545.697941][ T3321]  __do_fault+0xbc/0x200
[  545.698048][ T3321]  handle_mm_fault+0xfab/0x2c60
[  545.698163][ T3321]  do_user_addr_fault+0x630/0x1080
[  545.698206][ T3321]  exc_page_fault+0x62/0xa0
[  545.698243][ T3321]  asm_exc_page_fault+0x26/0x30
[  545.698268][ T3321] RIP: 0033:0x7fb984ea5fd4
[  545.698285][ T3321] Code: 85 ed 09 00 00 48 b8 db 34 b6 d7 82 de 1b 43 48 f7 a4 24 98 00 00 00 48 8b 05 c8 f7 ea 00 48 69 8c 24 90 00 00 00 e8 03 00 00 <8b> 78 08 48 8b 44 24 18 48 c1 ea 12 4c 8b 0d d9 f6 ea 00 48 01 d1
[  545.698355][ T3321] RSP: 002b:00007fff5f5a0560 EFLAGS: 00010206
[  545.698439][ T3321] RAX: 0000001b33b24000 RBX: 00000000000015ca RCX: 00000000000850e8
[  545.698456][ T3321] RDX: 00000000086e0e75 RSI: 00007fff5f5a05f0 RDI: 0000000000000001
[  545.698474][ T3321] RBP: 00007fff5f5a059c R08: 0000000020285509 R09: 7fffffffffffffff
[  545.698491][ T3321] R10: 3fffffffffffffff R11: 0000000000000202 R12: 0000000000001388
[  545.698507][ T3321] R13: 00000000000927c0 R14: 0000000000085268 R15: 00007fff5f5a05f0
[  545.698532][ T3321]  </TASK>
[  545.698540][ T3321] memory: usage 307200kB, limit 307200kB, failcnt 3550
[  545.896843][ T3321] memory+swap: usage 362652kB, limit 9007199254740988kB, failcnt 0
[  545.905726][ T3321] kmem: usage 215056kB, limit 9007199254740988kB, failcnt 0
[  545.913041][ T3321] Memory cgroup stats for /syz0:
[  546.121234][ T2092] loop7: detected capacity change from 0 to 512
[  546.161787][ T2092] FAT-fs (loop7): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  546.177614][ T2094] netlink: 'syz.8.12330': attribute type 1 has an invalid length.
[  546.203135][ T2092] FAT-fs (loop7): error, fat_get_cluster: invalid cluster chain (i_pos 548)
[  546.212803][ T2092] FAT-fs (loop7): Filesystem has been set read-only
[  546.224937][ T3321] cache 96804864
[  546.228582][ T3321] rss 1581056
[  546.231889][ T3321] shmem 26509312
[  546.236560][ T3321] mapped_file 5038080
[  546.240604][ T3321] dirty 8192
[  546.243832][ T3321] writeback 0
[  546.247236][ T3321] workingset_refault_anon 3112
[  546.252035][ T3321] workingset_refault_file 7418
[  546.256850][ T3321] swap 56782848
[  546.260338][ T3321] swapcached 974848
[  546.264198][ T3321] pgpgin 782110
[  546.268577][ T3321] pgpgout 757851
[  546.272225][ T3321] pgfault 699162
[  546.275809][ T3321] pgmajfault 693
[  546.279376][ T3321] inactive_anon 18141184
[  546.283640][ T3321] active_anon 10899456
[  546.287763][ T3321] inactive_file 4096
[  546.291679][ T3321] active_file 1048576
[  546.296663][ T3321] unevictable 69246976
[  546.300853][ T3321] hierarchical_memory_limit 314572800
[  546.306315][ T3321] hierarchical_memsw_limit 9223372036854771712
[  546.312500][ T3321] total_cache 96804864
[  546.316715][ T3321] total_rss 1581056
[  546.320635][ T3321] total_shmem 26509312
[  546.325698][ T3321] total_mapped_file 5038080
[  546.330222][ T3321] total_dirty 8192
[  546.333985][ T3321] total_writeback 0
[  546.337942][ T3321] total_workingset_refault_anon 3112
[  546.343254][ T3321] total_workingset_refault_file 7418
[  546.348605][ T3321] total_swap 56782848
[  546.352620][ T3321] total_swapcached 974848
[  546.357887][ T3321] total_pgpgin 782110
[  546.361994][ T3321] total_pgpgout 757851
[  546.366178][ T3321] total_pgfault 699162
[  546.370320][ T3321] total_pgmajfault 693
[  546.374435][ T3321] total_inactive_anon 18141184
[  546.379266][ T3321] total_active_anon 10899456
[  546.383870][ T3321] total_inactive_file 4096
[  546.389172][ T3321] total_active_file 1048576
[  546.393691][ T3321] total_unevictable 69246976
[  546.398028][ T2094] 8021q: adding VLAN 0 to HW filter on device bond5
[  546.398367][ T3321] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.1917,pid=8479,uid=0
[  546.420701][ T3321] Memory cgroup out of memory: Killed process 8479 (syz.0.1917) total-vm:95884kB, anon-rss:1172kB, file-rss:20736kB, shmem-rss:0kB, UID:0 pgtables:96kB oom_score_adj:1000
[  546.472166][ T2092] FAT-fs (loop7): error, fat_free: invalid cluster chain (i_pos 548)
[  546.493768][ T2096] 8021q: adding VLAN 0 to HW filter on device bond5
[  546.500563][ T2092] FAT-fs (loop7): error, fat_free: invalid cluster chain (i_pos 548)
[  546.510510][ T2096] bond5: (slave vxcan3): The slave device specified does not support setting the MAC address
[  546.568875][ T2096] bond5: (slave vxcan3): Error -95 calling set_mac_address
[  546.590703][ T2103] netlink: 'syz.7.12333': attribute type 4 has an invalid length.
[  546.792699][ T2127] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  546.851831][ T2130] netlink: 'syz.9.12345': attribute type 1 has an invalid length.
[  546.894631][ T2132] netlink: 'syz.9.12347': attribute type 13 has an invalid length.
[  547.084089][ T2143] netlink: 'syz.7.12351': attribute type 1 has an invalid length.
[  547.123471][ T2143] 8021q: adding VLAN 0 to HW filter on device batadv1
[  547.134217][ T2143] bond3: (slave batadv1): making interface the new active one
[  547.143578][ T2143] bond3: (slave batadv1): Enslaving as an active interface with an up link
[  547.180707][ T2146] netlink: 'syz.7.12352': attribute type 1 has an invalid length.
[  547.343993][ T2146] 8021q: adding VLAN 0 to HW filter on device bond4
[  547.500550][ T2132] gretap0: refused to change device tx_queue_len
[  547.517408][ T2132] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  547.572996][ T2161] loop8: detected capacity change from 0 to 1024
[  547.580144][ T2148] 8021q: adding VLAN 0 to HW filter on device bond4
[  547.588539][ T2148] bond4: (slave vxcan3): The slave device specified does not support setting the MAC address
[  547.601017][ T2148] bond4: (slave vxcan3): Error -95 calling set_mac_address
[  547.611488][ T2161] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  547.727723][ T2170] netlink: 32 bytes leftover after parsing attributes in process `syz.0.12359'.
[  547.979616][T27038] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  548.193765][   T29] kauditd_printk_skb: 61 callbacks suppressed
[  548.193780][   T29] audit: type=1326 audit(548.174:20164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2189 comm="syz.7.12365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6950df749 code=0x7ffc0000
[  548.233384][   T29] audit: type=1326 audit(548.174:20165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2189 comm="syz.7.12365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6950df749 code=0x7ffc0000
[  548.256512][   T29] audit: type=1326 audit(548.214:20166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2189 comm="syz.7.12365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7fa6950df749 code=0x7ffc0000
[  548.279587][   T29] audit: type=1326 audit(548.214:20167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2189 comm="syz.7.12365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fa6950df783 code=0x7ffc0000
[  548.302603][   T29] audit: type=1326 audit(548.214:20168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2189 comm="syz.7.12365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fa6950df783 code=0x7ffc0000
[  548.325616][   T29] audit: type=1326 audit(548.214:20169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2189 comm="syz.7.12365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6950df749 code=0x7ffc0000
[  548.348940][   T29] audit: type=1326 audit(548.214:20170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2189 comm="syz.7.12365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6950df749 code=0x7ffc0000
[  548.372064][   T29] audit: type=1326 audit(548.214:20171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2189 comm="syz.7.12365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa6950df749 code=0x7ffc0000
[  548.395257][   T29] audit: type=1326 audit(548.214:20172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2189 comm="syz.7.12365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6950df749 code=0x7ffc0000
[  548.418363][   T29] audit: type=1326 audit(548.214:20173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2189 comm="syz.7.12365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6950df749 code=0x7ffc0000
[  548.635372][ T2209] loop8: detected capacity change from 0 to 128
[  548.660371][ T2200] loop9: detected capacity change from 0 to 128
[  549.098139][ T2224] netlink: 96 bytes leftover after parsing attributes in process `syz.8.12377'.
[  549.259278][ T2239] loop7: detected capacity change from 0 to 1024
[  549.288304][ T2239] EXT4-fs error (device loop7): ext4_orphan_get:1417: comm syz.7.12384: bad orphan inode 134217728
[  549.330426][ T2239] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  549.402654][ T2200] bio_check_eod: 25 callbacks suppressed
[  549.402673][ T2200] syz.9.12369: attempt to access beyond end of device
[  549.402673][ T2200] loop9: rw=2049, sector=169, nr_sectors = 8 limit=128
[  549.422317][ T2200] syz.9.12369: attempt to access beyond end of device
[  549.422317][ T2200] loop9: rw=2049, sector=185, nr_sectors = 16 limit=128
[  549.436978][ T2200] syz.9.12369: attempt to access beyond end of device
[  549.436978][ T2200] loop9: rw=2049, sector=209, nr_sectors = 8 limit=128
[  549.450702][ T2200] syz.9.12369: attempt to access beyond end of device
[  549.450702][ T2200] loop9: rw=2049, sector=225, nr_sectors = 8 limit=128
[  549.464305][ T2200] syz.9.12369: attempt to access beyond end of device
[  549.464305][ T2200] loop9: rw=2049, sector=241, nr_sectors = 8 limit=128
[  549.479271][ T2200] syz.9.12369: attempt to access beyond end of device
[  549.479271][ T2200] loop9: rw=2049, sector=257, nr_sectors = 8 limit=128
[  549.493282][ T2200] syz.9.12369: attempt to access beyond end of device
[  549.493282][ T2200] loop9: rw=2049, sector=273, nr_sectors = 8 limit=128
[  549.520605][ T2200] syz.9.12369: attempt to access beyond end of device
[  549.520605][ T2200] loop9: rw=2049, sector=289, nr_sectors = 8 limit=128
[  549.534971][ T2200] syz.9.12369: attempt to access beyond end of device
[  549.534971][ T2200] loop9: rw=2049, sector=305, nr_sectors = 8 limit=128
[  549.569643][ T2200] syz.9.12369: attempt to access beyond end of device
[  549.569643][ T2200] loop9: rw=2049, sector=321, nr_sectors = 8 limit=128
[  549.656667][ T2249] netlink: 8 bytes leftover after parsing attributes in process `syz.8.12388'.
[  549.665898][ T2249] netlink: 8 bytes leftover after parsing attributes in process `syz.8.12388'.
[  549.828466][ T2258] netlink: 'syz.9.12390': attribute type 1 has an invalid length.
[  549.852472][ T2258] 8021q: adding VLAN 0 to HW filter on device bond3
[  549.886333][ T2258] netlink: 4 bytes leftover after parsing attributes in process `syz.9.12390'.
[  549.935641][ T2258] bond3 (unregistering): Released all slaves
[  550.249037][T23640] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  550.300411][ T2278] loop7: detected capacity change from 0 to 512
[  550.337582][ T2278] EXT4-fs error (device loop7): ext4_orphan_get:1396: comm syz.7.12397: couldn't read orphan inode 26 (err -116)
[  550.364138][ T2278] EXT4-fs (loop7): Remounting filesystem read-only
[  550.402907][ T2278] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  550.468862][T23640] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  550.671216][ T2294] netlink: 4 bytes leftover after parsing attributes in process `syz.7.12402'.
[  550.707686][ T2294] team2: entered promiscuous mode
[  550.712854][ T2294] team2: entered allmulticast mode
[  550.730728][ T2294] 8021q: adding VLAN 0 to HW filter on device team2
[  550.797705][ T2297] loop7: detected capacity change from 0 to 1024
[  550.816027][ T2297] EXT4-fs (loop7): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  550.827655][ T2297] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  550.862825][ T2297] JBD2: no valid journal superblock found
[  550.868684][ T2297] EXT4-fs (loop7): Could not load journal inode
[  550.879758][ T2297] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[  551.506572][ T3399] Process accounting resumed
[  551.874367][ T2358] netlink: 48 bytes leftover after parsing attributes in process `syz.8.12427'.
[  552.023190][ T2366] netlink: 96 bytes leftover after parsing attributes in process `syz.8.12433'.
[  552.612642][ T2380] loop9: detected capacity change from 0 to 128
[  552.649352][ T4947] tipc: Subscription rejected, illegal request
[  552.740782][ T2380] Buffer I/O error on dev loop9, logical block 79, lost async page write
[  552.762550][ T2380] Buffer I/O error on dev loop9, logical block 80, lost async page write
[  552.793618][ T2380] Buffer I/O error on dev loop9, logical block 95, lost async page write
[  552.825870][ T2380] Buffer I/O error on dev loop9, logical block 96, lost async page write
[  552.851870][ T2389] netlink: 24 bytes leftover after parsing attributes in process `syz.7.12440'.
[  552.861825][ T2380] Buffer I/O error on dev loop9, logical block 99, lost async page write
[  552.889882][ T2380] Buffer I/O error on dev loop9, logical block 100, lost async page write
[  552.953265][ T2380] Buffer I/O error on dev loop9, logical block 111, lost async page write
[  552.964241][ T2398] loop7: detected capacity change from 0 to 1024
[  552.979736][ T2398] EXT4-fs: Ignoring removed nobh option
[  552.985783][ T2380] Buffer I/O error on dev loop9, logical block 112, lost async page write
[  553.030753][ T2398] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  553.050453][ T2380] Buffer I/O error on dev loop9, logical block 115, lost async page write
[  553.067996][ T2380] Buffer I/O error on dev loop9, logical block 116, lost async page write
[  553.195689][   T29] kauditd_printk_skb: 410 callbacks suppressed
[  553.195704][   T29] audit: type=1326 audit(553.174:20584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2406 comm="syz.0.12446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb984fcf749 code=0x7ffc0000
[  553.279313][   T29] audit: type=1326 audit(553.214:20585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2406 comm="syz.0.12446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=434 compat=0 ip=0x7fb984fcf749 code=0x7ffc0000
[  553.303314][   T29] audit: type=1326 audit(553.214:20586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2406 comm="syz.0.12446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb984fcf749 code=0x7ffc0000
[  553.327268][   T29] audit: type=1326 audit(553.214:20587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2406 comm="syz.0.12446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=440 compat=0 ip=0x7fb984fcf749 code=0x7ffc0000
[  553.350394][   T29] audit: type=1326 audit(553.214:20588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2406 comm="syz.0.12446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb984fcf749 code=0x7ffc0000
[  553.396000][ T2404] EXT4-fs error (device loop7): ext4_mb_mark_diskspace_used:4215: comm syz.7.12443: Allocating blocks 497-513 which overlap fs metadata
[  553.421848][ T2404] EXT4-fs (loop7): pa ffff8881079fff50: logic 256, phys. 385, len 8
[  553.430955][ T2404] EXT4-fs error (device loop7): ext4_mb_release_inode_pa:5466: group 0, free 0, pa_free 1
[  553.528580][ T2422] netlink: 24 bytes leftover after parsing attributes in process `syz.9.12452'.
[  553.654104][ T2431] loop9: detected capacity change from 0 to 512
[  553.681639][T23640] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  553.701679][ T2431] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  553.746556][ T2431] EXT4-fs (loop9): 1 truncate cleaned up
[  553.752855][ T2431] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  553.788878][ T2431] EXT4-fs (loop9): shut down requested (0)
[  553.830977][T29408] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  554.101035][ T2459] Process accounting resumed
[  554.128789][   T29] audit: type=1326 audit(554.104:20589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2472 comm="syz.5.12469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88dab0f749 code=0x7ffc0000
[  554.152742][   T29] audit: type=1326 audit(554.104:20590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2472 comm="syz.5.12469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88dab0f749 code=0x7ffc0000
[  554.176903][   T29] audit: type=1326 audit(554.114:20591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2472 comm="syz.5.12469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f88dab0f749 code=0x7ffc0000
[  554.199942][   T29] audit: type=1326 audit(554.114:20592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2472 comm="syz.5.12469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88dab0f749 code=0x7ffc0000
[  554.223906][   T29] audit: type=1326 audit(554.114:20593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2472 comm="syz.5.12469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88dab0f749 code=0x7ffc0000
[  554.279394][ T2477] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=2477 comm=syz.7.12471
[  554.367797][ T2484] netlink: 8 bytes leftover after parsing attributes in process `syz.5.12472'.
[  554.376981][ T2484] netlink: 8 bytes leftover after parsing attributes in process `syz.5.12472'.
[  554.432828][ T2489] pimreg: entered allmulticast mode
[  554.440607][ T2489] pimreg: left allmulticast mode
[  554.560089][ T2497] netlink: 4 bytes leftover after parsing attributes in process `syz.5.12479'.
[  554.815768][ T2514] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=2572 sclass=netlink_xfrm_socket pid=2514 comm=syz.9.12486
[  554.829719][ T2514] netlink: 68 bytes leftover after parsing attributes in process `syz.9.12486'.
[  555.478435][ T2541] syz.5.12494 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[  555.488287][ T2541] CPU: 1 UID: 0 PID: 2541 Comm: syz.5.12494 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  555.488322][ T2541] Tainted: [W]=WARN
[  555.488331][ T2541] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  555.488424][ T2541] Call Trace:
[  555.488432][ T2541]  <TASK>
[  555.488439][ T2541]  __dump_stack+0x1d/0x30
[  555.488464][ T2541]  dump_stack_lvl+0x95/0xd0
[  555.488487][ T2541]  dump_stack+0x15/0x1b
[  555.488510][ T2541]  dump_header+0x81/0x240
[  555.488547][ T2541]  oom_kill_process+0x295/0x350
[  555.488577][ T2541]  out_of_memory+0x97b/0xb80
[  555.488664][ T2541]  try_charge_memcg+0x610/0xa10
[  555.488730][ T2541]  charge_memcg+0x51/0xc0
[  555.488773][ T2541]  __mem_cgroup_charge+0x28/0xb0
[  555.488867][ T2541]  shmem_get_folio_gfp+0x470/0xd50
[  555.488963][ T2541]  shmem_write_begin+0xfc/0x1f0
[  555.489002][ T2541]  generic_perform_write+0x184/0x490
[  555.489064][ T2541]  shmem_file_write_iter+0xc5/0xf0
[  555.489101][ T2541]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  555.489140][ T2541]  vfs_write+0x52a/0x960
[  555.489174][ T2541]  ksys_write+0xda/0x1a0
[  555.489248][ T2541]  __x64_sys_write+0x40/0x50
[  555.489272][ T2541]  x64_sys_call+0x2847/0x3000
[  555.489305][ T2541]  do_syscall_64+0xca/0x2b0
[  555.489376][ T2541]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  555.489475][ T2541] RIP: 0033:0x7f88dab0f749
[  555.489493][ T2541] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  555.489515][ T2541] RSP: 002b:00007f88d9577038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  555.489539][ T2541] RAX: ffffffffffffffda RBX: 00007f88dad65fa0 RCX: 00007f88dab0f749
[  555.489553][ T2541] RDX: 00000000fffffdab RSI: 0000200000000000 RDI: 0000000000000006
[  555.489567][ T2541] RBP: 00007f88dab93f91 R08: 0000000000000000 R09: 0000000000000000
[  555.489622][ T2541] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  555.489636][ T2541] R13: 00007f88dad66038 R14: 00007f88dad65fa0 R15: 00007ffdd3660dc8
[  555.489731][ T2541]  </TASK>
[  555.489739][ T2541] memory: usage 307200kB, limit 307200kB, failcnt 11899
[  555.576391][ T2563] loop7: detected capacity change from 0 to 256
[  555.581039][ T2541] memory+swap: usage 374924kB, limit 9007199254740988kB, failcnt 0
[  555.581079][ T2541] kmem: usage 285928kB, limit 9007199254740988kB, failcnt 0
[  555.730051][ T2541] Memory cgroup stats for /syz5:
[  555.775946][ T2541] cache 21315584
[  555.784519][ T2541] rss 684032
[  555.787832][ T2541] shmem 21315584
[  555.791452][ T2541] mapped_file 7843840
[  555.795485][ T2541] dirty 0
[  555.798531][ T2541] writeback 0
[  555.801885][ T2541] workingset_refault_anon 3811
[  555.807855][ T2541] workingset_refault_file 4603
[  555.812838][ T2541] swap 69349376
[  555.816519][ T2541] swapcached 303104
[  555.820345][ T2541] pgpgin 698960
[  555.823860][ T2541] pgpgout 693512
[  555.827595][ T2541] pgfault 717757
[  555.831174][ T2541] pgmajfault 940
[  555.835749][ T2541] inactive_anon 14061568
[  555.840040][ T2541] active_anon 8237056
[  555.844086][ T2541] inactive_file 0
[  555.847815][ T2541] active_file 12288
[  555.851722][ T2541] unevictable 0
[  555.855234][ T2541] hierarchical_memory_limit 314572800
[  555.860626][ T2541] hierarchical_memsw_limit 9223372036854771712
[  555.867803][ T2541] total_cache 21315584
[  555.871914][ T2541] total_rss 684032
[  555.875686][ T2541] total_shmem 21315584
[  555.879775][ T2541] total_mapped_file 7843840
[  555.884296][ T2541] total_dirty 0
[  555.887818][ T2541] total_writeback 0
[  555.891657][ T2541] total_workingset_refault_anon 3811
[  555.897873][ T2541] total_workingset_refault_file 4603
[  555.903245][ T2541] total_swap 69349376
[  555.907372][ T2541] total_swapcached 303104
[  555.911773][ T2541] total_pgpgin 698960
[  555.915893][ T2541] total_pgpgout 693512
[  555.920047][ T2541] total_pgfault 717757
[  555.924188][ T2541] total_pgmajfault 940
[  555.929274][ T2541] total_inactive_anon 14061568
[  555.934064][ T2541] total_active_anon 8237056
[  555.938681][ T2541] total_inactive_file 0
[  555.942865][ T2541] total_active_file 12288
[  555.947234][ T2541] total_unevictable 0
[  555.951323][ T2541] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz5,task_memcg=/syz5,task=syz.5.2988,pid=10959,uid=0
[  555.967239][ T2541] Memory cgroup out of memory: Killed process 10959 (syz.5.2988) total-vm:93836kB, anon-rss:1276kB, file-rss:20736kB, shmem-rss:0kB, UID:0 pgtables:96kB oom_score_adj:1000
[  556.312771][ T2582] netlink: 8 bytes leftover after parsing attributes in process `syz.0.12511'.
[  556.322013][ T2582] netlink: 8 bytes leftover after parsing attributes in process `syz.0.12511'.
[  556.419356][ T2584] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  556.562858][ T2590] loop8: detected capacity change from 0 to 512
[  556.569842][ T2590] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  556.585195][ T2590] EXT4-fs (loop8): 1 truncate cleaned up
[  556.615409][ T2590] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  556.656880][ T2594] netlink: 'syz.9.12516': attribute type 13 has an invalid length.
[  556.772729][ T2594] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[  556.953910][T27038] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  557.132574][ T2615] netlink: 240 bytes leftover after parsing attributes in process `syz.9.12519'.
[  557.583157][ T2630] lo speed is unknown, defaulting to 1000
[  557.954065][ T2630] lo speed is unknown, defaulting to 1000
[  558.245874][ T2657] netlink: 24 bytes leftover after parsing attributes in process `syz.8.12539'.
[  558.477545][ T2630] netlink: 'syz.5.12529': attribute type 21 has an invalid length.
[  558.505265][ T2630] netlink: 'syz.5.12529': attribute type 1 has an invalid length.
[  558.513389][ T2630] netlink: 132 bytes leftover after parsing attributes in process `syz.5.12529'.
[  558.663185][ T2579] loop7: detected capacity change from 0 to 2048
[  558.780532][ T2666] netlink: 4 bytes leftover after parsing attributes in process `syz.9.12541'.
[  558.884514][ T2666] team0 (unregistering): Port device team_slave_0 removed
[  558.913728][ T2666] team0 (unregistering): Port device team_slave_1 removed
[  558.969334][   T29] kauditd_printk_skb: 53 callbacks suppressed
[  558.969352][   T29] audit: type=1326 audit(558.954:20647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2680 comm="syz.7.12550" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa6950df749 code=0x0
[  559.054409][ T2686] loop9: detected capacity change from 0 to 1024
[  559.062538][ T2686] EXT4-fs: Ignoring removed nomblk_io_submit option
[  559.070097][ T2686] EXT4-fs: Ignoring removed nomblk_io_submit option
[  559.096268][ T2686] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e055c01c, mo2=0002]
[  559.106791][ T2686] System zones: 0-1, 3-36
[  559.113909][ T2686] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  559.145436][T29408] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  559.666550][   T29] audit: type=1326 audit(559.644:20648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2716 comm="syz.5.12564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88dab0f749 code=0x7ffc0000
[  559.690651][   T29] audit: type=1326 audit(559.644:20649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2716 comm="syz.5.12564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88dab0f749 code=0x7ffc0000
[  559.713855][   T29] audit: type=1326 audit(559.644:20650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2716 comm="syz.5.12564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88dab0f749 code=0x7ffc0000
[  559.737751][   T29] audit: type=1326 audit(559.644:20651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2716 comm="syz.5.12564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88dab0f749 code=0x7ffc0000
[  559.760885][   T29] audit: type=1326 audit(559.644:20652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2716 comm="syz.5.12564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f88dab0f749 code=0x7ffc0000
[  559.784878][   T29] audit: type=1326 audit(559.644:20653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2716 comm="syz.5.12564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88dab0f749 code=0x7ffc0000
[  559.807912][   T29] audit: type=1326 audit(559.644:20654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2716 comm="syz.5.12564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f88dab0f749 code=0x7ffc0000
[  559.831866][   T29] audit: type=1326 audit(559.644:20655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2716 comm="syz.5.12564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88dab0f749 code=0x7ffc0000
[  559.855918][   T29] audit: type=1326 audit(559.644:20656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2716 comm="syz.5.12564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f88dab0f749 code=0x7ffc0000
[  560.031327][ T2735] netlink: 24 bytes leftover after parsing attributes in process `syz.9.12570'.
[  560.088875][ T2739] netlink: 12 bytes leftover after parsing attributes in process `syz.7.12572'.
[  560.784887][ T2772] syz.7.12587 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  560.795000][ T2772] CPU: 0 UID: 0 PID: 2772 Comm: syz.7.12587 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  560.795077][ T2772] Tainted: [W]=WARN
[  560.795087][ T2772] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  560.795104][ T2772] Call Trace:
[  560.795112][ T2772]  <TASK>
[  560.795121][ T2772]  __dump_stack+0x1d/0x30
[  560.795152][ T2772]  dump_stack_lvl+0x95/0xd0
[  560.795176][ T2772]  dump_stack+0x15/0x1b
[  560.795247][ T2772]  dump_header+0x81/0x240
[  560.795270][ T2772]  oom_kill_process+0x295/0x350
[  560.795297][ T2772]  out_of_memory+0x97b/0xb80
[  560.795323][ T2772]  try_charge_memcg+0x610/0xa10
[  560.795452][ T2772]  charge_memcg+0x51/0xc0
[  560.795485][ T2772]  __mem_cgroup_charge+0x28/0xb0
[  560.795532][ T2772]  shmem_get_folio_gfp+0x470/0xd50
[  560.795569][ T2772]  shmem_write_begin+0xfc/0x1f0
[  560.795599][ T2772]  generic_perform_write+0x184/0x490
[  560.795638][ T2772]  shmem_file_write_iter+0xc5/0xf0
[  560.795747][ T2772]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  560.795821][ T2772]  vfs_write+0x52a/0x960
[  560.795848][ T2772]  ksys_write+0xda/0x1a0
[  560.795871][ T2772]  __x64_sys_write+0x40/0x50
[  560.795892][ T2772]  x64_sys_call+0x2847/0x3000
[  560.795920][ T2772]  do_syscall_64+0xca/0x2b0
[  560.796133][ T2772]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  560.796161][ T2772] RIP: 0033:0x7fa6950df749
[  560.796262][ T2772] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  560.796281][ T2772] RSP: 002b:00007fa693b47038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  560.796306][ T2772] RAX: ffffffffffffffda RBX: 00007fa695335fa0 RCX: 00007fa6950df749
[  560.796387][ T2772] RDX: 00000000fffffdab RSI: 0000200000000000 RDI: 0000000000000006
[  560.796400][ T2772] RBP: 00007fa695163f91 R08: 0000000000000000 R09: 0000000000000000
[  560.796413][ T2772] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  560.796425][ T2772] R13: 00007fa695336038 R14: 00007fa695335fa0 R15: 00007ffcba773bf8
[  560.796446][ T2772]  </TASK>
[  560.796453][ T2772] memory: usage 307200kB, limit 307200kB, failcnt 688
[  561.006950][ T2772] memory+swap: usage 307912kB, limit 9007199254740988kB, failcnt 0
[  561.014883][ T2772] kmem: usage 297516kB, limit 9007199254740988kB, failcnt 0
[  561.022184][ T2772] Memory cgroup stats for /syz7:
[  561.289050][ T2772] cache 19595264
[  561.297713][ T2772] rss 212992
[  561.300991][ T2772] shmem 19595264
[  561.304562][ T2772] mapped_file 11292672
[  561.308702][ T2772] dirty 0
[  561.311665][ T2772] writeback 0
[  561.315018][ T2772] workingset_refault_anon 938
[  561.319781][ T2772] workingset_refault_file 0
[  561.324383][ T2772] swap 729088
[  561.327720][ T2772] swapcached 28672
[  561.331454][ T2772] pgpgin 197335
[  561.334989][ T2772] pgpgout 192491
[  561.338553][ T2772] pgfault 244090
[  561.342136][ T2772] pgmajfault 340
[  561.345733][ T2772] inactive_anon 73728
[  561.349728][ T2772] active_anon 19750912
[  561.353919][ T2772] inactive_file 0
[  561.357594][ T2772] active_file 4096
[  561.361591][ T2772] unevictable 0
[  561.365098][ T2772] hierarchical_memory_limit 314572800
[  561.370499][ T2772] hierarchical_memsw_limit 9223372036854771712
[  561.376718][ T2772] total_cache 19595264
[  561.380808][ T2772] total_rss 212992
[  561.384605][ T2772] total_shmem 19595264
[  561.388064][ T2803] netlink: 12 bytes leftover after parsing attributes in process `syz.8.12596'.
[  561.388724][ T2772] total_mapped_file 11292672
[  561.402362][ T2772] total_dirty 0
[  561.405996][ T2772] total_writeback 0
[  561.409835][ T2772] total_workingset_refault_anon 938
[  561.415147][ T2772] total_workingset_refault_file 0
[  561.420293][ T2772] total_swap 729088
[  561.424120][ T2772] total_swapcached 28672
[  561.428497][ T2772] total_pgpgin 197335
[  561.432610][ T2772] total_pgpgout 192491
[  561.436826][ T2772] total_pgfault 244090
[  561.440912][ T2772] total_pgmajfault 340
[  561.445031][ T2772] total_inactive_anon 73728
[  561.449595][ T2772] total_active_anon 19750912
[  561.454309][ T2772] total_inactive_file 0
[  561.458539][ T2772] total_active_file 4096
[  561.462818][ T2772] total_unevictable 0
[  561.466904][ T2772] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz7,task_memcg=/syz7,task=syz.7.12587,pid=2771,uid=0
[  561.481675][ T2772] Memory cgroup out of memory: Killed process 2771 (syz.7.12587) total-vm:96148kB, anon-rss:1264kB, file-rss:22188kB, shmem-rss:11392kB, UID:0 pgtables:144kB oom_score_adj:1000
[  561.692565][ T2816] loop7: detected capacity change from 0 to 1024
[  561.734429][ T2816] EXT4-fs: Ignoring removed orlov option
[  561.748003][ T2816] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  562.109722][T23640] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  562.150131][ T2832] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  562.179906][ T2834] netlink: 4 bytes leftover after parsing attributes in process `syz.7.12608'.
[  562.277378][ T2837] netlink: 4 bytes leftover after parsing attributes in process `syz.9.12610'.
[  562.409518][ T2842] loop7: detected capacity change from 0 to 512
[  562.446531][ T2842] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  562.459284][ T2847] netlink: 176 bytes leftover after parsing attributes in process `syz.9.12615'.
[  562.475521][ T2842] EXT4-fs (loop7): 1 truncate cleaned up
[  562.493128][ T2842] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  562.567863][ T2853] loop9: detected capacity change from 0 to 1024
[  562.584760][    C0] ==================================================================
[  562.593221][    C0] BUG: KCSAN: data-race in wq_worker_tick / wq_worker_tick
[  562.600478][    C0] 
[  562.602825][    C0] read-write to 0xffff8881008a1eb8 of 8 bytes by interrupt on cpu 1:
[  562.610921][    C0]  wq_worker_tick+0x60/0x230
[  562.615561][    C0]  sched_tick+0xd7/0x220
[  562.619858][    C0]  update_process_times+0x15f/0x190
[  562.625114][    C0]  tick_nohz_handler+0x276/0x3d0
[  562.630108][    C0]  __hrtimer_run_queues+0x20f/0x5a0
[  562.635363][    C0]  hrtimer_interrupt+0x21a/0x460
[  562.640343][    C0]  __sysvec_apic_timer_interrupt+0x5f/0x1d0
[  562.646269][    C0]  sysvec_apic_timer_interrupt+0x6f/0x80
[  562.652124][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  562.658164][    C0]  slab_update_freelist+0x4a/0xe0
[  562.663249][    C0]  __slab_free+0x104/0x2a0
[  562.667717][    C0]  kfree+0x2d8/0x3c0
[  562.671726][    C0]  io_alloc_cache_free+0xc0/0xe0
[  562.676709][    C0]  io_rsrc_cache_free+0x36/0x40
[  562.681596][    C0]  io_free_alloc_caches+0x65/0x70
[  562.686667][    C0]  io_ring_ctx_free+0x7a/0x3d0
[  562.691489][    C0]  io_ring_exit_work+0x506/0x530
[  562.696478][    C0]  process_scheduled_works+0x4ce/0x9d0
[  562.701978][    C0]  worker_thread+0x582/0x770
[  562.706702][    C0]  kthread+0x489/0x510
[  562.710823][    C0]  ret_from_fork+0x149/0x290
[  562.715467][    C0]  ret_from_fork_asm+0x1a/0x30
[  562.720273][    C0] 
[  562.722613][    C0] read-write to 0xffff8881008a1eb8 of 8 bytes by interrupt on cpu 0:
[  562.730701][    C0]  wq_worker_tick+0x60/0x230
[  562.735339][    C0]  sched_tick+0xd7/0x220
[  562.739635][    C0]  update_process_times+0x15f/0x190
[  562.744870][    C0]  tick_nohz_handler+0x276/0x3d0
[  562.749851][    C0]  __hrtimer_run_queues+0x20f/0x5a0
[  562.755098][    C0]  hrtimer_interrupt+0x21a/0x460
[  562.760074][    C0]  __sysvec_apic_timer_interrupt+0x5f/0x1d0
[  562.766021][    C0]  sysvec_apic_timer_interrupt+0x6f/0x80
[  562.771701][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  562.777900][    C0]  unwind_get_return_address+0x7/0x40
[  562.783305][    C0]  perf_callchain_kernel+0x180/0x350
[  562.788636][    C0]  get_perf_callchain+0x2bc/0x640
[  562.793698][    C0]  bpf_get_stackid+0xd3/0x130
[  562.798423][    C0]  bpf_get_stackid_raw_tp+0xf6/0x120
[  562.803765][    C0]  bpf_prog_0269d7a1bf76b886+0x27/0x2f
[  562.809256][    C0]  bpf_trace_run2+0x107/0x1d0
[  562.813986][    C0]  __traceiter_kfree+0x2e/0x50
[  562.818807][    C0]  kfree+0x353/0x3c0
[  562.822825][    C0]  io_free_region+0xa3/0x150
[  562.827502][    C0]  io_ring_ctx_free+0x202/0x3d0
[  562.832397][    C0]  io_ring_exit_work+0x506/0x530
[  562.837403][    C0]  process_scheduled_works+0x4ce/0x9d0
[  562.842915][    C0]  worker_thread+0x582/0x770
[  562.847725][    C0]  kthread+0x489/0x510
[  562.851848][    C0]  ret_from_fork+0x149/0x290
[  562.856484][    C0]  ret_from_fork_asm+0x1a/0x30
[  562.861289][    C0] 
[  562.863641][    C0] value changed: 0x0000000000541370 -> 0x0000000000543a80
[  562.870768][    C0] 
[  562.873124][    C0] Reported by Kernel Concurrency Sanitizer on:
[  562.879309][    C0] CPU: 0 UID: 0 PID: 411 Comm: kworker/u8:7 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  562.890719][    C0] Tainted: [W]=WARN
[  562.894551][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  562.904641][    C0] Workqueue: iou_exit io_ring_exit_work
[  562.910249][    C0] ==================================================================
[  562.940035][ T2853] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  563.021039][ T2853] netlink: 8 bytes leftover after parsing attributes in process `syz.9.12617'.
[  563.030151][ T2853] netlink: 'syz.9.12617': attribute type 30 has an invalid length.
[  563.047047][ T4946] netdevsim netdevsim9 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  563.063260][ T4946] netdevsim netdevsim9 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  563.071691][ T4946] netdevsim netdevsim9 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  563.080637][ T4946] netdevsim netdevsim9 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  563.096635][T29408] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  563.138809][T23640] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.