last executing test programs: 3m52.142375925s ago: executing program 1 (id=33): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0xdc}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00', r2}, 0x10) syz_open_procfs$namespace(0x0, 0xfffffffffffffffe) 3m52.091146287s ago: executing program 1 (id=34): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0}, &(0x7f0000000080), &(0x7f0000000180)=r1}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r2}, 0x10) r3 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000000fc0)=@raw={'raw\x00', 0x8, 0x3, 0x4e8, 0x0, 0x11, 0x148, 0x340, 0x0, 0x450, 0x2a8, 0x2a8, 0x450, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'ip_vti0\x00', {0x0, 0x0, 0x3f, 0x0, 0x88000000, 0x3, 0x7}}}, @common=@unspec=@bpf1={{0x230}, @pinned={0x1, 0x0, 0x0, './file0\x00'}}]}, @unspec=@CT0={0x48}}, {{@ip={@multicast2, @empty, 0x0, 0x0, 'vlan0\x00', 'netdevsim0\x00'}, 0x0, 0xd0, 0x110, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@unspec=@quota={{0x38}, {0x0, 0x0, 0x81}}]}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x4f, 0x7, "72f6daeff0a9c6294e211d2d88fe6dcff5d0e552201da3b7a1fdb30dcb59"}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x548) 3m51.976491262s ago: executing program 1 (id=38): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000001b40)=ANY=[@ANYBLOB="180000000000000000000000fdffffff18110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r2}, 0x10) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000007c0)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x4) sendmsg$NFT_BATCH(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000180a0500000000000000000002000000300003802c00038014000100776732000000000000000000000000001400010076657468315f746f5f627269646765000900020073797a30000000000900010073797a300000000014000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x24040089}, 0x20008000) 3m51.943700943s ago: executing program 1 (id=40): syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000003c0)={[{@nojournal_checksum}, {@acl}, {@resgid}, {}, {@resgid}, {@inlinecrypt}, {@debug}, {@usrquota}]}, 0x3, 0x570, &(0x7f0000000680)="$eJzs3V1rHFUYAOB3Nkm/tSmUoiIS6IWV2k2T+FFBsF6KFgt6X5dkGmo23ZLdlCYW2l7YG2+kCCIWxB/gvZfFP+CvKGihSAl64U1kNrPtNtnN52q2zvPAtOfMzObM2TPv2Xd2dtkACmsk+6cU8WLcjK+TiMNt2wYj3ziyst/So+uT2ZLE8vInfySR5Ota+yf5/wfzygsR8cuXESdLa9utLyzOVKrVdC6vjzZmr4zWFxZPXZqtTKfT6eXxiYkzb06Mv/P2Wz3r62vn//ru43sfnPnq+NK3Pz04cieJs3Eo39bejx242V4ZiZH8ORmKs6t2HOtBY/0k2e0DYFsG8jgfimwOOBwDedQD/383ImIZKKhE/ENBtfKA1rV9j66DnxkP31+5AFrb/8GV90ZiX/Pa6MBS8tSVUXa9O9yD9rM2fv797p1siQ3eh7jRg/YAWm7eiojTg4Nr578kn/+273TzzeP1rW6jaK8/sJvuZfnP653yn9Lj/Cc65D8HO8Tudmwc/6UHPWimqyz/e7dj/vt46hoeyGvPNXO+oeTipWp6OiKej4gTMbQ3q693P+fM0v3lbtva879sydpv5YL5cTwY3Pv0Y6YqjcpO+tzu4a2Il57kv0msmf/3NXPd1eOfPR/nN9nGsfTuK922bdz/dr3PgJd/jHi14/g/uaOVrH9/crR5Poy2zoq1/rx97Ndu7W+t/72Xjf+B9fs/nLTfr61vvY0f9v2ddtu23fN/T/Jps7wnX3et0mjMjUXsST5au378yWNb9db+Wf9PHF9//ut0/u+PiM822f/bR2933bUfxn9qS+O/9cL9D7/4vlv7mxv/N5qlE/mazcx/mz3AnTx3AAAAAAAA0G9KEXEoklL5cblUKpdXPt9xNA6UqrV64+TF2vzlqWh+V3Y4hkqtO92H2z4PMZZ/HrZVH19Vn4iIIxHxzcD+Zr08WatO7XbnAQAAAAAAAAAAAAAAAAAAoE8c7PL9/8xvA7t9dMC/zk9+Q3FtGP+9+KUnoC95/Yfi6hL/pgUoAIEOxSX+objEPxSX+IfiEv9QXOIfAAAAAAAAAAAAAAAAAAAAAAAAAAAAeur8uXPZsrz06PpkVp+6ujA/U7t6aiqtz5Rn5yfLk7W5K+XpWm26mpYna7Mb/b1qrXZlbDzmr4020npjtL6weGG2Nn+5ceHSbGU6vZAO/Se9AgAAAAAAAAAAAAAAAAAAgGdLfWFxplKtpnMKXQvvxW4fxucv7+ThSedRTto6uGJbTQz2yzAp9LSwyxMTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALT5JwAA//821zOC") open(&(0x7f0000000680)='./bus\x00', 0x4001410c2, 0x2e) mount(&(0x7f00000004c0)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0) r0 = open(&(0x7f0000000300)='./file1\x00', 0x14927e, 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x40, 0x8005, 0x0, 0x0, 0xa, 0x4, "ef359f413bb93852f7d6a4ae6dddfbd1000000000000ff91031905b9aaaaf755a3f6a004000000000001000200", "036c47c6780820d1cbf733970000cf33768bbd9bffbcc2542ded71038259ca171ce1a310ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204, 0xffffffffffffffff]}) write$binfmt_misc(r0, &(0x7f0000000340)="be", 0x1) 3m51.660484885s ago: executing program 1 (id=49): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r0}, 0x4) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)}, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a20000000000a01040000000000000000010080030900010073797a30000000002c000000030a01010000000000000000010000000900010073797a30000000000900030073797a310000000070000000060a010400000000000000000100000008000b400000000048000480440001800b000100657874686472000034000280080001400000000c080003400000000008000440000000220500020007000000080006400000000308000540000000000900010073797a300000000020000000030a010300000000000000000a0000020900030073797a300000000044010000080a01080000000000000000010000073a00074032e97608c07b8f34d704cc507d07a8d4c429672a9b6841e516ce194f03354b3c46a930469ce36ee8391a02352a70d543c633dc17a9d300007900074012119f33dbd27dbba871f33b8206fc0a59dac6df96baf86f3deffa20b8a2b13fa2fbc917a33ad4b9dc903553ff1e7533cd9d1e3f6a3248b10a63552977fab38d9ad7409cbd223b094a0bb6f0884c8839890d122f9b9963668c97749b2304852a8d461ccc39dc307f41ac41688a4f2d64a916dc532d00000008000a40000000000900010073797a3000"], 0x248}}, 0x0) 3m50.85072564s ago: executing program 1 (id=75): remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x600, 0x4000) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000faff0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0, 0x0, 0x5}, 0x18) close(0xffffffffffffffff) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000740)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a808682b7fc4c0000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000020000380100000800c00018006000100d10300000c00008008000340000000023f0000000e0a010200000000000000000a0000000900010073797a31000000000900020073797a31"], 0xdc}, 0x1, 0x0, 0x0, 0x48051}, 0x40) 3m50.814555262s ago: executing program 32 (id=75): remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x600, 0x4000) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000faff0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0, 0x0, 0x5}, 0x18) close(0xffffffffffffffff) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000740)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a808682b7fc4c0000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000020000380100000800c00018006000100d10300000c00008008000340000000023f0000000e0a010200000000000000000a0000000900010073797a31000000000900020073797a31"], 0xdc}, 0x1, 0x0, 0x0, 0x48051}, 0x40) 2m46.755666399s ago: executing program 4 (id=1800): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000040000000c"], 0x48) r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x18) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x30, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) write$qrtrtun(r0, &(0x7f0000000340)="66bb0b760dc0f4", 0x7) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r3, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x7], &(0x7f0000000240)=[0x2], 0x0, 0x9}}, 0x40) 2m46.713195111s ago: executing program 4 (id=1803): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x4, &(0x7f0000000980)=ANY=[@ANYBLOB="1801000000000000000000006dfeff00850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={0x0}, 0x18) syz_emit_ethernet(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='kfree\x00', r0, 0x0, 0x401}, 0x11) r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x8000000000000002, &(0x7f0000000e80)={0xffffffffffffffff}, 0x2, 0x8}}, 0x20) write$RDMA_USER_CM_CMD_QUERY(r1, &(0x7f0000000180)={0x13, 0x10, 0x8, {0x0, r2, 0x1}}, 0x18) 2m46.653165944s ago: executing program 4 (id=1805): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r1}, 0x18) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r2}, 0x18) r3 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r3, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10) 2m46.652941374s ago: executing program 4 (id=1806): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x400c84, &(0x7f0000000340), 0x1, 0x786, &(0x7f0000000800)="$eJzs3c9rHGUfAPDvbJKmTfu+yQsvaL0YEDRQmpgaWwWFigcRLBT0bLtstqFmky3ZTWlCQIsIXgQVD4JeevLgj3rz6o+r/hcexFI1LVY8SGQ2s+2m2U03abIbzecDk32emdl8n+/Or2d3hpkA9qzh9E8u4nBEvJtEDGbjk4joq5V6I06uzndreamQDkmsrLz8a1Kb5+byUiEa3pM6mFUejIhv34o4klsft7KwOJ0vlYpzWX2sOnNhrLKwePT8TH6qOFWcPT4+MXHsxJMnjm9frr//sHjo2nsvPPbFyT/ffODqO98lcTIOZdMa89iyZ9dWh2M4+0z60o9wjefvO9juknS7AWxJumn2rG7lcTgGo6dWAgD+zV6PiBUAYI9JHP8BYI+p/w5wc3mpUB+6+4tEZ11/LiL2r+ZfP7+5OqU3O2e3v3YedOBmsubMSBIRQ9sQfzgiPv7q1c/SIbbrPCRAG964HBFnh4bX7/+TddcsbNbjG0zbl70O3zU+je8MNHTG12n/56lm/b/c7f5PNOn/9DfZdrei2fa/ZsSBbQiygeufRDzTcG3brYb8M0M9We0/tT5fX3LufKmY7tv+GxEj0def1sc3iDFy468braY19v9+e/+1T9P46eudOXI/9/avfc9kvpq/n5wbXb8c8VBvs/yT28s/adH/Pd1mjBeffvujVtPS/NN868P6/CO7OmlnrFyJeLTp8r9zRVuy4fWJY7XVYay+UjTx5Y8fDrSK37j80yGNX/8u0Anp8h/YOP+hpPF6zcrmY3x/ZfCbVtPunX/z9X9f8kqtXO9HXMpXq3PjEfuSl9aPP3bnvZfyD2el1fnT/Eceab79b7T+p98Jz7aZf++1Xz7fev47K81/clPLf/OFq7eme1rFb2/5T9RKI9mYdvZ/7Tbwfj47AAAAAAAAAAAAAAAAAAAAAAAAAGhXLiIORZIbvV3O5UZHV5/h/f8YyJXKleqRc+X52cmoPSt7KPpy9VtdDjbcD3U8ux9+vX7srvoTEfG/iPig/0BSv4/iZJdzBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC6gy2e/5/6qb/brQMAdsz+bjcAAOg4x38A2Hsc/wFg72nv+N+z4+0AADrH938A2Hsc/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANhhp0+dSoeVP5aXCml98uLC/HT54tHJYmV6dGa+MFooz10YnSqXp0rF0UJ55l7/r1QuX5iI2flLY9VipTpWWVg8M1Oen62eOT+TnyqeKfZ1JCsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2JzKwuJ0vlQqzilsobCyO5rR/UJPtjrtlvZ0tJDsjmZsc6HLOyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf4i/AwAA//+3ACFj") creat(&(0x7f0000000580)='./bus\x00', 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x8000c2, &(0x7f0000000740), 0x0, 0x5d1, &(0x7f0000000140)="$eJzs3U9sI1f9APDvOMk62c0229+vh4KALqWwoFWdTbZdVb20XJCgVCAVxKGHbeR4o1Wc9bJ2ShMikZw4cEWiEie4cOHEoRIHpIoD4tob3LiUA2JBC6iphJDRTMaJ7dixd5ONSfL5qFO/+ZP3fc/reeN5npkXwJl1OSI2I+JcRLwVETORZMuTfIpXd6Z0u48ebJS3H2yUk2g23/j7eJ7DRrm1fcuFiPhhZ5ikO259bX15oVqt3MvnZxsrd2fra+vP315ZWKosVe7Mz9+Yu3Htpesvzh9ZXZ9Z+dX9r9x+7du/+fWnP/xg80vfTwv1Sr4urVt7eZvN5uEDvtKq+ERM54sKEZG+c68dPvf/CWN5fc6NuiA8kvTz+H8R8Wye3jU5ujIBAI9XMWaiObM332xT6JhrNpMe2wAAJ096zj8dSaGUn/9PR6FQKmV9eJNPxflCtVZvXL1VW72zGFkf1qWYKNy6Xa1cy/oK0+8PE0k6P5ety9Zn8/Nd89cj4smI+HFxKpsvlWvVxVF96QGAM+5C1/H/X8X0+F8c5k/9QgAAJ9nwR/J91/EAACfU/uP/xEjKAQAcHz35AHD2tB3/h/rlHwA4+Sa77v3vqem3fwA4TXr2/795cS/9dOLaPwA4Zfz+DwBnyjdffz2dmtvNJHv+9eLba6vLtbefX6zUl0srq+VSuXbvbmmpNhnZM3tWemSx1T5TrdXuzr0Qq+/MNir1xmx9bf3mSm31TuNm9lzvmxXPiQaA0Xvymff/mETE5stT2RStsRwGXxAAnHB2czi7xkZdAGBkxkddAGBk2h7089dRlgMYnT4X9+7eDtzzEqGpiHi3f55TR1Au4PG58ok+/f/dDwHs7Cj8zxGMjg2MWL5b6waAM+hw/f8eEwwn2cEHfjcGwWnWbCbG8weAM2aIM3iXCMIpN+jhXnoCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYL/pbEoKpXws8OkoFEqliIsRcSkmklu3q5VrEfFERPyhOFFM5+dGXWgA4JAKf0ny8b+uzDw33b32XPJxMXuNiO/99I2fvLPQaA0duLu88W62vHFvvmeA4uOvAwDQZrx7Qes4nb22nch/9GCj3JqOs4D3v5wNLjoVEeXtBxvlvfGIx/PCz2RjFJ//Z9JRmST9b9CgpUPY3IqIp7vrX9hdfykf+bQ7/ljs9JEcOn72/+mIfe9/kvXN7MXv/BpVyNbtvKZvw/9PPUw8IPV+2v682qv9K8Tl7DXf/8Y7G9PJ+NH+xvUR5O1fbDc3svZvuy1+mv83Lk5mbU2P9i8vX1+7Qzbff+F3X91J/WB//K2x5ifHI1qxt9van1Y2SZ/4zw1Zxz996jPP9nuzmj+LuBIHxd9JzTZW7s7W19Z/+bX3fr9UWarcmZ+/MXfj2kvXX5yfzfqoZ1s91fv97eWrT/Qr2/2tiPN94k8OqP/n8/Sgz8HP//3Wm589IP4XP9crfiGeOiB+ekz8woC4LQvn3+s7fHcaf7FP/cc74p/r+Lt02dXuzPp8ID/88/qQJQUAjkN9bX15oVqt3BsmUYj15YXWiWa+KjazxHc/3lk6KJ+pYWM9SmJg9CNOTET7ksl92ySbEUcQ60KfVb946Awn4ljfn1bit+P/+PrQH7bv9Fi19RBBi21LPuj8rB6uFoUDd5mxqI7lGwzMMN9ucxT/Flni8hDbHGMjBIzE3k4/6pIAAAAAAAAAAAAAAAD91L+VP/LviO80ar8ZbtR1BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4PT6bwAAAP///H62LQ==") mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x8005, 0x0, 0x0, 0x19, 0xd, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x8]}) write$UHID_CREATE(r0, &(0x7f0000000a80)={0x0, {'syz1\x00', 'syz1\x00', 'syz0\x00', 0x0, 0x0, 0x5, 0x4, 0x3ff, 0x10000, 0xffffffff}}, 0x120) 2m46.50717116s ago: executing program 4 (id=1810): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x200, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$inet6_sctp(0xa, 0x801, 0x84) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r2, 0x84, 0x7b, &(0x7f0000000180)={0x0, 0x2}, 0x8) sendto$inet6(r2, &(0x7f0000000b80)="be", 0x1, 0x4008014, &(0x7f0000000000)={0xa, 0x4e22, 0x1, @dev={0xfe, 0x80, '\x00', 0x23}, 0x7}, 0x1c) shutdown(r2, 0x1) 2m46.132994426s ago: executing program 4 (id=1819): pipe2$watch_queue(0x0, 0x80) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0xc2f00, 0x4d, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000980)='mm_page_free\x00', r0}, 0x18) kexec_load(0x3e00, 0x1, &(0x7f00000002c0)=[{0x0, 0x0, 0xff600000, 0x1000000}], 0x0) r1 = io_uring_setup(0x3454, &(0x7f0000000080)={0x0, 0xffffeffe, 0x18, 0x2}) io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a) 2m46.131987386s ago: executing program 33 (id=1819): pipe2$watch_queue(0x0, 0x80) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0xc2f00, 0x4d, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000980)='mm_page_free\x00', r0}, 0x18) kexec_load(0x3e00, 0x1, &(0x7f00000002c0)=[{0x0, 0x0, 0xff600000, 0x1000000}], 0x0) r1 = io_uring_setup(0x3454, &(0x7f0000000080)={0x0, 0xffffeffe, 0x18, 0x2}) io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a) 1m48.368387376s ago: executing program 2 (id=3335): sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002300000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = socket(0x10, 0x3, 0x0) write(r2, &(0x7f0000000080)="240000001a007f0214f9f407000904080a000000000000050002000008000f40fe00000e", 0x24) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000340)={0x1, &(0x7f0000000000)=[{0x6, 0xf, 0x2, 0x7fff8000}]}) close_range(r3, 0xffffffffffffffff, 0x0) 1m48.308709379s ago: executing program 2 (id=3337): sendmsg$TCPDIAG_GETSOCK(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="4c0000001200010003"], 0x4c}}, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff4000/0x9000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) r0 = io_uring_setup(0x71b5, &(0x7f0000000040)={0x0, 0x9272, 0xc000, 0x1, 0xae}) perf_event_open(&(0x7f0000000580)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc093, 0x1, @perf_bp={0x0}, 0xc84, 0x0, 0x1a15, 0x2, 0x80000001, 0x4, 0x0, 0x0, 0x0, 0x0, 0xbc}, 0x0, 0xdffffdffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8054}, 0x4af584f715520309) io_uring_enter(r0, 0xf70, 0x12d5, 0x17, 0x0, 0x0) 1m47.347510689s ago: executing program 2 (id=3361): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10) r1 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r1, 0x6, 0x0, 0x0, 0x0) r2 = fsmount(r1, 0x0, 0x0) r3 = openat$cgroup_subtree(r2, &(0x7f0000000100), 0x2, 0x0) write$cgroup_subtree(r3, &(0x7f0000000300)=ANY=[@ANYBLOB='-cpu'], 0x5) write$cgroup_subtree(r3, &(0x7f0000000140)={[{0x2b, 'cpu'}]}, 0x5) 1m47.219754604s ago: executing program 2 (id=3365): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="180300000005000000000000000000001801000011af000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000d5030000020000838500000071000000180100002020752500000000806020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x0, 0x81, 0x1ff, 0x1, 0x1}, 0x1c) r2 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x1, 0x81, 0x1ff, 0x801, 0x1}, 0x1c) sendmmsg(r2, &(0x7f00000030c0)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f00000000c0)="ef", 0x1}], 0x1}}], 0x1, 0x9200000000000000) recvmmsg$unix(r1, &(0x7f0000004400)=[{{0x0, 0x0, &(0x7f0000001480)=[{&(0x7f0000000300)=""/41, 0x29}], 0x1}}], 0x1, 0x0, 0x0) 1m47.137658768s ago: executing program 2 (id=3367): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30) mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0) 1m47.08778858s ago: executing program 2 (id=3369): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10) r2 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r2, &(0x7f0000000140)={0x0, 0x2, &(0x7f0000000100)=[{&(0x7f0000000180)="5c00000013006bcd9e3fe3dc4e48aa31086b8703410000004000000000000000040014000d000a00100000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x0) 1m32.047501721s ago: executing program 34 (id=3369): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10) r2 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r2, &(0x7f0000000140)={0x0, 0x2, &(0x7f0000000100)=[{&(0x7f0000000180)="5c00000013006bcd9e3fe3dc4e48aa31086b8703410000004000000000000000040014000d000a00100000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x0) 1.269795816s ago: executing program 3 (id=5830): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x21}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x100000000}, 0x18) timer_settime(0x0, 0x1, 0x0, 0x0) r1 = socket$inet6(0xa, 0x1, 0x84) bind$inet6(r1, &(0x7f0000ed3fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) shutdown(r1, 0x0) setsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000040)={0x1, 0xffffffff}, 0x8) sendto$inet6(r1, &(0x7f00000001c0)="bc", 0x1, 0x4, &(0x7f00000000c0)={0xa, 0x4e20, 0x8, @loopback, 0x1}, 0x1c) close(r1) 1.220591379s ago: executing program 3 (id=5832): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000640)={{r0}, &(0x7f00000005c0), &(0x7f0000000600)=r1}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000100)='io_uring_register\x00', r3}, 0x10) r4 = syz_io_uring_setup(0x371d, &(0x7f0000000440)={0x0, 0x10ee, 0x2, 0x6, 0xffffff}, &(0x7f00000001c0), &(0x7f0000000400)) io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) 1.19189417s ago: executing program 3 (id=5834): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r0 = gettid() timer_create(0x1, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)=0x0) timer_settime(r1, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) pipe2(&(0x7f0000000040)={0xffffffffffffffff}, 0x0) pipe2$9p(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r2, r3, 0x53, 0x0) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r4}, 0x10) 1.136710622s ago: executing program 6 (id=5836): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000202300800000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x0, 0x0, 0x41100, 0x46}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0, 0x0, 0x10001}, 0x18) r1 = socket(0x1e, 0x80004, 0x0) r2 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x7, 0x0, 0x1000004}, 0x10) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10) sendmmsg(r1, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x3514}], 0x1}}], 0x400000000000181, 0x9200000000000000) r3 = dup3(r2, r1, 0x0) recvmmsg(r3, &(0x7f0000004580)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000600)=""/179, 0x3514}], 0x1}, 0xffffffff}], 0x1, 0x40000001, 0x0) 986.592408ms ago: executing program 6 (id=5839): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, 0x0, 0x44810) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000001c0)={0x64, 0x2, 0x6, 0x3, 0x0, 0x0, {0x7}, [@IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x11}, @IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0xffff}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}]}, 0x64}, 0x1, 0x0, 0x0, 0x810}, 0x20004000) socket$nl_netfilter(0x10, 0x3, 0xc) socket$kcm(0x10, 0x2, 0x0) socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_TEST(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="540000000906010200000000000000000500000205000100070000002c0007800c00148008000140e00000020c0001800800014064010100060004404e20000005000700880000000900020073797a31"], 0x54}, 0x1, 0x0, 0x0, 0x4000}, 0x4800) 922.721641ms ago: executing program 6 (id=5842): bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000040)=ANY=[], &(0x7f0000000100)=""/141, 0x26, 0x8d, 0x1, 0x7}, 0x28) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000100)=ANY=[@ANYRES8, @ANYRES32, @ANYBLOB="0000000000000000400012800c0001"], 0x68}}, 0x0) r1 = socket$igmp6(0xa, 0x3, 0x2) r2 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000300)={0x0, 'syzkaller1\x00', {0x2}}) write$tun(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="06000000bbbbbbbbbbbbaaaaaaaaaabb88f5"], 0x72) 825.054076ms ago: executing program 6 (id=5846): socket$nl_sock_diag(0x10, 0x3, 0x4) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0xa, 0xc, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0) getsockname$packet(r1, &(0x7f0000000600)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c0000001000850600000000ff6122314a000800", @ANYRES32=r2, @ANYBLOB="f5ff0f00252155b21c0012000c000100626f6e64000000000c0002000800010001"], 0x3c}}, 0x40000) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@newlink={0x3c, 0x10, 0x503, 0x70bd2d, 0x700, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bond={{0x9}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0xc0b0) 746.358409ms ago: executing program 0 (id=5849): openat$ptp0(0xffffffffffffff9c, 0x0, 0x2002, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r0}, &(0x7f0000000580), &(0x7f00000005c0)=r1}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) rt_sigtimedwait(0x0, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) clock_adjtime(0xffffffd3, 0x0) 714.09979ms ago: executing program 0 (id=5850): r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2d}}, 0x10) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4) sendto$inet(r0, 0x0, 0x0, 0xc806, &(0x7f0000000180)={0x2, 0x4e21, @multicast1}, 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a31b16ac5fb73fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9d66ebbc8bab4ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c31497e8112969a039d65aa297e2b046b5f4d11116a89f9f65693d4dc3e70fbfe0b2044fdb3f87e887d1daae8e38a0c19f668f776e19a02bb2449ee4384f6536879c85d7e41bc0276ee2b125d41ff358323311703ec01d64a573bdeb75bdcc87d01de38365ab9222713d2d1640a742d62fefb5403b2ed9969c32a0841e8c36b0107bb888eb14ac62e6d4bdfaeb9ee7436b97bf3825a19d6c8997ce285edf1d277ed703f560460417bfe702af833e83c5b987befb6d1fcf765ab7ea537d9dafb622a1ba8686cb9b1c63b84470364942e90d1cf856cead864f5e38c83b9ed86cc5725a20299ce512b165"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0xffffffffffffff22}, 0x2e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0xfffffffffffffffc}, 0x18) capset(&(0x7f00000020c0)={0x20080522}, &(0x7f0000000500)={0x0, 0x3, 0x647, 0x0, 0x40000, 0x1000}) setrlimit(0x40000000000008, &(0x7f0000000000)) sendto$inet(r0, &(0x7f0000000080)='J', 0x1, 0x24004000, 0x0, 0x0) 649.646763ms ago: executing program 6 (id=5852): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000feffffff00000000000000001801000020646c4200000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000040000008500000006000000850000002300000095"], 0x0, 0x1, 0x0, 0x0, 0x727c45cd4283345, 0x6c, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) dup2(0xffffffffffffffff, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, 0x0, 0x50) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='rxrpc_recvmsg\x00', r0}, 0x18) r1 = socket$kcm(0x21, 0x2, 0x2) sendmsg$kcm(r1, &(0x7f0000000140)={&(0x7f0000000440)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @loopback}}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000100)="a6", 0xfffffcf4}, {0x0}], 0x2, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000005040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe34232aa8b319d7666d0998a61d7da0c86d70000001010"], 0x10b8}, 0x106) recvmsg$kcm(r1, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x100) 645.954253ms ago: executing program 0 (id=5853): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0) r1 = epoll_create(0x7f) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000100)={0xc}) r2 = dup(r0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x4, 0x0, 0x0, 0xd, "0062ba7d820700000000000000000000096304"}) write$RDMA_USER_CM_CMD_JOIN_MCAST(r2, &(0x7f0000000140)={0x16, 0x98, 0xfa00, {0x0, 0x0, 0xffffffffffffffff, 0x1c, 0x1, @ib={0x1b, 0xdacc, 0x8000000, {"21edab2a4f34faeebdac77b05d04bf94"}, 0x8, 0x7, 0x1}}}, 0xa0) r3 = syz_open_pts(r0, 0x82080) dup3(r3, r0, 0x80000) read(r0, &(0x7f00000005c0)=""/228, 0xe4) 616.022834ms ago: executing program 0 (id=5865): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000001c0)='kfree\x00', r0}, 0x18) r1 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/current\x00', 0x2, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r2, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88) setsockopt$inet_MCAST_MSFILTER(r2, 0x0, 0x30, &(0x7f0000000940)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000500000002000000e00000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000064010102000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000e000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"], 0x310) r3 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r3, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88) close_range(r1, 0xffffffffffffffff, 0x0) 560.893437ms ago: executing program 0 (id=5857): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000740), 0x1, r0}, 0x38) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x2}, 0x18) sendmsg$NFT_MSG_GETTABLE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="60000000010a01030000000000000000030000040900010073797a31000000000900010073797a31000000000900010073797a3100000000080002400000000108000240000000020c8c044000000010000000050c0004400000000000000005"], 0x60}, 0x1, 0x0, 0x0, 0x404880c}, 0x94) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000090000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x10) sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a44000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40000000010800034000000014480000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a31000000001c0003801800008008000340000000020c0004260000000000000c7f14000000110001"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a44000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40000000010800034000000004480000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a31000000001c000380180000800800034000000002"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) 509.101828ms ago: executing program 0 (id=5859): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x75, 0x0, 0x0, 0x0, 0x2}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0xc2f00, 0x4d, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000980)='mm_page_free\x00', r1}, 0x18) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) 508.895769ms ago: executing program 7 (id=5860): creat(&(0x7f00000002c0)='./file0\x00', 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000021000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000086"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1}, 0x10) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x8, 0x80, 0x0, 0x4, 0x0, 0x6, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x4}, 0x0, 0x40000000000000, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 508.607149ms ago: executing program 7 (id=5861): socket$nl_netfilter(0x10, 0x3, 0xc) socket$inet_tcp(0x2, 0x1, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000200)={0xffffffffffffffff, 0x0, 0x2, 0x0, &(0x7f0000000000)="5cdd", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r0 = syz_io_uring_setup(0xd38, &(0x7f0000000280)={0x0, 0x7732, 0x80, 0x1, 0x350}, &(0x7f00000000c0)=0x0, &(0x7f0000000100)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2e, 0x0, 0x0, 0x4}]}, 0x10) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_TIMEOUT={0xb, 0x36, 0x0, 0x0, 0x4, 0x0, 0x1, 0x20}) io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0) 460.058621ms ago: executing program 7 (id=5862): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x5, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='kfree\x00', r0}, 0x18) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='./file2\x00', 0x0, &(0x7f0000000040), 0x1, 0xba6, &(0x7f0000000c00)="$eJzs3M1rXFUUAPDzXj7bRicVEeumEZEWxGlaSbFFsJWKGxeCboWGdFJCph8kkZo0i4n+A6KuBTeCWpQu7LobBbdutG4tLoQisVEQ0cibjyQ2M0naTvJq8vvBzbt3zpvcc/KYeffCTALYsQayH2nEvog4nUQU6o+nEdFd7fVGVGrnLczPjvwxPzuSxOLi678mkUTE7fnZkcbvSurHPfVBb0R891ISj7y7et7J6Znx4XK5NFEfH5o6d/HQ5PTMs2Pnhs+WzpbOHz76/NCRoaODx4baVuufP5249vuTr/xc+euzv6/89sEnSZyIvnpsZR3tMhADS3+TlTojYrjdk+Wko17PyjqTznWelG5yUgAAtJSuWMM9FoXoiOXFWyG+/j7X5AAAAIC2WOyIWAQAAAC2ucT+HwAAALa5xucAbs/PjjRavp9I2Fq3TkZEf63+hXqrRTqjUj32RldE7L6dxMqvtSa1p923gYi4+eOxL7MWm/Q95LVU5iLi8WbXP6nW31/9Fvfq+tOIGGzD/AN3jP9P9Z9ow/x51w/AznT9ZO1Gtvr+ly6tf6LJ/a+zyb3rXuR9/2us/xZWrf+W6+9osf57bYNzXP70o0utYln9L1x7+YtGy+bPjvdV1F24NRfxRGez+pOl+pMW9Z/e4ByFfy6VWsXyrn/x44gD0bz+hmTt/090aHSsXBqs/Ww6x9y3Q5+3mj/v+rPrv7tF/etd/4sbnOPNU6eutoqtX3/6S3fyRrXXXX/k7eGpqYnDEd3Jq6sfP7J2Lo1zGr8jq//gU2u//pvVn70nVOp/h2wvMFc/ZuN37pjzxSuXv1qr/mzvl+f1P3OP1/+9Dc7x9DfvH2wVW7n/zVo2/82kthcGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIY0IvoiSYtL/TQtFiP2RMSjsTstX5icemb0wlvnz2SxiP7oSkfHyqXBiCjUxkk2PlztL4+P3DF+LiL2RsSHhV3VcXHkQvlM3sUDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwZE9E9EWSFiMijYiFQpoWi3lnBQAAALRdf94JAAAAAJvO/h8AAAC2P/t/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANtne/ddvJBFROb6r2jLd9VhXrpkBmy3NOwEgNx15JwDkpjPvBIDc3OUe33IBtqFknXhvy0hP23MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4MF1YN/1G0lEVI7vqrZMdz3W1fQZ+7cwO2AzpXknAOSmY61g59blAWw9L3HYuZrv8YGdJFkn3rt8TuW/kZ5NywkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAB09ftSVpMSLSaj9Ni8WIhyKiP7qS0bFyaTAiHo6IHwpdPdm4J++kAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaLvJ6Znx4XK5NKGjo5NvJ3kw0qh18n5nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgD5PTM+PD5XJpYjLvTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC8TU7PjA+Xy6WJDXSu3s3JKzp51wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQH7+DQAA//+LYA3r") timer_create(0x0, 0x0, 0x0) timer_settime(0x0, 0x0, 0x0, 0x0) quotactl$Q_GETNEXTQUOTA(0xffffffff80000901, &(0x7f0000000000)=@loop={'/dev/loop', 0x0}, 0xee00, 0x0) 409.775903ms ago: executing program 7 (id=5863): r0 = socket$pptp(0x18, 0x1, 0x2) r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2) ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)=0x0) sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="010026bd70003c0200000200000008000100", @ANYRES32=r4], 0x1c}}, 0x0) ioctl$sock_SIOCDELRT(r0, 0x890c, &(0x7f0000000180)={0x0, @nfc={0x27, r4, 0x1, 0x4}, @qipcrtr={0x2a, 0x4}, @sco, 0xb5ae, 0x0, 0x0, 0x0, 0xfc00, 0x0, 0x6864, 0xa164, 0x7}) syz_genetlink_get_family_id$ieee802154(0x0, r2) close_range(r0, 0xffffffffffffffff, 0x0) 390.891664ms ago: executing program 7 (id=5864): capset(&(0x7f0000000380)={0x20080522}, &(0x7f0000000040)={0x200000, 0x40200003, 0x0, 0x6, 0x7}) setrlimit(0x40000000000008, &(0x7f0000000080)={0x0, 0x6}) r0 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000600)={0x200000000000001, 0x3}, 0x8) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10) sendto$inet6(r0, 0x0, 0x0, 0xc880, &(0x7f0000000540)={0xa, 0x4e1c, 0x6, @empty, 0x8}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000000500)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f00000002c0)="8f", 0x1}], 0x1}}], 0x1, 0x4048486) 355.512595ms ago: executing program 5 (id=5866): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000c40), 0x12) fcntl$lock(0xffffffffffffffff, 0x7, 0x0) unshare(0x22020600) prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1) r2 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0) 355.214105ms ago: executing program 5 (id=5867): syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_RECVMSG={0xa, 0x34, 0x3, 0xffffffffffffffff, 0x0, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000000240)=[{0x0}], 0x1e}, 0x0, 0x40010000, 0x1}) r0 = syz_io_uring_setup(0x64d, &(0x7f0000000100)={0x0, 0x11f8, 0x8, 0x2, 0x801e7}, &(0x7f0000000300)=0x0, &(0x7f0000000080)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f0000000740)=[{&(0x7f00000003c0)=""/201, 0xc9}], 0x1) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000000c0)={0x1, &(0x7f0000000200)=[{0x30, 0x4, 0x0, 0x2}]}, 0xffffffffffffff0e) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=ANY=[], 0x20}, 0x1, 0x0, 0x0, 0x800}, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x0, 0x0, 0xffffffffffffffff, 0x0, r0}) io_uring_enter(r0, 0x749d, 0x4, 0x0, 0x0, 0x0) 354.678325ms ago: executing program 7 (id=5868): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x4b5, &(0x7f0000010400)={0x0, 0x86e1, 0x1, 0x8}, &(0x7f0000010080), &(0x7f0000000000)) bpf$PROG_LOAD(0x5, &(0x7f0000001a00)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f0000000b40)=[{0x0}, {0x0}], 0x2) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000540)=[{0x0}, {&(0x7f0000000340), 0xa002a0}], &(0x7f00000005c0), 0x2}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r1, 0x0, 0x80000}, 0x18) mbind(&(0x7f00005b4000/0x4000)=nil, 0x100000000004000, 0x0, 0x0, 0x0, 0x2) 292.480768ms ago: executing program 3 (id=5869): r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000) r1 = socket$qrtr(0x2a, 0x2, 0x0) connect$qrtr(r1, &(0x7f0000000200)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc) ioctl$sock_qrtr_TIOCINQ(r1, 0x541b, 0x0) r2 = syz_io_uring_setup(0x497, &(0x7f0000000300)={0x0, 0x77bc, 0x80, 0x3, 0x285}, &(0x7f0000000380)=0x0, &(0x7f00000003c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r1, 0x0, 0x0}) io_uring_enter(r2, 0x3498, 0x969, 0xffff000000000000, 0x0, 0x0) dup3(r2, r0, 0x80000) 276.108979ms ago: executing program 5 (id=5870): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0) setsockopt$RXRPC_SECURITY_KEYRING(r0, 0x110, 0x2, &(0x7f0000000100)='memory.events\x00', 0xe) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x9, 0x4, 0x7ffc0002}]}) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x14, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xae, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94) alarm(0x2) sched_setattr(0x0, &(0x7f00000002c0)={0x38, 0x5, 0x0, 0x4, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffffc}, 0x0) setsockopt$MRT_ADD_MFC_PROXY(r0, 0x0, 0xd2, &(0x7f00000000c0)={@rand_addr=0x64010102, @loopback, 0x1, "4934b2a0a04a444f0d3056b24d504656bb67873e51b478d6b805a0ec5424eb98", 0x40, 0x7, 0xd, 0x4}, 0x3c) ioprio_get$pid(0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f00000001c0)='erofs_destroy_inode\x00', r0, 0x0, 0x4}, 0xfffffe46) 260.83775ms ago: executing program 6 (id=5871): sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000440)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000800)="21ae1baf930b4569b9ddef9797ffd935c7d80e6466b3e4e62dc9603583f5d4b61fbc65b6ac744d7319535e75bf552062e4cfde1ba7ce29263322e18ea9740aa82ca692f123993e57cda00d2b1f4e799bd41e3f76258180fa91a42aaa8b1ebc4e0ea8fb12f2c71e6e5bc57a8e91f254005514721d93c13c5606ae1fea7f31f558d562bd5a8dfb0b9fed873efa221fccffa847cd374c92e6cbb03e6a9de890ce323f000000abcc6c01326d588495b7c1a7db31ec4129e6336f26bb9e0b7552af3cd2d5dda1632799bbc98425c433384d8a8e4071ff39a36dfdfdf05af35a4ddd340cfecd7ec935f4ce7d3e851583ba1cf53a90a7f7bce5703de57ce93ddef7849b30a01de0637e6d5e507b801d32e582e0c2d564539ebfc84c098a23e765552767b122885fb1629e9c180be47da7931bd125b80de15aab0c56a2edf2e0483b87f5ab299dc046076203dea10ccbfc631d5bf4a87ce67004519f248f086346ce6a8a9d181789a59f81d9b7f6781daac3e229914b8b8998c15c3b6302a519331cb05995bc60b7cb872dd3b5b43331c77c5d72e21f7bd2b1a915ff3204e3f20d3a20b22d6a58155b5a4ebf6d1d1cd90c656ecada531c07ff91deb3efa91762cdecfbcc43553750f22ac5c18cc5e8b6f790c2f4e6373af9f98d10e6df49ff8e5cbcbd68e11ed0b967add11410dc2e34f08dbfaf8eb95d4d1153b4c6093192a340eb30fcc71619888c6486746a049585d249efb96b9cace83320b8f96b40ebe3a9a788d05a053380d1026b9434df87a3a387549bcabe88684c4dbf0da9a5212f3dbc8d1dff240856691243b203d7edd4d3cc89a38a6c80fdb1229a01044af7aaecb20d5570ebf24b30bbc6dfc3f70d85cd9f0d60ebd8fedd161d199d9997a0e2d18d1c99bc7158564e0ddb4673055de196535d706d142e1dc7d404583923cb1b286cfc5418884ac7e605d93652dc48ff", 0x2ac}, {&(0x7f0000000bc0)="ab29d92826349952eb8f7a2a74f535bc9739c1df57144c51a3391625b8b5354134b06ef1355506aeae96e3f097503998f375a054cf3d7de4fe53ea51518955349cdbadca60e1c65cc18dbe99369be03e492fb55fc9067bb6f7f7c3ee1720000000054a63ac58225ed0502f5ac8999e0c74a5dbb320bd54ec813e8bee6bfa5cbfb0726ac1b6ad97d802d5fae186f0769421fb965c7396854e2a3ac844a3769f8449901ba5e2b2da1ff6119aeb26ac204cfc6b54be73b6f195491ae2c0cb26b0cba61dae7a17740e8112ff188919c6e2e31a2a074863edba4a0e58b61faec4a42c29d7f9e48a43b8cb7d3c5a1e5aa67f87538140f8d633a54bceb8b1dda2397ea147d3b26e903f608b6ab1844ea7cf630d828118bba0f0f85e2e6316ae1ed9a2a7d08a05c170cb76bf111930df0cf760f7768571afdefe82a95296cee7c010f748a97046efcc774e7d85edbd5058104fef4942fb4430da89f67d1fea33bf2acfb793a610b3738b393eed8633fc8e8f630932206960e9076c7d7fc99fce018701c50d39b811a7427a7a9fcb340c2755541f228462010ec40ba945a0febd460dad5d548f1be090f5dbaa8ae8835dc47ed2537681827f6129759272574cf58f2f33e47a0e416573cfdcfb44ed9d", 0x1cb}, {&(0x7f00000005c0)="05437c98b91b1455046f57b5fc913814bde2bbeac2104eaea9c9d01a7838d859007067c10aa7352abbdf98e9bf033a4784a11e84639d3b9164d9c5d729f3dd409d39ff6d5cca97", 0x47}, {&(0x7f0000000140)="f610e61ac81cc3edc86f0500194d27a5a443f10dfd1ecda0fd0ed9a444b7fb76afe3a0002f0a5eafcd3555a6cad574af080de74a37f54ee5f10fe3f42b445293ca980200000000000000ecfd6cc1b3a9a9263506e88c5557069d0ca055991454ec1307b7411892a1beaef9ae54833107eb88b0411b1bc0ba9bc28d0eb6a73ad76be9facd1d9d82b6a3cc2040e84b398d279e50535b6557df8a633cfc7615fca9879b11834eb07eeb4278cab057f89b7464048cf573c21df5435e3b81aaba048fa4264d4c15513c91e9230a8e4b7635b58dc631604c311225f21db11c7101278ef4c7", 0xe2}], 0x4, 0x0, 0x0, 0x900}}], 0x1, 0x0) r0 = memfd_create(&(0x7f0000000ec0)='\x103q}2[\xe0\x9a\xee\xaf\x03\x97\x9et\v\"|Ma\x86\xe7\xc0\x14\x9f\xb9h\xb1\x96\xe7=I\x860S6\xb5\xa8\xc2\x95Je%\xfeG\'e\xe5\x8f\xf8\xd2\x1c\xc0\xfb\x1c\xa6\xab\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94k\xcd\t\x00\x90k\xd6\x05\xb6\x03\x00\x00\x00A\xc5\x9c_\xd4\x18,\f\xd4s\xb2\x99/\xc0\x9a\xf2Oc\xc0c\x03gB!\xb0\xb8n\x01\x9bT\x95\x10\x86\xe8$\x7f\r[\xf9\x0e1v\xb1\n\x88\v\x95uy\xb5:`\x8b\nC\x18A;\xaa%\xaf\xc7\xa3\xac\xa2D\xb5\xe2\xe1\xdc(\xfd\x05\x9fB\x84O\xfe@\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x1a\xa0\x17\xe3\xac\xe9\xc9\xa7\x8a\x1b\x03\"&\xac\xcap>\xccZ\x01\xbc\x18\xc1\xb9\xe9\v\x8b\x9c\xb4Q\xd4\x96EV<>\x99\xca\xb3\xe0\xc4tL\xed\xf5W\xbd#\xcf\x8a\x84\xed\x9f/\xd4\xbb\xea;-Dp\xf8\xd0F\x90\xf8\x92Ip6\xf4\x16\xe8\x14\xe0\x92!\x92-F\xe2\x14D\x91\xa8b\x04\xdd\x1d\a\xdc\xe0\x18\x85{\x80Q\xf6k\x96\xfaQ\x9fW\vO\xf0\xe4O\\\xceS\xf2\xde\x049d\x06#\x88\xc3\xdf\x85O\x1c\xc3\xad?r\xd7\x0e\x00\xd7\x83\xb0\x88\x9c\xf6Y-F\x98\xdd\x9c~\xfd\x95\xc3\xb6lC\xaa\"Y\xa2K\xecz\x84:*\xf5Y\xd1\x9b1\x91\x9b\x15\xd4\xec\x02o\x01&\xaa\x90w\xc4\xc7yn\xb5\x1ag\xab&?\xbe\xcb\xe8v\xa8\xe0\xa4\x81sW\xacf\x149\xd2}\xefCGa\x9a$4\x8c\xa5!p\x83\x05\x96%\x02%\xabj\n\b\xc8NC\x91}&y\xd3\xe1\xeep\'\xc5\xab\x19GsX5\x8c\n\x9fh\xee;4\xb1%V\xe0\xa9\x8e\xf30:\xd8\x18N~G\x139\xcas\xf4D\xd4\xd0s\r3\xcb\x9a&\xdf+(\xc9S\x9eL5\x84\xb1\x90pN\xe7/\r\b\x9a\xf13Q\xf9\xdf\x7fX\xa0\xafK\xefh\xbfOv\x9bh\xb3\xc0\xf5\x80\xba\"@\'\x02\xafi\xeaE\xa6a6F\xde\xd4\xfa\x84\xe4+A\xb7\xa2\x8f\xc9\xee|xxn\xefw\x93]%\xd0\x19\x132\x86\xabn\xfe\x91\xb6Cl\xcf\x04\x1cq\xc1\x1d~\x8d\x01\x83\x93_\x83\x8a`v\xb0K,|S\xe4\xba\xb1\f\xc8`\xa6s\xad\x11\xd4wG\x80u\x87u\xff\x87\xee', 0x2) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000040)={0x0, 0x0, 0x940a, 0x1000007}) fcntl$addseals(r0, 0x409, 0xb) r1 = socket(0x10, 0x803, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000640)=@newlink={0x40, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x4048b}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_LOCAL={0x8, 0x2, @rand_addr=0xc0586300}, @IFLA_IPTUN_FLAGS={0x6, 0x8, 0x3}]}}}]}, 0x40}}, 0x0) sendto(r1, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x14c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x188}, {&(0x7f00000007c0)=""/154, 0x8}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) 230.460591ms ago: executing program 5 (id=5872): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r1}, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x3, 0x80}, 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000600)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r3}, 0x10) syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0) 109.156486ms ago: executing program 5 (id=5873): prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) r0 = socket(0x1, 0x80802, 0x0) r1 = epoll_create1(0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r3}, 0x18) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000000c0)={0x10000001}) epoll_pwait(r1, &(0x7f0000000080)=[{}], 0x1, 0x80000000, 0x0, 0x0) shutdown(r0, 0x0) 86.573407ms ago: executing program 3 (id=5874): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='scsi_dispatch_cmd_start\x00', r0}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020100008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='scsi_dispatch_cmd_start\x00', r2}, 0x10) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15) 66.736638ms ago: executing program 5 (id=5875): setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000200)=@nat={'nat\x00', 0x19, 0x0, 0xc0, [0x200000000140, 0x0, 0x0, 0x200000000170, 0x2000000001a0], 0x0, 0x0, 0x0}, 0x138) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{}, 0x0, &(0x7f00000001c0)}, 0x20) r0 = syz_io_uring_setup(0xa4d, &(0x7f0000000480)={0x0, 0x28ad, 0x80, 0x9, 0x200}, &(0x7f0000000680)=0x0, &(0x7f0000000440)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2c, 0x0, 0x0, 0x4}]}, 0x10) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_OPENAT2={0x1c, 0x9, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x23456}) io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0) 0s ago: executing program 3 (id=5876): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x0, 0x22c7, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f00000002c0)='kfree\x00', r1, 0x0, 0x2}, 0x18) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff}) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000004500), 0x0, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r2}}) write$P9_RVERSION(r4, &(0x7f0000000000)={0x15, 0x65, 0xffff, 0x7ffc, 0x8, '9P2000.L'}, 0x41) kernel console output (not intermixed with test programs): sing attributes in process `syz.0.3839'. [ 180.495775][T13733] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3839'. [ 180.852948][T13755] loop7: detected capacity change from 0 to 128 [ 181.037867][T13779] netlink: 'syz.0.3861': attribute type 13 has an invalid length. [ 181.050262][ T29] kauditd_printk_skb: 191 callbacks suppressed [ 181.050280][ T29] audit: type=1326 audit(1764775716.275:6966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13780 comm="syz.6.3862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92c049f749 code=0x7ffc0000 [ 181.085484][ T29] audit: type=1326 audit(1764775716.305:6967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13780 comm="syz.6.3862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92c049f749 code=0x7ffc0000 [ 181.109652][ T29] audit: type=1326 audit(1764775716.305:6968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13780 comm="syz.6.3862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f92c049f749 code=0x7ffc0000 [ 181.133874][ T29] audit: type=1326 audit(1764775716.305:6969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13780 comm="syz.6.3862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92c049f749 code=0x7ffc0000 [ 181.157477][ T29] audit: type=1326 audit(1764775716.305:6970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13780 comm="syz.6.3862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92c049f749 code=0x7ffc0000 [ 181.181042][ T29] audit: type=1326 audit(1764775716.305:6971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13780 comm="syz.6.3862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f92c049f749 code=0x7ffc0000 [ 181.204980][ T29] audit: type=1326 audit(1764775716.315:6972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13780 comm="syz.6.3862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92c049f749 code=0x7ffc0000 [ 181.228612][ T29] audit: type=1326 audit(1764775716.315:6973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13780 comm="syz.6.3862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92c049f749 code=0x7ffc0000 [ 181.253296][ T29] audit: type=1326 audit(1764775716.315:6974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13780 comm="syz.6.3862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f92c049f749 code=0x7ffc0000 [ 181.276874][ T29] audit: type=1326 audit(1764775716.315:6975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13780 comm="syz.6.3862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92c049f749 code=0x7ffc0000 [ 181.511574][T13801] loop0: detected capacity change from 0 to 164 [ 181.521655][T13801] syz.0.3870: attempt to access beyond end of device [ 181.521655][T13801] loop0: rw=524288, sector=263328, nr_sectors = 4 limit=164 [ 181.545496][T13801] syz.0.3870: attempt to access beyond end of device [ 181.545496][T13801] loop0: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 181.947831][T13832] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3884'. [ 181.975118][T13832] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3884'. [ 182.017951][T13839] loop5: detected capacity change from 0 to 256 [ 182.026867][T13839] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 182.044518][T13839] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 182.053405][T13839] FAT-fs (loop5): Filesystem has been set read-only [ 182.092364][T13846] program syz.7.3890 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 182.707721][ T36] lo speed is unknown, defaulting to 1000 [ 182.713625][ T36] syz2: Port: 1 Link DOWN [ 182.720874][T13878] ip6gre1: entered promiscuous mode [ 182.736854][ T5952] netdevsim netdevsim3 eth0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 182.774918][ T5952] netdevsim netdevsim3 eth1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 182.803591][ T5952] netdevsim netdevsim3 eth2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 182.838329][ T5952] netdevsim netdevsim3 eth3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 182.898912][T13893] netlink: 7 bytes leftover after parsing attributes in process `syz.6.3911'. [ 183.159930][T13915] binfmt_misc: register: failed to install interpreter file ./file0 [ 183.168167][T13914] netlink: 'syz.0.3919': attribute type 1 has an invalid length. [ 183.217806][T13914] bridge0: Device is already in use. [ 183.453159][T13928] ip6gre2: entered promiscuous mode [ 184.027136][T13939] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3929'. [ 184.161830][ T54] netdevsim netdevsim7 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 184.198991][ T54] netdevsim netdevsim7 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 184.233733][ T54] netdevsim netdevsim7 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 184.257300][ T54] netdevsim netdevsim7 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 184.700790][T13986] loop7: detected capacity change from 0 to 512 [ 184.718311][T13986] EXT4-fs: Mount option(s) incompatible with ext3 [ 184.771684][T13989] netlink: 96 bytes leftover after parsing attributes in process `syz.3.3949'. [ 184.809706][T13991] netlink: 96 bytes leftover after parsing attributes in process `syz.7.3950'. [ 184.843289][ T11] I/O error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 0 prio class 2 [ 184.844255][T13995] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3952'. [ 184.987940][T13995] 8021q: adding VLAN 0 to HW filter on device bond3 [ 185.034720][T14015] netlink: 204 bytes leftover after parsing attributes in process `syz.3.3960'. [ 185.046704][T14004] vlan2: entered allmulticast mode [ 185.052022][T14004] bond3: entered allmulticast mode [ 185.105748][T14021] netlink: 36 bytes leftover after parsing attributes in process `syz.7.3961'. [ 185.137073][T14018] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3962'. [ 185.160528][T14018] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3962'. [ 185.180490][T14018] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3962'. [ 185.224499][T14018] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3962'. [ 185.244761][T14018] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3962'. [ 185.938208][T14090] netlink: 'gtp': attribute type 10 has an invalid length. [ 186.115194][T14108] ip6gre1: entered allmulticast mode [ 186.142203][T14112] veth0: entered promiscuous mode [ 186.148180][T14112] veth0: left promiscuous mode [ 186.166644][T14113] loop0: detected capacity change from 0 to 512 [ 186.177392][T14113] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.4003: inode has both inline data and extents flags [ 186.192273][T14113] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.4003: couldn't read orphan inode 15 (err -117) [ 186.205149][T14113] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 186.541868][ T29] kauditd_printk_skb: 156 callbacks suppressed [ 186.541885][ T29] audit: type=1326 audit(1764775721.765:7132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14152 comm="syz.3.4021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f725b50f749 code=0x7ffc0000 [ 186.571823][ T29] audit: type=1326 audit(1764775721.765:7133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14152 comm="syz.3.4021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=152 compat=0 ip=0x7f725b50f749 code=0x7ffc0000 [ 186.595999][ T29] audit: type=1326 audit(1764775721.765:7134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14152 comm="syz.3.4021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f725b50f749 code=0x7ffc0000 [ 186.655406][ T29] audit: type=1326 audit(1764775721.885:7135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14160 comm="syz.3.4025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f725b50f749 code=0x7ffc0000 [ 186.688035][ T29] audit: type=1326 audit(1764775721.915:7136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14160 comm="syz.3.4025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f725b50f749 code=0x7ffc0000 [ 186.711961][ T29] audit: type=1326 audit(1764775721.915:7137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14160 comm="syz.3.4025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f725b50f749 code=0x7ffc0000 [ 186.735694][ T29] audit: type=1326 audit(1764775721.915:7138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14160 comm="syz.3.4025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f725b50f749 code=0x7ffc0000 [ 186.759204][ T29] audit: type=1326 audit(1764775721.915:7139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14160 comm="syz.3.4025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f725b50f749 code=0x7ffc0000 [ 186.782770][ T29] audit: type=1326 audit(1764775721.915:7140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14160 comm="syz.3.4025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=87 compat=0 ip=0x7f725b50f749 code=0x7ffc0000 [ 186.806457][ T29] audit: type=1326 audit(1764775721.915:7141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14160 comm="syz.3.4025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f725b50f749 code=0x7ffc0000 [ 186.832706][T14163] netlink: 'gtp': attribute type 10 has an invalid length. [ 186.914543][T14172] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8192 sclass=netlink_route_socket pid=14172 comm=syz.3.4028 [ 186.958648][ T3321] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 187.329585][T14181] 8021q: adding VLAN 0 to HW filter on device bond1 [ 187.348556][T14181] vlan2: entered allmulticast mode [ 187.353862][T14181] bond1: entered allmulticast mode [ 187.754917][T14213] loop0: detected capacity change from 0 to 512 [ 187.763282][T14213] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 187.807619][T14213] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 187.866634][ T3321] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 188.633752][T14310] lo speed is unknown, defaulting to 1000 [ 189.680234][T14373] loop7: detected capacity change from 0 to 1764 [ 189.687704][T14372] netlink: 'syz.5.4118': attribute type 12 has an invalid length. [ 189.724517][T14373] isofs: isofs_export_get_parent(): child directory not normalized! [ 189.821489][T14396] __nla_validate_parse: 21 callbacks suppressed [ 189.821504][T14396] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4126'. [ 189.838595][T14396] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4126'. [ 189.848682][T14396] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4126'. [ 189.909394][T14396] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4126'. [ 190.032431][T14405] lo speed is unknown, defaulting to 1000 [ 190.380299][T14425] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4138'. [ 190.410711][T14425] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4138'. [ 190.726790][T14438] lo speed is unknown, defaulting to 1000 [ 190.835670][T14448] 9p: Unknown access argument ¿: -22 [ 190.963133][T14450] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4149'. [ 191.063712][T14456] loop0: detected capacity change from 0 to 1764 [ 191.096911][T14456] isofs: isofs_export_get_parent(): child directory not normalized! [ 191.600430][T14491] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4166'. [ 192.375223][T14524] SELinux: failed to load policy [ 192.596568][T14534] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=14534 comm=syz.3.4183 [ 192.609749][T14534] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=14534 comm=syz.3.4183 [ 192.723942][ T29] kauditd_printk_skb: 330 callbacks suppressed [ 192.723961][ T29] audit: type=1400 audit(1764775727.945:7472): avc: denied { mounton } for pid=14544 comm="syz.7.4187" path="/proc/245/cgroup" dev="proc" ino=42605 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=file permissive=1 [ 192.773364][T14548] netlink: 131740 bytes leftover after parsing attributes in process `syz.6.4188'. [ 192.783975][T14548] netlink: zone id is out of range [ 192.789208][T14548] netlink: zone id is out of range [ 192.794732][T14548] netlink: zone id is out of range [ 192.799954][T14548] netlink: del zone limit has 8 unknown bytes [ 192.849534][T14552] netem: change failed [ 193.159715][T14572] 9p: Unknown access argument ¿: -22 [ 193.247860][T14576] netlink: 'syz.3.4202': attribute type 83 has an invalid length. [ 193.378844][T14588] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4205'. [ 193.646529][T14617] netlink: 'syz.6.4219': attribute type 12 has an invalid length. [ 193.716487][T14629] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=14629 comm=syz.5.4225 [ 193.730662][ T29] audit: type=1400 audit(1764775728.945:7473): avc: denied { nlmsg_write } for pid=14628 comm="syz.5.4225" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1 [ 193.818377][T14640] loop6: detected capacity change from 0 to 1024 [ 193.843642][T14640] EXT4-fs: inline encryption not supported [ 193.856828][T14640] EXT4-fs (loop6): couldn't mount as ext2 due to feature incompatibilities [ 193.999675][T14657] veth0_vlan: left promiscuous mode [ 194.005071][T14657] veth0_vlan: entered allmulticast mode [ 194.041573][T14657] veth0_vlan: entered promiscuous mode [ 194.182148][T14685] loop0: detected capacity change from 0 to 256 [ 194.474099][T14721] loop0: detected capacity change from 0 to 1024 [ 194.494920][ T29] audit: type=1400 audit(1764775729.705:7474): avc: denied { execute } for pid=14725 comm="syz.5.4261" path="/blkio.bfq.io_wait_time" dev="ramfs" ino=45137 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=file permissive=1 [ 194.526146][T14721] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 194.570440][ T29] audit: type=1326 audit(1764775729.795:7475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14719 comm="syz.0.4258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54904df749 code=0x7ffc0000 [ 194.597597][ T29] audit: type=1326 audit(1764775729.795:7476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14719 comm="syz.0.4258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f54904df749 code=0x7ffc0000 [ 194.621406][ T29] audit: type=1326 audit(1764775729.795:7477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14719 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54904df749 code=0x7ffc0000 [ 194.645019][ T29] audit: type=1326 audit(1764775729.795:7478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14719 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f54904df749 code=0x7ffc0000 [ 194.668768][ T29] audit: type=1326 audit(1764775729.795:7479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14719 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54904df749 code=0x7ffc0000 [ 194.692745][ T29] audit: type=1326 audit(1764775729.805:7480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14719 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f54904df749 code=0x7ffc0000 [ 194.717224][ T29] audit: type=1326 audit(1764775729.915:7481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14719 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54904df749 code=0x7ffc0000 [ 194.814917][T14721] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4193: comm wÞ£ÿ: Allocating blocks 449-513 which overlap fs metadata [ 194.837982][T14747] __nla_validate_parse: 13 callbacks suppressed [ 194.838002][T14747] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4269'. [ 194.864654][T14719] EXT4-fs (loop0): pa ffff888106e31850: logic 48, phys. 177, len 21 [ 194.872737][T14719] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4 [ 194.892729][T14747] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4269'. [ 194.903966][ T3321] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 194.943816][T14751] loop0: detected capacity change from 0 to 256 [ 194.956693][T14753] loop7: detected capacity change from 0 to 512 [ 195.005380][T14753] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 195.024917][T14753] ext4 filesystem being mounted at /121/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 195.095257][T13095] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 195.125364][T14763] lo speed is unknown, defaulting to 1000 [ 195.250637][T14775] bond0: entered promiscuous mode [ 195.255917][T14775] bond_slave_0: entered promiscuous mode [ 195.261864][T14775] bond_slave_1: entered promiscuous mode [ 195.302728][T14775] batadv0: entered promiscuous mode [ 195.330462][T14775] hsr1: Slave A (bond0) is not up; please bring it up to get a fully working HSR network [ 195.340522][T14775] hsr1: Slave B (batadv0) is not up; please bring it up to get a fully working HSR network [ 195.354734][T14775] 8021q: adding VLAN 0 to HW filter on device hsr1 [ 195.382567][T14776] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 195.401845][T14778] sch_tbf: peakrate 7 is lower than or equals to rate 19 ! [ 195.458043][T14790] lo speed is unknown, defaulting to 1000 [ 195.466014][T14790] lo speed is unknown, defaulting to 1000 [ 195.472496][T14790] lo speed is unknown, defaulting to 1000 [ 195.478914][T14789] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4284'. [ 195.489153][T14790] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 195.501160][T14790] lo speed is unknown, defaulting to 1000 [ 195.512454][T14790] lo speed is unknown, defaulting to 1000 [ 195.519616][T14790] lo speed is unknown, defaulting to 1000 [ 195.536431][T14790] lo speed is unknown, defaulting to 1000 [ 195.542916][T14790] lo speed is unknown, defaulting to 1000 [ 195.551458][T14790] lo speed is unknown, defaulting to 1000 [ 195.570081][T14800] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4289'. [ 196.787180][T14881] netlink: 'syz.7.4316': attribute type 5 has an invalid length. [ 196.813465][T14881] netlink: 'syz.7.4316': attribute type 5 has an invalid length. [ 197.413759][T14900] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4328'. [ 197.441884][T14900] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4328'. [ 197.501418][T14904] loop7: detected capacity change from 0 to 1024 [ 197.522063][T14904] EXT4-fs: Ignoring removed bh option [ 197.531723][T14904] EXT4-fs: inline encryption not supported [ 197.538160][T14904] EXT4-fs (loop7): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 197.549394][T14904] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000] [ 197.571603][T14904] EXT4-fs error (device loop7): ext4_map_blocks:777: inode #3: block 2: comm syz.7.4330: lblock 2 mapped to illegal pblock 2 (length 1) [ 197.586418][T14904] EXT4-fs error (device loop7): ext4_map_blocks:777: inode #3: block 48: comm syz.7.4330: lblock 0 mapped to illegal pblock 48 (length 1) [ 197.600818][T14904] EXT4-fs error (device loop7): ext4_acquire_dquot:6945: comm syz.7.4330: Failed to acquire dquot type 0 [ 197.615288][T14904] EXT4-fs error (device loop7) in ext4_reserve_inode_write:6309: Corrupt filesystem [ 197.624930][T14904] EXT4-fs error (device loop7): ext4_evict_inode:253: inode #11: comm syz.7.4330: mark_inode_dirty error [ 197.637818][T14904] EXT4-fs warning (device loop7): ext4_evict_inode:256: couldn't mark inode dirty (err -117) [ 197.648325][T14904] EXT4-fs (loop7): 1 orphan inode deleted [ 197.654736][T14904] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 197.669754][ T41] EXT4-fs error (device loop7): ext4_map_blocks:777: inode #3: block 1: comm kworker/u8:2: lblock 1 mapped to illegal pblock 1 (length 1) [ 197.685432][ T41] EXT4-fs error (device loop7): ext4_release_dquot:6981: comm kworker/u8:2: Failed to release dquot type 0 [ 197.699507][T14904] EXT4-fs (loop7): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 197.747306][T13095] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 198.328277][ T29] kauditd_printk_skb: 29 callbacks suppressed [ 198.328296][ T29] audit: type=1400 audit(1764775733.545:7508): avc: denied { mount } for pid=14936 comm="+}[@" name="/" dev="rpc_pipefs" ino=47150 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:rpc_pipefs_t tclass=filesystem permissive=1 [ 198.369329][T14941] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4344'. [ 198.474365][T14956] loop5: detected capacity change from 0 to 128 [ 198.527693][T14958] netlink: 2048 bytes leftover after parsing attributes in process `syz.3.4347'. [ 198.536900][T14958] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4347'. [ 198.572967][ T5920] kworker/u8:69: attempt to access beyond end of device [ 198.572967][ T5920] loop5: rw=1, sector=129, nr_sectors = 16 limit=128 [ 198.586745][ T5920] kworker/u8:69: attempt to access beyond end of device [ 198.586745][ T5920] loop5: rw=1, sector=153, nr_sectors = 8 limit=128 [ 198.616266][ T5920] kworker/u8:69: attempt to access beyond end of device [ 198.616266][ T5920] loop5: rw=1, sector=169, nr_sectors = 8 limit=128 [ 198.629973][ T5920] kworker/u8:69: attempt to access beyond end of device [ 198.629973][ T5920] loop5: rw=1, sector=185, nr_sectors = 8 limit=128 [ 198.643627][ T5920] kworker/u8:69: attempt to access beyond end of device [ 198.643627][ T5920] loop5: rw=1, sector=201, nr_sectors = 8 limit=128 [ 198.663533][ T29] audit: type=1326 audit(1764775733.885:7509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14963 comm="syz.7.4352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16278cf749 code=0x7ffc0000 [ 198.687653][ T5920] kworker/u8:69: attempt to access beyond end of device [ 198.687653][ T5920] loop5: rw=1, sector=217, nr_sectors = 8 limit=128 [ 198.702077][ T29] audit: type=1326 audit(1764775733.885:7510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14963 comm="syz.7.4352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f16278cf749 code=0x7ffc0000 [ 198.725798][ T29] audit: type=1326 audit(1764775733.885:7511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14963 comm="syz.7.4352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16278cf749 code=0x7ffc0000 [ 198.728991][ T5920] kworker/u8:69: attempt to access beyond end of device [ 198.728991][ T5920] loop5: rw=1, sector=233, nr_sectors = 8 limit=128 [ 198.749870][ T29] audit: type=1326 audit(1764775733.885:7512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14963 comm="syz.7.4352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=318 compat=0 ip=0x7f16278cf749 code=0x7ffc0000 [ 198.787210][ T29] audit: type=1326 audit(1764775733.885:7513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14963 comm="syz.7.4352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16278cf749 code=0x7ffc0000 [ 198.810838][ T29] audit: type=1326 audit(1764775733.885:7514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14963 comm="syz.7.4352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f16278cf749 code=0x7ffc0000 [ 198.834439][ T29] audit: type=1326 audit(1764775733.885:7515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14963 comm="syz.7.4352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16278cf749 code=0x7ffc0000 [ 198.858441][ T29] audit: type=1326 audit(1764775733.915:7516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14963 comm="syz.7.4352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16278cf749 code=0x7ffc0000 [ 198.888248][ T5920] kworker/u8:69: attempt to access beyond end of device [ 198.888248][ T5920] loop5: rw=1, sector=249, nr_sectors = 8 limit=128 [ 198.924986][ T5920] kworker/u8:69: attempt to access beyond end of device [ 198.924986][ T5920] loop5: rw=1, sector=265, nr_sectors = 8 limit=128 [ 198.940614][ T5920] kworker/u8:69: attempt to access beyond end of device [ 198.940614][ T5920] loop5: rw=1, sector=281, nr_sectors = 8 limit=128 [ 198.985326][T14973] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4351'. [ 199.074475][ T29] audit: type=1400 audit(1764775734.215:7517): avc: denied { read } for pid=14972 comm="syz.5.4351" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 200.027990][T15010] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4369'. [ 200.155057][T15015] loop5: detected capacity change from 0 to 164 [ 200.204656][T15017] netlink: 20 bytes leftover after parsing attributes in process `syz.7.4372'. [ 200.392166][T15027] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=15027 comm=syz.3.4375 [ 200.630650][T15040] pimreg: entered allmulticast mode [ 200.638265][T15040] pimreg: left allmulticast mode [ 200.917668][T15058] sctp: [Deprecated]: syz.7.4390 (pid 15058) Use of struct sctp_assoc_value in delayed_ack socket option. [ 200.917668][T15058] Use struct sctp_sack_info instead [ 200.960174][T15058] sctp: [Deprecated]: syz.7.4390 (pid 15058) Use of struct sctp_assoc_value in delayed_ack socket option. [ 200.960174][T15058] Use struct sctp_sack_info instead [ 201.026230][T15074] loop7: detected capacity change from 0 to 1024 [ 201.053196][T15076] lo speed is unknown, defaulting to 1000 [ 201.059875][T15080] netlink: 204 bytes leftover after parsing attributes in process `syz.6.4400'. [ 201.073289][T15074] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 201.152952][T15074] EXT4-fs error (device loop7): ext4_mb_mark_diskspace_used:4193: comm wÞ£ÿ: Allocating blocks 449-513 which overlap fs metadata [ 201.158805][T15076] lo speed is unknown, defaulting to 1000 [ 201.184503][T15073] EXT4-fs (loop7): pa ffff888106ed6380: logic 48, phys. 177, len 21 [ 201.192916][T15073] EXT4-fs error (device loop7): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4 [ 201.214801][T13095] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 201.261440][T15095] netlink: 'syz.7.4405': attribute type 13 has an invalid length. [ 201.320304][T15095] gretap0: refused to change device tx_queue_len [ 201.327246][T15095] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 201.343198][ T36] lo speed is unknown, defaulting to 1000 [ 201.349182][ T36] syz0: Port: 1 Link ACTIVE [ 201.450820][T15099] lo speed is unknown, defaulting to 1000 [ 201.528677][T15099] lo speed is unknown, defaulting to 1000 [ 201.553776][T15113] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4414'. [ 201.750271][T15124] netlink: 24 bytes leftover after parsing attributes in process `syz.7.4418'. [ 201.812734][T15128] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4418'. [ 202.408912][T15131] Set syz1 is full, maxelem 65536 reached [ 202.720331][T15174] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4440'. [ 202.803084][T15174] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4440'. [ 202.824004][T15174] netlink: 3 bytes leftover after parsing attributes in process `syz.3.4440'. [ 202.912929][T15184] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4445'. [ 203.032146][T15193] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 ! [ 203.319026][T15226] loop0: detected capacity change from 0 to 1024 [ 203.374287][T15226] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 203.385521][T15226] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 203.442535][T15226] JBD2: no valid journal superblock found [ 203.448495][T15226] EXT4-fs (loop0): Could not load journal inode [ 203.624336][T15226] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ %ºu@) failed with errno=-22 [ 203.703317][T15243] lo speed is unknown, defaulting to 1000 [ 203.760423][T15243] lo speed is unknown, defaulting to 1000 [ 204.019353][T15250] lo speed is unknown, defaulting to 1000 [ 204.185267][ T29] kauditd_printk_skb: 72 callbacks suppressed [ 204.185285][ T29] audit: type=1326 audit(1764775739.415:7590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15271 comm="syz.3.4481" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f725b50f749 code=0x0 [ 204.240287][ T5318] bond0 (unregistering): Released all slaves [ 204.253084][ T5318] bond1 (unregistering): Released all slaves [ 204.280237][T15250] lo speed is unknown, defaulting to 1000 [ 204.364447][ T5318] hsr_slave_0: left promiscuous mode [ 204.370374][ T5318] hsr_slave_1: left promiscuous mode [ 204.467847][ T3487] lo speed is unknown, defaulting to 1000 [ 204.473615][ T3487] infiniband syz0: ib_query_port failed (-19) [ 204.514466][T15250] chnl_net:caif_netlink_parms(): no params data found [ 204.584936][T15250] bridge0: port 1(bridge_slave_0) entered blocking state [ 204.592061][T15250] bridge0: port 1(bridge_slave_0) entered disabled state [ 204.599588][T15250] bridge_slave_0: entered allmulticast mode [ 204.606359][T15250] bridge_slave_0: entered promiscuous mode [ 204.613540][T15250] bridge0: port 2(bridge_slave_1) entered blocking state [ 204.620806][T15250] bridge0: port 2(bridge_slave_1) entered disabled state [ 204.628170][T15250] bridge_slave_1: entered allmulticast mode [ 204.634923][T15250] bridge_slave_1: entered promiscuous mode [ 204.655954][T15250] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 204.681435][T15250] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 204.692131][ T29] audit: type=1326 audit(1764775739.905:7591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15294 comm="syz.5.4490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc43521f749 code=0x7ffc0000 [ 204.715844][ T29] audit: type=1326 audit(1764775739.905:7592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15294 comm="syz.5.4490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc43521f749 code=0x7ffc0000 [ 204.739805][ T29] audit: type=1326 audit(1764775739.905:7593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15294 comm="syz.5.4490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc43521f749 code=0x7ffc0000 [ 204.763430][ T29] audit: type=1326 audit(1764775739.905:7594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15294 comm="syz.5.4490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc43521f749 code=0x7ffc0000 [ 204.787110][ T29] audit: type=1326 audit(1764775739.905:7595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15294 comm="syz.5.4490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc43521f749 code=0x7ffc0000 [ 204.810816][ T29] audit: type=1326 audit(1764775739.905:7596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15294 comm="syz.5.4490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc43521f749 code=0x7ffc0000 [ 204.834399][ T29] audit: type=1326 audit(1764775739.925:7597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15294 comm="syz.5.4490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc43521f749 code=0x7ffc0000 [ 204.858248][ T29] audit: type=1326 audit(1764775739.925:7598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15294 comm="syz.5.4490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7fc43521f749 code=0x7ffc0000 [ 204.881810][ T29] audit: type=1326 audit(1764775739.925:7599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15294 comm="syz.5.4490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc43521f749 code=0x7ffc0000 [ 204.924066][T15250] team0: Port device team_slave_0 added [ 204.930994][T15250] team0: Port device team_slave_1 added [ 204.947289][T15250] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 204.954352][T15250] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 204.980447][T15250] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 204.992304][T15250] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 204.999434][T15250] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 205.025473][T15250] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 205.063928][T15302] netlink: 'syz.3.4491': attribute type 3 has an invalid length. [ 205.075222][T15250] hsr_slave_0: entered promiscuous mode [ 205.081349][T15250] hsr_slave_1: entered promiscuous mode [ 205.087888][T15250] debugfs: 'hsr0' already exists in 'hsr' [ 205.093636][T15250] Cannot create hsr debugfs directory [ 205.376449][T15323] __nla_validate_parse: 5 callbacks suppressed [ 205.376471][T15323] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4502'. [ 205.392700][T15323] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4502'. [ 205.455241][T15328] netlink: 'syz.3.4504': attribute type 13 has an invalid length. [ 205.462199][T15250] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 205.463121][T15328] netlink: 'syz.3.4504': attribute type 17 has an invalid length. [ 205.491507][T15328] 8021q: adding VLAN 0 to HW filter on device bond0 [ 205.500455][T15328] 8021q: adding VLAN 0 to HW filter on device team0 [ 205.511921][T15328] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 205.527837][ T3487] lo speed is unknown, defaulting to 1000 [ 205.533586][ T3487] syz2: Port: 1 Link ACTIVE [ 205.538193][T15250] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 205.556703][T15250] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 205.567872][T15250] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 205.651565][T15250] 8021q: adding VLAN 0 to HW filter on device bond0 [ 205.677288][T15250] 8021q: adding VLAN 0 to HW filter on device team0 [ 205.713790][T15250] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 205.724364][T15250] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 205.809072][ T5318] bridge0: port 1(bridge_slave_0) entered blocking state [ 205.816212][ T5318] bridge0: port 1(bridge_slave_0) entered forwarding state [ 205.825397][ T5318] bridge0: port 2(bridge_slave_1) entered blocking state [ 205.832573][ T5318] bridge0: port 2(bridge_slave_1) entered forwarding state [ 205.922957][T15250] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 206.233049][T15250] veth0_vlan: entered promiscuous mode [ 206.260384][T15250] veth1_vlan: entered promiscuous mode [ 206.275396][T15385] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4519'. [ 206.307066][T15250] veth0_macvtap: entered promiscuous mode [ 206.307110][T15385] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4519'. [ 206.325500][T15250] veth1_macvtap: entered promiscuous mode [ 206.343821][T15384] SELinux: failed to load policy [ 206.354044][T15250] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 206.365304][T15250] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 206.396281][ T5273] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 206.425635][ T5273] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 206.458594][ T5273] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 206.469952][ T5273] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 206.583142][T15417] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4533'. [ 206.592407][T15417] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4533'. [ 206.816306][T15441] sch_tbf: peakrate 7 is lower than or equals to rate 19 ! [ 207.050563][T15460] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4552'. [ 207.089562][T15463] loop5: detected capacity change from 0 to 1024 [ 207.103639][T15463] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 207.151736][ T3683] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 207.275996][T15480] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4559'. [ 207.286729][T15480] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4559'. [ 208.392150][T15555] netlink: 24 bytes leftover after parsing attributes in process `syz.7.4588'. [ 208.661138][T15574] pim6reg: entered allmulticast mode [ 208.676869][T15574] pim6reg: left allmulticast mode [ 208.756544][T15581] loop6: detected capacity change from 0 to 512 [ 208.776206][T15581] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 208.788381][T15583] loop7: detected capacity change from 0 to 512 [ 208.804544][T15583] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 208.841825][T15581] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 208.866557][T15583] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 208.881422][T15581] ext4 filesystem being mounted at /458/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 208.894333][T15583] ext4 filesystem being mounted at /9/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 208.909925][T15583] netlink: 'syz.7.4601': attribute type 1 has an invalid length. [ 208.938082][T15581] Falling back ldisc for ptm0. [ 208.965709][ T9222] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 209.023624][T15597] lo speed is unknown, defaulting to 1000 [ 209.040882][T15250] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 209.101673][T15609] netlink: 'syz.3.4611': attribute type 3 has an invalid length. [ 209.206270][T15620] lo speed is unknown, defaulting to 1000 [ 209.466022][ T29] kauditd_printk_skb: 164 callbacks suppressed [ 209.466038][ T29] audit: type=1400 audit(1764775744.695:7764): avc: denied { connect } for pid=15629 comm="syz.3.4618" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 209.748784][T15644] tipc: Enabling of bearer rejected, failed to enable media [ 209.909902][ T29] audit: type=1400 audit(1764775745.135:7765): avc: denied { mounton } for pid=15660 comm="syz.6.4630" path="/462/file0" dev="tmpfs" ino=2410 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 209.936433][ T29] audit: type=1400 audit(1764775745.165:7766): avc: denied { bind } for pid=15662 comm="syz.5.4631" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 209.956239][ T29] audit: type=1400 audit(1764775745.165:7767): avc: denied { listen } for pid=15662 comm="syz.5.4631" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 209.976027][ T29] audit: type=1400 audit(1764775745.165:7768): avc: denied { accept } for pid=15662 comm="syz.5.4631" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 209.997168][ T29] audit: type=1400 audit(1764775745.165:7769): avc: denied { read } for pid=15662 comm="syz.5.4631" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 210.018034][ T29] audit: type=1400 audit(1764775745.245:7770): avc: denied { create } for pid=15664 comm="syz.5.4632" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 210.039510][ T29] audit: type=1400 audit(1764775745.245:7771): avc: denied { ioctl } for pid=15664 comm="syz.5.4632" path="socket:[50087]" dev="sockfs" ino=50087 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 210.065630][ T29] audit: type=1400 audit(1764775745.245:7772): avc: denied { write } for pid=15664 comm="syz.5.4632" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 210.086595][ T29] audit: type=1400 audit(1764775745.245:7773): avc: denied { nlmsg_write } for pid=15664 comm="syz.5.4632" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 211.098972][T15697] __nla_validate_parse: 2 callbacks suppressed [ 211.098991][T15697] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4652'. [ 211.119465][T15697] netlink: 32 bytes leftover after parsing attributes in process `syz.5.4652'. [ 211.190932][T15702] loop5: detected capacity change from 0 to 1024 [ 211.219051][T15702] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 211.303572][ T3683] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 211.508690][T15729] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4656'. [ 211.529503][T15729] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4656'. [ 211.727076][T15733] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4668'. [ 211.737379][T15733] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4668'. [ 211.875249][T15743] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 211.882666][T15743] vhci_hcd: invalid port number 96 [ 211.888031][T15743] vhci_hcd: default hub control req: 0300 vfffa i0060 l0 [ 212.704956][T15777] IPv6: Can't replace route, no match found [ 212.912537][T15807] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4690'. [ 212.922240][T15807] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 212.930509][T15807] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 213.293147][T15831] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 213.330572][T15831] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 213.382749][T15831] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 213.437794][T15831] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 213.493061][T12714] netdevsim netdevsim7 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 213.514491][ T41] nci: nci_add_new_protocol: the target found does not have the desired protocol [ 213.527685][T12714] netdevsim netdevsim7 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 213.547719][T12714] netdevsim netdevsim7 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 213.564433][T12714] netdevsim netdevsim7 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 213.581784][T15856] lo speed is unknown, defaulting to 1000 [ 213.691234][T15859] IPv6: Can't replace route, no match found [ 213.928063][T15876] lo speed is unknown, defaulting to 1000 [ 214.247593][T15876] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4717'. [ 214.684798][ T29] kauditd_printk_skb: 1010 callbacks suppressed [ 214.684843][ T29] audit: type=1400 audit(1764775749.915:8784): avc: denied { create } for pid=15924 comm="syz.7.4739" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 214.729304][ T29] audit: type=1400 audit(1764775749.935:8785): avc: denied { write } for pid=15924 comm="syz.7.4739" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 214.739043][T15927] loop0: detected capacity change from 0 to 256 [ 214.763341][T15927] FAT-fs (loop0): Directory bread(block 64) failed [ 214.770569][T15927] FAT-fs (loop0): Directory bread(block 65) failed [ 214.777479][T15927] FAT-fs (loop0): Directory bread(block 66) failed [ 214.784107][T15927] FAT-fs (loop0): Directory bread(block 67) failed [ 214.790868][T15927] FAT-fs (loop0): Directory bread(block 68) failed [ 214.797871][T15927] FAT-fs (loop0): Directory bread(block 69) failed [ 214.817956][T15927] FAT-fs (loop0): Directory bread(block 70) failed [ 214.825077][T15927] FAT-fs (loop0): Directory bread(block 71) failed [ 214.831876][T15927] FAT-fs (loop0): Directory bread(block 72) failed [ 214.838644][T15927] FAT-fs (loop0): Directory bread(block 73) failed [ 214.869511][ T29] audit: type=1400 audit(1764775750.095:8786): avc: denied { mount } for pid=15926 comm="syz.0.4738" name="/" dev="loop0" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1 [ 214.884596][T15927] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 899) [ 214.900951][T15927] FAT-fs (loop0): Filesystem has been set read-only [ 214.914444][T15927] bio_check_eod: 103 callbacks suppressed [ 214.914462][T15927] syz.0.4738: attempt to access beyond end of device [ 214.914462][T15927] loop0: rw=524288, sector=1736, nr_sectors = 32 limit=256 [ 214.938290][T15927] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 899) [ 214.950138][T15927] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 899) [ 214.959343][T15927] syz.0.4738: attempt to access beyond end of device [ 214.959343][T15927] loop0: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 214.972872][T15927] syz.0.4738: attempt to access beyond end of device [ 214.972872][T15927] loop0: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 214.986675][T15927] syz.0.4738: attempt to access beyond end of device [ 214.986675][T15927] loop0: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 215.000196][T15927] syz.0.4738: attempt to access beyond end of device [ 215.000196][T15927] loop0: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 215.026038][ T29] audit: type=1400 audit(1764775750.255:8787): avc: denied { unmount } for pid=3321 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1 [ 215.059496][T15966] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=15966 comm=syz.0.4743 [ 215.116207][T15977] netlink: 64 bytes leftover after parsing attributes in process `syz.0.4745'. [ 215.138675][T15980] No such timeout policy "syz1" [ 215.174732][T15988] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4748'. [ 215.312317][T16014] netlink: 'syz.5.4750': attribute type 1 has an invalid length. [ 215.320293][T16014] netlink: 'syz.5.4750': attribute type 4 has an invalid length. [ 215.356620][T16014] netlink: 'syz.5.4750': attribute type 1 has an invalid length. [ 215.364587][T16014] netlink: 'syz.5.4750': attribute type 4 has an invalid length. [ 215.433419][T16028] netlink: 'syz.5.4753': attribute type 1 has an invalid length. [ 215.458532][T16028] 8021q: adding VLAN 0 to HW filter on device bond2 [ 215.474542][T16028] bond2: entered allmulticast mode [ 215.704451][T16066] lo speed is unknown, defaulting to 1000 [ 215.713100][T16071] loop5: detected capacity change from 0 to 2048 [ 215.722617][ T29] audit: type=1400 audit(1764775750.955:8788): avc: denied { wake_alarm } for pid=16069 comm="syz.3.4760" capability=35 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 215.781493][T16071] Alternate GPT is invalid, using primary GPT. [ 215.787842][T16071] loop5: p1 p2 p3 [ 215.791663][T16071] loop5: partition table partially beyond EOD, truncated [ 215.890877][ T29] audit: type=1400 audit(1764775751.115:8789): avc: denied { nlmsg_read } for pid=16086 comm="syz.5.4762" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1 [ 216.327674][ T29] audit: type=1400 audit(1764775751.555:8790): avc: denied { create } for pid=16158 comm="syz.6.4775" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1 [ 216.374525][ T29] audit: type=1400 audit(1764775751.585:8791): avc: denied { ioctl } for pid=16158 comm="syz.6.4775" path="socket:[52699]" dev="sockfs" ino=52699 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1 [ 216.598348][ T29] audit: type=1326 audit(1764775751.825:8792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16192 comm="syz.3.4779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f725b50f749 code=0x7ffc0000 [ 216.645074][ T29] audit: type=1326 audit(1764775751.855:8793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16192 comm="syz.3.4779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f725b50f749 code=0x7ffc0000 [ 216.870179][T16227] __nla_validate_parse: 3 callbacks suppressed [ 216.870200][T16227] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4784'. [ 217.321183][T16281] loop6: detected capacity change from 0 to 128 [ 217.785830][T16304] netlink: 'syz.7.4805': attribute type 4 has an invalid length. [ 217.891095][ T5305] Bluetooth: hci0: Frame reassembly failed (-84) [ 218.058507][T16317] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4809'. [ 218.359736][T16327] lo speed is unknown, defaulting to 1000 [ 218.377706][T16328] netlink: 'syz.3.4814': attribute type 15 has an invalid length. [ 218.385616][T16328] netlink: 'syz.3.4814': attribute type 7 has an invalid length. [ 218.393428][T16328] netlink: 52 bytes leftover after parsing attributes in process `syz.3.4814'. [ 218.806703][T16332] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4818'. [ 218.815667][T16332] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4818'. [ 218.884002][T16342] netlink: 168 bytes leftover after parsing attributes in process `syz.3.4821'. [ 218.884922][T16337] loop6: detected capacity change from 0 to 4096 [ 218.906132][T16340] loop5: detected capacity change from 0 to 164 [ 218.908663][T16337] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 219.002650][T16350] netlink: 20 bytes leftover after parsing attributes in process `syz.5.4823'. [ 219.269925][T16367] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4831'. [ 219.299117][T16367] ip6gre1: entered allmulticast mode [ 219.395464][ T9222] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 219.407088][T16371] loop7: detected capacity change from 0 to 4096 [ 219.439989][T16371] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 219.461231][T16374] loop6: detected capacity change from 0 to 164 [ 219.525752][T15250] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 219.783528][ T29] kauditd_printk_skb: 1001 callbacks suppressed [ 219.783546][ T29] audit: type=1400 audit(1764775755.005:9795): avc: denied { read } for pid=16391 comm="syz.3.4841" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 219.841636][T16396] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4842'. [ 219.850656][T16396] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4842'. [ 219.928883][ T3625] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 220.096136][T16411] sch_tbf: burst 19872 is lower than device lo mtu (11337746) ! [ 220.132755][ T29] audit: type=1400 audit(1764775755.355:9796): avc: denied { create } for pid=16412 comm="syz.6.4849" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 220.168981][ T29] audit: type=1400 audit(1764775755.395:9797): avc: denied { ioctl } for pid=16412 comm="syz.6.4849" path="socket:[52940]" dev="sockfs" ino=52940 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 220.194736][ T29] audit: type=1400 audit(1764775755.395:9798): avc: denied { bind } for pid=16412 comm="syz.6.4849" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 220.215607][ T29] audit: type=1400 audit(1764775755.395:9799): avc: denied { mount } for pid=16400 comm="syz.5.4843" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 220.609716][ T29] audit: type=1326 audit(1764775755.835:9800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16438 comm="syz.6.4860" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92c049f749 code=0x7ffc0000 [ 220.633499][ T29] audit: type=1326 audit(1764775755.835:9801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16438 comm="syz.6.4860" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92c049f749 code=0x7ffc0000 [ 220.714220][ T29] audit: type=1326 audit(1764775755.835:9802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16438 comm="syz.6.4860" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f92c049f749 code=0x7ffc0000 [ 220.737926][ T29] audit: type=1326 audit(1764775755.865:9803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16438 comm="syz.6.4860" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92c049f749 code=0x7ffc0000 [ 220.761540][ T29] audit: type=1326 audit(1764775755.865:9804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16438 comm="syz.6.4860" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92c049f749 code=0x7ffc0000 [ 221.047291][T16463] loop0: detected capacity change from 0 to 128 [ 221.066225][T16463] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 221.078888][T16463] ext4 filesystem being mounted at /991/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 221.104443][ T3321] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 221.563862][T16487] loop6: detected capacity change from 0 to 128 [ 221.640285][T16495] syz.6.4881: attempt to access beyond end of device [ 221.640285][T16495] loop6: rw=2049, sector=145, nr_sectors = 8 limit=128 [ 221.656921][T16495] syz.6.4881: attempt to access beyond end of device [ 221.656921][T16495] loop6: rw=2049, sector=161, nr_sectors = 8 limit=128 [ 221.670904][T16495] syz.6.4881: attempt to access beyond end of device [ 221.670904][T16495] loop6: rw=2049, sector=177, nr_sectors = 8 limit=128 [ 221.685588][T16495] syz.6.4881: attempt to access beyond end of device [ 221.685588][T16495] loop6: rw=2049, sector=193, nr_sectors = 8 limit=128 [ 221.712353][T16495] syz.6.4881: attempt to access beyond end of device [ 221.712353][T16495] loop6: rw=2049, sector=209, nr_sectors = 8 limit=128 [ 221.731300][T16495] syz.6.4881: attempt to access beyond end of device [ 221.731300][T16495] loop6: rw=2049, sector=225, nr_sectors = 8 limit=128 [ 221.760345][T16495] syz.6.4881: attempt to access beyond end of device [ 221.760345][T16495] loop6: rw=2049, sector=241, nr_sectors = 8 limit=128 [ 221.807701][T16495] syz.6.4881: attempt to access beyond end of device [ 221.807701][T16495] loop6: rw=2049, sector=257, nr_sectors = 8 limit=128 [ 221.822551][T16495] syz.6.4881: attempt to access beyond end of device [ 221.822551][T16495] loop6: rw=2049, sector=273, nr_sectors = 8 limit=128 [ 221.839328][T16495] syz.6.4881: attempt to access beyond end of device [ 221.839328][T16495] loop6: rw=2049, sector=289, nr_sectors = 8 limit=128 [ 221.967608][T16517] __nla_validate_parse: 2 callbacks suppressed [ 221.967626][T16517] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4891'. [ 222.262251][T16529] bridge: RTM_NEWNEIGH with invalid ether address [ 222.325691][T16532] bridge: RTM_NEWNEIGH with invalid ether address [ 222.452766][T16542] lo speed is unknown, defaulting to 1000 [ 222.652664][T16548] 0ªX¹¦À: left allmulticast mode [ 222.662820][T16548] ip6gre1: left allmulticast mode [ 222.691245][T16548] bond2: left allmulticast mode [ 222.933808][T16563] netlink: 2048 bytes leftover after parsing attributes in process `syz.3.4907'. [ 222.943033][T16563] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4907'. [ 223.181931][T16582] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4919'. [ 223.191079][T16582] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4919'. [ 223.217543][T16584] loop0: detected capacity change from 0 to 1024 [ 223.227210][T16584] EXT4-fs: Ignoring removed orlov option [ 223.237390][T16584] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 223.275363][ T3321] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 223.304296][T16596] syz_tun: entered allmulticast mode [ 223.320367][T16596] dvmrp8: entered allmulticast mode [ 223.327110][T16594] syz_tun: left allmulticast mode [ 223.371889][T16602] netlink: 96 bytes leftover after parsing attributes in process `syz.0.4926'. [ 223.385197][T16600] lo speed is unknown, defaulting to 1000 [ 223.475272][T16607] lo speed is unknown, defaulting to 1000 [ 223.573639][T16621] loop0: detected capacity change from 0 to 512 [ 223.595063][T16621] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 223.636929][T16621] EXT4-fs (loop0): 1 truncate cleaned up [ 223.660584][T16621] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 223.693168][T16631] loop6: detected capacity change from 0 to 1024 [ 223.700689][T16631] EXT4-fs: Ignoring removed orlov option [ 223.717078][T16631] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 223.851629][T16607] netlink: 'syz.5.4928': attribute type 2 has an invalid length. [ 223.937698][ T3321] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 224.011700][T16648] netlink: 168 bytes leftover after parsing attributes in process `syz.7.4944'. [ 224.027327][ T9222] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 224.073752][T16650] lo speed is unknown, defaulting to 1000 [ 224.132131][T16663] loop0: detected capacity change from 0 to 128 [ 224.205179][T16671] lo speed is unknown, defaulting to 1000 [ 224.400904][T16692] bridge0: port 3(gretap0) entered blocking state [ 224.407615][T16692] bridge0: port 3(gretap0) entered disabled state [ 224.415148][T16692] gretap0: entered allmulticast mode [ 224.421150][T16692] gretap0: entered promiscuous mode [ 224.431009][T16692] bridge0: port 3(gretap0) entered blocking state [ 224.437539][T16692] bridge0: port 3(gretap0) entered forwarding state [ 224.453930][T16692] gretap0: left allmulticast mode [ 224.459106][T16692] gretap0: left promiscuous mode [ 224.464411][T16692] bridge0: port 3(gretap0) entered disabled state [ 224.778597][T16735] bridge0: port 2(bridge_slave_1) entered disabled state [ 224.785938][T16735] bridge0: port 1(bridge_slave_0) entered disabled state [ 224.803169][ T29] kauditd_printk_skb: 103 callbacks suppressed [ 224.803204][ T29] audit: type=1326 audit(1764775760.025:9908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16740 comm="syz.0.4964" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f54904df749 code=0x0 [ 224.876847][T16735] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 224.901170][T16735] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 224.941918][T16735] ip6gre1: left allmulticast mode [ 224.948451][ T5305] netdevsim netdevsim7 eth0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 224.966029][ T5305] netdevsim netdevsim7 eth1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 224.983387][ T5305] netdevsim netdevsim7 eth2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 225.001732][ T5305] netdevsim netdevsim7 eth3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 225.156724][T16788] netlink: 63503 bytes leftover after parsing attributes in process `syz.6.4967'. [ 225.255507][T16808] loop6: detected capacity change from 0 to 512 [ 225.262093][T16808] EXT4-fs: Ignoring removed i_version option [ 225.268357][T16808] EXT4-fs: Ignoring removed bh option [ 225.286698][T16808] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 225.303055][T16808] ext4 filesystem being mounted at /534/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 225.376315][ T29] audit: type=1400 audit(1764775760.605:9909): avc: denied { ioctl } for pid=16807 comm="syz.6.4971" path="/534/bus/file1" dev="loop6" ino=15 ioctlcmd=0x660f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 225.414904][ T9222] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 225.451329][T16833] netlink: 'syz.6.4972': attribute type 10 has an invalid length. [ 225.467125][T16833] team0: Port device dummy0 added [ 225.478269][T16833] netlink: 'syz.6.4972': attribute type 10 has an invalid length. [ 225.486978][T16833] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 225.501490][T16839] loop5: detected capacity change from 0 to 128 [ 225.522929][T16833] team0: Failed to send options change via netlink (err -105) [ 225.535154][T16833] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 225.546776][T16833] team0: Port device dummy0 removed [ 225.554050][T16833] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 225.568524][T16847] netlink: 'syz.7.4975': attribute type 1 has an invalid length. [ 225.603848][T16847] bond1: entered promiscuous mode [ 225.614379][T16847] 8021q: adding VLAN 0 to HW filter on device bond1 [ 225.644702][T16847] bond1: (slave bridge1): making interface the new active one [ 225.652276][T16847] bridge1: entered promiscuous mode [ 225.666140][ T29] audit: type=1400 audit(1764775760.895:9910): avc: denied { getopt } for pid=16856 comm="syz.6.4977" lport=34318 faddr=::ffff:100.1.1.0 fport=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1 [ 225.681133][T16847] bond1: (slave bridge1): Enslaving as an active interface with an up link [ 225.751512][T16869] netlink: 'syz.6.4981': attribute type 11 has an invalid length. [ 225.753082][ T29] audit: type=1400 audit(1764775760.975:9911): avc: denied { write } for pid=16868 comm="syz.6.4981" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 225.823665][ T29] audit: type=1400 audit(1764775761.045:9912): avc: denied { bind } for pid=16877 comm="syz.0.4985" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 225.905703][T16885] loop5: detected capacity change from 0 to 1024 [ 225.920430][T16885] EXT4-fs: inline encryption not supported [ 225.939623][T16885] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 225.997289][T16897] netlink: 204 bytes leftover after parsing attributes in process `syz.0.4992'. [ 226.028048][ T29] audit: type=1400 audit(1764775761.255:9913): avc: denied { read } for pid=16900 comm="syz.7.4994" lport=55377 faddr=::ffff:100.1.1.0 fport=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1 [ 226.030984][T16904] EXT4-fs error (device loop5): mb_free_blocks:2017: group 0, inode 15: block 177:freeing already freed block (bit 11); block bitmap corrupt. [ 226.103273][T16909] loop6: detected capacity change from 0 to 1024 [ 226.113454][T16903] loop0: detected capacity change from 0 to 8192 [ 226.121428][T16904] EXT4-fs (loop5): Remounting filesystem read-only [ 226.121565][T16903] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 226.149943][T16903] netlink: 3 bytes leftover after parsing attributes in process `syz.0.4995'. [ 226.159559][T16909] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 226.173783][T16903] 0ªX¹¦À: renamed from caif0 [ 226.186188][T16903] 0ªX¹¦À: entered allmulticast mode [ 226.191428][T16903] A link change request failed with some changes committed already. Interface 60ªX¹¦À may have been left with an inconsistent configuration, please check. [ 226.208001][ T3683] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 226.225885][ T9222] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 226.251163][T16916] loop7: detected capacity change from 0 to 1024 [ 226.314645][T16916] EXT4-fs (loop7): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 226.365675][T16916] EXT4-fs error (device loop7): ext4_read_block_bitmap_nowait:483: comm syz.7.4998: Invalid block bitmap block 0 in block_group 0 [ 226.383089][T16916] Quota error (device loop7): write_blk: dquota write failed [ 226.390639][T16916] Quota error (device loop7): qtree_write_dquot: Error -117 occurred while creating quota [ 226.412383][ T29] audit: type=1326 audit(1764775761.635:9914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16939 comm="syz.6.5007" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92c049f749 code=0x7ffc0000 [ 226.438399][T16916] EXT4-fs error (device loop7): ext4_acquire_dquot:6945: comm syz.7.4998: Failed to acquire dquot type 0 [ 226.452894][T16941] loop5: detected capacity change from 0 to 128 [ 226.466636][T16916] EXT4-fs error (device loop7): ext4_free_blocks:6706: comm syz.7.4998: Freeing blocks not in datazone - block = 0, count = 4096 [ 226.499093][ T29] audit: type=1326 audit(1764775761.635:9915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16939 comm="syz.6.5007" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92c049f749 code=0x7ffc0000 [ 226.514440][T16916] EXT4-fs error (device loop7): ext4_read_inode_bitmap:139: comm syz.7.4998: Invalid inode bitmap blk 0 in block_group 0 [ 226.535677][ T5305] EXT4-fs error (device loop7): ext4_release_dquot:6981: comm kworker/u8:50: Failed to release dquot type 0 [ 226.555656][T16945] Set syz1 is full, maxelem 6117 reached [ 226.573577][T16916] EXT4-fs error (device loop7) in ext4_free_inode:361: Corrupt filesystem [ 226.582726][T16916] EXT4-fs (loop7): 1 orphan inode deleted [ 226.589271][T16916] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 226.634225][T15250] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 226.899294][T16988] ip6gre2: entered promiscuous mode [ 227.390240][T17006] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8192 sclass=netlink_route_socket pid=17006 comm=syz.7.5034 [ 227.525359][T17024] ip6t_srh: unknown srh match flags 4000 [ 227.535811][T17027] __nla_validate_parse: 2 callbacks suppressed [ 227.535829][T17027] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5045'. [ 227.709881][T17045] loop5: detected capacity change from 0 to 1024 [ 227.716816][T17045] EXT4-fs: Ignoring removed nomblk_io_submit option [ 227.725373][T17037] xt_hashlimit: size too large, truncated to 1048576 [ 227.740375][T17045] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 227.772489][ T3683] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 227.887185][T17053] loop5: detected capacity change from 0 to 1024 [ 227.894101][T17053] EXT4-fs: Ignoring removed nomblk_io_submit option [ 227.906735][T17053] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 228.199714][T17066] loop7: detected capacity change from 0 to 128 [ 228.250430][T17065] lo speed is unknown, defaulting to 1000 [ 228.342982][T17066] bio_check_eod: 731 callbacks suppressed [ 228.343003][T17066] syz.7.5059: attempt to access beyond end of device [ 228.343003][T17066] loop7: rw=2049, sector=145, nr_sectors = 8 limit=128 [ 228.405732][T17066] syz.7.5059: attempt to access beyond end of device [ 228.405732][T17066] loop7: rw=2049, sector=161, nr_sectors = 8 limit=128 [ 228.489575][T17066] syz.7.5059: attempt to access beyond end of device [ 228.489575][T17066] loop7: rw=2049, sector=177, nr_sectors = 8 limit=128 [ 228.543527][T17066] syz.7.5059: attempt to access beyond end of device [ 228.543527][T17066] loop7: rw=2049, sector=193, nr_sectors = 8 limit=128 [ 228.598444][T17066] syz.7.5059: attempt to access beyond end of device [ 228.598444][T17066] loop7: rw=2049, sector=209, nr_sectors = 8 limit=128 [ 228.642494][T17066] syz.7.5059: attempt to access beyond end of device [ 228.642494][T17066] loop7: rw=2049, sector=225, nr_sectors = 8 limit=128 [ 228.692533][T17066] syz.7.5059: attempt to access beyond end of device [ 228.692533][T17066] loop7: rw=2049, sector=241, nr_sectors = 8 limit=128 [ 228.746596][T17066] syz.7.5059: attempt to access beyond end of device [ 228.746596][T17066] loop7: rw=2049, sector=257, nr_sectors = 8 limit=128 [ 228.775643][T17098] bridge0: port 5(gretap0) entered blocking state [ 228.782189][T17098] bridge0: port 5(gretap0) entered disabled state [ 228.824265][T17066] syz.7.5059: attempt to access beyond end of device [ 228.824265][T17066] loop7: rw=2049, sector=273, nr_sectors = 8 limit=128 [ 228.855757][T17098] gretap0: entered allmulticast mode [ 228.861906][T17098] gretap0: entered promiscuous mode [ 228.868192][T17101] gretap0: left allmulticast mode [ 228.873306][T17101] gretap0: left promiscuous mode [ 228.874298][T17066] syz.7.5059: attempt to access beyond end of device [ 228.874298][T17066] loop7: rw=2049, sector=289, nr_sectors = 8 limit=128 [ 228.878785][T17101] bridge0: port 5(gretap0) entered disabled state [ 229.080624][T17112] netlink: 'syz.0.5077': attribute type 10 has an invalid length. [ 229.101669][T17111] netlink: 'syz.6.5078': attribute type 7 has an invalid length. [ 229.103483][T17112] team0: Port device V*¤0£ added [ 229.146616][T17112] netlink: 'syz.0.5077': attribute type 10 has an invalid length. [ 229.159952][ T3683] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 229.173732][T17112] team0: Failed to send port change of device V*¤0£ via netlink (err -105) [ 229.184574][T17112] team0: Failed to send options change via netlink (err -105) [ 229.192692][T17112] team0: Failed to send port change of device V*¤0£ via netlink (err -105) [ 229.223520][T17112] team0: Port device V*¤0£ removed [ 229.230205][T17112] V*¤0£: entered promiscuous mode [ 229.236624][T17112] bond0: (slave V*¤0£): Enslaving as an active interface with an up link [ 229.320126][T17130] lo speed is unknown, defaulting to 1000 [ 229.349147][T17137] loop7: detected capacity change from 0 to 1024 [ 229.357514][T17137] EXT4-fs: Ignoring removed orlov option [ 229.374682][T17137] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869) [ 229.394215][T17137] EXT4-fs (loop7): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 229.409589][T17137] EXT4-fs (loop7): invalid journal inode [ 229.415553][T17137] EXT4-fs (loop7): can't get journal size [ 229.421768][T17137] EXT4-fs error (device loop7): ext4_map_blocks:777: inode #3: block 17104912: comm syz.7.5090: lblock 2 mapped to illegal pblock 17104912 (length 1) [ 229.437564][T17137] EXT4-fs (loop7): failed to initialize system zone (-117) [ 229.445829][T17137] EXT4-fs (loop7): mount failed [ 230.236048][T17185] lo speed is unknown, defaulting to 1000 [ 230.298747][T17192] netlink: 'syz.3.5111': attribute type 10 has an invalid length. [ 230.319657][T17192] bond0: (slave dummy0): Releasing backup interface [ 230.368182][T17192] team0: Failed to send options change via netlink (err -105) [ 230.375776][T17192] team0: Port device dummy0 added [ 230.381007][T17202] netlink: 'syz.3.5111': attribute type 10 has an invalid length. [ 230.407160][T17203] bridge0: port 3(gretap0) entered blocking state [ 230.413733][T17203] bridge0: port 3(gretap0) entered disabled state [ 230.446450][T17203] gretap0: entered allmulticast mode [ 230.460721][T17203] gretap0: entered promiscuous mode [ 230.480218][T17202] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 230.495635][T17211] netlink: 12 bytes leftover after parsing attributes in process `syz.7.5113'. [ 230.504826][T17202] team0: Failed to send options change via netlink (err -105) [ 230.517150][T17202] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 230.534535][T17202] team0: Port device dummy0 removed [ 230.543090][T17202] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 230.562590][T17207] gretap0: left allmulticast mode [ 230.567783][T17207] gretap0: left promiscuous mode [ 230.572972][T17207] bridge0: port 3(gretap0) entered disabled state [ 230.630921][T17224] lo speed is unknown, defaulting to 1000 [ 230.660186][T17227] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5116'. [ 230.669239][T17227] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5116'. [ 231.007600][ T29] kauditd_printk_skb: 307 callbacks suppressed [ 231.007618][ T29] audit: type=1400 audit(1764775766.235:10222): avc: denied { watch watch_reads } for pid=17260 comm="syz.7.5125" path="/100/file0" dev="tmpfs" ino=540 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 231.107189][ T29] audit: type=1326 audit(1764775766.325:10223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17270 comm="syz.3.5128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f725b50f749 code=0x7ffc0000 [ 231.131185][ T29] audit: type=1326 audit(1764775766.325:10224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17270 comm="syz.3.5128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f725b50f749 code=0x7ffc0000 [ 231.154958][ T29] audit: type=1326 audit(1764775766.335:10225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17270 comm="syz.3.5128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f725b50f749 code=0x7ffc0000 [ 231.178637][ T29] audit: type=1326 audit(1764775766.335:10226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17270 comm="syz.3.5128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f725b50f749 code=0x7ffc0000 [ 231.202608][ T29] audit: type=1326 audit(1764775766.335:10227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17270 comm="syz.3.5128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f725b50f749 code=0x7ffc0000 [ 231.356795][ T29] audit: type=1326 audit(1764775766.455:10228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17270 comm="syz.3.5128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f725b50f749 code=0x7ffc0000 [ 231.380607][ T29] audit: type=1326 audit(1764775766.455:10229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17270 comm="syz.3.5128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f725b50f749 code=0x7ffc0000 [ 231.404334][ T29] audit: type=1326 audit(1764775766.455:10230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17270 comm="syz.3.5128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f725b50f749 code=0x7ffc0000 [ 231.471857][T17303] netlink: 'syz.5.5140': attribute type 21 has an invalid length. [ 231.498661][T17303] netlink: 132 bytes leftover after parsing attributes in process `syz.5.5140'. [ 231.519593][ T29] audit: type=1400 audit(1764775766.695:10231): avc: denied { create } for pid=17297 comm="syz.7.5138" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 232.378172][T17399] siw: device registration error -23 [ 233.091280][T17452] netlink: 83992 bytes leftover after parsing attributes in process `syz.5.5166'. [ 233.101334][T17452] netlink: zone id is out of range [ 233.106521][T17452] netlink: zone id is out of range [ 233.113019][T17452] netlink: zone id is out of range [ 233.118885][T17452] netlink: zone id is out of range [ 233.124023][T17452] netlink: zone id is out of range [ 233.129193][T17452] netlink: zone id is out of range [ 233.134452][T17452] netlink: zone id is out of range [ 233.149473][T17452] netlink: set zone limit has 8 unknown bytes [ 233.176190][T17457] netlink: 204 bytes leftover after parsing attributes in process `syz.5.5167'. [ 233.185301][T17457] netlink: 108 bytes leftover after parsing attributes in process `syz.5.5167'. [ 233.558366][T17482] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5176'. [ 233.605166][T17482] 8021q: adding VLAN 0 to HW filter on device bond4 [ 233.636074][T17488] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5178'. [ 233.689696][T17487] bond4: (slave gretap1): Enslaving as an active interface with an up link [ 233.833883][T17502] loop7: detected capacity change from 0 to 128 [ 233.849597][T17499] netlink: 96 bytes leftover after parsing attributes in process `syz.6.5184'. [ 233.869475][T17502] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 233.919314][T17502] ext4 filesystem being mounted at /119/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 233.962035][T17504] netlink: 7 bytes leftover after parsing attributes in process `syz.3.5186'. [ 233.973983][T17509] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5187'. [ 233.983038][T17509] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5187'. [ 233.992419][T17504] netlink: 7 bytes leftover after parsing attributes in process `syz.3.5186'. [ 234.065095][T17502] EXT4-fs error (device loop7): ext4_check_dx_root:2203: inode #2: comm syz.7.5185: Corrupt dir, invalid name for '.', running e2fsck is recommended [ 234.152093][T15250] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 234.241885][T17525] netlink: 'syz.3.5194': attribute type 30 has an invalid length. [ 234.443902][T17543] netlink: 'syz.0.5202': attribute type 1 has an invalid length. [ 234.485928][T17543] 8021q: adding VLAN 0 to HW filter on device bond6 [ 234.522331][T17545] 8021q: adding VLAN 0 to HW filter on device batadv4 [ 234.546518][T17545] bond6: (slave batadv4): making interface the new active one [ 234.578579][T17545] bond6: (slave batadv4): Enslaving as an active interface with an up link [ 235.085133][T17564] pim6reg: entered allmulticast mode [ 235.096579][T17564] pim6reg: left allmulticast mode [ 235.150317][T17564] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 235.201044][T17570] loop0: detected capacity change from 0 to 1024 [ 235.214575][T17570] EXT4-fs: Ignoring removed nomblk_io_submit option [ 235.252722][T17570] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 235.696270][T17606] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=17606 comm=syz.5.5227 [ 235.958270][T17623] netlink: 'syz.6.5233': attribute type 13 has an invalid length. [ 236.191722][T17625] syz_tun: entered allmulticast mode [ 236.216982][ T3321] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 236.225458][T17622] syz_tun: left allmulticast mode [ 236.255837][ T29] kauditd_printk_skb: 303 callbacks suppressed [ 236.255856][ T29] audit: type=1326 audit(1764775771.485:10535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17629 comm="syz.7.5237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ab1b1f749 code=0x7ffc0000 [ 236.293488][ T29] audit: type=1326 audit(1764775771.515:10536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17629 comm="syz.7.5237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2ab1b1f749 code=0x7ffc0000 [ 236.317304][ T29] audit: type=1326 audit(1764775771.515:10537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17629 comm="syz.7.5237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ab1b1f749 code=0x7ffc0000 [ 236.341031][ T29] audit: type=1326 audit(1764775771.515:10538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17629 comm="syz.7.5237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2ab1b1f749 code=0x7ffc0000 [ 236.364875][ T29] audit: type=1326 audit(1764775771.515:10539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17629 comm="syz.7.5237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ab1b1f749 code=0x7ffc0000 [ 236.388749][ T29] audit: type=1326 audit(1764775771.515:10540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17629 comm="syz.7.5237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2ab1b1f749 code=0x7ffc0000 [ 236.412793][ T29] audit: type=1326 audit(1764775771.515:10541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17629 comm="syz.7.5237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ab1b1f749 code=0x7ffc0000 [ 236.436439][ T29] audit: type=1326 audit(1764775771.515:10542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17629 comm="syz.7.5237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2ab1b1f749 code=0x7ffc0000 [ 236.460179][ T29] audit: type=1326 audit(1764775771.515:10543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17629 comm="syz.7.5237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ab1b1f749 code=0x7ffc0000 [ 236.484440][ T29] audit: type=1326 audit(1764775771.515:10544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17629 comm="syz.7.5237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2ab1b1f749 code=0x7ffc0000 [ 236.569494][T17639] lo speed is unknown, defaulting to 1000 [ 236.826109][T17655] netlink: 'syz.5.5248': attribute type 13 has an invalid length. [ 236.917340][T17655] syz_tun: entered allmulticast mode [ 236.934217][T17654] syz_tun: left allmulticast mode [ 237.524503][T17694] netlink: 'syz.7.5262': attribute type 13 has an invalid length. [ 237.579072][T17698] loop5: detected capacity change from 0 to 2048 [ 237.635201][T17698] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 237.650072][T17694] syz_tun: entered allmulticast mode [ 237.657665][T17698] ext4 filesystem being mounted at /1055/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 237.668802][T17690] syz_tun: left allmulticast mode [ 237.733277][ T3683] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 238.105790][T17739] loop7: detected capacity change from 0 to 1024 [ 238.112577][T17739] EXT4-fs: Ignoring removed nomblk_io_submit option [ 238.126927][T17739] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 238.272245][T17758] lo speed is unknown, defaulting to 1000 [ 238.370838][T17774] pim6reg: entered allmulticast mode [ 238.402937][T17774] pim6reg: left allmulticast mode [ 238.451798][T17778] siw: device registration error -23 [ 238.900203][T17794] macvlan2: entered promiscuous mode [ 238.912908][T17794] macvlan3: entered promiscuous mode [ 239.242368][T15250] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 239.290980][T17805] __nla_validate_parse: 4 callbacks suppressed [ 239.291044][T17805] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5309'. [ 239.315182][T17807] netlink: 'syz.5.5311': attribute type 1 has an invalid length. [ 239.339257][T17807] 8021q: adding VLAN 0 to HW filter on device bond3 [ 239.344224][T17805] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5309'. [ 239.356146][T17811] loop7: detected capacity change from 0 to 764 [ 239.363653][T17807] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5311'. [ 239.375358][T17810] wireguard0: entered promiscuous mode [ 239.380902][T17810] wireguard0: entered allmulticast mode [ 239.421699][T17807] bond3 (unregistering): Released all slaves [ 239.431581][T17816] loop7: detected capacity change from 0 to 512 [ 239.467357][T17816] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 239.480177][T17816] ext4 filesystem being mounted at /135/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 239.520166][T15250] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 239.813530][T17856] wireguard0: entered promiscuous mode [ 239.819229][T17856] wireguard0: entered allmulticast mode [ 240.035857][T17871] netlink: 96 bytes leftover after parsing attributes in process `syz.3.5335'. [ 240.436164][T17908] lo speed is unknown, defaulting to 1000 [ 240.639067][T17932] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=17932 comm=syz.5.5346 [ 241.344563][ T29] kauditd_printk_skb: 466 callbacks suppressed [ 241.344581][ T29] audit: type=1326 audit(1764775776.575:11011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18004 comm="syz.3.5359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f725b50f749 code=0x7ffc0000 [ 241.375483][T18008] netlink: 59060 bytes leftover after parsing attributes in process `syz.6.5360'. [ 241.404661][T18008] netlink: zone id is out of range [ 241.409868][T18008] netlink: zone id is out of range [ 241.447127][T18008] netlink: zone id is out of range [ 241.452332][T18008] netlink: zone id is out of range [ 241.457665][T18008] netlink: zone id is out of range [ 241.462814][T18008] netlink: zone id is out of range [ 241.468042][T18008] netlink: zone id is out of range [ 241.473251][T18008] netlink: zone id is out of range [ 241.478388][T18008] netlink: zone id is out of range [ 241.483503][T18008] netlink: zone id is out of range [ 241.502604][ T29] audit: type=1326 audit(1764775776.575:11012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18004 comm="syz.3.5359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f725b50f749 code=0x7ffc0000 [ 241.526552][ T29] audit: type=1326 audit(1764775776.605:11013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18004 comm="syz.3.5359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f725b50f749 code=0x7ffc0000 [ 241.550235][ T29] audit: type=1326 audit(1764775776.605:11014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18004 comm="syz.3.5359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f725b50f749 code=0x7ffc0000 [ 241.574181][ T29] audit: type=1326 audit(1764775776.605:11015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18004 comm="syz.3.5359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f725b50f749 code=0x7ffc0000 [ 241.597893][ T29] audit: type=1326 audit(1764775776.605:11016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18004 comm="syz.3.5359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f725b50f749 code=0x7ffc0000 [ 241.601935][T18013] tipc: Started in network mode [ 241.621691][ T29] audit: type=1326 audit(1764775776.605:11017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18004 comm="syz.3.5359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f725b50f749 code=0x7ffc0000 [ 241.621865][ T29] audit: type=1326 audit(1764775776.605:11018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18004 comm="syz.3.5359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f725b50f749 code=0x7ffc0000 [ 241.621934][ T29] audit: type=1326 audit(1764775776.605:11019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18004 comm="syz.3.5359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f725b50f749 code=0x7ffc0000 [ 241.621963][ T29] audit: type=1326 audit(1764775776.605:11020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18004 comm="syz.3.5359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f725b50f749 code=0x7ffc0000 [ 241.723502][T18013] tipc: Node identity ac14140f, cluster identity 4711 [ 241.760369][T18013] tipc: New replicast peer: 255.255.255.255 [ 241.766495][T18013] tipc: Enabled bearer , priority 10 [ 242.069327][T18025] vlan2: entered allmulticast mode [ 242.092101][T18025] dummy0: entered allmulticast mode [ 242.207682][T18032] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5370'. [ 242.272103][T18037] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5370'. [ 242.449805][T18048] pimreg: entered allmulticast mode [ 242.500051][T18048] pimreg: left allmulticast mode [ 242.692414][T18069] netlink: 'syz.3.5384': attribute type 1 has an invalid length. [ 242.742172][T18069] 8021q: adding VLAN 0 to HW filter on device bond2 [ 242.759385][T18077] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5384'. [ 242.803322][T18077] bond2 (unregistering): Released all slaves [ 242.885495][ T3494] tipc: Node number set to 2886997007 [ 243.018501][T18109] netlink: 1276 bytes leftover after parsing attributes in process `syz.0.5393'. [ 243.041066][T18108] wireguard0: entered promiscuous mode [ 243.046617][T18108] wireguard0: entered allmulticast mode [ 243.817331][T18131] netlink: 96 bytes leftover after parsing attributes in process `syz.3.5409'. [ 243.834631][T18133] netlink: 'syz.0.5407': attribute type 1 has an invalid length. [ 243.869241][T18133] 8021q: adding VLAN 0 to HW filter on device bond7 [ 243.920762][T18139] bond7 (unregistering): Released all slaves [ 244.355495][T18164] infiniband !yz!: set down [ 244.360081][T18164] infiniband !yz!: added team_slave_0 [ 244.392671][T18164] RDS/IB: !yz!: added [ 244.401335][T18164] smc: adding ib device !yz! with port count 1 [ 244.417103][T18164] smc: ib device !yz! port 1 has no pnetid [ 244.765207][T18179] __nla_validate_parse: 1 callbacks suppressed [ 244.765226][T18179] netlink: 24 bytes leftover after parsing attributes in process `syz.5.5428'. [ 244.896413][T18185] loop0: detected capacity change from 0 to 1024 [ 244.903691][T18185] EXT4-fs (loop0): inodes count not valid: 204800 vs 32 [ 244.962597][T18189] loop6: detected capacity change from 0 to 128 [ 244.985760][T18189] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 245.110997][T18200] loop5: detected capacity change from 0 to 764 [ 245.131387][T18200] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 245.172007][T18200] sch_tbf: burst 3298 is lower than device lo mtu (11337746) ! [ 245.186034][T18207] loop6: detected capacity change from 0 to 1024 [ 245.197694][T18207] EXT4-fs: Ignoring removed nomblk_io_submit option [ 245.226315][T18207] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 245.373970][T18226] netlink: 'syz.7.5446': attribute type 1 has an invalid length. [ 245.410480][T18226] 8021q: adding VLAN 0 to HW filter on device bond2 [ 245.436051][T18231] netlink: 4 bytes leftover after parsing attributes in process `syz.7.5446'. [ 245.480440][T18231] bond2 (unregistering): Released all slaves [ 245.609049][T18240] netlink: 59060 bytes leftover after parsing attributes in process `syz.5.5450'. [ 246.111564][T18266] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 246.125970][T18266] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 246.135580][T18221] syz.6.5441 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000 [ 246.149932][T18221] CPU: 0 UID: 0 PID: 18221 Comm: syz.6.5441 Tainted: G W syzkaller #0 PREEMPT(voluntary) [ 246.149973][T18221] Tainted: [W]=WARN [ 246.149981][T18221] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 246.149995][T18221] Call Trace: [ 246.150003][T18221] [ 246.150012][T18221] __dump_stack+0x1d/0x30 [ 246.150042][T18221] dump_stack_lvl+0xe8/0x140 [ 246.150067][T18221] dump_stack+0x15/0x1b [ 246.150128][T18221] dump_header+0x81/0x220 [ 246.150150][T18221] oom_kill_process+0x342/0x400 [ 246.150183][T18221] out_of_memory+0x979/0xb80 [ 246.150217][T18221] try_charge_memcg+0x610/0xa10 [ 246.150301][T18221] obj_cgroup_charge_pages+0xa6/0x150 [ 246.150339][T18221] __memcg_kmem_charge_page+0x9f/0x170 [ 246.150379][T18221] __alloc_frozen_pages_noprof+0x188/0x360 [ 246.150458][T18221] alloc_pages_mpol+0xb3/0x260 [ 246.150479][T18221] ? alloc_pages_noprof+0x61/0x130 [ 246.150503][T18221] alloc_pages_noprof+0x90/0x130 [ 246.150525][T18221] __vmalloc_node_range_noprof+0x7a5/0xed0 [ 246.150586][T18221] __kvmalloc_node_noprof+0x483/0x670 [ 246.150620][T18221] ? ip_set_alloc+0x24/0x30 [ 246.150646][T18221] ? ip_set_alloc+0x24/0x30 [ 246.150673][T18221] ? __kmalloc_cache_noprof+0x249/0x4a0 [ 246.150723][T18221] ip_set_alloc+0x24/0x30 [ 246.150746][T18221] hash_netiface_create+0x282/0x740 [ 246.150783][T18221] ? __pfx_hash_netiface_create+0x10/0x10 [ 246.150810][T18221] ip_set_create+0x3cc/0x970 [ 246.150914][T18221] ? __nla_parse+0x40/0x60 [ 246.150945][T18221] nfnetlink_rcv_msg+0x4c6/0x590 [ 246.150989][T18221] netlink_rcv_skb+0x123/0x220 [ 246.151014][T18221] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 246.151076][T18221] nfnetlink_rcv+0x167/0x16c0 [ 246.151112][T18221] ? __list_del_entry_valid_or_report+0x65/0x130 [ 246.151199][T18221] ? __rmqueue_pcplist+0x9d2/0xbd0 [ 246.151246][T18221] ? _raw_spin_lock_bh+0x56/0xb0 [ 246.151291][T18221] ? should_fail_ex+0x30/0x280 [ 246.151316][T18221] ? selinux_nlmsg_lookup+0x99/0x890 [ 246.151428][T18221] ? __rcu_read_unlock+0x34/0x70 [ 246.151536][T18221] ? __netlink_lookup+0x266/0x2a0 [ 246.151597][T18221] netlink_unicast+0x5c0/0x690 [ 246.151625][T18221] netlink_sendmsg+0x58b/0x6b0 [ 246.151725][T18221] ? __pfx_netlink_sendmsg+0x10/0x10 [ 246.151765][T18221] __sock_sendmsg+0x145/0x180 [ 246.151808][T18221] ____sys_sendmsg+0x31e/0x4a0 [ 246.151839][T18221] ___sys_sendmsg+0x17b/0x1d0 [ 246.151952][T18221] __x64_sys_sendmsg+0xd4/0x160 [ 246.151984][T18221] x64_sys_call+0x17ba/0x3000 [ 246.152031][T18221] do_syscall_64+0xd8/0x2a0 [ 246.152057][T18221] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 246.152081][T18221] RIP: 0033:0x7f92c049f749 [ 246.152159][T18221] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 246.152181][T18221] RSP: 002b:00007f92beede038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 246.152205][T18221] RAX: ffffffffffffffda RBX: 00007f92c06f6090 RCX: 00007f92c049f749 [ 246.152220][T18221] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000005 [ 246.152301][T18221] RBP: 00007f92c0523f91 R08: 0000000000000000 R09: 0000000000000000 [ 246.152316][T18221] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 246.152331][T18221] R13: 00007f92c06f6128 R14: 00007f92c06f6090 R15: 00007ffc34b26c48 [ 246.152353][T18221] [ 246.152401][T18221] memory: usage 307200kB, limit 307200kB, failcnt 238 [ 246.487094][T18221] memory+swap: usage 307200kB, limit 9007199254740988kB, failcnt 0 [ 246.495072][T18221] kmem: usage 229328kB, limit 9007199254740988kB, failcnt 0 [ 246.502371][T18221] Memory cgroup stats for /syz6: [ 246.537215][ T29] kauditd_printk_skb: 250 callbacks suppressed [ 246.537232][ T29] audit: type=1326 audit(1764775781.765:11272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18282 comm="syz.3.5468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f725b50f749 code=0x7ffc0000 [ 246.583715][T18221] cache 79454208 [ 246.587369][T18221] rss 221184 [ 246.590587][T18221] shmem 79433728 [ 246.594333][T18221] mapped_file 11755520 [ 246.598413][T18221] dirty 0 [ 246.601366][T18221] writeback 0 [ 246.604789][T18221] workingset_refault_anon 26 [ 246.609392][T18221] workingset_refault_file 2229 [ 246.614194][T18221] swap 0 [ 246.617067][T18221] swapcached 0 [ 246.620628][T18221] pgpgin 232186 [ 246.624179][T18221] pgpgout 212734 [ 246.627833][T18221] pgfault 195868 [ 246.631390][T18221] pgmajfault 64 [ 246.634920][T18221] inactive_anon 71233536 [ 246.639281][T18221] active_anon 8421376 [ 246.643333][T18221] inactive_file 20480 [ 246.647467][T18221] active_file 0 [ 246.651112][T18221] unevictable 0 [ 246.654596][T18221] hierarchical_memory_limit 314572800 [ 246.659996][T18221] hierarchical_memsw_limit 9223372036854771712 [ 246.666305][T18221] total_cache 79454208 [ 246.670387][T18221] total_rss 221184 [ 246.674211][T18221] total_shmem 79433728 [ 246.678295][T18221] total_mapped_file 11755520 [ 246.682967][T18221] total_dirty 0 [ 246.686473][T18221] total_writeback 0 [ 246.690289][T18221] total_workingset_refault_anon 26 [ 246.695484][T18221] total_workingset_refault_file 2229 [ 246.700866][T18221] total_swap 0 [ 246.704343][T18221] total_swapcached 0 [ 246.708358][T18221] total_pgpgin 232186 [ 246.712411][T18221] total_pgpgout 212734 [ 246.716612][T18221] total_pgfault 195868 [ 246.720756][T18221] total_pgmajfault 64 [ 246.724786][T18221] total_inactive_anon 71233536 [ 246.729588][T18221] total_active_anon 8421376 [ 246.734114][T18221] total_inactive_file 20480 [ 246.738672][T18221] total_active_file 0 [ 246.742660][T18221] total_unevictable 0 [ 246.746683][T18221] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz6,task_memcg=/syz6,task=syz.6.5441,pid=18206,uid=0 [ 246.754693][ T29] audit: type=1326 audit(1764775781.755:11271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18281 comm="syz.5.5467" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc43521f749 code=0x7ffc0000 [ 246.761532][T18221] Memory cgroup out of memory: Killed process 18221 (syz.6.5441) total-vm:100384kB, anon-rss:1264kB, file-rss:26480kB, shmem-rss:11392kB, UID:0 pgtables:156kB oom_score_adj:1000 [ 246.786085][ T29] audit: type=1326 audit(1764775781.765:11273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18281 comm="syz.5.5467" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc43521f749 code=0x7ffc0000 [ 246.827268][ T29] audit: type=1326 audit(1764775781.795:11274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18281 comm="syz.5.5467" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fc43521f749 code=0x7ffc0000 [ 246.850974][ T29] audit: type=1326 audit(1764775781.795:11275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18281 comm="syz.5.5467" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc43521f749 code=0x7ffc0000 [ 246.875254][ T29] audit: type=1326 audit(1764775781.795:11276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18282 comm="syz.3.5468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f725b50f749 code=0x7ffc0000 [ 246.898987][ T29] audit: type=1326 audit(1764775781.795:11277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18281 comm="syz.5.5467" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc43521f749 code=0x7ffc0000 [ 246.923353][ T29] audit: type=1326 audit(1764775781.795:11278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18282 comm="syz.3.5468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f725b50f749 code=0x7ffc0000 [ 246.947596][ T29] audit: type=1326 audit(1764775781.795:11280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18281 comm="syz.5.5467" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc43521f749 code=0x7ffc0000 [ 246.971389][ T29] audit: type=1326 audit(1764775781.795:11279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18282 comm="syz.3.5468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=268 compat=0 ip=0x7f725b50f749 code=0x7ffc0000 [ 247.251313][ T9222] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 247.272508][T18297] loop7: detected capacity change from 0 to 512 [ 247.295113][T18297] EXT4-fs: Ignoring removed i_version option [ 247.301587][T18297] EXT4-fs: Ignoring removed bh option [ 247.348258][T18297] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 247.401528][T18299] loop6: detected capacity change from 0 to 4096 [ 247.411099][T18297] ext4 filesystem being mounted at /169/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 247.458644][T18299] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 247.510340][ T9222] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 247.530244][T15250] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 248.068931][T18338] loop7: detected capacity change from 0 to 4096 [ 248.109292][T18338] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 248.158723][T15250] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 248.181074][T18355] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5496'. [ 248.194469][T18355] netlink: 36 bytes leftover after parsing attributes in process `syz.6.5496'. [ 248.238610][T18364] netlink: 12 bytes leftover after parsing attributes in process `syz.7.5499'. [ 248.247909][T18364] netlink: 12 bytes leftover after parsing attributes in process `syz.7.5499'. [ 248.619377][T18384] loop5: detected capacity change from 0 to 4096 [ 248.628637][T18384] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 248.665612][ T3683] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 248.873238][T18415] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5520'. [ 249.056430][T18425] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5525'. [ 249.086281][T18425] 8021q: adding VLAN 0 to HW filter on device bond5 [ 249.099694][T18425] macsec1: entered allmulticast mode [ 249.105920][T18425] bond5: entered allmulticast mode [ 249.111964][T18425] bond5: left allmulticast mode [ 249.946383][T18462] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5539'. [ 250.035516][T18466] lo speed is unknown, defaulting to 1000 [ 250.525175][T18511] net_ratelimit: 6998 callbacks suppressed [ 250.525196][T18511] openvswitch: netlink: Missing key (keys=40, expected=80) [ 250.993838][T18588] syzkaller0: entered allmulticast mode [ 251.014469][T18588] syzkaller0: entered promiscuous mode [ 251.024306][T18588] syzkaller0 (unregistering): left allmulticast mode [ 251.031183][T18588] syzkaller0 (unregistering): left promiscuous mode [ 251.387855][T18651] netlink: 'syz.6.5574': attribute type 9 has an invalid length. [ 251.396153][T18651] netlink: 32 bytes leftover after parsing attributes in process `syz.6.5574'. [ 251.441472][T18657] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5578'. [ 251.450455][T18657] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5578'. [ 251.831800][ T29] kauditd_printk_skb: 74 callbacks suppressed [ 251.831819][ T29] audit: type=1400 audit(1764775787.055:11355): avc: denied { map } for pid=18672 comm="syz.6.5583" path="socket:[58931]" dev="sockfs" ino=58931 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 251.863370][ T29] audit: type=1400 audit(1764775787.055:11356): avc: denied { read accept } for pid=18672 comm="syz.6.5583" path="socket:[58931]" dev="sockfs" ino=58931 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 251.891760][T18675] netlink: 'syz.6.5584': attribute type 1 has an invalid length. [ 251.905269][T18675] 8021q: adding VLAN 0 to HW filter on device bond6 [ 251.921185][T18675] 8021q: adding VLAN 0 to HW filter on device bond6 [ 251.928582][T18675] bond6: (slave vxcan3): The slave device specified does not support setting the MAC address [ 251.939627][T18675] bond6: (slave vxcan3): Error -95 calling set_mac_address [ 253.431961][ T29] audit: type=1400 audit(1764775788.655:11357): avc: denied { getopt } for pid=18704 comm="syz.6.5597" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 253.585271][T18730] netlink: 'syz.6.5607': attribute type 1 has an invalid length. [ 253.593419][ T29] audit: type=1400 audit(1764775788.815:11358): avc: denied { shutdown } for pid=18731 comm="syz.0.5608" lport=9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 253.649922][T18730] macvlan2: entered promiscuous mode [ 253.655505][T18730] macvlan2: entered allmulticast mode [ 253.671305][ T29] audit: type=1400 audit(1764775788.815:11359): avc: denied { read } for pid=18731 comm="syz.0.5608" lport=9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 253.694626][T18730] bond7: entered promiscuous mode [ 253.700057][T18730] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 253.712044][T18730] bond7: left promiscuous mode [ 253.795698][ T29] audit: type=1400 audit(1764775789.015:11360): avc: denied { create } for pid=18747 comm="syz.7.5613" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1 [ 254.024749][T18758] netlink: 12 bytes leftover after parsing attributes in process `syz.7.5618'. [ 254.056435][T18758] 8021q: adding VLAN 0 to HW filter on device bond2 [ 254.088070][T18763] xt_CT: No such helper "snmp_trap" [ 254.089295][T18758] macsec1: entered allmulticast mode [ 254.098821][T18758] bond2: entered allmulticast mode [ 254.108160][T18758] bond2: left allmulticast mode [ 254.227571][T18774] netlink: 96 bytes leftover after parsing attributes in process `syz.7.5624'. [ 254.237983][ T29] audit: type=1400 audit(1764775789.465:11361): avc: denied { bind } for pid=18771 comm="syz.0.5623" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 254.316783][T18782] loop6: detected capacity change from 0 to 1024 [ 254.350327][T18782] EXT4-fs (loop6): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 254.369180][T18782] ext4 filesystem being mounted at /694/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 254.379965][T18790] loop7: detected capacity change from 0 to 2048 [ 254.397515][T18790] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 254.411547][ T9222] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 254.480150][T18798] syzkaller0: entered allmulticast mode [ 254.494688][T18796] syzkaller1: entered promiscuous mode [ 254.500396][T18796] syzkaller1: entered allmulticast mode [ 254.555265][T18798] syzkaller0: entered promiscuous mode [ 254.639015][T18803] netlink: 'syz.6.5635': attribute type 13 has an invalid length. [ 254.648920][T18798] syzkaller0 (unregistering): left allmulticast mode [ 254.656088][T18798] syzkaller0 (unregistering): left promiscuous mode [ 254.679399][T15250] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 254.783070][ T29] audit: type=1326 audit(1764775790.005:11362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18810 comm="syz.6.5638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92c049f749 code=0x7ffc0000 [ 254.807026][ T29] audit: type=1326 audit(1764775790.005:11363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18810 comm="syz.6.5638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92c049f749 code=0x7ffc0000 [ 254.831363][ T29] audit: type=1326 audit(1764775790.005:11364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18810 comm="syz.6.5638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f92c049f749 code=0x7ffc0000 [ 255.019801][T18827] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5644'. [ 255.037761][T18827] 8021q: adding VLAN 0 to HW filter on device bond3 [ 255.057828][T18827] macsec0: entered allmulticast mode [ 255.063250][T18827] bond3: entered allmulticast mode [ 255.069667][T18827] bond3: left allmulticast mode [ 255.754647][T18872] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5661'. [ 255.790514][T18872] 8021q: adding VLAN 0 to HW filter on device bond7 [ 255.831995][T18872] macsec0: entered allmulticast mode [ 255.837423][T18872] bond7: entered allmulticast mode [ 255.878681][T18872] bond7: left allmulticast mode [ 255.943249][T18880] syzkaller0: entered allmulticast mode [ 255.954804][T18880] syzkaller0: entered promiscuous mode [ 255.962263][T18880] syzkaller0 (unregistering): left allmulticast mode [ 255.969273][T18880] syzkaller0 (unregistering): left promiscuous mode [ 256.126439][T18886] loop5: detected capacity change from 0 to 2048 [ 256.156841][T18886] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 256.369283][ T3683] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 256.728229][T18936] bridge_slave_0: left allmulticast mode [ 256.734793][T18936] bridge_slave_0: left promiscuous mode [ 256.740548][T18936] bridge0: port 1(bridge_slave_0) entered disabled state [ 256.770938][T18936] bridge_slave_1: left allmulticast mode [ 256.776739][T18936] bridge_slave_1: left promiscuous mode [ 256.782452][T18936] bridge0: port 2(bridge_slave_1) entered disabled state [ 256.792524][T18939] netlink: 'syz.7.5689': attribute type 10 has an invalid length. [ 256.801306][T18939] netlink: 40 bytes leftover after parsing attributes in process `syz.7.5689'. [ 256.819811][T18936] bond0: (slave bond_slave_0): Releasing backup interface [ 256.839110][T18936] bond0: (slave bond_slave_1): Releasing backup interface [ 256.861386][T18936] team0: Port device team_slave_0 removed [ 256.872041][T18936] team0: Port device team_slave_1 removed [ 256.881627][T18936] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 256.894504][T18936] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 256.904899][T18936] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 256.921746][T18939] veth1_vlan: left promiscuous mode [ 256.928507][T18939] batman_adv: batadv0: Adding interface: veth1_vlan [ 256.935222][T18939] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 256.984001][T18939] batman_adv: batadv0: Interface activated: veth1_vlan [ 257.091628][T18951] bridge0: port 3(gretap0) entered blocking state [ 257.098228][T18951] bridge0: port 3(gretap0) entered disabled state [ 257.106046][T18951] gretap0: entered allmulticast mode [ 257.125098][T18951] gretap0: left allmulticast mode [ 257.130750][T18951] bridge0: port 3(gretap0) entered disabled state [ 257.138855][ T29] kauditd_printk_skb: 51 callbacks suppressed [ 257.138871][ T29] audit: type=1400 audit(1764775792.365:11416): avc: denied { connect } for pid=18952 comm="syz.7.5696" lport=255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 257.212516][ T29] audit: type=1400 audit(1764775792.395:11417): avc: denied { write } for pid=18952 comm="syz.7.5696" lport=255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 257.375211][T18968] netlink: 12 bytes leftover after parsing attributes in process `syz.7.5703'. [ 257.479815][ T29] audit: type=1400 audit(1764775792.705:11418): avc: denied { bind } for pid=18973 comm="syz.0.5706" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 257.555046][ T29] audit: type=1326 audit(1764775792.775:11419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18977 comm="syz.0.5707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54904df749 code=0x7ffc0000 [ 257.578895][ T29] audit: type=1326 audit(1764775792.775:11420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18977 comm="syz.0.5707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54904df749 code=0x7ffc0000 [ 257.602747][ T29] audit: type=1326 audit(1764775792.775:11421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18977 comm="syz.0.5707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f54904df749 code=0x7ffc0000 [ 257.626447][ T29] audit: type=1326 audit(1764775792.775:11422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18977 comm="syz.0.5707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54904df749 code=0x7ffc0000 [ 257.685918][ T29] audit: type=1326 audit(1764775792.865:11423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18977 comm="syz.0.5707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f54904ddf90 code=0x7ffc0000 [ 257.709762][ T29] audit: type=1326 audit(1764775792.865:11424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18977 comm="syz.0.5707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54904df749 code=0x7ffc0000 [ 257.733522][ T29] audit: type=1326 audit(1764775792.865:11425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18977 comm="syz.0.5707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54904df749 code=0x7ffc0000 [ 257.776122][T18982] netlink: 4 bytes leftover after parsing attributes in process `syz.7.5709'. [ 257.830747][T18987] loop0: detected capacity change from 0 to 164 [ 257.847064][T18989] netlink: 12 bytes leftover after parsing attributes in process `syz.7.5709'. [ 257.876918][T18987] bio_check_eod: 47 callbacks suppressed [ 257.876938][T18987] syz.0.5711: attempt to access beyond end of device [ 257.876938][T18987] loop0: rw=524288, sector=263328, nr_sectors = 4 limit=164 [ 257.968239][T18987] syz.0.5711: attempt to access beyond end of device [ 257.968239][T18987] loop0: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 258.143180][T19000] lo speed is unknown, defaulting to 1000 [ 258.421564][T19012] bridge0: entered allmulticast mode [ 258.963015][T19027] netlink: 19 bytes leftover after parsing attributes in process `syz.6.5727'. [ 259.216517][T19037] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5732'. [ 259.252267][T19037] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5732'. [ 259.736580][T19054] lo speed is unknown, defaulting to 1000 [ 259.765388][T19053] xt_CT: You must specify a L4 protocol and not use inversions on it [ 259.897382][T19063] netlink: 272 bytes leftover after parsing attributes in process `syz.0.5742'. [ 260.588417][T19096] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5756'. [ 260.631878][T19099] vlan2: entered allmulticast mode [ 260.637674][T19099] bridge_slave_0: entered allmulticast mode [ 260.695197][T19110] netlink: 'syz.0.5761': attribute type 1 has an invalid length. [ 260.717334][T19110] bond8: entered promiscuous mode [ 260.722761][T19110] 8021q: adding VLAN 0 to HW filter on device bond8 [ 260.766235][T19110] 8021q: adding VLAN 0 to HW filter on device bond9 [ 260.776728][T19110] bond8: (slave bond9): making interface the new active one [ 260.784064][T19110] bond9: entered promiscuous mode [ 260.790310][T19110] bond8: (slave bond9): Enslaving as an active interface with an up link [ 260.805452][T19122] loop5: detected capacity change from 0 to 512 [ 260.824339][T19122] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem [ 260.840286][T19122] EXT4-fs (loop5): invalid journal inode [ 260.851889][T19122] EXT4-fs (loop5): can't get journal size [ 260.860292][T19122] EXT4-fs (loop5): 1 truncate cleaned up [ 260.867138][T19122] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 260.907373][ T3683] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 260.950202][T19136] netlink: 'syz.5.5771': attribute type 30 has an invalid length. [ 261.096342][T19146] loop5: detected capacity change from 0 to 512 [ 261.110386][T19146] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 261.126008][T19146] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=200ec018, mo2=0002] [ 261.148303][T19146] System zones: 1-12 [ 261.162939][T19146] EXT4-fs (loop5): 1 truncate cleaned up [ 261.182021][T19146] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 261.391123][T19173] bond0: (slave dummy0): Releasing backup interface [ 261.438848][T19182] netlink: 'syz.6.5788': attribute type 10 has an invalid length. [ 261.447389][T19182] netlink: 40 bytes leftover after parsing attributes in process `syz.6.5788'. [ 261.464844][T19173] bridge_slave_0: left allmulticast mode [ 261.470530][T19173] bridge_slave_0: left promiscuous mode [ 261.476422][T19173] bridge0: port 1(bridge_slave_0) entered disabled state [ 261.485378][T19177] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5790'. [ 261.501469][ T3683] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 261.513416][T19173] bridge_slave_1: left allmulticast mode [ 261.519239][T19173] bridge_slave_1: left promiscuous mode [ 261.525098][T19173] bridge0: port 2(bridge_slave_1) entered disabled state [ 261.560483][T19173] bond0: (slave bond_slave_0): Releasing backup interface [ 261.591654][T19173] bond0: (slave bond_slave_1): Releasing backup interface [ 261.599079][T19196] loop5: detected capacity change from 0 to 512 [ 261.609493][T19196] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 261.623275][T19173] team0: Port device team_slave_0 removed [ 261.635855][T19173] team0: Port device team_slave_1 removed [ 261.642020][T19173] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 261.650036][T19173] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 261.665829][T19173] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 261.682023][T19182] veth1_vlan: left promiscuous mode [ 261.708978][T19182] batman_adv: batadv0: Adding interface: veth1_vlan [ 261.716349][T19182] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 261.769497][T19182] batman_adv: batadv0: Interface activated: veth1_vlan [ 261.785763][T19176] lo speed is unknown, defaulting to 1000 [ 262.151000][ T29] kauditd_printk_skb: 105 callbacks suppressed [ 262.151091][ T29] audit: type=1326 audit(1764775797.375:11531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19214 comm="syz.6.5805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92c049f749 code=0x7ffc0000 [ 262.184194][ T29] audit: type=1326 audit(1764775797.375:11532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19214 comm="syz.6.5805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92c049f749 code=0x7ffc0000 [ 262.243783][ T29] audit: type=1326 audit(1764775797.465:11533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19232 comm="syz.3.5811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f725b50f749 code=0x7ffc0000 [ 262.268131][ T29] audit: type=1326 audit(1764775797.465:11534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19232 comm="syz.3.5811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f725b50f749 code=0x7ffc0000 [ 262.367605][ T29] audit: type=1326 audit(1764775797.465:11535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19232 comm="syz.3.5811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7f725b50f749 code=0x7ffc0000 [ 262.369479][T19239] lo speed is unknown, defaulting to 1000 [ 262.391644][ T29] audit: type=1326 audit(1764775797.465:11536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19232 comm="syz.3.5811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f725b50f749 code=0x7ffc0000 [ 262.391682][ T29] audit: type=1326 audit(1764775797.465:11537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19232 comm="syz.3.5811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f725b50f749 code=0x7ffc0000 [ 262.391710][ T29] audit: type=1326 audit(1764775797.465:11538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19232 comm="syz.3.5811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f725b50f749 code=0x7ffc0000 [ 262.391734][ T29] audit: type=1326 audit(1764775797.465:11539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19232 comm="syz.3.5811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f725b50f749 code=0x7ffc0000 [ 262.391794][ T29] audit: type=1326 audit(1764775797.465:11540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19232 comm="syz.3.5811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f725b50f749 code=0x7ffc0000 [ 262.521012][ T3683] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 262.696549][T19254] macsec0: entered promiscuous mode [ 262.701826][T19254] bridge0: entered promiscuous mode [ 262.725269][T19254] bridge0: port 3(macsec0) entered blocking state [ 262.731841][T19254] bridge0: port 3(macsec0) entered disabled state [ 262.748748][T19254] macsec0: entered allmulticast mode [ 262.754070][T19254] bridge0: entered allmulticast mode [ 262.770657][T19254] macsec0: left allmulticast mode [ 262.775755][T19254] bridge0: left allmulticast mode [ 262.785066][T19254] bridge0: left promiscuous mode [ 262.936383][T19266] !yz!: rxe_newlink: already configured on team_slave_0 [ 263.507726][T19320] netlink: 'syz.6.5846': attribute type 1 has an invalid length. [ 263.515601][T19321] ref_ctr_offset mismatch. inode: 0x17b6 offset: 0x0 ref_ctr_offset(old): 0x200000000180 ref_ctr_offset(new): 0x0 [ 263.542396][T19320] bond8: entered promiscuous mode [ 263.554343][T19320] 8021q: adding VLAN 0 to HW filter on device bond8 [ 263.595617][T19325] 8021q: adding VLAN 0 to HW filter on device bond9 [ 263.615019][T19325] bond8: (slave bond9): making interface the new active one [ 263.622371][T19325] bond9: entered promiscuous mode [ 263.637283][T19325] bond8: (slave bond9): Enslaving as an active interface with an up link [ 264.197171][T19384] IPv6: sit1: Disabled Multicast RS [ 264.343893][T19397] ================================================================== [ 264.352016][T19397] BUG: KCSAN: data-race in __dentry_kill / fast_dput [ 264.358818][T19397] [ 264.361155][T19397] write to 0xffff88812183a790 of 8 bytes by task 19393 on cpu 0: [ 264.368876][T19397] __dentry_kill+0x142/0x4b0 [ 264.373595][T19397] dput+0x5e/0xd0 [ 264.377248][T19397] step_into_slowpath+0x36b/0x480 [ 264.382293][T19397] path_lookupat+0x330/0x500 [ 264.386891][T19397] filename_lookup+0x147/0x340 [ 264.391662][T19397] filename_getxattr+0x54/0x180 [ 264.396523][T19397] io_getxattr+0x50/0xe0 [ 264.400779][T19397] __io_issue_sqe+0xfe/0x2e0 [ 264.405399][T19397] io_issue_sqe+0x56/0xa80 [ 264.409830][T19397] io_wq_submit_work+0x3f7/0x5f0 [ 264.414776][T19397] io_worker_handle_work+0x44e/0x9b0 [ 264.420073][T19397] io_wq_worker+0x22e/0x860 [ 264.424591][T19397] ret_from_fork+0x149/0x290 [ 264.429189][T19397] ret_from_fork_asm+0x1a/0x30 [ 264.433960][T19397] [ 264.436286][T19397] read to 0xffff88812183a790 of 8 bytes by task 19397 on cpu 1: [ 264.443922][T19397] fast_dput+0x5f/0x2c0 [ 264.448121][T19397] dput+0x24/0xd0 [ 264.451765][T19397] step_into_slowpath+0x36b/0x480 [ 264.456800][T19397] path_lookupat+0x330/0x500 [ 264.461400][T19397] filename_lookup+0x147/0x340 [ 264.466173][T19397] filename_getxattr+0x54/0x180 [ 264.471121][T19397] io_getxattr+0x50/0xe0 [ 264.475372][T19397] __io_issue_sqe+0xfe/0x2e0 [ 264.479976][T19397] io_issue_sqe+0x56/0xa80 [ 264.484405][T19397] io_wq_submit_work+0x3f7/0x5f0 [ 264.489352][T19397] io_worker_handle_work+0x44e/0x9b0 [ 264.494655][T19397] io_wq_worker+0x22e/0x860 [ 264.499171][T19397] ret_from_fork+0x149/0x290 [ 264.503785][T19397] ret_from_fork_asm+0x1a/0x30 [ 264.508557][T19397] [ 264.510879][T19397] value changed: 0xffff8882375ebbf0 -> 0x0000000000000000 [ 264.518070][T19397] [ 264.520394][T19397] Reported by Kernel Concurrency Sanitizer on: [ 264.526555][T19397] CPU: 1 UID: 0 PID: 19397 Comm: iou-wrk-19391 Tainted: G W syzkaller #0 PREEMPT(voluntary) [ 264.538294][T19397] Tainted: [W]=WARN [ 264.542281][T19397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 264.552338][T19397] ==================================================================