last executing test programs:

1m6.602147577s ago: executing program 2 (id=57):
r0 = socket(0x10, 0x2, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r1, &(0x7f0000000340)={0xa, 0x5, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0xfffffffe}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x1, &(0x7f0000000080)=@gcm_128={{0x304}, "a6341a1a379332f5", "1fd33c81cf7995313c09de00fd6ded74", "62266bd8", "1e00040000000100"}, 0x28)
write$binfmt_script(r1, &(0x7f0000000500)={'#! ', './file0'}, 0xb)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000f"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
close_range(r0, r1, 0x0)

1m6.571324468s ago: executing program 2 (id=58):
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0xcb, 0x0, 0x7, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, @perf_bp={0x0, 0x8}, 0x10000, 0xc8, 0xfff, 0x2, 0x0, 0x0, 0x400}, 0xffffffffffffffff, 0x8, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(r1)
recvmsg$unix(r0, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r2=>0xffffffffffffffff]}}], 0x18}, 0x3a2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000010a850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x8914, 0x0)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfdef)
openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="8fedcb7910009875f37538e486dd6317ce8102032900fe08000e400002f5875a65969ff57b00000000000000000000000000ac1414aa"], 0xfdef)

1m6.511049073s ago: executing program 2 (id=60):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a0ef010095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000200)='kmem_cache_free\x00', r0}, 0x18)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$ppp(0xffffffffffffff9c, 0x0, 0xc0200, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x10)
unlinkat(0xffffffffffffffff, 0x0, 0x200)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000000)=0x7a28, 0x4)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000200), r2)
sendmsg$DEVLINK_CMD_RATE_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)={0x34, r3, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)

1m5.977749417s ago: executing program 2 (id=68):
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x4, 0x510, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0x8, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x2a0471a, &(0x7f00000000c0)={[{@quota}, {@bsdgroups}, {@nouid32}, {@errors_remount}, {@jqfmt_vfsv1}, {@oldalloc}, {@stripe={'stripe', 0x3d, 0x5}}]}, 0x2, 0x46b, &(0x7f0000000580)="$eJzs3M1vFOUfAPDvzLbw+/HWivgColaJsfGlpQWVgxeNJh4wmugB9VTbQgiFGloTIUSqMXgxMSR6Vo8m/gXevBj1ZGLiSe+GhCgX0FPNzM5Ad9ltt3TZrd3PJxl4nn2e7TzfPvPMPDPPbgPoWUPZP0nEtoj4LSIGqtnaCkPV/65dOTf595Vzk0ksLr72Z5LXu3rl3GRZtXzf1iIznEakHyXFTmrNnTl7YmJmZvp0kR+dP/nO6NyZs08ePzlxbPrY9KnxQ4cOHhh75unxp9oSZxbX1T3vz+7d/dIbF1+ePHLx7R+/ydq7rShfGsct2XTzS0NZ4H8t5urLHon/r2l36832Jemkr4sNYVUqEZF1V38+/geiEjc6byBe/LCrjQNuq+zatLl58cIisIEl0e0WAN1RXuiz+99y69DUY124/Fz1BiiL+1qxVUv6Ii3q9Nfd37bTUEQcWfjni2yLdjyHAABYwSeTnx+OJxrN/9K4e0m9HcUaymBE3BEROyPizojYFRF3ReR174mIe1e5//qloZvnP+mlWwqsRdn879libat2/lfO/mKwUuS25/H3J0ePz0zvL34nw9G/OcuPLbOP71745dNmZUvnf9mW7b+cCxbtuNRX94BuamJ+Ip+UtsHlDyL29DWKP7m+EpBExO6I2LO6H72jTBx/7Ou9zSqtHP8y2rDOtPhVxKPV/l+IuvhLyfLrk6P/i5np/aPlUXGzn36+8Gqz/a8p/jbI+n9L7fFflHx5pkgMvrV0vXYuVr1yeeH3j5ve09zq8b8peT0/H5XLru9NzM+fHovYlBzO8zWvj994b5kv62fxD+9rPP53Fu/J+v++iMgO4vsj4oGIeLBo+0MR8XBE7Fsm/h+eb162Hvp/quH57/rxP5jU9P/qE5UT33/bbP+t9f/BPDVcvJKf/1bQagPX8rsDAACA/4o0/wx8ko5cT6fpyEj1M/y7Yks6Mzs3//jR2XdPTVU/Kz8Y/Wn5pGtgyfPQsWSh+InV/HjxrLgsP1A8N/6sEnl+ZHJ2ZqrLsUOv29pk/Gf+qHS7dcBt12gdbbzBF9qAjad+/Ke12fOvdLIxQEf5vjb0rhXGf9qpdgCd5/oPvavR+D9fl7cWABuT6z/0LuMfepfxD72rbvxX4tdutQTooLV8r1+ilxORrotmtJRo/e9B3O7Em+ujGS0kun1mAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaI9/AwAA//9sbvBf")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x149a82, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x3, 0x80, 0xc0, 0x1, 0x0, 0x0, 0x0, 0x10001, 0x40000, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ffff, 0x4, @perf_config_ext={0xa, 0x7}, 0x5100, 0x7, 0x3a25, 0x5, 0x0, 0x5, 0xfffb, 0x0, 0xfffffffe, 0x0, 0x5}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ptrace$getregset(0x4204, r0, 0x202, &(0x7f0000000140)={0x0})

1m5.895817722s ago: executing program 2 (id=70):
r0 = socket$inet6(0xa, 0x3, 0x3c)
setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, &(0x7f0000001640)=ANY=[@ANYBLOB="0002020100000008ff"], 0x18)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0xff}, 0x7}, 0x1c)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
writev(r0, &(0x7f0000001240)=[{&(0x7f0000000100)="88", 0x1}, {&(0x7f0000000040)="ca37f0927601c80f7eb285b036f865ded0d27517f5cbe3dfbcbfb5cae62125f9475020317214250a9f7d18b2bd57af93b6740ff3906d00ba82b7aba9b1eb49f7ba1aced5f8bdfa92b0208f2b859d6c3506c8c19b058c05944b6d6a", 0x5b}, {&(0x7f0000000140)="487c5ae0a5441cb6709f2a2a579711fc9a6db32890b050371e514bcd09d7bba0954816fe7312367a25a1da96b280fb81e4782cefb497c32294f230a1bb02a1166299689e2b5d206331f530b4962e0ef623b4dd3dd719546b4763781e6b1752eac770ecc23fc1217cd2a4e3b1900cbbd1ac23e0522cc9930699bead1809e6f9a0f2aafab03915edfc1242a90a058c734903ff99bdb8be6e1bca74f8b15718960bb3cd6e020a63e5dab6d030e572edab5756013450b4bea1101ebe518a5e0ff50c269d1854b843be8e22bfb69a11fa5d0f4ef9656a459c1da1f8d7088f4495bbe2e55907f077a461c9e1592af44a0975a773fe8e1e420576fb77c47c4a16ec4bc5d1924b8340040e0f676089579f7bba52db510d94bc33ced7e1589de0743d6acecfdd35422a90e9d79212f1fe3ab84fc3283ae65e9b0266db3f2f38efeec2896a008be7e8a7c159571b8b1f2ad06aceca0110deb17f7aaa9ae8e3c7437f295d7b21a39e03a5814ad79685dd0a521087245d7a897e352abf977e71e9145477b3597d4098ea9ef98d4267fa0bf4ef41c6cd4d5a31afd335ca77e873b9561e0153e1854d848603b0bff8012abe433c7b63ca1a656b015c5e760d143ff55e50f5935baa806e0e556e6973b36f2e1a57ddb8480f8a6ef9ba49c4fbcda4c2fa8751e35a80a248823321a646fcb45310fe66a6ebaf3ae0736cdb437d1cd97c5aa52fb766033d357eb0b8073f0af67601fa4ce5b0a3a264c19b36cff2ee241f3f21869cdf4c23a12ec62f47f4e280d6b69331941a6285524435bbfde99114ca9da7eca398bbe255b43493c0606df050c71b7460f6a00653a984ac4d5fec66f98928", 0x25d}], 0x3)
syz_clone(0x2c9a4080, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc)
keyctl$link(0x8, 0x0, 0x0)
fcntl$setlease(r3, 0x400, 0x0)

1m4.446566348s ago: executing program 2 (id=91):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0xfffffffc}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x3, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1}}, &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, 0xffffffffffffffff, 0x0)
listen(0xffffffffffffffff, 0x7)
mlock(&(0x7f000084c000/0x3000)=nil, 0x3000)

1m4.437012549s ago: executing program 32 (id=91):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0xfffffffc}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x3, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1}}, &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, 0xffffffffffffffff, 0x0)
listen(0xffffffffffffffff, 0x7)
mlock(&(0x7f000084c000/0x3000)=nil, 0x3000)

31.918441729s ago: executing program 1 (id=645):
r0 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413ec50000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="c0020000100063d10000000000000000fe8000000000000000000000000000bbfe8000000000000000000000000000aa0000000000000000000000003a000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc01000000000000000000000000000000000000330000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000b000000000000000000000000000000ffffffffffffffff000000000000000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001600000000020000000000000000000000bf010100636d61632861657329"], 0x2c0}, 0x1, 0x0, 0x0, 0x40000}, 0x4004)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r1}, 0x10)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=@newsa={0x1a0, 0x10, 0x1, 0x0, 0x0, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @in=@dev={0xac, 0x14, 0x14, 0x3c}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x64}, {@in, 0x0, 0x32}, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, {0x0, 0x0, 0x7}, {0x0, 0x0, 0x8000000, 0x200}, {0x0, 0x0, 0xfffffffe}, 0x0, 0x0, 0x8, 0x0, 0x0, 0xcd}, [@algo_crypt={0x48, 0x2, {{'cbc(aes)\x00'}}}, @replay_esn_val={0x1c, 0x17, {0x0, 0xfffffffd, 0x0, 0x0, 0x70bd28}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}, 0x0, 0x18}}]}, 0x1a0}}, 0x881)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f00000001c0)=@urb_type_iso={0x0, {0x8}, 0x4, 0xc2, 0x0, 0x0, 0x2, 0xf66, 0xc, 0x8, 0xe0, &(0x7f0000000180)="b23f4f3a", [{0xfffffffc, 0x1, 0x3}, {0x2, 0x9, 0xe}, {0xff, 0x71b0, 0xffffff7f}, {0x9, 0x1, 0x9}, {0x2, 0x723a, 0x420}, {0x8, 0x3ff, 0xb1}, {0x9, 0x80000001, 0x5}, {0x6, 0xfffffffa, 0x8001}, {0x0, 0x58, 0x2}, {0xe, 0x1, 0x7}, {0x6, 0x6, 0x515}, {0x20a, 0x5, 0x1}]})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r4, &(0x7f0000000100)={0x0, 0x2800, &(0x7f0000000080)={&(0x7f00000001c0)={0x54, r5, 0x1, 0x0, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xf}}}, {0x14, 0x2, @in={0x2, 0x0, @broadcast}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}}, 0x0)

31.846671643s ago: executing program 1 (id=646):
mknod$loop(0x0, 0x80, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x1b, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
clock_adjtime(0x0, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
read(r1, &(0x7f00000019c0)=""/4097, 0x1001)

31.037989307s ago: executing program 1 (id=657):
r0 = socket(0x1e, 0x4, 0x0)
r1 = socket(0x1e, 0x2, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0xfffffffc}, 0x10)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2, 0x4}, 0x10)
sendmmsg(r0, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x3514}], 0x1}}], 0x400000000000181, 0x9200000000000000)
r2 = dup3(r1, r0, 0x0)
recvmmsg(r2, &(0x7f0000001740)=[{{0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000000300)=""/34, 0x22}], 0x1}, 0x96d}], 0x1, 0x40, 0x0)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="180000000040000000000000000000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000020000838500000071000000850000005000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000080)='kmem_cache_free\x00', r3}, 0x18)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, 0x0, 0x0)

30.909926945s ago: executing program 1 (id=661):
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
syz_mount_image$vfat(&(0x7f0000000280), &(0x7f00000002c0)='./file0\x00', 0x2bc3c1f, 0xffffffffffffffff, 0x7, 0x0, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)
r2 = pidfd_getfd(r1, r1, 0x0)
setns(r2, 0x66020000)
syz_clone(0x50a60080, 0x0, 0x0, 0x0, 0x0, 0x0)

30.757360915s ago: executing program 1 (id=666):
r0 = epoll_create1(0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000780)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x20, 0x7ffc1ffb}]})
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000640)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
unshare(0xa000200)
semtimedop(0x0, &(0x7f0000000000)=[{0x2, 0x40, 0x1800}], 0x1, 0x0)
semctl$IPC_INFO(0x0, 0x4, 0x3, &(0x7f0000000280)=""/248)
r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000200), 0x8000, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000040)={0x2005})
epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000440)={0x1a527096ae8f7644})
epoll_pwait(r0, &(0x7f0000000580)=[{}], 0x1, 0x8, 0x0, 0x0)

30.551820969s ago: executing program 1 (id=673):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x1}, 0x18)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
statx(0xffffffffffffff9c, 0x0, 0x4000, 0x8e, 0x0)
bpf$BPF_PROG_QUERY(0x10, 0x0, 0x0)
bpf$BPF_PROG_ATTACH(0x8, 0x0, 0x0)
mount$9p_tcp(0x0, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080), 0x800000, &(0x7f0000000140)={'trans=tcp,', {'port', 0x3d, 0x20000004e23}})

30.522079191s ago: executing program 33 (id=673):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x1}, 0x18)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
statx(0xffffffffffffff9c, 0x0, 0x4000, 0x8e, 0x0)
bpf$BPF_PROG_QUERY(0x10, 0x0, 0x0)
bpf$BPF_PROG_ATTACH(0x8, 0x0, 0x0)
mount$9p_tcp(0x0, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080), 0x800000, &(0x7f0000000140)={'trans=tcp,', {'port', 0x3d, 0x20000004e23}})

2.203302675s ago: executing program 5 (id=1113):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000005c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r2, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @local}, 0x10, 0x0}, 0x34004811)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000200)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000000100000024000180060005004e230000060001000200000008000300ac1414aa0800060001"], 0x38}, 0x1, 0x0, 0x0, 0x4000011}, 0x4c080)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r3, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000c00)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="010028bd7000fcdbdf2504"], 0x14}}, 0x0)

1.582917415s ago: executing program 0 (id=1116):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85eff010000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1099e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c391339878b699644c96bd6ea589765ed2a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac4741201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6d00000000000000000000008f6555f3b7d5021dfc8eb504f1e4fef716d60f0d50b03fc014fd3dff46f56750f0ba4f1b9f7de5c17e7d1f18522897edab8e9e76b667ec6b01908400f55e16f0cfbf026be5f5acc681053f697d62b3545aec4606e190216c22c1d8807b6c43f0f0a4b53619fe5c9412821c3816194a5e29cf12cc7a197b5bdafb096d2d7f6be483814c92ef29c3a21c169794c7de3b4c706f4de5f4b93c831944c7b66fa49f317aa22dbc211e19f031c4f8bee14ecd5eb061a052044adc4dd1b63a1500a9c0e09dbba23f2726a55975efb4519d864d984dcb3a1dcafa1124a6b004029a706478df3be2438d2e35e6ca674dc190143a0b6f7db3408c0c08011e5d8f54711a0bd410ab53a15b1596cb77d2b58df2d8d8"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000280)='+}[@\x00')
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x0, 0x0}, 0x10)
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000540)='./file0\x00', 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="73686f72746e616d653d77696e39352c756e695f786c6174653d312c636865636b3d7374726963742c646f733178666c6f7070792c757466383d312c757466383d312c757466383d302c696f636861727365743d6370313235de26302c696f636861727365743d69736f383835392d342c696f636861727365743d64656661756c742c73686f72746e616d653d6d69786564", @ANYRES8=0x0], 0xff, 0x1b1, &(0x7f0000001bc0)="$eJzs289qE10YB+A3+dp+SV0kC1fiYsCNq9D0CgxSQQwIShYKgmIbkI4ELAR0YbNz4U14OW71Slx2IRxJJrF/nIBUzVj7PJu8zJlfeGfg5OSEzNPrL/d3RwfDJ8OP0ajVon4rpTiqRTvqsTCJEmtlBwGAi+AopfiSUpou580PkVKquiMA4E9brP/p/4n1HwAuiYePHt/r9fs7D7KsEZG/Gw/Gg+K1GO8N40XksRdb0YqvMf2CMFfUd+72d7aymXa8zw/n+cPx4L/T+W60ol2e7xb57HR+PTZP5rejFVfL89ul+Y24eeNEvhOt+Pw8RpHHbkyzx/m33Sy7fb9/Jn9ldh4AAAD8CzrZd6X7905n2XiR79V++veBM/vrtbjmP4QAUImD12/2n+X53qvKioiYzI804sdzPm0Wja6useyc8cUtrfJm/lrRjN//zusbEfG3XOCFL0b1ZUPNkrlznqIREbOiwg8lYCWOZ3/VnQAAAAAAAAAAAAAAAMus4tGlqq8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgMvnWwAAAP//cyOKBA==")
socket$inet(0x10, 0x3, 0x0)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, 0x0, 0x0)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="020900000700000000000000000000000500"], 0x38}}, 0x0)

1.570504476s ago: executing program 4 (id=1117):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{r0}, &(0x7f00000008c0), &(0x7f0000000880)=r1}, 0x20)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000e8f70000000000ff000044850000000e000000650000005000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
perf_event_open(0x0, 0x0, 0x8000000000000000, 0xffffffffffffffff, 0xa)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r3}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000e, 0x20c44fb6edc09a38, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x18)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0xfffff000)

1.50516252s ago: executing program 0 (id=1118):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="05000000040000000400000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32=r0], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="18010000200000000000000000000000850000006d0000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000006d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='tlb_flush\x00', r2}, 0x10)
r3 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r3, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r3, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r4, 0x0)

1.445785275s ago: executing program 0 (id=1119):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80)
r3 = bpf$ITER_CREATE(0xb, &(0x7f00000004c0)={r2}, 0x8)
close(r3)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r2, 0x8, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
bpf$LINK_DETACH(0x22, 0x0, 0x0)
syz_clone(0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$LINK_DETACH(0x22, 0x0, 0x0)

1.350607351s ago: executing program 5 (id=1120):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x21c0, 0x103)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
lstat(&(0x7f0000000180)='./file0\x00', 0x0)

1.329940772s ago: executing program 0 (id=1123):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000130000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r1}, &(0x7f0000000280), &(0x7f00000002c0)=r2}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={&(0x7f00000007c0)='skb_copy_datagram_iovec\x00', r3}, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)

1.296142404s ago: executing program 0 (id=1124):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000000), 0x208e24b)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r2}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x15)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x10a)
write$cgroup_int(r3, &(0x7f0000000540), 0xfffffdd8)
remap_file_pages(&(0x7f000051c000/0x400000)=nil, 0x400d00, 0x0, 0x0, 0x0)

1.295958444s ago: executing program 3 (id=1125):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = perf_event_open(&(0x7f0000000040)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x2000, 0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffff00000001, 0x1ff}, 0x0, 0x3, 0x0, 0x0, 0x8, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x1)
mmap$perf(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0, 0x11, r1, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='kfree\x00', r3}, 0x18)
perf_event_open(&(0x7f0000000040)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x307, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x4, 0x400008, 0x8000, 0x0, 0x0, 0x0, 0x20000}, 0x0, 0x0, r1, 0x3)
r4 = socket$pppoe(0x18, 0x1, 0x0)
r5 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r5, &(0x7f0000000340)={0x18, 0x0, {0x1, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, 'ip6gre0\x00'}}, 0x1e)
connect$pppoe(r4, &(0x7f0000000080)={0x18, 0x0, {0x1, @empty, 'ip_vti0\x00'}}, 0x1e)
close_range(r0, 0xffffffffffffffff, 0x0)

1.294643534s ago: executing program 5 (id=1126):
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x1, 0x2000000}, 0x28)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000001e00), 0xffffffffffffffff)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
splice(r0, 0x0, r3, 0x0, 0x39000, 0x0)
r4 = memfd_create(&(0x7f0000000080), 0x1)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r5=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r5, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
splice(r2, 0x0, r4, 0x0, 0x408cd, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[], 0xfffffe3e)

1.276030585s ago: executing program 4 (id=1127):
r0 = socket(0x10, 0x803, 0x0)
getsockname$packet(r0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x36, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffd8, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000001340)={0x11, 0x10, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffff"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000ab4000000060a01040000000000000000020000280900010073797a30000000000900020073797a320000000088000480100001800c000100636f756e7465720014000180090001006d6173710000000004000280600001800a0001006c696d6974000000500002800c000140000000000000000808000440000000010c00014000000000000080010c00024000000000000000090800034000000fba0c00024000000000000000000c0001400000000000000007140000001100"], 0xdc}}, 0x0)
sendmsg$NFT_MSG_GETRULE(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="44000000190a0102"], 0x44}}, 0x0)

1.229857408s ago: executing program 3 (id=1128):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @random="08f272f808af"})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
ioctl$SIOCSIFHWADDR(r0, 0x8923, &(0x7f0000000000)={'vlan1\x00', @broadcast})

1.158590313s ago: executing program 4 (id=1129):
r0 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x6)
symlinkat(&(0x7f0000000400)='./file0/../file0\x00', r1, &(0x7f0000000080)='./file0\x00')
r2 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x108284, 0x0, 0xfffffffb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x26}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r3}, &(0x7f0000000180), &(0x7f00000001c0)=r2}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
readlinkat(r1, &(0x7f00000001c0)='./file0/../file0\x00', &(0x7f0000000780)=""/198, 0xc6)

1.139322164s ago: executing program 4 (id=1130):
munmap(&(0x7f0000001000/0x4000)=nil, 0x4000)
r0 = shmget$private(0x0, 0x4000, 0xa0, &(0x7f0000321000/0x4000)=nil)
syz_emit_ethernet(0x2a, &(0x7f00000000c0)={@broadcast, @empty, @val, {@ipv4}}, 0x0)
syz_emit_ethernet(0x1000e, 0x0, 0x0)
shmat(r0, &(0x7f0000001000/0x4000)=nil, 0x1000)
sendto$unix(0xffffffffffffffff, &(0x7f0000000000)="b100050400000400000000000700000033", 0xfffffffffffffdfc, 0x0, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1)
r1 = shmget$private(0x0, 0x2000, 0x108, &(0x7f0000323000/0x2000)=nil)
shmctl$IPC_SET(r1, 0x1, &(0x7f0000000000)={{0x2, 0x0, 0x0, 0x0, 0x0, 0x5f, 0xf0}, 0xfffffffd, 0xff7e, 0x0, 0xffffffffffffffff, 0x2280, 0x0, 0x2})
setuid(0xee01)
shmat(r1, &(0x7f00003e5000/0x1000)=nil, 0x2000)
msync(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x4)

1.082492288s ago: executing program 4 (id=1131):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x8}, 0x50)
creat(&(0x7f00000001c0)='./file1\x00', 0x2)
acct(&(0x7f0000000080)='./file1\x00')
acct(0x0)

1.081849468s ago: executing program 3 (id=1132):
r0 = io_uring_setup(0x6e1e, &(0x7f0000000100)={0x0, 0x23d4, 0x800, 0xfffffffc, 0x87})
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000300)=<r1=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r1, 0x1, &(0x7f0000000040), 0x0)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0)
r2 = eventfd2(0x0, 0x0)
io_uring_register$IORING_REGISTER_EVENTFD(r0, 0x4, &(0x7f0000000000)=r2, 0x1)
io_uring_register$IORING_REGISTER_BUFFERS2(r0, 0xf, &(0x7f0000001580)={0x3, 0x0, 0x0, &(0x7f00000014c0)=[{0x0}, {0x0}, {&(0x7f0000000280)=""/4094, 0xffe}], &(0x7f0000001540)=[0x0, 0x0, 0x4]}, 0x20)
read$eventfd(r2, &(0x7f0000000040), 0x8)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, &(0x7f0000001b00)={0x0, 0x0, &(0x7f0000001a80)=[{0x0}, {0x0}, {0x0}], 0x0, 0x3}, 0x20)

1.029133462s ago: executing program 5 (id=1133):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000500)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x47, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100fdfff7ff000000000800000018000280140003800c000180080001000800000004000180180001801400020073797a5f74756e"], 0x44}, 0x1, 0x0, 0x0, 0x24044815}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_VENDOR(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000001b40)={&(0x7f0000000400)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="a1ab23bd7000fdffffff32"], 0x24}, 0x1, 0x0, 0x0, 0x50}, 0x0)

968.161716ms ago: executing program 5 (id=1134):
r0 = socket$netlink(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000000400000005", @ANYBLOB], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r2}, 0x10)
sendmsg$nl_route_sched(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x10000000, {0x0, 0x0, 0x0, 0x0, {0x1}, {}, {0xe, 0x10}}, [@TCA_INGRESS_BLOCK={0x8, 0xd, 0x2}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x0)

695.639314ms ago: executing program 5 (id=1135):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000001240)='./file0\x00', 0x10, &(0x7f0000000a80)=ANY=[@ANYBLOB="00e789da34e04a1ffbc2f05cefeb4ee6d5ae1071124b2c2fb684f5c7ac05000000c7880f67e775c748f6381a3e01e7f93330b30b90bbb4d2b697899a16f2df4fa2a8f06ac2c5352ddcae2b83672ef3d9f532e55f4e798924ac6332751e737383f6890d2dcfcbdbd41940a64c7b4374674e7bb6dd0d1b8d3d62f6d77b0282e166e2ce4c353d2d4d315a81146bf46a1508ef0d2ddc7d0b447fe17b85b292d13cea2256a16cab12d75a852bc680da7ea837480feb2e0500001e0000000000003bc18c52d0351cd285197b0641569048b5b416ba1c570000000000100083794afff0a9eed63b1226b18c4b455ab222d7ae1be52a22e8ec8bf2c0c7d99770415863f50aa18bcb66061a29bc55105f3482ed752f882d224a386b51836c1b437036b677156e22e174ff516dbab0b2cdf52bee43c4ffffffffffffffffd9487b8663a339b98df63b4bf3e97f02d6f1e7e65f968dd90841506355d9ac40f1b434c8a9b5bd91a70c53a5aadbebd9ed9d0a55bd47a967163e0c02753f8895bfbf1b41b5490667c241068d59983ae1d0f03e650f5357425284b76d793e25a2558fa437e38b8200000000630000000000000000000000000000000000000000000000e911000000000066e073c14bb74617079e0b6ecfc830db14244567fd8f4e4e5903eaf983786e28295783f130b95dc37f59a658000e88047db7783ce8a9cba6c255902cfb83946ea3f5f7a8cee911b2b37ae4b01e65ea86d5ea7ae17b2a9bc250c9b8fc9fbc04617939bdd13457954172d18701768f8a461bee740f2d82ae566d2e30a93ad2b201a6d16a93c75a950cc437e7f25d3aadddb8edd028d84490b6bafd636aa4fb482a8a4b3987dafe58e742448c4b36b03790090198145dee533257bb9050554f8cace210a5bc5c768f83e99019f7c00ff9ca679768dbba3f7d21c545c99c2f7688f7030fe37121d625d1f81018feb74c9d48eebdf1702550b097271ab9bd38c62f4b31fd9482c05ba0", @ANYRES16], 0x1, 0x11dc, &(0x7f0000001280)="$eJzs3MGLG1UcB/DfrrWtqbtZba22ID70opeh2YMXvQRZQRpQ2kZoC8LUnWjImIRMWIiI1ZNX/w7x6E0Qb3rZi3+Dt7147EEcMVHbLfFQ7G5g+Xwu+cHvfcl7DAy8Yd4cvPn1J4NelfXyaayvrcX6OCLdS5FiPf7xRbz2xk8/v3j95q2r7U5n51pai/aN1usppc2Xfrj92bcv/zg99/53m9+fif2tDw5+2/51/+L+pYM/bnzcr1K/SsPRNOXpzmg0ze+URdrtV4MspffKIq+K1B9WxeRQv1eOxuNZyoe7G43xpKiq87eHszQoZmk6StPJLOUf5f1hyrIsbTSC/6P7zb26riPq+sk4HXVd109FI87F07ERm9GMrXgmno3zcSGei4vxfLwQl+ajVj1vAAAAAAAAAAAAAAAAAAAAOFmc/wcAAAAAAAAAAAAAAAAAAIDVu37z1tV2p7NzLaWzEeVXe9297uJ30W/3oh9lFHElmvF7zE//Lyzqt9/p7FxJc1vxZXn37/zdve4Th/Ot+ecEluZbi3w6nD8TjQfz29GMC8vz20vzZ+PVVx7IZ9GMXz6MUZSxG39l7+c/b6X01rudh/KX5+MAAADgJMjSv5bu37Psv/qL/CM8H3hof30qLp9a7dqJqGafDvKyLCZHVpyOI/8LhULxmItV35k4Dvcv+qpnAgAAAAAAAAAAwKM4jtcJV71GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgT3bgWAAAAABAmL91Gh0bAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8FQAA//+QsdQ3")
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000000)=0x100000000000000, 0xffffff6a)
r1 = creat(&(0x7f0000000580)='./bus\x00', 0x0)
io_setup(0x1, &(0x7f0000000040)=<r2=>0x0)
io_submit(r2, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000000), 0x1a00001a}])
r3 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x149a82, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
write$cgroup_int(r3, &(0x7f0000000000)=0xfe8e, 0x12)

695.449494ms ago: executing program 4 (id=1136):
syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
r0 = io_uring_setup(0x1694, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f0000000200)=[{0x0}], 0x1)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000a9000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1, 0x0, 0xf}, 0x18)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000002700)=""/4096, 0x1000}], 0x0, 0x1}, 0x20)
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000001540)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2500000000e12020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000006fd6850000002d000000850000002300000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sys_enter\x00', r2, 0x0, 0xfffffffffffffffe}, 0x18)
r3 = mq_open(&(0x7f0000000080)='eth0\x00#~\x02\x00\x00\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfd\x05\x00\x00\x00\x00\x00\x80\x00\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94uu_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18A\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x05\x00\x00\x000\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xce\x00\x00\x00\xe8\vq+\xbb\xc7\xaf\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|', 0x42, 0x0, 0x0)
mq_timedreceive(r3, &(0x7f000001a600)=""/102385, 0x18ff1, 0x0, 0x0)

694.985614ms ago: executing program 0 (id=1145):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x50)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$MPTCP_PM_CMD_SUBFLOW_CREATE(r1, 0x0, 0x200400c5)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
recvmsg(r2, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r3, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
socket$inet6(0x10, 0x3, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
close(0xffffffffffffffff)

694.562694ms ago: executing program 6 (id=1137):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x21c0, 0x103)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
lstat(&(0x7f0000000180)='./file0\x00', 0x0)

446.96642ms ago: executing program 6 (id=1138):
socket$pppoe(0x18, 0x1, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$DEVLINK_CMD_TRAP_GET(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, 0x0, 0x0)
set_mempolicy(0x4005, &(0x7f0000000080)=0x3, 0x2)
r1 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r3, {0x0, 0xa}, {0xffff, 0xffff}, {0x8, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0xea, 0x0, 0x0, 0x1, 0x1009, 0x7f}, {0x12, 0x2, 0x0, 0x401, 0x8001, 0x1400}, 0x0, 0x5, 0x10000000}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x60}}, 0x44080)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000300)=@newqdisc={0x34, 0x24, 0xd0f, 0x70bd29, 0x0, {0x60, 0x0, 0x0, r3, {}, {0xffe0, 0xa}, {0x1, 0x10}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000051}, 0x4000)

397.232094ms ago: executing program 3 (id=1139):
r0 = socket(0x2, 0x80805, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={<r2=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x7a, &(0x7f0000000340)={<r3=>r2, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84)
sendmmsg$inet_sctp(r0, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="30000000000000008400000001000000000000017c"], 0x30, 0x40}], 0x1, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r4, &(0x7f0000000500)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000005, 0x12, r4, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000580)={r3, 0xfc49, 0x20}, 0xc)

372.086755ms ago: executing program 3 (id=1140):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0xff, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xa, 0x1ff}, 0x1100, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x3}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = getpid()
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RELOAD(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r5, 0x1, 0x70bd27, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r3}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x30)

316.168519ms ago: executing program 6 (id=1141):
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r4)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r5, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}, {0x0, 0x7}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{}, 0x3548, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfd, 0x2}}}]}, 0x78}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=@newtfilter={0x78, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {}, {0xd}}, [@filter_kind_options=@f_basic={{0xa}, {0x48, 0x2, [@TCA_BASIC_EMATCHES={0x44, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xffff}}, @TCA_EMATCH_TREE_LIST={0x38, 0x2, 0x0, 0x1, [@TCF_EM_NBYTE={0x10, 0x1, 0x0, 0x0, {{}, {0x0, 0x0, 0x1}}}, @TCF_EM_META={0x24, 0x2, 0x0, 0x0, {{0x0, 0x4, 0x4}, [@TCA_EM_META_HDR={0xc}, @TCA_EM_META_RVALUE={0x4}, @TCA_EM_META_LVALUE={0x8, 0x2, [@TCF_META_TYPE_INT]}]}}]}]}]}}]}, 0x78}}, 0x0)

215.175226ms ago: executing program 6 (id=1142):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x880)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b80)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000400)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='GPL\x00'}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x1000f4)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f00000008c0), 0xfffffffe, r1}, 0x38)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2, 0x0, 0x2}, 0x18)
syz_emit_ethernet(0x3e, &(0x7f0000000000)={@link_local={0x3}, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @rand_addr=0x64010102}, @time_exceeded={0x3, 0x4, 0x0, 0x12, 0xfe, 0x3f18, {0x5, 0x2, 0x0, 0x0, 0x0, 0x68, 0x0, 0x0, 0x1, 0x2, @loopback, @loopback}}}}}}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x4000, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

52.796896ms ago: executing program 6 (id=1143):
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000000001000001"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r4, 0x0, 0x7}, 0x18)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
open(&(0x7f0000000300)='./file0\x00', 0x145142, 0x102)

27.600838ms ago: executing program 6 (id=1144):
r0 = socket$inet(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f0000000000), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000100)={r1, 0x0, 0xfa, 0x9})
bpf$MAP_CREATE(0x0, 0x0, 0x0)
syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f00000008c0)=@mangle={'mangle\x00', 0x44, 0x6, 0x3f0, 0x288, 0x358, 0x1e8, 0x138, 0x138, 0x358, 0x358, 0x358, 0x358, 0x358, 0x6, 0x0, {[{{@ip={@broadcast, @multicast1=0xe0007600, 0x0, 0xffffffff, 'bridge_slave_0\x00', 'ip6gre0\x00'}, 0x0, 0x70, 0x98}, @inet=@DSCP={0x28}}, {{@ip={@dev={0xac, 0x14, 0x14, 0x2f}, @local, 0x0, 0x0, 'batadv_slave_1\x00', 'veth1_virt_wifi\x00', {}, {}, 0x6}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @local}}}, {{@ip={@broadcast, @multicast2, 0x0, 0x0, 'vlan1\x00', 'nr0\x00', {}, {}, 0x32}, 0x0, 0x70, 0xb0}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0xf7, 0x4, @ipv4=@loopback, 0x4e23}}}, {{@ip={@loopback, @multicast2, 0x0, 0x0, 'syzkaller0\x00', 'veth1_to_team\x00'}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @empty}}}, {{@ip={@broadcast, @empty, 0x0, 0x0, 'lo\x00', 'batadv_slave_1\x00'}, 0x0, 0xa0, 0xd0, 0x0, {}, [@common=@unspec=@mac={{0x30}, {@multicast}}]}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @loopback}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x450)

0s ago: executing program 3 (id=1146):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ee}, 0x94)
r2 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000002380)={r1, 0x0, 0x2d, 0x0, @val=@netfilter={0x2, 0x4, 0x600}}, 0x20)
bpf$LINK_DETACH(0x22, &(0x7f0000000100)=r2, 0x4)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
getpid()
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r3, 0xc0502100, &(0x7f0000000680)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000080)={r4, 0x1, 0x6})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r3, 0xc0502100, &(0x7f0000000380)={<r5=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r3, 0x40182103, &(0x7f0000000240)={r5, 0x1, r3, 0x6})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000280)={r5, 0x0, 0x5})

kernel console output (not intermixed with test programs):

T4000] ext4 filesystem being mounted at /43/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   49.269802][   T29] kauditd_printk_skb: 53 callbacks suppressed
[   49.269820][   T29] audit: type=1400 audit(1759925725.248:288): avc:  denied  { name_bind } for  pid=4024 comm="syz.3.144" src=1024 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[   49.300960][   T29] audit: type=1400 audit(1759925725.278:289): avc:  denied  { ioctl } for  pid=4022 comm="syz.4.143" path="socket:[7039]" dev="sockfs" ino=7039 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   49.364417][ T4000] syz.0.134 (4000) used greatest stack depth: 9680 bytes left
[   49.377696][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.387693][ T3820] Quota error (device loop0): do_check_range: Getting dqdh_entries 15 out of range 0-14
[   49.397620][ T3820] EXT4-fs error (device loop0): ext4_release_dquot:6981: comm kworker/u8:40: Failed to release dquot type 1
[   49.459121][ T4032] loop1: detected capacity change from 0 to 1024
[   49.473477][ T4032] =======================================================
[   49.473477][ T4032] WARNING: The mand mount option has been deprecated and
[   49.473477][ T4032]          and is ignored by this kernel. Remove the mand
[   49.473477][ T4032]          option from the mount to silence this warning.
[   49.473477][ T4032] =======================================================
[   49.522577][ T4032] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[   49.538680][ T4034] netlink: 24 bytes leftover after parsing attributes in process `syz.0.147'.
[   49.548307][ T4032] ext4 filesystem being mounted at /21/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   49.562283][ T4032] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[   49.633419][ T4040] netlink: 28 bytes leftover after parsing attributes in process `syz.3.150'.
[   49.655027][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[   49.924108][ T4065] loop4: detected capacity change from 0 to 128
[   50.034901][   T29] audit: type=1400 audit(1759925726.008:290): avc:  denied  { mount } for  pid=4064 comm="syz.4.160" name="/" dev="loop4" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[   50.108280][   T29] audit: type=1400 audit(1759925726.078:291): avc:  denied  { write } for  pid=4067 comm="syz.3.161" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   50.131206][   T29] audit: type=1400 audit(1759925726.108:292): avc:  denied  { unmount } for  pid=3320 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[   50.201258][   T29] audit: type=1400 audit(1759925726.178:293): avc:  denied  { shutdown } for  pid=4071 comm="syz.4.163" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   50.222618][ T4070] bridge0: port 2(bridge_slave_1) entered disabled state
[   50.229951][ T4070] bridge0: port 1(bridge_slave_0) entered disabled state
[   50.254340][   T29] audit: type=1400 audit(1759925726.208:294): avc:  denied  { name_connect } for  pid=4071 comm="syz.4.163" dest=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[   50.276921][   T29] audit: type=1400 audit(1759925726.208:295): avc:  denied  { write } for  pid=4071 comm="syz.4.163" lport=40598 faddr=::ffff:100.1.1.0 fport=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[   50.301194][   T29] audit: type=1400 audit(1759925726.208:296): avc:  denied  { setopt } for  pid=4071 comm="syz.4.163" lport=40598 faddr=::ffff:100.1.1.0 fport=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[   50.506429][ T4070] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   50.546978][ T4070] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   50.676078][ T3828] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   50.685126][ T3828] netdevsim netdevsim0 netdevsim0: unset [1, 1] type 2 family 0 port 20000 - 0
[   50.710556][ T3828] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   50.719671][ T3828] netdevsim netdevsim0 netdevsim1: unset [1, 1] type 2 family 0 port 20000 - 0
[   50.754039][ T3828] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   50.763070][ T3828] netdevsim netdevsim0 netdevsim2: unset [1, 1] type 2 family 0 port 20000 - 0
[   50.809350][ T3828] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   50.818405][ T3828] netdevsim netdevsim0 netdevsim3: unset [1, 1] type 2 family 0 port 20000 - 0
[   51.512845][ T4161] loop0: detected capacity change from 0 to 128
[   51.525510][ T4161] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   51.545874][ T4161] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   51.608427][ T3820] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   51.849216][ T4199] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   51.861009][ T4177] netlink: 324 bytes leftover after parsing attributes in process `syz.0.192'.
[   51.876297][ T4199] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   51.900190][ T4199] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   51.908774][ T4205] loop3: detected capacity change from 0 to 256
[   51.934153][ T4199] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   52.008972][ T4215] netlink: 'syz.3.196': attribute type 4 has an invalid length.
[   52.073719][ T4226] netlink: 14 bytes leftover after parsing attributes in process `syz.0.199'.
[   52.085765][ T4226] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   52.096622][ T4226] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   52.104858][ T4228] netlink: 'syz.3.200': attribute type 39 has an invalid length.
[   52.114450][ T4226] bond0 (unregistering): Released all slaves
[   52.364287][ T4270] loop4: detected capacity change from 0 to 2048
[   52.388449][ T4270] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   52.435634][ T3320] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[   52.451724][ T3320] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6667: Corrupt filesystem
[   52.469313][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.558668][ T4295] wg2: entered promiscuous mode
[   52.563670][ T4295] wg2: entered allmulticast mode
[   52.641693][ T4311] loop4: detected capacity change from 0 to 164
[   52.676314][ T4311] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   53.415713][ T4300] syz.3.208 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[   53.430005][ T4300] CPU: 1 UID: 0 PID: 4300 Comm: syz.3.208 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   53.430048][ T4300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   53.430065][ T4300] Call Trace:
[   53.430073][ T4300]  <TASK>
[   53.430083][ T4300]  __dump_stack+0x1d/0x30
[   53.430130][ T4300]  dump_stack_lvl+0xe8/0x140
[   53.430157][ T4300]  dump_stack+0x15/0x1b
[   53.430179][ T4300]  dump_header+0x81/0x220
[   53.430260][ T4300]  oom_kill_process+0x342/0x400
[   53.430300][ T4300]  out_of_memory+0x979/0xb80
[   53.430407][ T4300]  try_charge_memcg+0x5e6/0x9e0
[   53.430507][ T4300]  ? update_load_avg+0x1da/0x820
[   53.430559][ T4300]  obj_cgroup_charge_pages+0xa6/0x150
[   53.430601][ T4300]  __memcg_kmem_charge_page+0x9f/0x170
[   53.430711][ T4300]  __alloc_frozen_pages_noprof+0x188/0x360
[   53.430757][ T4300]  alloc_pages_mpol+0xb3/0x260
[   53.430799][ T4300]  ? alloc_pages_noprof+0xf4/0x130
[   53.430903][ T4300]  alloc_pages_noprof+0x90/0x130
[   53.430923][ T4300]  __vmalloc_node_range_noprof+0x7a5/0xed0
[   53.430970][ T4300]  __kvmalloc_node_noprof+0x483/0x670
[   53.431073][ T4300]  ? ip_set_alloc+0x24/0x30
[   53.431120][ T4300]  ? ip_set_alloc+0x24/0x30
[   53.431144][ T4300]  ? __kmalloc_cache_noprof+0x249/0x4a0
[   53.431183][ T4300]  ip_set_alloc+0x24/0x30
[   53.431230][ T4300]  hash_netiface_create+0x282/0x740
[   53.431345][ T4300]  ? __pfx_hash_netiface_create+0x10/0x10
[   53.431398][ T4300]  ip_set_create+0x3c9/0x970
[   53.431451][ T4300]  ? __nla_parse+0x40/0x60
[   53.431522][ T4300]  nfnetlink_rcv_msg+0x4c3/0x590
[   53.431586][ T4300]  netlink_rcv_skb+0x123/0x220
[   53.431622][ T4300]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[   53.431662][ T4300]  nfnetlink_rcv+0x167/0x16c0
[   53.431690][ T4300]  ? kmem_cache_free+0xe4/0x3d0
[   53.431846][ T4300]  ? __kfree_skb+0x109/0x150
[   53.431888][ T4300]  ? nlmon_xmit+0x4f/0x60
[   53.431915][ T4300]  ? consume_skb+0x49/0x150
[   53.431948][ T4300]  ? nlmon_xmit+0x4f/0x60
[   53.431979][ T4300]  ? dev_hard_start_xmit+0x3b0/0x3e0
[   53.432068][ T4300]  ? __dev_queue_xmit+0x1200/0x2000
[   53.432144][ T4300]  ? __dev_queue_xmit+0x182/0x2000
[   53.432186][ T4300]  ? ref_tracker_free+0x37d/0x3e0
[   53.432241][ T4300]  ? __netlink_deliver_tap+0x4dc/0x500
[   53.432279][ T4300]  netlink_unicast+0x5bd/0x690
[   53.432388][ T4300]  netlink_sendmsg+0x58b/0x6b0
[   53.432429][ T4300]  ? __pfx_netlink_sendmsg+0x10/0x10
[   53.432469][ T4300]  __sock_sendmsg+0x142/0x180
[   53.432560][ T4300]  ____sys_sendmsg+0x31e/0x4e0
[   53.432603][ T4300]  ___sys_sendmsg+0x17b/0x1d0
[   53.432657][ T4300]  __x64_sys_sendmsg+0xd4/0x160
[   53.432770][ T4300]  x64_sys_call+0x191e/0x3000
[   53.432824][ T4300]  do_syscall_64+0xd2/0x200
[   53.432854][ T4300]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   53.432888][ T4300]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   53.432951][ T4300]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   53.432976][ T4300] RIP: 0033:0x7fb5185ceec9
[   53.433020][ T4300] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   53.433045][ T4300] RSP: 002b:00007fb517037038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   53.433070][ T4300] RAX: ffffffffffffffda RBX: 00007fb518825fa0 RCX: 00007fb5185ceec9
[   53.433151][ T4300] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000003
[   53.433168][ T4300] RBP: 00007fb518651f91 R08: 0000000000000000 R09: 0000000000000000
[   53.433184][ T4300] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   53.433200][ T4300] R13: 00007fb518826038 R14: 00007fb518825fa0 R15: 00007fff7493ca88
[   53.433225][ T4300]  </TASK>
[   53.433234][ T4300] memory: usage 307200kB, limit 307200kB, failcnt 160
[   53.796001][ T4300] memory+swap: usage 307380kB, limit 9007199254740988kB, failcnt 0
[   53.804094][ T4300] kmem: usage 307196kB, limit 9007199254740988kB, failcnt 0
[   53.811446][ T4300] Memory cgroup stats for /syz3:
[   53.811665][ T4300] cache 0
[   53.819596][ T4300] rss 4096
[   53.822640][ T4300] shmem 0
[   53.825597][ T4300] mapped_file 0
[   53.829257][ T4300] dirty 0
[   53.832337][ T4300] writeback 4096
[   53.836009][ T4300] workingset_refault_anon 26
[   53.840606][ T4300] workingset_refault_file 181
[   53.845301][ T4300] swap 184320
[   53.848698][ T4300] swapcached 4096
[   53.852353][ T4300] pgpgin 9502
[   53.855763][ T4300] pgpgout 9501
[   53.859253][ T4300] pgfault 20207
[   53.862842][ T4300] pgmajfault 18
[   53.866344][ T4300] inactive_anon 4096
[   53.870268][ T4300] active_anon 0
[   53.873741][ T4300] inactive_file 0
[   53.877498][ T4300] active_file 0
[   53.880969][ T4300] unevictable 0
[   53.884474][ T4300] hierarchical_memory_limit 314572800
[   53.889908][ T4300] hierarchical_memsw_limit 9223372036854771712
[   53.896185][ T4300] total_cache 0
[   53.899751][ T4300] total_rss 4096
[   53.903316][ T4300] total_shmem 0
[   53.906906][ T4300] total_mapped_file 0
[   53.910972][ T4300] total_dirty 0
[   53.914535][ T4300] total_writeback 4096
[   53.918764][ T4300] total_workingset_refault_anon 26
[   53.923944][ T4300] total_workingset_refault_file 181
[   53.929284][ T4300] total_swap 184320
[   53.933122][ T4300] total_swapcached 4096
[   53.937455][ T4300] total_pgpgin 9502
[   53.941368][ T4300] total_pgpgout 9501
[   53.945278][ T4300] total_pgfault 20207
[   53.949369][ T4300] total_pgmajfault 18
[   53.953517][ T4300] total_inactive_anon 4096
[   53.958082][ T4300] total_active_anon 0
[   53.962138][ T4300] total_inactive_file 0
[   53.966419][ T4300] total_active_file 0
[   53.970545][ T4300] total_unevictable 0
[   53.974552][ T4300] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.208,pid=4298,uid=0
[   53.989222][ T4300] Memory cgroup out of memory: Killed process 4298 (syz.3.208) total-vm:96004kB, anon-rss:1136kB, file-rss:22312kB, shmem-rss:0kB, UID:0 pgtables:120kB oom_score_adj:1000
[   54.267236][ T4309] syz.3.208 (4309) used greatest stack depth: 9000 bytes left
[   54.334099][ T4370] loop1: detected capacity change from 0 to 128
[   54.341942][ T4370] EXT4-fs: test_dummy_encryption option not supported
[   54.350988][   T29] kauditd_printk_skb: 143 callbacks suppressed
[   54.351016][   T29] audit: type=1400 audit(1759925730.328:440): avc:  denied  { bind } for  pid=4369 comm="syz.1.218" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   54.417483][   T29] audit: type=1400 audit(1759925730.358:441): avc:  denied  { write } for  pid=4369 comm="syz.1.218" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   54.437961][ T4374] netlink: 28 bytes leftover after parsing attributes in process `syz.1.220'.
[   54.594916][   T29] audit: type=1326 audit(1759925730.568:442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4377 comm="syz.0.222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f474f4f5d67 code=0x7ffc0000
[   54.687534][   T29] audit: type=1326 audit(1759925730.598:443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4377 comm="syz.0.222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f474f49af79 code=0x7ffc0000
[   54.710931][   T29] audit: type=1326 audit(1759925730.598:444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4377 comm="syz.0.222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f474f4f5d67 code=0x7ffc0000
[   54.734571][   T29] audit: type=1326 audit(1759925730.598:445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4377 comm="syz.0.222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f474f49af79 code=0x7ffc0000
[   54.758588][   T29] audit: type=1326 audit(1759925730.598:446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4377 comm="syz.0.222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f474f4feec9 code=0x7ffc0000
[   54.782216][   T29] audit: type=1326 audit(1759925730.608:447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4377 comm="syz.0.222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f474f4feec9 code=0x7ffc0000
[   54.805985][   T29] audit: type=1326 audit(1759925730.608:448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4377 comm="syz.0.222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f474f4feec9 code=0x7ffc0000
[   54.829695][   T29] audit: type=1326 audit(1759925730.608:449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4377 comm="syz.0.222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=136 compat=0 ip=0x7f474f4feec9 code=0x7ffc0000
[   55.132175][ T4383] netlink: 12 bytes leftover after parsing attributes in process `syz.0.224'.
[   55.166927][ T4383] 8021q: adding VLAN 0 to HW filter on device bond0
[   55.186733][ T4300] syz.3.208 (4300) used greatest stack depth: 7480 bytes left
[   55.319917][ T4383] vlan2: entered allmulticast mode
[   55.325234][ T4383] bond0: entered allmulticast mode
[   55.439154][ T4389] loop5: detected capacity change from 0 to 1024
[   55.486715][ T4389] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   55.563446][ T4389] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4193: comm syz.5.226: Allocating blocks 449-513 which overlap fs metadata
[   55.587011][ T4388] EXT4-fs (loop5): pa ffff88810721d620: logic 48, phys. 177, len 21
[   55.595160][ T4388] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4
[   55.617458][ T3778] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.657879][ T4402] netlink: 24 bytes leftover after parsing attributes in process `syz.5.230'.
[   55.680609][ T4402] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=4402 comm=syz.5.230
[   55.790915][ T4410] syzkaller0: entered promiscuous mode
[   55.796664][ T4410] syzkaller0: entered allmulticast mode
[   56.119627][ T4422] netlink: 34 bytes leftover after parsing attributes in process `syz.5.239'.
[   56.172532][ T4426] netlink: 'syz.5.241': attribute type 27 has an invalid length.
[   56.190882][ T4428] netlink: 'syz.3.242': attribute type 13 has an invalid length.
[   56.214168][ T4426] bridge0: port 2(bridge_slave_1) entered disabled state
[   56.221757][ T4426] bridge0: port 1(bridge_slave_0) entered disabled state
[   56.246674][ T4426] wg2: left promiscuous mode
[   56.251376][ T4426] wg2: left allmulticast mode
[   56.271396][ T4426] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   56.281974][ T4426] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   56.341882][ T4428] gretap0: refused to change device tx_queue_len
[   56.357047][ T4428] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[   56.383666][ T3823] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   56.411761][ T3823] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   56.445356][ T3823] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   56.466545][ T4437] loop3: detected capacity change from 0 to 128
[   56.470405][ T3823] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   56.523268][ T4442] loop5: detected capacity change from 0 to 512
[   56.543319][ T4442] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[   56.615050][ T4442] EXT4-fs (loop5): 1 truncate cleaned up
[   56.623086][ T4442] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   56.658120][ T4437] syz.3.245: attempt to access beyond end of device
[   56.658120][ T4437] loop3: rw=2049, sector=145, nr_sectors = 16 limit=128
[   56.671899][ T4437] syz.3.245: attempt to access beyond end of device
[   56.671899][ T4437] loop3: rw=2049, sector=169, nr_sectors = 8 limit=128
[   56.686507][ T4437] syz.3.245: attempt to access beyond end of device
[   56.686507][ T4437] loop3: rw=2049, sector=185, nr_sectors = 8 limit=128
[   56.700569][ T4437] syz.3.245: attempt to access beyond end of device
[   56.700569][ T4437] loop3: rw=2049, sector=201, nr_sectors = 8 limit=128
[   56.715607][ T4437] syz.3.245: attempt to access beyond end of device
[   56.715607][ T4437] loop3: rw=2049, sector=217, nr_sectors = 8 limit=128
[   56.754284][ T4437] syz.3.245: attempt to access beyond end of device
[   56.754284][ T4437] loop3: rw=2049, sector=233, nr_sectors = 8 limit=128
[   56.772860][ T3778] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.791888][ T4437] syz.3.245: attempt to access beyond end of device
[   56.791888][ T4437] loop3: rw=2049, sector=249, nr_sectors = 8 limit=128
[   56.836227][ T4437] syz.3.245: attempt to access beyond end of device
[   56.836227][ T4437] loop3: rw=2049, sector=265, nr_sectors = 8 limit=128
[   56.862959][ T4437] syz.3.245: attempt to access beyond end of device
[   56.862959][ T4437] loop3: rw=2049, sector=281, nr_sectors = 8 limit=128
[   56.878865][ T4437] syz.3.245: attempt to access beyond end of device
[   56.878865][ T4437] loop3: rw=2049, sector=297, nr_sectors = 8 limit=128
[   56.909400][ T4457] loop4: detected capacity change from 0 to 736
[   57.511730][ T4484] netlink: 40 bytes leftover after parsing attributes in process `syz.4.263'.
[   57.910518][ T4497] team0 (unregistering): Port device team_slave_0 removed
[   57.918909][ T4497] team0 (unregistering): Port device team_slave_1 removed
[   58.155929][ T4507] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   58.324068][ T4523] loop4: detected capacity change from 0 to 128
[   58.325357][ T4521] loop3: detected capacity change from 0 to 2048
[   58.340935][ T4523] EXT4-fs: test_dummy_encryption option not supported
[   58.348528][ T4521] EXT4-fs warning (device loop3): ext4_multi_mount_protect:292: Invalid MMP block in superblock
[   58.397621][ T4530] netlink: 'syz.1.291': attribute type 13 has an invalid length.
[   58.411629][ T4530] gretap0: refused to change device tx_queue_len
[   58.426546][ T4530] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[   58.475493][ T4537] netlink: 'syz.1.284': attribute type 1 has an invalid length.
[   58.489676][ T4537] 8021q: adding VLAN 0 to HW filter on device bond1
[   58.502398][ T4537] netlink: 4 bytes leftover after parsing attributes in process `syz.1.284'.
[   58.515417][ T4537] bond1 (unregistering): Released all slaves
[   58.710830][ T4548] netlink: 209836 bytes leftover after parsing attributes in process `syz.4.287'.
[   59.377224][   T29] kauditd_printk_skb: 180 callbacks suppressed
[   59.377242][   T29] audit: type=1326 audit(1759925735.358:630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4575 comm="syz.4.299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb19f1eeec9 code=0x7ffc0000
[   59.429672][   T29] audit: type=1326 audit(1759925735.388:631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4575 comm="syz.4.299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb19f1eeec9 code=0x7ffc0000
[   59.453300][   T29] audit: type=1326 audit(1759925735.388:632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4575 comm="syz.4.299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb19f1eeec9 code=0x7ffc0000
[   59.476930][   T29] audit: type=1326 audit(1759925735.388:633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4575 comm="syz.4.299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb19f1eeec9 code=0x7ffc0000
[   59.500723][   T29] audit: type=1326 audit(1759925735.388:634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4575 comm="syz.4.299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb19f1eeec9 code=0x7ffc0000
[   59.524275][   T29] audit: type=1326 audit(1759925735.388:635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4575 comm="syz.4.299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb19f1eeec9 code=0x7ffc0000
[   59.547807][   T29] audit: type=1326 audit(1759925735.388:636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4575 comm="syz.4.299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb19f1eeec9 code=0x7ffc0000
[   59.571317][   T29] audit: type=1326 audit(1759925735.388:637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4575 comm="syz.4.299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb19f1eeec9 code=0x7ffc0000
[   59.594766][   T29] audit: type=1326 audit(1759925735.388:638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4575 comm="syz.4.299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb19f1eeec9 code=0x7ffc0000
[   59.618111][   T29] audit: type=1326 audit(1759925735.388:639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4575 comm="syz.4.299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb19f1eeec9 code=0x7ffc0000
[   59.836398][ T4582] loop5: detected capacity change from 0 to 736
[   59.942489][ T4586] loop0: detected capacity change from 0 to 512
[   60.022082][ T4594] loop3: detected capacity change from 0 to 1024
[   60.046494][ T4594] EXT4-fs: Ignoring removed oldalloc option
[   60.052695][ T4594] EXT4-fs: Ignoring removed bh option
[   60.078227][ T4586] EXT4-fs warning (device loop0): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   60.105418][ T4586] EXT4-fs (loop0): mount failed
[   60.127536][ T4594] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   60.207320][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   60.303023][ T4612] loop4: detected capacity change from 0 to 512
[   60.336108][ T4612] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   60.425245][ T4612] EXT4-fs (loop4): 1 orphan inode deleted
[   60.431140][ T4612] EXT4-fs (loop4): 1 truncate cleaned up
[   60.438286][ T4612] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   60.464222][ T4618] loop3: detected capacity change from 0 to 512
[   60.482118][ T4618] EXT4-fs: group quota file already specified
[   60.496332][ T4618] SELinux:  Context @“|Á0®A•ÙWiäS‰¾Ñ±4�À$€œÔEtÚ�yÖgB±E¼EÇAŠ2zL³»—p{c|^;tݾîHRן臟Áñg is not valid (left unmapped).
[   60.522855][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   60.543573][ T4622] loop4: detected capacity change from 0 to 136
[   61.575625][ T4700] netlink: 4 bytes leftover after parsing attributes in process `syz.4.338'.
[   61.917902][ T4749] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   61.951202][ T4748] lo: entered allmulticast mode
[   61.956353][ T4748] tunl0: entered allmulticast mode
[   61.961672][ T4748] gre0: entered allmulticast mode
[   61.966853][ T4748] gretap0: entered allmulticast mode
[   61.972240][ T4748] erspan0: entered allmulticast mode
[   61.978001][ T4748] ip_vti0: entered allmulticast mode
[   61.983403][ T4748] ip6_vti0: entered allmulticast mode
[   61.989095][ T4748] sit0: entered allmulticast mode
[   61.994325][ T4748] ip6tnl0: entered allmulticast mode
[   61.999890][ T4748] ip6gre0: entered allmulticast mode
[   62.005454][ T4748] syz_tun: entered allmulticast mode
[   62.010996][ T4748] ip6gretap0: entered allmulticast mode
[   62.016893][ T4748] bridge0: entered allmulticast mode
[   62.022341][ T4748] vcan0: entered allmulticast mode
[   62.027652][ T4748] bond0: entered allmulticast mode
[   62.032963][ T4748] bond_slave_0: entered allmulticast mode
[   62.038904][ T4748] bond_slave_1: entered allmulticast mode
[   62.044862][ T4748] team0: entered allmulticast mode
[   62.050080][ T4748] team_slave_0: entered allmulticast mode
[   62.055925][ T4748] team_slave_1: entered allmulticast mode
[   62.061835][ T4748] dummy0: entered allmulticast mode
[   62.067222][ T4748] nlmon0: entered allmulticast mode
[   62.072745][ T4748] caif0: entered allmulticast mode
[   62.078054][ T4748] batadv0: entered allmulticast mode
[   62.083458][ T4748] vxcan0: entered allmulticast mode
[   62.088782][ T4748] vxcan1: entered allmulticast mode
[   62.094210][ T4748] veth0: entered allmulticast mode
[   62.099542][ T4748] veth1: entered allmulticast mode
[   62.104977][ T4748] wg0: entered allmulticast mode
[   62.110103][ T4748] wg1: entered allmulticast mode
[   62.115257][ T4748] wg2: entered allmulticast mode
[   62.120431][ T4748] veth0_to_bridge: entered allmulticast mode
[   62.126748][ T4748] veth1_to_bridge: entered allmulticast mode
[   62.133128][ T4748] veth0_to_bond: entered allmulticast mode
[   62.139401][ T4748] veth1_to_bond: entered allmulticast mode
[   62.145506][ T4748] veth0_to_team: entered allmulticast mode
[   62.152344][ T4748] veth1_to_team: entered allmulticast mode
[   62.158333][ T4748] veth0_to_batadv: entered allmulticast mode
[   62.165329][ T4748] batadv_slave_0: entered allmulticast mode
[   62.171368][ T4748] veth1_to_batadv: entered allmulticast mode
[   62.177919][ T4748] batadv_slave_1: entered allmulticast mode
[   62.184401][ T4748] xfrm0: entered allmulticast mode
[   62.189718][ T4748] veth0_to_hsr: entered allmulticast mode
[   62.195541][ T4748] hsr_slave_0: entered allmulticast mode
[   62.201408][ T4748] veth1_to_hsr: entered allmulticast mode
[   62.207332][ T4748] hsr_slave_1: entered allmulticast mode
[   62.213413][ T4748] hsr0: entered allmulticast mode
[   62.218562][ T4748] veth1_virt_wifi: entered allmulticast mode
[   62.224793][ T4748] veth0_virt_wifi: entered allmulticast mode
[   62.231146][ T4748] veth1_vlan: entered allmulticast mode
[   62.237218][ T4748] veth0_vlan: entered allmulticast mode
[   62.243108][ T4748] vlan0: entered allmulticast mode
[   62.248479][ T4748] vlan1: entered allmulticast mode
[   62.253746][ T4748] macvlan0: entered allmulticast mode
[   62.259367][ T4748] macvlan1: entered allmulticast mode
[   62.265033][ T4748] ipvlan0: entered allmulticast mode
[   62.270435][ T4748] ipvlan1: entered allmulticast mode
[   62.276019][ T4748] veth1_macvtap: entered allmulticast mode
[   62.277289][ T4756] loop1: detected capacity change from 0 to 4096
[   62.282114][ T4748] veth0_macvtap: entered allmulticast mode
[   62.289957][ T4756] SELinux: security_context_str_to_sid (root) failed with errno=-22
[   62.294324][ T4748] macvtap0: entered allmulticast mode
[   62.307807][ T4748] macsec0: entered allmulticast mode
[   62.313166][ T4748] geneve0: entered allmulticast mode
[   62.318715][ T4748] geneve1: entered allmulticast mode
[   62.332909][ T4748] netdevsim netdevsim5 netdevsim0: entered allmulticast mode
[   62.349224][ T4748] netdevsim netdevsim5 netdevsim1: entered allmulticast mode
[   62.357675][ T4748] netdevsim netdevsim5 netdevsim2: entered allmulticast mode
[   62.365175][ T4748] netdevsim netdevsim5 netdevsim3: entered allmulticast mode
[   62.391661][ T4756] tipc: Started in network mode
[   62.396672][ T4756] tipc: Node identity ac14140f, cluster identity 4711
[   62.403946][ T4756] tipc: New replicast peer: 255.255.255.255
[   62.410221][ T4756] tipc: Enabled bearer <udp:syz2>, priority 10
[   62.520083][ T4763] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   62.541003][ T4762] tipc: Resetting bearer <eth:syzkaller0>
[   62.557429][ T4762] tipc: Disabling bearer <eth:syzkaller0>
[   62.652793][ T4770] loop5: detected capacity change from 0 to 512
[   62.659861][ T4770] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[   62.720552][ T4770] EXT4-fs (loop5): 1 orphan inode deleted
[   62.726439][ T4770] EXT4-fs (loop5): 1 truncate cleaned up
[   62.734907][ T4778] loop1: detected capacity change from 0 to 128
[   62.752573][ T4770] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   62.756188][ T4778] EXT4-fs: Ignoring removed nobh option
[   62.817714][ T4778] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   62.848937][ T3778] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   62.858249][ T4778] ext4 filesystem being mounted at /55/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   62.908784][ T4793] loop5: detected capacity change from 0 to 1024
[   62.955361][ T4793] EXT4-fs: Ignoring removed oldalloc option
[   62.961401][ T4793] EXT4-fs: Ignoring removed bh option
[   62.973603][ T4799] sch_tbf: peakrate 7 is lower than or equals to rate 19 !
[   62.978729][ T3312] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   62.993056][ T4793] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   63.052555][ T4809] loop0: detected capacity change from 0 to 512
[   63.063902][ T3778] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   63.075567][ T4809] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   63.095100][ T4809] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 214 vs 220 free clusters
[   63.128496][ T4809] EXT4-fs (loop0): 1 truncate cleaned up
[   63.134914][ T4809] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   63.199800][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   63.254689][ T4826] hsr0: entered promiscuous mode
[   63.260509][ T4826] netlink: 4 bytes leftover after parsing attributes in process `syz.3.372'.
[   63.269704][ T4826] hsr_slave_0: left promiscuous mode
[   63.275893][ T4826] hsr_slave_1: left promiscuous mode
[   63.285207][ T4826] hsr0 (unregistering): left promiscuous mode
[   63.491115][ T4843] loop3: detected capacity change from 0 to 1024
[   63.506933][ T4843] EXT4-fs (loop3): can't mount with commit=, fs mounted w/o journal
[   63.520429][ T4846] netlink: 96 bytes leftover after parsing attributes in process `syz.5.381'.
[   63.535913][   T10] tipc: Node number set to 2886997007
[   63.619856][ T4852] geneve2: entered promiscuous mode
[   63.625139][ T4852] geneve2: entered allmulticast mode
[   64.231023][ T4869] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   64.436621][ T4885] all: renamed from lo (while UP)
[   64.544688][ T4890] veth1_macvtap: left promiscuous mode
[   64.552340][ T4890] macsec0: entered promiscuous mode
[   64.612533][ T4853] syz.0.384 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[   64.624134][ T4853] CPU: 1 UID: 0 PID: 4853 Comm: syz.0.384 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   64.624167][ T4853] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   64.624183][ T4853] Call Trace:
[   64.624192][ T4853]  <TASK>
[   64.624202][ T4853]  __dump_stack+0x1d/0x30
[   64.624301][ T4853]  dump_stack_lvl+0xe8/0x140
[   64.624319][ T4853]  dump_stack+0x15/0x1b
[   64.624339][ T4853]  dump_header+0x81/0x220
[   64.624369][ T4853]  oom_kill_process+0x342/0x400
[   64.624398][ T4853]  out_of_memory+0x979/0xb80
[   64.624427][ T4853]  try_charge_memcg+0x5e6/0x9e0
[   64.624448][ T4853]  ? should_fail_ex+0x30/0x280
[   64.624544][ T4853]  charge_memcg+0x51/0xc0
[   64.624563][ T4853]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[   64.624586][ T4853]  __read_swap_cache_async+0x17b/0x2d0
[   64.624670][ T4853]  swap_cluster_readahead+0x262/0x3c0
[   64.624709][ T4853]  swapin_readahead+0xde/0x6f0
[   64.624817][ T4853]  ? css_rstat_updated+0xb7/0x240
[   64.624893][ T4853]  ? __rcu_read_unlock+0x4f/0x70
[   64.624917][ T4853]  ? swap_cache_get_folio+0x277/0x280
[   64.624949][ T4853]  do_swap_page+0x2ae/0x2370
[   64.624970][ T4853]  ? __rb_insert_augmented+0x2b4/0x2c0
[   64.624989][ T4853]  ? __pfx_min_vruntime_cb_rotate+0x10/0x10
[   64.625078][ T4853]  ? enqueue_task_fair+0x35e/0x980
[   64.625103][ T4853]  ? tracing_record_taskinfo_sched_switch+0x71/0x260
[   64.625142][ T4853]  ? __pfx_default_wake_function+0x10/0x10
[   64.625254][ T4853]  handle_mm_fault+0x9a5/0x2be0
[   64.625276][ T4853]  ? vma_start_read+0x141/0x1f0
[   64.625309][ T4853]  do_user_addr_fault+0x630/0x1080
[   64.625333][ T4853]  ? fpregs_restore_userregs+0xe2/0x1d0
[   64.625362][ T4853]  ? arch_exit_work+0x30/0x40
[   64.625397][ T4853]  exc_page_fault+0x62/0xa0
[   64.625429][ T4853]  asm_exc_page_fault+0x26/0x30
[   64.625472][ T4853] RIP: 0033:0x7f474f3d8209
[   64.625486][ T4853] Code: 39 f0 73 46 49 89 34 24 48 89 ce 48 89 4f f8 49 8b 14 24 49 8b 4c 24 08 eb 85 0f 1f 80 00 00 00 00 48 89 fe 4c 89 ea 48 89 df <e8> f2 fe ff ff 48 89 d8 4c 29 e0 48 3d 80 00 00 00 7e 7f 4d 85 ed
[   64.625548][ T4853] RSP: 002b:00007ffd6e5bc070 EFLAGS: 00010212
[   64.625562][ T4853] RAX: 00007f474f15e5b8 RBX: 00007f474f15e5c0 RCX: ffffffff817d310f
[   64.625574][ T4853] RDX: 000000000000001d RSI: 00007f474f1a1f80 RDI: 00007f474f15e5c0
[   64.625585][ T4853] RBP: 00007f474f0e09a8 R08: 00007f474f141490 R09: 00007f474f742000
[   64.625596][ T4853] R10: 00007f474ef6f008 R11: 0000000000000001 R12: 00007f474f0e09a0
[   64.625626][ T4853] R13: 000000000000001d R14: ffffffffffffffff R15: 00007f474ef6f008
[   64.625641][ T4853]  ? do_shrink_slab+0x41f/0x680
[   64.625669][ T4853]  </TASK>
[   64.625675][ T4853] memory: usage 307200kB, limit 307200kB, failcnt 241
[   64.885530][ T4853] memory+swap: usage 307384kB, limit 9007199254740988kB, failcnt 0
[   64.893746][ T4853] kmem: usage 307192kB, limit 9007199254740988kB, failcnt 0
[   64.901172][ T4853] Memory cgroup stats for /syz0:
[   64.906091][   T29] kauditd_printk_skb: 202 callbacks suppressed
[   64.906111][   T29] audit: type=1326 audit(1759925740.888:841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4891 comm="syz.4.401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb19f1eeec9 code=0x7ffc0000
[   64.941003][   T29] audit: type=1326 audit(1759925740.888:842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4891 comm="syz.4.401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7fb19f1eeec9 code=0x7ffc0000
[   64.964132][   T29] audit: type=1326 audit(1759925740.888:843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4891 comm="syz.4.401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb19f1eeec9 code=0x7ffc0000
[   64.985175][ T4853] cache 0
[   64.990650][ T4853] rss 0
[   64.993433][ T4853] shmem 0
[   64.996507][ T4853] mapped_file 0
[   65.000119][ T4853] dirty 0
[   65.003146][ T4853] writeback 0
[   65.006512][ T4853] workingset_refault_anon 38
[   65.011219][ T4853] workingset_refault_file 256
[   65.016041][ T4853] swap 188416
[   65.019343][ T4853] swapcached 8192
[   65.023165][ T4853] pgpgin 40799
[   65.026581][ T4853] pgpgout 40797
[   65.030142][ T4853] pgfault 52324
[   65.033609][ T4853] pgmajfault 24
[   65.037144][ T4853] inactive_anon 8192
[   65.041057][ T4853] active_anon 0
[   65.044522][ T4853] inactive_file 0
[   65.048311][ T4853] active_file 0
[   65.051785][ T4853] unevictable 0
[   65.055265][ T4853] hierarchical_memory_limit 314572800
[   65.060896][ T4853] hierarchical_memsw_limit 9223372036854771712
[   65.067092][ T4853] total_cache 0
[   65.070568][ T4853] total_rss 0
[   65.073926][ T4853] total_shmem 0
[   65.077503][ T4853] total_mapped_file 0
[   65.081497][ T4853] total_dirty 0
[   65.085111][ T4853] total_writeback 0
[   65.088955][ T4853] total_workingset_refault_anon 38
[   65.094147][ T4853] total_workingset_refault_file 256
[   65.099389][ T4853] total_swap 188416
[   65.103220][ T4853] total_swapcached 8192
[   65.107701][ T4853] total_pgpgin 40799
[   65.111693][ T4853] total_pgpgout 40797
[   65.115710][ T4853] total_pgfault 52324
[   65.119794][ T4853] total_pgmajfault 24
[   65.123787][ T4853] total_inactive_anon 8192
[   65.128248][ T4853] total_active_anon 0
[   65.132242][ T4853] total_inactive_file 0
[   65.136449][ T4853] total_active_file 0
[   65.140467][ T4853] total_unevictable 0
[   65.144467][ T4853] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.384,pid=4853,uid=0
[   65.159374][ T4853] Memory cgroup out of memory: Killed process 4853 (syz.0.384) total-vm:96004kB, anon-rss:1264kB, file-rss:22312kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[   65.203295][   T29] audit: type=1400 audit(1759925741.168:844): avc:  denied  { mounton } for  pid=4894 comm="syz.3.403" path="/77/file0" dev="tmpfs" ino=423 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   65.288621][   T29] audit: type=1400 audit(1759925741.268:845): avc:  denied  { watch watch_reads } for  pid=4905 comm="syz.1.415" path="/61/file1" dev="tmpfs" ino=338 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   65.313168][   T29] audit: type=1400 audit(1759925741.268:846): avc:  denied  { execute } for  pid=4905 comm="syz.1.415" name="file1" dev="tmpfs" ino=338 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   65.343272][ T4908] bridge: RTM_NEWNEIGH with invalid ether address
[   65.464531][ T4919] 9pnet: Could not find request transport: fd0x0000000000000004
[   65.723947][ T4931] hsr0: entered promiscuous mode
[   65.730401][ T4931] netlink: 4 bytes leftover after parsing attributes in process `syz.1.417'.
[   65.740220][ T4931] hsr_slave_0: left promiscuous mode
[   65.751808][ T4931] hsr_slave_1: left promiscuous mode
[   65.769170][ T4931] hsr0 (unregistering): left promiscuous mode
[   65.966199][ T4952] netlink: 100 bytes leftover after parsing attributes in process `syz.3.426'.
[   66.196045][   T29] audit: type=1400 audit(1759925742.168:847): avc:  denied  { bind } for  pid=4962 comm="syz.0.430" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   66.219771][   T29] audit: type=1400 audit(1759925742.198:848): avc:  denied  { setopt } for  pid=4962 comm="syz.0.430" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   66.239669][   T29] audit: type=1400 audit(1759925742.198:849): avc:  denied  { write } for  pid=4962 comm="syz.0.430" path="socket:[9689]" dev="sockfs" ino=9689 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   66.370737][ T4966] hsr0: entered promiscuous mode
[   66.376284][ T4966] netlink: 4 bytes leftover after parsing attributes in process `syz.0.431'.
[   66.395380][ T4966] hsr_slave_0: left promiscuous mode
[   66.406860][ T4966] hsr_slave_1: left promiscuous mode
[   66.419942][ T4966] hsr0 (unregistering): left promiscuous mode
[   66.558051][ T4970] netlink: 24 bytes leftover after parsing attributes in process `syz.3.433'.
[   66.594781][ T4975] netlink: 8 bytes leftover after parsing attributes in process `syz.5.435'.
[   66.608973][ T4975] netlink: 8 bytes leftover after parsing attributes in process `syz.5.435'.
[   66.643700][ T4977] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4977 comm=syz.5.436
[   66.692126][   T29] audit: type=1400 audit(1759925742.668:850): avc:  denied  { create } for  pid=4980 comm="syz.5.438" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1
[   67.081139][ T4956] syz.4.428 (4956) used greatest stack depth: 7032 bytes left
[   67.448617][ T4964] Set syz1 is full, maxelem 65536 reached
[   67.592857][ T5002] loop4: detected capacity change from 0 to 512
[   67.623446][ T5002] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[   67.632826][ T5002] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[   67.683969][ T5002] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended
[   67.706333][ T5002] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[   67.727730][ T5002] System zones: 0-2, 18-18, 34-35
[   67.739311][ T5002] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   67.791179][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.107815][   T36] IPVS: starting estimator thread 0...
[   68.195925][ T5054] IPVS: using max 1920 ests per chain, 96000 per kthread
[   68.476450][ T5092] bridge0: port 3(gretap0) entered blocking state
[   68.483157][ T5092] bridge0: port 3(gretap0) entered disabled state
[   68.490201][ T5092] gretap0: entered allmulticast mode
[   68.497680][ T5092] gretap0: entered promiscuous mode
[   68.509949][ T5092] gretap0: left allmulticast mode
[   68.515183][ T5092] gretap0: left promiscuous mode
[   68.520517][ T5092] bridge0: port 3(gretap0) entered disabled state
[   68.538680][ T5098] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=5098 comm=syz.1.462
[   69.017515][ T5153] loop3: detected capacity change from 0 to 512
[   69.048511][ T5153] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   69.082870][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.106522][ T5161] geneve2: entered promiscuous mode
[   69.111815][ T5161] geneve2: entered allmulticast mode
[   69.329443][ T5179] netlink: 'syz.5.486': attribute type 10 has an invalid length.
[   69.344446][ T5183] loop3: detected capacity change from 0 to 128
[   69.379717][ T5183] bio_check_eod: 39 callbacks suppressed
[   69.379731][ T5183] syz.3.488: attempt to access beyond end of device
[   69.379731][ T5183] loop3: rw=0, sector=121, nr_sectors = 920 limit=128
[   69.392921][ T5181] loop0: detected capacity change from 0 to 1024
[   69.409451][ T5181] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   69.544610][ T5186] netlink: 184 bytes leftover after parsing attributes in process `wÞ£ÿ'.
[   69.569721][ T5186] xt_socket: unknown flags 0xd0
[   69.598145][ T5190] process 'syz.5.491' launched './file0' with NULL argv: empty string added
[   69.640247][ T5194] netlink: 8 bytes leftover after parsing attributes in process `syz.5.493'.
[   69.755616][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.769396][ T5192] netlink: 28 bytes leftover after parsing attributes in process `syz.3.492'.
[   69.790791][ T5192] netem: change failed
[   69.795642][ T5204] tipc: Failed to obtain node identity
[   69.801472][ T5204] tipc: Enabling of bearer <ib:ipvlan0> rejected, failed to enable media
[   69.946635][   T29] kauditd_printk_skb: 23 callbacks suppressed
[   69.946655][   T29] audit: type=1326 audit(1759925745.928:874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5212 comm="syz.1.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e69deeec9 code=0x7ffc0000
[   70.010929][   T29] audit: type=1326 audit(1759925745.928:875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5212 comm="syz.1.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e69deeec9 code=0x7ffc0000
[   70.035332][   T29] audit: type=1326 audit(1759925745.938:876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5212 comm="syz.1.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1e69deeec9 code=0x7ffc0000
[   70.059206][   T29] audit: type=1326 audit(1759925745.938:877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5212 comm="syz.1.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e69deeec9 code=0x7ffc0000
[   70.082934][   T29] audit: type=1326 audit(1759925745.938:878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5212 comm="syz.1.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e69deeec9 code=0x7ffc0000
[   70.107771][   T29] audit: type=1326 audit(1759925745.938:879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5212 comm="syz.1.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1e69deeec9 code=0x7ffc0000
[   70.131333][   T29] audit: type=1326 audit(1759925745.938:880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5212 comm="syz.1.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e69deeec9 code=0x7ffc0000
[   70.155275][   T29] audit: type=1326 audit(1759925745.938:881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5212 comm="syz.1.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e69deeec9 code=0x7ffc0000
[   70.178823][   T29] audit: type=1326 audit(1759925745.938:882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5212 comm="syz.1.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1e69deeec9 code=0x7ffc0000
[   70.203034][   T29] audit: type=1326 audit(1759925745.938:883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5212 comm="syz.1.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e69deeec9 code=0x7ffc0000
[   70.473883][ T5237] loop5: detected capacity change from 0 to 1024
[   70.481281][ T5237] EXT4-fs: inline encryption not supported
[   70.498961][ T5237] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   70.551373][ T3778] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.561043][ T5241] loop0: detected capacity change from 0 to 128
[   70.570661][ T5241] EXT4-fs: Ignoring removed nobh option
[   70.592081][ T5241] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   70.630882][ T5241] ext4 filesystem being mounted at /115/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   70.652917][ T3309] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   70.759802][ T5255] netlink: 28 bytes leftover after parsing attributes in process `syz.0.517'.
[   70.776536][ T5255] netlink: 4 bytes leftover after parsing attributes in process `syz.0.517'.
[   71.199528][ T5275] bridge0: port 3(gretap0) entered blocking state
[   71.206208][ T5275] bridge0: port 3(gretap0) entered disabled state
[   71.213479][ T5275] gretap0: entered allmulticast mode
[   71.224022][ T5275] gretap0: entered promiscuous mode
[   71.229762][ T5275] bridge0: port 3(gretap0) entered blocking state
[   71.236268][ T5275] bridge0: port 3(gretap0) entered forwarding state
[   71.261016][ T5275] gretap0: left allmulticast mode
[   71.266209][ T5275] gretap0: left promiscuous mode
[   71.271483][ T5275] bridge0: port 3(gretap0) entered disabled state
[   71.399315][ T5285] loop1: detected capacity change from 0 to 1024
[   71.408826][ T5285] EXT4-fs: inline encryption not supported
[   71.437988][ T5285] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   71.441532][ T5291] loop0: detected capacity change from 0 to 512
[   71.477833][ T5291] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   71.507469][ T5291] EXT4-fs warning (device loop0): dx_probe:837: inode #2: comm syz.0.530: Unimplemented hash flags: 0x0001
[   71.517828][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.518994][ T5291] EXT4-fs warning (device loop0): dx_probe:934: inode #2: comm syz.0.530: Corrupt directory, running e2fsck is recommended
[   71.541311][ T5291] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 3: comm syz.0.530: path /122/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=4294967295, rec_len=7, size=1024 fake=0
[   71.593469][ T5296] netlink: '+}[@': attribute type 10 has an invalid length.
[   71.615109][ T5296] dummy0: left allmulticast mode
[   71.621368][ T5296] dummy0: entered allmulticast mode
[   71.628559][ T5296] team0: Port device dummy0 added
[   71.662208][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.689573][ T5296] netlink: '+}[@': attribute type 10 has an invalid length.
[   71.708976][ T5300] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   71.753954][ T5296] team0: Failed to send port change of device dummy0 via netlink (err -105)
[   71.763489][ T5296] dummy0: left allmulticast mode
[   71.769149][ T5296] team0: Failed to send options change via netlink (err -105)
[   71.776882][ T5296] team0: Failed to send port change of device dummy0 via netlink (err -105)
[   71.785999][ T5296] team0: Port device dummy0 removed
[   71.792779][ T5296] dummy0: entered allmulticast mode
[   71.798490][ T5296] bond0: (slave dummy0): Enslaving as an active interface with an up link
[   71.860637][ T5300] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   71.897815][ T5309] loop5: detected capacity change from 0 to 1024
[   71.906537][ T5309] EXT4-fs: Ignoring removed orlov option
[   72.000930][ T5309] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   72.028825][ T5300] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   72.240786][ T3778] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.285608][ T5300] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   72.569378][ T3389] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   72.584353][ T3389] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   72.600327][ T3389] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   72.635082][ T5326] loop0: detected capacity change from 0 to 512
[   72.635675][ T3389] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   72.667718][ T5326] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   72.701424][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.767294][ T5335] loop1: detected capacity change from 0 to 512
[   72.774482][ T5335] EXT4-fs: dax option not supported
[   72.977267][ T5343] netlink: 16 bytes leftover after parsing attributes in process `syz.3.552'.
[   72.995135][ T5343] netlink: 8 bytes leftover after parsing attributes in process `syz.3.552'.
[   73.315602][ T5355] loop4: detected capacity change from 0 to 2048
[   73.367383][ T5355] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[   73.386430][ T5355] EXT4-fs error (device loop4): ext4_lookup:1787: inode #16: comm syz.4.557: iget: bad i_size value: 8796093031208
[   73.430882][ T5359] netlink: 8 bytes leftover after parsing attributes in process `syz.3.558'.
[   73.450890][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[   73.468346][ T5362] tipc: Failed to obtain node identity
[   73.474158][ T5362] tipc: Enabling of bearer <ib:ipvlan0> rejected, failed to enable media
[   73.515343][ T5366] netlink: 12 bytes leftover after parsing attributes in process `syz.4.559'.
[   73.592831][ T5368] loop4: detected capacity change from 0 to 8192
[   73.700678][ T5376] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   73.708169][ T5376] batman_adv: batadv0: Removing interface: batadv_slave_0
[   73.725084][ T5378] loop0: detected capacity change from 0 to 512
[   73.734765][ T5376] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   73.742439][ T5376] batman_adv: batadv0: Removing interface: batadv_slave_1
[   73.789216][ T5378] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.567: casefold flag without casefold feature
[   73.803617][ T5378] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.567: couldn't read orphan inode 15 (err -117)
[   73.816638][ T5378] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   74.005190][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.171522][ T5390] netlink: 4 bytes leftover after parsing attributes in process `syz.0.570'.
[   74.185190][ T5390] team0: entered promiscuous mode
[   74.190318][ T5390] team0: entered allmulticast mode
[   74.263011][ T5394] netlink: 8 bytes leftover after parsing attributes in process `syz.0.581'.
[   74.271973][ T5394] netlink: 8 bytes leftover after parsing attributes in process `syz.0.581'.
[   74.442835][ T5411] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   74.532617][ T5415] loop0: detected capacity change from 0 to 512
[   74.541496][ T5415] journal_path: Non-blockdev passed as './bus'
[   74.547869][ T5415] EXT4-fs: error: could not find journal device path
[   74.588009][ T5418] netlink: 24 bytes leftover after parsing attributes in process `syz.4.582'.
[   74.628236][ T5420] syzkaller0: entered promiscuous mode
[   74.633762][ T5420] syzkaller0: entered allmulticast mode
[   74.673920][ T5424] netlink: 24 bytes leftover after parsing attributes in process `syz.4.585'.
[   74.689808][ T5424] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=5424 comm=syz.4.585
[   74.815407][ T5432] loop0: detected capacity change from 0 to 512
[   74.823926][ T5432] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   74.844787][ T5432] EXT4-fs (loop0): 1 orphan inode deleted
[   74.851876][ T5432] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   74.865387][ T5432] ext4 filesystem being mounted at /139/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   74.866552][ T3842] EXT4-fs error (device loop0): ext4_release_dquot:6981: comm kworker/u8:62: Failed to release dquot type 1
[   74.890875][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.909513][ T5437] loop0: detected capacity change from 0 to 128
[   74.917716][ T5437] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   74.930543][ T5437] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   74.959259][ T3842] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   75.254332][   T29] kauditd_printk_skb: 176 callbacks suppressed
[   75.254362][   T29] audit: type=1400 audit(1759925751.228:1059): avc:  denied  { read write } for  pid=5449 comm="syz.3.596" name="rdma_cm" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[   75.285575][   T29] audit: type=1400 audit(1759925751.228:1060): avc:  denied  { open } for  pid=5449 comm="syz.3.596" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[   75.420363][ T3433] IPVS: starting estimator thread 0...
[   75.426776][ T5460] netlink: 14 bytes leftover after parsing attributes in process `syz.5.597'.
[   75.444477][ T5460] hsr_slave_0: left promiscuous mode
[   75.450517][ T5460] hsr_slave_1: left promiscuous mode
[   75.459498][ T5463] ªªªªªª: renamed from lo (while UP)
[   75.516684][ T5461] IPVS: using max 2112 ests per chain, 105600 per kthread
[   75.809684][ T5482] bridge_slave_0: left allmulticast mode
[   75.815531][ T5482] bridge_slave_0: left promiscuous mode
[   75.821494][ T5482] bridge0: port 1(bridge_slave_0) entered disabled state
[   75.829541][ T5482] bridge_slave_1: left allmulticast mode
[   75.835205][ T5482] bridge_slave_1: left promiscuous mode
[   75.841030][ T5482] bridge0: port 2(bridge_slave_1) entered disabled state
[   75.849880][ T5482] batman_adv: batadv0: Removing interface: batadv_slave_0
[   75.857585][ T5482] batman_adv: batadv0: Removing interface: batadv_slave_1
[   75.865856][ T5482] bond1: (slave ip6gretap1): Releasing active interface
[   75.879107][   T29] audit: type=1400 audit(1759925751.858:1061): avc:  denied  { create } for  pid=5484 comm="syz.5.608" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=unix_dgram_socket permissive=1
[   75.900207][   T29] audit: type=1400 audit(1759925751.878:1062): avc:  denied  { bind } for  pid=5484 comm="syz.5.608" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=unix_dgram_socket permissive=1
[   75.927231][   T29] audit: type=1400 audit(1759925751.878:1063): avc:  denied  { connect } for  pid=5484 comm="syz.5.608" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=unix_dgram_socket permissive=1
[   75.948305][   T29] audit: type=1400 audit(1759925751.878:1064): avc:  denied  { sendto } for  pid=5484 comm="syz.5.608" path=2F39362FE91F7189591E9233614B scontext=system_u:object_r:hugetlbfs_t tcontext=system_u:object_r:hugetlbfs_t tclass=unix_dgram_socket permissive=1
[   75.994258][ T5482] netlink: 'syz.0.611': attribute type 10 has an invalid length.
[   76.002312][ T5482] veth1_vlan: left promiscuous mode
[   76.009070][ T5482] batman_adv: batadv0: Adding interface: veth1_vlan
[   76.015915][ T5482] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   76.042066][ T5482] batman_adv: batadv0: Interface activated: veth1_vlan
[   76.134726][   T29] audit: type=1400 audit(1759925752.108:1065): avc:  denied  { read } for  pid=5494 comm="syz.0.615" name="event2" dev="devtmpfs" ino=245 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   76.192106][ T5497] netlink: '+}[@': attribute type 1 has an invalid length.
[   76.201076][ T5500] netdevsi: renamed from sit0
[   76.208185][ T5500] netdevsi: entered promiscuous mode
[   76.228526][ T5497] 8021q: adding VLAN 0 to HW filter on device bond1
[   76.268612][ T5497] bond1 (unregistering): Released all slaves
[   76.351662][   T29] audit: type=1326 audit(1759925752.328:1066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5511 comm="syz.3.622" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5185ceec9 code=0x7ffc0000
[   76.375467][   T29] audit: type=1326 audit(1759925752.328:1067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5511 comm="syz.3.622" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5185ceec9 code=0x7ffc0000
[   76.442318][ T5516] bridge_slave_0: left allmulticast mode
[   76.448172][ T5516] bridge_slave_0: left promiscuous mode
[   76.454158][   T29] audit: type=1326 audit(1759925752.328:1068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5511 comm="syz.3.622" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb5185ceec9 code=0x7ffc0000
[   76.454249][ T5516] bridge0: port 1(bridge_slave_0) entered disabled state
[   76.496216][ T5516] bridge_slave_1: left allmulticast mode
[   76.501921][ T5516] bridge_slave_1: left promiscuous mode
[   76.507807][ T5516] bridge0: port 2(bridge_slave_1) entered disabled state
[   76.518681][ T5516] bond0: (slave bond_slave_0): Releasing backup interface
[   76.531272][ T5516] bond0: (slave bond_slave_1): Releasing backup interface
[   76.544513][ T5516] team0: Port device team_slave_0 removed
[   76.558578][ T5516] team0: Port device team_slave_1 removed
[   76.565531][ T5516] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   76.573246][ T5516] batman_adv: batadv0: Removing interface: batadv_slave_0
[   76.602172][ T5516] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   76.609930][ T5516] batman_adv: batadv0: Removing interface: batadv_slave_1
[   76.622176][ T5531] netlink: 'syz.3.624': attribute type 10 has an invalid length.
[   76.640274][ T5531] batman_adv: batadv0: Adding interface: veth1_vlan
[   76.647096][ T5531] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   76.673235][ T5531] batman_adv: batadv0: Interface activated: veth1_vlan
[   76.682807][ T5533] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[   76.709036][ T5535] wg2: left allmulticast mode
[   76.718119][ T5535] wg2: entered promiscuous mode
[   76.723182][ T5535] wg2: entered allmulticast mode
[   76.800611][ T5543] loop3: detected capacity change from 0 to 1024
[   76.822720][ T5543] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   76.870749][ T5553] netlink: '+}[@': attribute type 1 has an invalid length.
[   76.877771][ T5543] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4193: comm syz.3.634: Allocating blocks 449-513 which overlap fs metadata
[   76.902444][ T5553] 8021q: adding VLAN 0 to HW filter on device bond1
[   76.906647][ T5542] EXT4-fs (loop3): pa ffff88810721d5b0: logic 48, phys. 177, len 21
[   76.917434][ T5542] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4
[   76.936261][ T5553] bond1 (unregistering): Released all slaves
[   76.948811][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.030916][ T5561] loop3: detected capacity change from 0 to 512
[   77.040653][ T5561] journal_path: Non-blockdev passed as './bus'
[   77.047002][ T5561] EXT4-fs: error: could not find journal device path
[   77.136979][ T5570] bond0: (slave dummy0): Releasing backup interface
[   77.144163][ T5570] dummy0: left allmulticast mode
[   77.150596][ T5570] bridge_slave_0: left promiscuous mode
[   77.156519][ T5570] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.168428][ T5570] bridge_slave_1: left promiscuous mode
[   77.168749][ T5570] bridge0: port 2(bridge_slave_1) entered disabled state
[   77.183277][ T5570] bond0: (slave bond_slave_0): Releasing backup interface
[   77.191120][ T5570] bond0: (slave bond_slave_1): Releasing backup interface
[   77.192343][ T5570] team0: Port device team_slave_0 removed
[   77.206262][ T5570] team0: Port device team_slave_1 removed
[   77.206461][ T5570] batman_adv: batadv0: Removing interface: batadv_slave_0
[   77.220165][ T5570] batman_adv: batadv0: Removing interface: batadv_slave_1
[   77.243437][ T5570] netlink: 'syz.5.643': attribute type 10 has an invalid length.
[   77.251565][ T5570] veth1_vlan: left promiscuous mode
[   77.256825][ T5570] veth1_vlan: left allmulticast mode
[   77.263037][ T5570] batman_adv: batadv0: Adding interface: veth1_vlan
[   77.269802][ T5570] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   77.296713][ T5570] batman_adv: batadv0: Interface activated: veth1_vlan
[   77.351676][ T5579] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   77.552839][ T5593] loop4: detected capacity change from 0 to 4096
[   77.560358][ T5593] EXT4-fs: Ignoring removed nomblk_io_submit option
[   77.567328][ T5595] ªªªªªª: renamed from lo
[   77.578493][ T5593] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   77.974051][ T5603] loop3: detected capacity change from 0 to 736
[   78.164442][ T5608] __nla_validate_parse: 8 callbacks suppressed
[   78.164461][ T5608] netlink: 24 bytes leftover after parsing attributes in process `syz.3.655'.
[   78.198011][ T5610] serio: Serial port ptm0
[   78.376154][ T5621] netlink: 4 bytes leftover after parsing attributes in process `syz.3.662'.
[   78.386478][ T5621] netlink: 4 bytes leftover after parsing attributes in process `syz.3.662'.
[   78.475408][ T5626] xt_CT: You must specify a L4 protocol and not use inversions on it
[   78.500375][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.748686][ T5646] netlink: 4 bytes leftover after parsing attributes in process `syz.4.676'.
[   78.757596][ T5646] netlink: 4 bytes leftover after parsing attributes in process `syz.4.676'.
[   78.767680][ T5646] netlink: 4 bytes leftover after parsing attributes in process `syz.4.676'.
[   78.783159][ T3842] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   78.787199][ T5646] netlink: 4 bytes leftover after parsing attributes in process `syz.4.676'.
[   78.802163][ T5646] netlink: 4 bytes leftover after parsing attributes in process `syz.4.676'.
[   78.821671][ T5651] 9pnet: Could not find request transport: fdÿÿÿÿ
[   78.829161][ T5646] netlink: 4 bytes leftover after parsing attributes in process `syz.4.676'.
[   78.850413][ T3842] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   78.865010][ T5646] netlink: 4 bytes leftover after parsing attributes in process `syz.4.676'.
[   78.897656][ T3842] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   78.934252][ T5665] loop4: detected capacity change from 0 to 512
[   78.942853][ T3842] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   78.958723][ T5665] EXT4-fs error (device loop4): ext4_iget_extra_inode:5075: inode #15: comm syz.4.678: corrupted in-inode xattr: invalid ea_ino
[   78.972988][ T5665] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.678: couldn't read orphan inode 15 (err -117)
[   78.986313][ T5665] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   79.031951][ T5649] chnl_net:caif_netlink_parms(): no params data found
[   79.040261][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.042529][ T3842] bridge_slave_1: left allmulticast mode
[   79.055321][ T3842] bridge_slave_1: left promiscuous mode
[   79.061300][ T3842] bridge0: port 2(bridge_slave_1) entered disabled state
[   79.074200][ T3842] bridge_slave_0: left allmulticast mode
[   79.080195][ T3842] bridge_slave_0: left promiscuous mode
[   79.085923][ T3842] bridge0: port 1(bridge_slave_0) entered disabled state
[   79.159168][ T5677] loop4: detected capacity change from 0 to 512
[   79.171817][ T5677] EXT4-fs: Ignoring removed mblk_io_submit option
[   79.185365][ T5677] EXT4-fs: Ignoring removed nomblk_io_submit option
[   79.194693][ T3842] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   79.210430][ T5677] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   79.219283][ T5677] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[   79.240770][ T3842] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   79.251128][ T3842] bond0 (unregistering): Released all slaves
[   79.268764][ T5677] EXT4-fs (loop4): failed to initialize system zone (-117)
[   79.283711][ T5679] batman_adv: batadv0: Interface deactivated: veth1_vlan
[   79.286098][ T5677] EXT4-fs (loop4): mount failed
[   79.291035][ T5679] batman_adv: batadv0: Removing interface: veth1_vlan
[   79.343645][ T5677] loop4: detected capacity change from 0 to 2048
[   79.346805][ T3842] tipc: Disabling bearer <udp:syz2>
[   79.355378][ T3842] tipc: Left network mode
[   79.374975][ T5677] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   79.399974][ T5695] serio: Serial port ptm0
[   79.405907][ T3842] veth0_macvtap: left promiscuous mode
[   79.411980][ T3842] veth1_vlan: left promiscuous mode
[   79.417739][ T3842] veth0_vlan: left promiscuous mode
[   79.490026][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.548963][ T3842] team0 (unregistering): Port device team_slave_1 removed
[   79.560254][ T3842] team0 (unregistering): Port device team_slave_0 removed
[   79.618435][ T5699] netlink: 'syz.5.688': attribute type 30 has an invalid length.
[   79.636147][ T5649] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.643528][ T5649] bridge0: port 1(bridge_slave_0) entered disabled state
[   79.652702][ T5649] bridge_slave_0: entered allmulticast mode
[   79.660323][ T5649] bridge_slave_0: entered promiscuous mode
[   79.680550][ T5649] bridge0: port 2(bridge_slave_1) entered blocking state
[   79.687830][ T5649] bridge0: port 2(bridge_slave_1) entered disabled state
[   79.695531][ T5649] bridge_slave_1: entered allmulticast mode
[   79.702218][ T5649] bridge_slave_1: entered promiscuous mode
[   79.724562][ T5649] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   79.740544][ T5649] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   79.763826][ T5649] team0: Port device team_slave_0 added
[   79.771016][ T5649] team0: Port device team_slave_1 added
[   79.804450][ T5649] batman_adv: batadv0: Adding interface: batadv_slave_0
[   79.811647][ T5649] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   79.838503][ T5649] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   79.852001][ T5649] batman_adv: batadv0: Adding interface: batadv_slave_1
[   79.859061][ T5649] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   79.885149][ T5649] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   79.936549][ T5649] hsr_slave_0: entered promiscuous mode
[   79.943066][ T5649] hsr_slave_1: entered promiscuous mode
[   80.018747][ T5724] tipc: Started in network mode
[   80.023815][ T5724] tipc: Node identity ac14140f, cluster identity 4711
[   80.032905][ T5724] tipc: New replicast peer: 255.255.255.255
[   80.039341][ T5724] tipc: Enabled bearer <udp:syz2>, priority 10
[   80.068002][ T3842] IPVS: stop unused estimator thread 0...
[   80.082703][ T5729] batman_adv: batadv0: Interface deactivated: veth1_vlan
[   80.090179][ T5729] batman_adv: batadv0: Removing interface: veth1_vlan
[   80.174663][ T5649] netdevsim netdevsim6 netdevsim0: renamed from eth0
[   80.196348][ T5649] netdevsim netdevsim6 netdevsim1: renamed from eth1
[   80.207217][ T5649] netdevsim netdevsim6 netdevsim2: renamed from eth2
[   80.218555][ T5649] netdevsim netdevsim6 netdevsim3: renamed from eth3
[   80.309964][ T5649] 8021q: adding VLAN 0 to HW filter on device bond0
[   80.324501][ T5649] 8021q: adding VLAN 0 to HW filter on device team0
[   80.336050][ T3389] bridge0: port 1(bridge_slave_0) entered blocking state
[   80.343290][ T3389] bridge0: port 1(bridge_slave_0) entered forwarding state
[   80.355003][ T3805] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.362242][ T3805] bridge0: port 2(bridge_slave_1) entered forwarding state
[   80.814823][ T5755] loop5: detected capacity change from 0 to 1024
[   80.860562][ T5755] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   80.926487][ T5649] 8021q: adding VLAN 0 to HW filter on device batadv0
[   80.996305][ T5755] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4193: comm syz.5.708: Allocating blocks 449-513 which overlap fs metadata
[   81.063542][ T5754] EXT4-fs (loop5): pa ffff88810721d620: logic 48, phys. 177, len 21
[   81.071982][ T5754] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4
[   81.101731][ T5780] bridge_slave_0: left allmulticast mode
[   81.107730][ T5780] bridge_slave_0: left promiscuous mode
[   81.113960][ T5780] bridge0: port 1(bridge_slave_0) entered disabled state
[   81.123380][ T5780] bridge_slave_1: left allmulticast mode
[   81.129224][ T5780] bridge_slave_1: left promiscuous mode
[   81.135187][ T5780] bridge0: port 2(bridge_slave_1) entered disabled state
[   81.143098][ T3778] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.155244][ T5780] bond0: (slave bond_slave_0): Releasing backup interface
[   81.155901][ T1037] tipc: Node number set to 2886997007
[   81.175871][ T5780] bond0: (slave bond_slave_1): Releasing backup interface
[   81.193882][ T5780] batman_adv: batadv0: Removing interface: batadv_slave_0
[   81.204082][ T5780] batman_adv: batadv0: Removing interface: batadv_slave_1
[   81.211974][ T5780] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[   81.246195][ T5780] netlink: 'syz.4.711': attribute type 10 has an invalid length.
[   81.277344][ T5780] veth1_vlan: left promiscuous mode
[   81.297116][ T5780] batman_adv: batadv0: Adding interface: veth1_vlan
[   81.303844][ T5780] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   81.332590][ T5780] batman_adv: batadv0: Interface activated: veth1_vlan
[   81.357915][ T5649] veth0_vlan: entered promiscuous mode
[   81.380388][ T5649] veth1_vlan: entered promiscuous mode
[   81.404842][ T5649] veth0_macvtap: entered promiscuous mode
[   81.415657][ T5649] veth1_macvtap: entered promiscuous mode
[   81.434233][ T5649] batman_adv: batadv0: Interface activated: batadv_slave_0
[   81.463332][ T5649] batman_adv: batadv0: Interface activated: batadv_slave_1
[   81.477567][ T3389] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   81.486922][   T12] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   81.509617][   T12] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   81.521979][   T12] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   81.592061][   T29] kauditd_printk_skb: 145 callbacks suppressed
[   81.592078][   T29] audit: type=1326 audit(1759925757.568:1214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5803 comm="syz.5.717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c323beec9 code=0x7ffc0000
[   81.626715][   T29] audit: type=1326 audit(1759925757.598:1215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5803 comm="syz.5.717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5c323beec9 code=0x7ffc0000
[   81.650467][   T29] audit: type=1326 audit(1759925757.598:1216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5803 comm="syz.5.717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c323beec9 code=0x7ffc0000
[   81.674548][   T29] audit: type=1326 audit(1759925757.598:1217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5803 comm="syz.5.717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c323beec9 code=0x7ffc0000
[   81.698473][   T29] audit: type=1326 audit(1759925757.608:1218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5803 comm="syz.5.717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5c323beec9 code=0x7ffc0000
[   81.722392][   T29] audit: type=1326 audit(1759925757.608:1219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5803 comm="syz.5.717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c323beec9 code=0x7ffc0000
[   81.746287][   T29] audit: type=1326 audit(1759925757.608:1220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5803 comm="syz.5.717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c323beec9 code=0x7ffc0000
[   81.780229][ T5811] loop4: detected capacity change from 0 to 1024
[   81.787537][ T5811] EXT4-fs: Ignoring removed orlov option
[   81.795335][   T29] audit: type=1326 audit(1759925757.628:1221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5803 comm="syz.5.717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5c323beec9 code=0x7ffc0000
[   81.818823][   T29] audit: type=1326 audit(1759925757.628:1222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5803 comm="syz.5.717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c323beec9 code=0x7ffc0000
[   81.833846][ T5811] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   81.842537][   T29] audit: type=1326 audit(1759925757.628:1223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5803 comm="syz.5.717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c323beec9 code=0x7ffc0000
[   81.889264][ T5813] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[   82.047053][ T5820] loop6: detected capacity change from 0 to 2048
[   82.078301][ T5820] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[   82.101466][ T5820] EXT4-fs error (device loop6): ext4_lookup:1787: inode #16: comm syz.6.720: iget: bad i_size value: 8796093031208
[   82.181668][ T5649] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[   82.669124][ T5857] loop5: detected capacity change from 0 to 4096
[   82.695454][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.709538][ T5857] EXT4-fs: Ignoring removed nomblk_io_submit option
[   82.738656][ T5857] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   82.986075][ T5905] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   83.059014][ T5905] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   83.080629][ T5905] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   83.099804][ T5905] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   83.233936][ T5926] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   83.445734][ T5956] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   83.498649][ T5960] __nla_validate_parse: 14 callbacks suppressed
[   83.498666][ T5960] netlink: 14 bytes leftover after parsing attributes in process `syz.3.739'.
[   83.514758][    T9] IPVS: starting estimator thread 0...
[   83.520076][ T5956] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   83.545985][ T3778] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.601690][ T5956] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   83.614473][ T5961] IPVS: using max 2352 ests per chain, 117600 per kthread
[   83.695281][ T5976] netlink: 'syz.0.742': attribute type 1 has an invalid length.
[   83.703217][ T5976] netlink: 'syz.0.742': attribute type 4 has an invalid length.
[   83.711241][ T5976] netlink: 15334 bytes leftover after parsing attributes in process `syz.0.742'.
[   83.722748][ T5956] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   83.781652][ T5926] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   83.823043][ T3792] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   83.843986][ T3792] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   83.852346][ T5979] loop5: detected capacity change from 0 to 128
[   83.859389][ T3792] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   83.875098][ T3792] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   83.891325][ T5979] FAT-fs (loop5): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[   83.956785][ T5979] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[   83.964782][ T5979] FAT-fs (loop5): Filesystem has been set read-only
[   83.974546][ T5979] syz.5.748: attempt to access beyond end of device
[   83.974546][ T5979] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[   83.991117][ T5926] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   84.040631][ T5926] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   84.104673][ T3792] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   84.124867][ T3805] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   84.133663][ T3805] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   84.142008][ T5991] batman_adv: batadv0: Interface deactivated: veth1_vlan
[   84.142532][ T5992] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[   84.142532][ T5992] The task syz.5.750 (5992) triggered the difference, watch for misbehavior.
[   84.149626][ T5991] batman_adv: batadv0: Removing interface: veth1_vlan
[   84.180059][ T3805] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   84.299546][ T6005] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   84.367774][ T6005] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   84.462938][ T6005] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   84.517993][ T6005] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   84.924522][ T6026] netdevsim netdevsim6 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   84.979337][ T6026] netdevsim netdevsim6 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   85.047739][ T6026] netdevsim netdevsim6 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   85.167728][ T6026] netdevsim netdevsim6 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   85.855321][ T6066] netlink: 'syz.0.779': attribute type 10 has an invalid length.
[   85.863404][ T6066] netlink: 40 bytes leftover after parsing attributes in process `syz.0.779'.
[   85.873579][ T6066] dummy0: entered promiscuous mode
[   85.896904][ T6066] bridge0: port 1(dummy0) entered blocking state
[   85.903409][ T6066] bridge0: port 1(dummy0) entered disabled state
[   85.911417][ T6066] dummy0: entered allmulticast mode
[   85.943594][ T6068] loop4: detected capacity change from 0 to 512
[   85.971592][ T6068] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   85.988004][ T6068] ext4 filesystem being mounted at /177/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   86.095617][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.330871][ T6086] loop5: detected capacity change from 0 to 128
[   86.340651][ T6086] FAT-fs (loop5): Directory bread(block 32) failed
[   86.347933][ T6086] FAT-fs (loop5): Directory bread(block 33) failed
[   86.354650][ T6086] FAT-fs (loop5): Directory bread(block 34) failed
[   86.361742][ T6086] FAT-fs (loop5): Directory bread(block 35) failed
[   86.368733][ T6086] FAT-fs (loop5): Directory bread(block 36) failed
[   86.375872][ T6086] FAT-fs (loop5): Directory bread(block 37) failed
[   86.383104][ T6086] FAT-fs (loop5): Directory bread(block 38) failed
[   86.390029][ T6086] FAT-fs (loop5): Directory bread(block 39) failed
[   86.396872][ T6086] FAT-fs (loop5): Directory bread(block 40) failed
[   86.403590][ T6086] FAT-fs (loop5): Directory bread(block 41) failed
[   86.478673][ T6089] netlink: 4 bytes leftover after parsing attributes in process `syz.5.788'.
[   86.596091][   T29] kauditd_printk_skb: 74 callbacks suppressed
[   86.596109][   T29] audit: type=1326 audit(1759925762.578:1298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6094 comm="syz.0.790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f474f4feec9 code=0x7ffc0000
[   86.626687][ T6095] capability: warning: `syz.0.790' uses 32-bit capabilities (legacy support in use)
[   86.644394][   T29] audit: type=1326 audit(1759925762.608:1299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6094 comm="syz.0.790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f474f4feec9 code=0x7ffc0000
[   86.668246][   T29] audit: type=1326 audit(1759925762.608:1300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6094 comm="syz.0.790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f474f4feec9 code=0x7ffc0000
[   86.692028][   T29] audit: type=1326 audit(1759925762.608:1301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6094 comm="syz.0.790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=126 compat=0 ip=0x7f474f4feec9 code=0x7ffc0000
[   86.715566][   T29] audit: type=1326 audit(1759925762.618:1302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6094 comm="syz.0.790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f474f4feec9 code=0x7ffc0000
[   86.739431][   T29] audit: type=1326 audit(1759925762.618:1303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6094 comm="syz.0.790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f474f4feec9 code=0x7ffc0000
[   86.763325][   T29] audit: type=1326 audit(1759925762.618:1304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6094 comm="syz.0.790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f474f4feec9 code=0x7ffc0000
[   86.786971][   T29] audit: type=1326 audit(1759925762.618:1305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6094 comm="syz.0.790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f474f4feec9 code=0x7ffc0000
[   86.811401][   T29] audit: type=1326 audit(1759925762.618:1306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6094 comm="syz.0.790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f474f4feec9 code=0x7ffc0000
[   86.835401][   T29] audit: type=1326 audit(1759925762.618:1307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6094 comm="syz.0.790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f474f4feec9 code=0x7ffc0000
[   86.870263][   T58] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   86.890168][   T58] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   86.922707][   T58] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   86.974665][   T58] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   87.152239][ T6107] loop5: detected capacity change from 0 to 512
[   87.176659][ T6107] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[   87.208828][ T6107] EXT4-fs error (device loop5): ext4_orphan_get:1418: comm syz.5.794: bad orphan inode 131083
[   87.236752][ T6107] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   87.331935][ T3778] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.411856][ T6118] loop4: detected capacity change from 0 to 32768
[   87.468431][ T3901]  loop4: p1 p3 < >
[   87.495028][ T6127] netlink: 5452 bytes leftover after parsing attributes in process `syz.4.798'.
[   87.516102][ T6118]  loop4: p1 p3 < >
[   87.530018][ T6129] loop5: detected capacity change from 0 to 512
[   87.537009][ T6129] EXT4-fs: Ignoring removed nobh option
[   87.579808][ T6129] EXT4-fs error (device loop5): ext4_do_update_inode:5624: inode #3: comm syz.5.802: corrupted inode contents
[   87.596825][ T6129] EXT4-fs error (device loop5): ext4_dirty_inode:6509: inode #3: comm syz.5.802: mark_inode_dirty error
[   87.612818][ T6129] EXT4-fs error (device loop5): ext4_do_update_inode:5624: inode #3: comm syz.5.802: corrupted inode contents
[   87.636849][ T6129] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #3: comm syz.5.802: mark_inode_dirty error
[   87.649321][ T6129] EXT4-fs error (device loop5): ext4_acquire_dquot:6945: comm syz.5.802: Failed to acquire dquot type 0
[   87.679050][ T6129] EXT4-fs error (device loop5): ext4_do_update_inode:5624: inode #16: comm syz.5.802: corrupted inode contents
[   87.709106][ T6129] EXT4-fs error (device loop5): ext4_dirty_inode:6509: inode #16: comm syz.5.802: mark_inode_dirty error
[   87.735869][ T6129] EXT4-fs error (device loop5): ext4_do_update_inode:5624: inode #16: comm syz.5.802: corrupted inode contents
[   87.750925][ T3901] udevd[3901]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[   87.760990][ T3298] udevd[3298]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[   87.761718][ T6129] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #16: comm syz.5.802: mark_inode_dirty error
[   87.799056][   T58] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   87.808159][ T6129] EXT4-fs error (device loop5): ext4_do_update_inode:5624: inode #16: comm syz.5.802: corrupted inode contents
[   87.821705][ T6129] EXT4-fs error (device loop5) in ext4_orphan_del:301: Corrupt filesystem
[   87.822830][   T58] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   87.840332][ T3901] udevd[3901]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[   87.840783][ T3298] udevd[3298]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[   87.874943][ T6129] EXT4-fs error (device loop5): ext4_do_update_inode:5624: inode #16: comm syz.5.802: corrupted inode contents
[   87.876496][   T58] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   87.906654][   T58] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   87.920380][ T6144] loop6: detected capacity change from 0 to 512
[   87.933345][ T6129] EXT4-fs error (device loop5): ext4_truncate:4637: inode #16: comm syz.5.802: mark_inode_dirty error
[   87.961556][ T6144] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   87.993079][ T6144] ext4 filesystem being mounted at /13/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   88.046367][ T6129] EXT4-fs error (device loop5) in ext4_process_orphan:343: Corrupt filesystem
[   88.068909][ T6129] EXT4-fs (loop5): 1 truncate cleaned up
[   88.088011][ T6129] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   88.134293][ T6129] ext4 filesystem being mounted at /135/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   88.177910][ T6151] netlink: 'syz.3.808': attribute type 16 has an invalid length.
[   88.186996][ T5649] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.198737][ T3778] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.208356][ T6151] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   88.258881][ T6154] geneve2: entered promiscuous mode
[   88.264649][ T6154] geneve2: entered allmulticast mode
[   88.505187][ T6178] netlink: 'syz.3.819': attribute type 21 has an invalid length.
[   88.517693][ T6178] netlink: 132 bytes leftover after parsing attributes in process `syz.3.819'.
[   88.526916][ T6178] netlink: 'syz.3.819': attribute type 1 has an invalid length.
[   88.593415][ T6182] loop3: detected capacity change from 0 to 4096
[   88.602662][ T6182] EXT4-fs: Ignoring removed nomblk_io_submit option
[   88.630686][ T6182] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   88.631593][ T6185] loop5: detected capacity change from 0 to 512
[   88.688647][ T6185] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   88.709054][ T6185] ext4 filesystem being mounted at /138/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   88.814422][ T3778] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.977147][ T6201] SELinux: ebitmap: truncated map
[   88.992240][ T6201] SELinux: failed to load policy
[   89.126257][ T6209] netlink: 12 bytes leftover after parsing attributes in process `syz.0.831'.
[   89.246513][ T6209] 8021q: adding VLAN 0 to HW filter on device bond2
[   89.341679][ T6228] netlink: 4 bytes leftover after parsing attributes in process `syz.4.838'.
[   89.391680][ T6228] team0: entered promiscuous mode
[   89.396935][ T6228] team0: entered allmulticast mode
[   89.423089][ T6228] 8021q: adding VLAN 0 to HW filter on device team0
[   89.592669][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.670420][ T6239] loop5: detected capacity change from 0 to 1024
[   89.700954][ T6239] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   89.804951][ T6248] netlink: 'syz.0.844': attribute type 17 has an invalid length.
[   89.812896][ T6248] netlink: 148 bytes leftover after parsing attributes in process `syz.0.844'.
[   90.260675][ T6268] loop6: detected capacity change from 0 to 512
[   90.279056][ T3778] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.290285][ T6268] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   90.303493][ T6268] ext4 filesystem being mounted at /20/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   90.330571][ T6268] SELinux:  Context @ is not valid (left unmapped).
[   90.354158][ T5649] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.603910][    T9] Process accounting resumed
[   90.663995][ T6294] netlink: 'syz.3.863': attribute type 30 has an invalid length.
[   90.933755][ T6312] netlink: 12 bytes leftover after parsing attributes in process `syz.0.872'.
[   90.970475][ T6315] loop6: detected capacity change from 0 to 2048
[   91.054918][ T6315] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   91.262130][ T6339] loop4: detected capacity change from 0 to 1024
[   91.277335][ T6339] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   91.288591][ T6339] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   91.365238][ T6339] JBD2: no valid journal superblock found
[   91.371089][ T6339] EXT4-fs (loop4): Could not load journal inode
[   91.416344][ T6339] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[   91.434101][ T3000] udevd[3000]: worker [3901] terminated by signal 33 (Unknown signal 33)
[   91.512481][ T5649] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   91.616438][ T6360] netlink: 'syz.6.892': attribute type 12 has an invalid length.
[   91.719432][ T6368] syz.4.895 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   92.023377][ T6379] loop4: detected capacity change from 0 to 1024
[   92.059321][ T6379] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[   92.076319][ T6379] ext4 filesystem being mounted at /210/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   92.324635][ T6386] bridge0: port 1(macsec0) entered blocking state
[   92.331457][ T6386] bridge0: port 1(macsec0) entered disabled state
[   92.338697][ T6386] macsec0: entered allmulticast mode
[   92.345296][ T6386] macsec0: left allmulticast mode
[   92.455319][ T6388] loop5: detected capacity change from 0 to 128
[   92.472162][ T6388] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   92.496119][ T6388] ext4 filesystem being mounted at /155/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   92.514734][   T29] kauditd_printk_skb: 155 callbacks suppressed
[   92.514766][   T29] audit: type=1400 audit(1759925768.488:1461): avc:  denied  { append } for  pid=6387 comm="syz.5.902" name="event1" dev="devtmpfs" ino=243 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   92.556897][ T3778] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   92.593252][   T29] audit: type=1326 audit(1759925768.568:1462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6392 comm="syz.5.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c323beec9 code=0x7ffc0000
[   92.613177][ T6391] syzkaller0: entered promiscuous mode
[   92.622492][ T6391] syzkaller0: entered allmulticast mode
[   92.626532][   T29] audit: type=1326 audit(1759925768.598:1463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6392 comm="syz.5.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5c323beec9 code=0x7ffc0000
[   92.656702][   T29] audit: type=1326 audit(1759925768.598:1464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6392 comm="syz.5.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c323beec9 code=0x7ffc0000
[   92.680541][   T29] audit: type=1326 audit(1759925768.598:1465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6392 comm="syz.5.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f5c323beec9 code=0x7ffc0000
[   92.874850][ T6407] netlink: 'syz.3.909': attribute type 10 has an invalid length.
[   92.920062][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[   92.985046][ T6413] loop4: detected capacity change from 0 to 128
[   93.041132][ T6413] syz.4.910: attempt to access beyond end of device
[   93.041132][ T6413] loop4: rw=0, sector=121, nr_sectors = 40 limit=128
[   93.109159][ T6423] loop6: detected capacity change from 0 to 4096
[   93.140846][ T6423] EXT4-fs: Ignoring removed nomblk_io_submit option
[   93.150989][ T6432] netlink: 8 bytes leftover after parsing attributes in process `syz.0.919'.
[   93.175006][ T6432] bridge0: port 1(dummy0) entered blocking state
[   93.181557][ T6432] bridge0: port 1(dummy0) entered forwarding state
[   93.189991][ T6423] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   93.206401][ T6432] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   93.273418][   T29] audit: type=1400 audit(1759925769.248:1466): avc:  denied  { module_load } for  pid=6438 comm="syz.0.921" path="/223/bus" dev="tmpfs" ino=1192 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=system permissive=1
[   93.275483][ T6440] Invalid ELF header magic: != ELF
[   93.452412][   T29] audit: type=1326 audit(1759925769.428:1467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6447 comm="syz.0.933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f474f4feec9 code=0x7ffc0000
[   93.476447][   T29] audit: type=1326 audit(1759925769.428:1468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6447 comm="syz.0.933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f474f4feec9 code=0x7ffc0000
[   93.540641][   T29] audit: type=1326 audit(1759925769.478:1469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6447 comm="syz.0.933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f474f4feec9 code=0x7ffc0000
[   93.564232][   T29] audit: type=1326 audit(1759925769.478:1470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6447 comm="syz.0.933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f474f4feec9 code=0x7ffc0000
[   93.596187][ T6453] loop3: detected capacity change from 0 to 512
[   93.604826][ T6453] ------------[ cut here ]------------
[   93.610495][ T6453] EA inode 11 i_nlink=2
[   93.610822][ T6453] WARNING: CPU: 0 PID: 6453 at fs/ext4/xattr.c:1058 ext4_xattr_inode_update_ref+0x36a/0x380
[   93.625388][ T6453] Modules linked in:
[   93.629434][ T6453] CPU: 0 UID: 0 PID: 6453 Comm: syz.3.926 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   93.639140][ T6453] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   93.649579][ T6453] RIP: 0010:ext4_xattr_inode_update_ref+0x36a/0x380
[   93.656244][ T6453] Code: 90 49 8d 7e 40 e8 26 03 b9 ff 4d 8b 6e 40 4c 89 e7 e8 3a fe b8 ff 41 8b 56 48 48 c7 c7 43 4c 55 86 4c 89 ee e8 a7 15 68 ff 90 <0f> 0b 90 90 e9 ff fe ff ff e8 e8 73 b0 03 0f 1f 84 00 00 00 00 00
[   93.676048][ T6453] RSP: 0000:ffffc90000e93778 EFLAGS: 00010246
[   93.682245][ T6453] RAX: 18f653f312f60000 RBX: ffff8881198bc1a8 RCX: 0000000000080000
[   93.690356][ T6453] RDX: ffffc90004e34000 RSI: 00000000000029d4 RDI: 00000000000029d5
[   93.698399][ T6453] RBP: 0000000000000002 R08: 0001c90000e935f7 R09: 0000000000000000
[   93.706525][ T6453] R10: 00000000ffffffff R11: 0000000000000002 R12: ffff8881198bc158
[   93.714785][ T6453] R13: 000000000000000b R14: ffff8881198bc110 R15: 0000000000000001
[   93.722919][ T6453] FS:  00007fb5170376c0(0000) GS:ffff8882aee3a000(0000) knlGS:0000000000000000
[   93.731911][ T6453] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   93.738629][ T6453] CR2: 00007f474f751a48 CR3: 00000001217a0000 CR4: 00000000003506f0
[   93.746692][ T6453] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   93.754743][ T6453] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[   93.762871][ T6453] Call Trace:
[   93.766284][ T6453]  <TASK>
[   93.769334][ T6453]  ext4_xattr_inode_dec_ref_all+0x579/0x830
[   93.775391][ T6453]  ? errseq_check+0x2c/0x50
[   93.780316][ T6453]  ext4_xattr_delete_inode+0x6b7/0x790
[   93.785930][ T6453]  ext4_evict_inode+0xa6a/0xd90
[   93.790891][ T6453]  ? __pfx_ext4_evict_inode+0x10/0x10
[   93.796436][ T6453]  evict+0x2e0/0x550
[   93.800390][ T6453]  ? __dquot_initialize+0x146/0x7c0
[   93.805894][ T6453]  iput+0x4ed/0x650
[   93.809774][ T6453]  ext4_process_orphan+0x1a9/0x1c0
[   93.814988][ T6453]  ext4_orphan_cleanup+0x6a8/0xa00
[   93.820287][ T6453]  ext4_fill_super+0x3483/0x3810
[   93.825282][ T6453]  ? snprintf+0x86/0xb0
[   93.829643][ T6453]  ? set_blocksize+0x1a8/0x310
[   93.834462][ T6453]  ? sb_set_blocksize+0xe3/0x100
[   93.839554][ T6453]  ? setup_bdev_super+0x30e/0x370
[   93.844676][ T6453]  ? __pfx_ext4_fill_super+0x10/0x10
[   93.850252][ T6453]  get_tree_bdev_flags+0x28e/0x300
[   93.855497][ T6453]  ? __pfx_ext4_fill_super+0x10/0x10
[   93.861033][ T6453]  get_tree_bdev+0x1f/0x30
[   93.865584][ T6453]  ext4_get_tree+0x1c/0x30
[   93.870239][ T6453]  vfs_get_tree+0x57/0x1d0
[   93.874884][ T6453]  do_new_mount+0x24d/0x660
[   93.879560][ T6453]  path_mount+0x4a5/0xb70
[   93.883975][ T6453]  ? user_path_at+0x109/0x130
[   93.888888][ T6453]  __se_sys_mount+0x28c/0x2e0
[   93.893612][ T6453]  ? do_mkdirat+0x3ac/0x3f0
[   93.898197][ T6453]  __x64_sys_mount+0x67/0x80
[   93.902831][ T6453]  x64_sys_call+0x2b51/0x3000
[   93.907832][ T6453]  do_syscall_64+0xd2/0x200
[   93.912441][ T6453]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   93.918735][ T6453]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   93.924701][ T6453]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.930851][ T6453] RIP: 0033:0x7fb5185d066a
[   93.935313][ T6453] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   93.955417][ T6453] RSP: 002b:00007fb517036e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   93.964129][ T6453] RAX: ffffffffffffffda RBX: 00007fb517036ef0 RCX: 00007fb5185d066a
[   93.972156][ T6453] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007fb517036eb0
[   93.980461][ T6453] RBP: 0000200000000180 R08: 00007fb517036ef0 R09: 0000000000800700
[   93.988750][ T6453] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0
[   93.996784][ T6453] R13: 00007fb517036eb0 R14: 000000000000046c R15: 0000200000000740
[   94.004984][ T6453]  </TASK>
[   94.008084][ T6453] ---[ end trace 0000000000000000 ]---
[   94.021626][ T6455] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[   94.031606][ T6453] EXT4-fs (loop3): 1 orphan inode deleted
[   94.037808][ T6453] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   94.153676][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   94.251518][ T5649] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   94.376983][ T6476] netlink: 12 bytes leftover after parsing attributes in process `syz.0.935'.
[   94.432141][ T6469] loop4: detected capacity change from 0 to 8192
[   94.475334][ T6485] vlan2: entered promiscuous mode
[   94.480959][ T6485] vlan2: entered allmulticast mode
[   94.486301][ T6485] hsr_slave_1: entered allmulticast mode
[   94.693053][ T6493] netlink: 96 bytes leftover after parsing attributes in process `syz.0.941'.
[   94.945152][ T6503] loop6: detected capacity change from 0 to 512
[   94.952825][ T6503] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[   94.966673][ T6503] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c842e02c, mo2=0002]
[   94.975327][ T6503] EXT4-fs (loop6): orphan cleanup on readonly fs
[   94.981977][ T6503] EXT4-fs error (device loop6): ext4_orphan_get:1418: comm syz.6.946: bad orphan inode 267
[   94.996261][ T6503] EXT4-fs (loop6): Remounting filesystem read-only
[   95.003767][ T6503] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none.
[   95.180953][ T5649] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[   95.257004][ T6513] netlink: 4 bytes leftover after parsing attributes in process `syz.6.950'.
[   95.280194][ T6513] netlink: 4 bytes leftover after parsing attributes in process `syz.6.950'.
[   95.322977][ T6523] bridge: RTM_NEWNEIGH with invalid ether address
[   95.383783][ T6527] netlink: 4 bytes leftover after parsing attributes in process `syz.3.958'.
[   95.396874][ T6527] loop3: detected capacity change from 0 to 512
[   95.406132][ T6529] netlink: 24 bytes leftover after parsing attributes in process `syz.6.960'.
[   95.428233][ T6527] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   95.453391][ T6527] netlink: 4 bytes leftover after parsing attributes in process `syz.3.958'.
[   95.467435][ T6529] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=6529 comm=syz.6.960
[   95.470430][ T6539] netlink: 24 bytes leftover after parsing attributes in process `syz.0.962'.
[   95.531246][ T6539] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=6539 comm=syz.0.962
[   95.620794][ T6557] loop3: detected capacity change from 0 to 128
[   95.657232][ T6557] FAT-fs (loop3): error, corrupted directory (invalid entries)
[   95.664909][ T6557] FAT-fs (loop3): Filesystem has been set read-only
[   95.751338][ T6563] infiniband syz1: set active
[   95.756144][ T6563] infiniband syz1: added syz_tun
[   95.798633][ T6563] RDS/IB: syz1: added
[   96.312979][ T6579] loop4: detected capacity change from 0 to 4096
[   96.336213][ T6579] EXT4-fs: Ignoring removed nomblk_io_submit option
[   96.395713][ T3392] syz1: Port: 1 Link DOWN
[   96.816146][ T6591] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6591 comm=syz.6.981
[   97.158209][ T6595] netlink: 'syz.6.983': attribute type 12 has an invalid length.
[   97.237842][ T6598] netlink: 8 bytes leftover after parsing attributes in process `syz.3.984'.
[   97.251988][ T6598] netlink: 4 bytes leftover after parsing attributes in process `syz.3.984'.
[   98.065333][ T6636] netlink: 'syz.4.1000': attribute type 10 has an invalid length.
[   98.093794][ T6636] dummy0: entered promiscuous mode
[   98.124761][ T6636] bridge0: port 1(dummy0) entered blocking state
[   98.133596][ T6636] bridge0: port 1(dummy0) entered disabled state
[   98.150902][ T6636] dummy0: entered allmulticast mode
[   98.170395][ T6639] loop4: detected capacity change from 0 to 512
[   98.213805][   T29] kauditd_printk_skb: 47 callbacks suppressed
[   98.213832][   T29] audit: type=1326 audit(1759925774.188:1518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6642 comm="syz.5.1003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c323beec9 code=0x7ffc0000
[   98.320222][   T29] audit: type=1326 audit(1759925774.228:1519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6642 comm="syz.5.1003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c323beec9 code=0x7ffc0000
[   98.344719][   T29] audit: type=1326 audit(1759925774.228:1520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6642 comm="syz.5.1003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f5c323beec9 code=0x7ffc0000
[   98.368512][   T29] audit: type=1326 audit(1759925774.228:1521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6642 comm="syz.5.1003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c323beec9 code=0x7ffc0000
[   98.392007][   T29] audit: type=1326 audit(1759925774.228:1522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6642 comm="syz.5.1003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c323beec9 code=0x7ffc0000
[   98.415660][   T29] audit: type=1326 audit(1759925774.228:1523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6642 comm="syz.5.1003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5c323beec9 code=0x7ffc0000
[   98.439376][   T29] audit: type=1326 audit(1759925774.228:1524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6642 comm="syz.5.1003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c323beec9 code=0x7ffc0000
[   98.447486][ T6639] EXT4-fs (loop4): too many log groups per flexible block group
[   98.463086][   T29] audit: type=1326 audit(1759925774.228:1525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6642 comm="syz.5.1003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5c323beec9 code=0x7ffc0000
[   98.494494][   T29] audit: type=1326 audit(1759925774.228:1526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6642 comm="syz.5.1003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c323beec9 code=0x7ffc0000
[   98.517989][   T29] audit: type=1326 audit(1759925774.228:1527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6642 comm="syz.5.1003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c323beec9 code=0x7ffc0000
[   98.534010][ T6639] EXT4-fs (loop4): failed to initialize mballoc (-12)
[   98.563835][ T6639] EXT4-fs (loop4): mount failed
[   98.658207][ T6653] syzkaller0: entered allmulticast mode
[   98.673340][ T6653] syzkaller0: entered promiscuous mode
[   98.692857][ T6653] syzkaller0 (unregistering): left allmulticast mode
[   98.699690][ T6653] syzkaller0 (unregistering): left promiscuous mode
[   99.198571][ T6676] veth0_vlan: left promiscuous mode
[   99.203863][ T6676] veth0_vlan: entered promiscuous mode
[   99.411371][ T6689] Ÿë
: port 1(veth0_to_team) entered blocking state
[   99.418211][ T6689] Ÿë
: port 1(veth0_to_team) entered disabled state
[   99.425116][ T6689] veth0_to_team: entered allmulticast mode
[   99.431692][ T6689] veth0_to_team: entered promiscuous mode
[   99.686492][ T6707] __nla_validate_parse: 1 callbacks suppressed
[   99.686514][ T6707] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1026'.
[   99.764918][ T6711] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 0, id = 0
[   99.848189][ T6716] veth0_vlan: entered allmulticast mode
[   99.900519][ T6720] veth0_vlan: left promiscuous mode
[   99.905996][ T6720] veth0_vlan: entered promiscuous mode
[   99.911722][ T6720] veth0_vlan: left allmulticast mode
[  100.015458][ T6724] af_packet: tpacket_rcv: packet too big, clamped from 65075 to 3944. macoff=96
[  100.466444][ T6734] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1036'.
[  100.680379][ T6750] loop4: detected capacity change from 0 to 1024
[  100.708055][ T6748] hub 9-0:1.0: USB hub found
[  100.720530][ T6748] hub 9-0:1.0: 8 ports detected
[  100.788900][ T6752] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1042'.
[  100.807170][ T6752] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1042'.
[  100.956801][ T6766] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1046'.
[  100.966116][ T6766] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  100.997719][ T6766] batman_adv: batadv0: Removing interface: batadv_slave_1
[  101.090733][ T6772] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1049'.
[  101.261576][ T6792] netdevsim netdevsim6 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  101.320225][ T6792] netdevsim netdevsim6 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  101.352475][ T6800] loop3: detected capacity change from 0 to 4096
[  101.359537][ T6800] EXT4-fs: Ignoring removed nomblk_io_submit option
[  101.369225][ T6800] EXT4-fs mount: 3 callbacks suppressed
[  101.369239][ T6800] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  101.396915][ T6792] netdevsim netdevsim6 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  101.507599][ T6792] netdevsim netdevsim6 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  101.599606][ T3801] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  101.615864][ T3801] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  101.642073][ T3801] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  101.674603][ T3801] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  101.956522][ T6835] loop6: detected capacity change from 0 to 8192
[  102.314413][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.563005][ T6849] SELinux:  policydb version 0 does not match my version range 15-35
[  102.621592][ T6849] SELinux: failed to load policy
[  102.759785][ T6860] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  102.883117][ T6863] netlink: 'syz.5.1081': attribute type 10 has an invalid length.
[  102.896243][ T6863] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1081'.
[  102.911480][ T6863] dummy0: entered promiscuous mode
[  102.935889][ T6863] bridge0: port 1(dummy0) entered blocking state
[  102.943820][ T6863] bridge0: port 1(dummy0) entered disabled state
[  102.945708][ T6873] loop5: detected capacity change from 0 to 512
[  102.957665][ T6863] dummy0: entered allmulticast mode
[  102.987946][ T6873] EXT4-fs (loop5): too many log groups per flexible block group
[  102.998220][ T6873] EXT4-fs (loop5): failed to initialize mballoc (-12)
[  103.005411][ T6873] EXT4-fs (loop5): mount failed
[  103.021679][ T6860] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  103.103699][ T6860] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  103.157974][ T6860] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  103.242574][ T3801] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  103.253765][ T3801] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  103.266257][ T3801] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  103.279958][ T3801] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  103.323103][ T6906] loop3: detected capacity change from 0 to 128
[  103.331206][ T6906] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  103.343780][ T6906] ext4 filesystem being mounted at /208/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  103.401925][ T3318] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  103.420003][ T6909] netlink: 'syz.3.1091': attribute type 1 has an invalid length.
[  103.434181][ T6909] 8021q: adding VLAN 0 to HW filter on device bond1
[  103.454187][ T6909] macvlan2: entered promiscuous mode
[  103.459774][ T6909] macvlan2: entered allmulticast mode
[  103.466533][ T6909] bond1: (slave macvlan2): Opening slave failed
[  103.473862][ T6912] netlink: 'syz.4.1092': attribute type 10 has an invalid length.
[  103.481928][ T6912] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1092'.
[  103.582208][ T6920] loop3: detected capacity change from 0 to 128
[  103.589137][ T6920] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  103.602395][ T6920] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  103.618875][   T29] kauditd_printk_skb: 97 callbacks suppressed
[  103.618890][   T29] audit: type=1400 audit(1759925779.598:1625): avc:  denied  { wake_alarm } for  pid=6921 comm="syz.4.1095" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  103.896213][ T3805] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  103.915742][ T6930] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1098'.
[  103.934112][ T6930] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1098'.
[  104.077281][ T6936] netdevsim netdevsim6 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.147708][ T6936] netdevsim netdevsim6 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.274479][ T6936] netdevsim netdevsim6 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.347599][ T6936] netdevsim netdevsim6 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.582060][   T29] audit: type=1400 audit(1759925780.558:1626): avc:  denied  { ioctl } for  pid=6946 comm="syz.3.1104" path="/dev/cpu/0/msr" dev="devtmpfs" ino=85 ioctlcmd=0xf509 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  104.609569][ T6948] xt_TPROXY: Can be used only with -p tcp or -p udp
[  105.342026][ T3816] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  105.370903][ T3816] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  105.394990][ T3816] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  105.411016][ T3816] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  106.941149][ T6970] loop3: detected capacity change from 0 to 8192
[  106.965882][   T29] audit: type=1400 audit(1759925782.898:1627): avc:  denied  { read } for  pid=6967 comm="syz.4.1122" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  107.026090][ T6972] loop6: detected capacity change from 0 to 164
[  107.084028][ T6980] netlink: 'syz.0.1112': attribute type 10 has an invalid length.
[  107.092367][ T6980] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1112'.
[  107.990293][ T7010] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1127'.
[  108.069714][ T7013] ÿÿÿÿÿÿ: renamed from vlan1 (while UP)
[  108.203590][   T36] Process accounting resumed
[  108.238401][ T7027] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1133'.
[  108.313060][ T7029] netlink: 'syz.5.1134': attribute type 16 has an invalid length.
[  108.331485][ T7029] lo: left allmulticast mode
[  108.342617][ T7029] tunl0: left allmulticast mode
[  108.376807][ T7029] gre0: left allmulticast mode
[  108.384356][ T7029] gretap0: left allmulticast mode
[  108.392288][ T7029] erspan0: left allmulticast mode
[  108.398647][ T7029] ip_vti0: left allmulticast mode
[  108.404678][ T7029] ip6_vti0: left allmulticast mode
[  108.410888][ T7029] sit0: left allmulticast mode
[  108.420407][ T7029] ip6tnl0: left allmulticast mode
[  108.426798][ T7029] ip6gre0: left allmulticast mode
[  108.433391][ T7029] syz_tun: left allmulticast mode
[  108.440218][ T7029] bridge0: port 1(dummy0) entered blocking state
[  108.446734][ T7029] bridge0: port 1(dummy0) entered forwarding state
[  108.453751][ T7029] bridge0: left allmulticast mode
[  108.460525][ T7029] vcan0: left allmulticast mode
[  108.466668][ T7029] bond0: left allmulticast mode
[  108.472003][ T7029] 8021q: adding VLAN 0 to HW filter on device bond0
[  108.480864][ T7029] team0: left allmulticast mode
[  108.486370][ T7029] 8021q: adding VLAN 0 to HW filter on device team0
[  108.496982][ T7029] nlmon0: left allmulticast mode
[  108.503061][ T7029] caif0: left allmulticast mode
[  108.508163][ T7029] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  108.701437][ T7037] loop5: detected capacity change from 0 to 8192
[  108.895073][ T7048] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  108.923448][ T7050] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  108.972333][ T7052] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1141'.
[  108.982260][ T7052] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1141'.
[  108.983384][ T7050] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  109.047722][ T7050] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  109.119062][ T7050] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  109.164237][ T3806] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  109.183893][ T3805] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  109.195108][ T3805] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  109.208981][ T3805] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  109.306592][ T7042] ==================================================================
[  109.314848][ T7042] BUG: KCSAN: data-race in fat16_ent_put / fat_mirror_bhs
[  109.322175][ T7042] 
[  109.324537][ T7042] write to 0xffff88814eb7e848 of 2 bytes by task 7037 on cpu 1:
[  109.332184][ T7042]  fat16_ent_put+0x28/0x60
[  109.336708][ T7042]  fat_ent_write+0x6c/0xe0
[  109.341131][ T7042]  fat_chain_add+0x15d/0x440
[  109.346118][ T7042]  fat_get_block+0x46c/0x5e0
[  109.350743][ T7042]  __block_write_begin_int+0x400/0xf90
[  109.356222][ T7042]  cont_write_begin+0x5fc/0x970
[  109.361090][ T7042]  fat_write_begin+0x4f/0xe0
[  109.365779][ T7042]  generic_perform_write+0x184/0x490
[  109.371133][ T7042]  __generic_file_write_iter+0x9e/0x120
[  109.376834][ T7042]  generic_file_write_iter+0x8d/0x2f0
[  109.382324][ T7042]  vfs_write+0x52a/0x960
[  109.386577][ T7042]  ksys_write+0xda/0x1a0
[  109.390835][ T7042]  __x64_sys_write+0x40/0x50
[  109.395509][ T7042]  x64_sys_call+0x2802/0x3000
[  109.400205][ T7042]  do_syscall_64+0xd2/0x200
[  109.404746][ T7042]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.410661][ T7042] 
[  109.413005][ T7042] read to 0xffff88814eb7e800 of 512 bytes by task 7042 on cpu 0:
[  109.420728][ T7042]  fat_mirror_bhs+0x1df/0x320
[  109.425591][ T7042]  fat_alloc_clusters+0x98b/0xa80
[  109.430633][ T7042]  fat_get_block+0x258/0x5e0
[  109.435240][ T7042]  __block_write_begin_int+0x400/0xf90
[  109.440723][ T7042]  cont_write_begin+0x5fc/0x970
[  109.445704][ T7042]  fat_write_begin+0x4f/0xe0
[  109.450320][ T7042]  generic_perform_write+0x184/0x490
[  109.455699][ T7042]  __generic_file_write_iter+0x9e/0x120
[  109.461461][ T7042]  generic_file_write_iter+0x8d/0x2f0
[  109.467077][ T7042]  aio_write+0x2e2/0x410
[  109.471436][ T7042]  io_submit_one+0xacd/0x11d0
[  109.476396][ T7042]  __se_sys_io_submit+0xfb/0x280
[  109.481438][ T7042]  __x64_sys_io_submit+0x43/0x50
[  109.486397][ T7042]  x64_sys_call+0x2d6c/0x3000
[  109.491086][ T7042]  do_syscall_64+0xd2/0x200
[  109.495614][ T7042]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.501865][ T7042] 
[  109.504288][ T7042] Reported by Kernel Concurrency Sanitizer on:
[  109.510603][ T7042] CPU: 0 UID: 0 PID: 7042 Comm: syz.5.1135 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  109.522092][ T7042] Tainted: [W]=WARN
[  109.526086][ T7042] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  109.536419][ T7042] ==================================================================
[  109.556255][   T29] audit: type=1326 audit(1759925785.528:1628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7057 comm="syz.3.1146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5185ceec9 code=0x7fc00000
[  109.580287][   T29] audit: type=1326 audit(1759925785.528:1629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7057 comm="syz.3.1146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb5185ceec9 code=0x7fc00000
[  109.603900][   T29] audit: type=1326 audit(1759925785.528:1630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7057 comm="syz.3.1146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5185ceec9 code=0x7fc00000
[  109.746166][ T7062] xt_TPROXY: Can be used only with -p tcp or -p udp