last executing test programs:

2m30.22704885s ago: executing program 32 (id=472):
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffbfff, 0x1, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000810018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="d8000000180081054e81f783db4cb9040a1d080006007c09e8fc55a10a0015000600142603600e1208000f00fff00401a80008000800104004080000055c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb71b14d6d930dfe144ecc447c65e206d25b4084121d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad9e3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd4e1ffffffffc1c9b6278754ca397c388b0dd6e4edef3d9300fc0d15", 0xd8}], 0x1}, 0x4000000)

2m25.612158034s ago: executing program 33 (id=577):
setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, &(0x7f0000000080)={'filter\x00', 0x7, 0x4, 0x438, 0x240, 0x240, 0x0, 0x350, 0x370, 0x350, 0x4, 0x0, {[{{@arp={@private, @local, 0x0, 0x0, 0x0, 0x0, {@mac=@broadcast}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth1_to_batadv\x00', 'batadv0\x00'}, 0xc0, 0x130}, @unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "bc2e329885ea3654891fbae8c6c66e07212432bde429bcda7deb48d85c6f5e269c2021c8f8dc09af0b3f2e10e8ac79cc67e264613c4be6838ee2daacf7926a6e"}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @rand_addr, @broadcast}}}, {{@arp={@private, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, {@mac=@link_local}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0\x00', 'veth0_to_bond\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @initdev={0xac, 0x1e, 0x0, 0x0}, @empty}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x488)
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_int(r0, 0x29, 0x31, &(0x7f0000004240)=0x40000006, 0x4)
recvmmsg(r0, &(0x7f0000000040), 0x400000000000284, 0x2, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x20000001, &(0x7f0000000300)={0xa, 0x4e20, 0x5, @mcast1}, 0x1c)

2m21.227117938s ago: executing program 6 (id=667):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0xfd, 0x0, 0x7ffc9ffb}]})
r2 = timerfd_create(0x9, 0x80000)
timerfd_gettime(r2, &(0x7f00000007c0))

2m21.163434494s ago: executing program 34 (id=667):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0xfd, 0x0, 0x7ffc9ffb}]})
r2 = timerfd_create(0x9, 0x80000)
timerfd_gettime(r2, &(0x7f00000007c0))

1m53.654007428s ago: executing program 35 (id=1688):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r2}, 0x10)
sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="5c0000000101010200000000000000000a0000020c0019"], 0x5c}, 0x1, 0x0, 0x0, 0x8000850}, 0x20008840)

1m33.22813054s ago: executing program 36 (id=2524):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
close(r0)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xc97c, 0x0, @perf_config_ext={0x2, 0x3}, 0x1088, 0xa88, 0x8407, 0x1, 0x0, 0x3c, 0xfffe}, 0x0, 0xffbfffffffffffff, 0xffffffffffffffff, 0x1)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
listen(r1, 0x8)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000001580), 0x80, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

1m18.63723859s ago: executing program 37 (id=3025):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c)
shutdown(r0, 0x0)
setsockopt$sock_int(r0, 0x1, 0x2a, &(0x7f0000000000)=0x59cc, 0x4)
recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x2, 0x0)

1m14.615303556s ago: executing program 4 (id=3217):
r0 = socket(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0xfffffffffffffffd}, 0x18)
connect$netlink(r0, &(0x7f0000000280)=@proc={0x10, 0x0, 0x1}, 0xc)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f00000028c0)=@newtaction={0x18, 0x31, 0x829, 0x0, 0x0, {0x0, 0x0, 0x2}, [{0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4c040}, 0x0)

1m14.588007448s ago: executing program 4 (id=3218):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a9a4850000000400000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket(0x1e, 0x805, 0x0)
connect$tipc(r1, &(0x7f0000000140)=@name={0x1e, 0x2, 0x0, {{0x0, 0x200000}, 0x2}}, 0x10)
connect$tipc(r1, &(0x7f0000000000)=@id, 0x10)
close(r1)

1m14.568956909s ago: executing program 4 (id=3219):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'sit0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r3, {0x0, 0xffe0}, {0xffff, 0xffff}, {0x0, 0x3}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0x10, 0x1, 0xa}}]}}, @TCA_RATE={0x6}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8090}, 0x4)

1m14.495222016s ago: executing program 4 (id=3221):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
chroot(&(0x7f0000000100)='./file0\x00')
mount$bind(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x3a95004, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
pivot_root(&(0x7f0000000240)='./file0\x00', &(0x7f0000000000)='./file0/../file0\x00')

1m14.468219668s ago: executing program 4 (id=3222):
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4, @perf_bp={0x0, 0x7}, 0x1, 0x10008, 0x8, 0x1, 0x8, 0xa0002, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
fcntl$lock(0xffffffffffffffff, 0x25, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=@newqdisc={0x64, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xa, 0xd}}, [@qdisc_kind_options=@q_etf={{0x8}, {0x14, 0x2, @TCA_ETF_PARMS={0x10, 0x1, {0xff, 0x1, 0x2}}}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0xa, 0x7, 0x100, 0x7ffd, 0x2, 0x5744, 0xa173}}, {0x1f}}]}]}, 0x64}}, 0x0)

1m14.242899266s ago: executing program 4 (id=3225):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000040), 0xffffffffffffffff)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)={0x30, r1, 0x1, 0x70bd24, 0x25dfdbfe, {}, [@FOU_ATTR_AF={0x5, 0x2, 0xa}, @FOU_ATTR_LOCAL_V6={0x14, 0x7, @private1}]}, 0x30}, 0x1, 0x0, 0x0, 0x8040}, 0x4000080)

1m14.242574796s ago: executing program 38 (id=3225):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000040), 0xffffffffffffffff)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)={0x30, r1, 0x1, 0x70bd24, 0x25dfdbfe, {}, [@FOU_ATTR_AF={0x5, 0x2, 0xa}, @FOU_ATTR_LOCAL_V6={0x14, 0x7, @private1}]}, 0x30}, 0x1, 0x0, 0x0, 0x8040}, 0x4000080)

17.041395852s ago: executing program 9 (id=5538):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000005600)='sys_enter\x00', r1, 0x0, 0x2}, 0x18)
r2 = gettid()
tkill(r2, 0x12)

16.995781356s ago: executing program 9 (id=5540):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000006fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r2 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet(r2, &(0x7f0000000880)=[{{&(0x7f0000000080)={0x2, 0x0, @rand_addr=0xac1414bb}, 0x3804, &(0x7f0000000100)=[{&(0x7f00000000c0)='Q', 0x1}], 0x1}, 0x20000000}, {{&(0x7f0000000180)={0x2, 0x0, @remote}, 0x69, &(0x7f0000000400)=[{&(0x7f0000000240)="b9", 0x26892}], 0xbb}}], 0x2, 0x0)

16.940011211s ago: executing program 9 (id=5545):
socket$packet(0x11, 0xa, 0x300)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b708000000000e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000020850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="219a53f271a76d2608004c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

16.761186675s ago: executing program 9 (id=5554):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000100)={0x3, 0x3}, 0x4)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x9, 0x0, 0xffffffff}, 0x1c)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)={{0x14}, [], {0x14}}, 0x28}}, 0x0)

16.6915477s ago: executing program 7 (id=5559):
socket(0x28, 0x5, 0x0)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x1000, 0x0)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
r0 = syz_io_uring_setup(0x4172, &(0x7f0000000780)={0x0, 0x4f5e, 0x10100}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000000)=""/4, 0x4}], 0x27})
io_uring_enter(r0, 0x567, 0x0, 0x0, 0x0, 0x0)

16.613679977s ago: executing program 7 (id=5561):
r0 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0xfffffe00, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)
r1 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = add_key$fscrypt_v1(&(0x7f0000000400), &(0x7f0000000440)={'fscrypt:', @desc3}, &(0x7f0000000480)={0x0, "6035ae1e0fe721441705322225930e6c1e3e2a51a92fd796bc34d7cf6e0236805b4377f7ab1a9b01c103a4c6a7ef54e6763fd7264c39ea00c508ba6062696138"}, 0x48, 0xfffffffffffffffe)
keyctl$KEYCTL_MOVE(0x4, r2, r1, 0x0, 0x0)
keyctl$KEYCTL_MOVE(0x4, r0, r0, 0x0, 0x0)

16.57416142s ago: executing program 7 (id=5566):
r0 = perf_event_open(&(0x7f0000001480)={0x2, 0x80, 0x82, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x20000000}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$P9_RLERRORu(0xffffffffffffffff, 0x0, 0x53)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0xd9}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r1}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r2}, 0x18)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f0000000180)='!pu==0||!')

16.493336197s ago: executing program 7 (id=5570):
unshare(0x60040200)
syz_usb_connect(0x2, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000755f3220dd1700555ef30102030109"], 0x0)
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0x3)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r1, 0xffffffffffffffff, 0x0)

16.149778095s ago: executing program 2 (id=5591):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
mkdir(&(0x7f00000003c0)='./file0\x00', 0x12c)
utime(&(0x7f0000000100)='./file0\x00', 0x0)

16.089380999s ago: executing program 2 (id=5602):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000500000002"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x1, 0x0, 0x7ffc0005}]})
r2 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x800)
ioctl$SG_GET_VERSION_NUM(r2, 0x2284, &(0x7f0000000080))

16.072451601s ago: executing program 2 (id=5594):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kmem_cache_free\x00', r1, 0x0, 0xf7}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0)
unlinkat(0xffffffffffffffff, 0x0, 0x200)

15.982972228s ago: executing program 2 (id=5597):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2, 0x0, 0x3}, 0x18)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_DEAUTHENTICATE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x1c, r3, 0xfc5, 0x0, 0x0, {{0x11}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)

15.982190168s ago: executing program 2 (id=5599):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x2, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000140)=@gcm_128={{0x303}, "87ee8ac6c46dad33", "2607080d7f4fcf00fd4ef2dece6c7c58", '\x00', '#\x00'}, 0x28)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000040)=@gcm_256={{0x303, 0x33}, "12147b841579c97d", "60e85d52e8bb1f092c487b4be7fb88e117f33b2a3e5aa8f5fc1f71c71955bd79", "bcc212ea", "6db14a45a95ea1ab"}, 0x38)

15.912641643s ago: executing program 9 (id=5601):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x3, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
io_setup(0x8f0, &(0x7f0000002400)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x2000000000, 0x4, 0x0, 0x1, 0x0, r1, &(0x7f0000000040)="0200ffff0000", 0x6, 0x0, 0x0, 0x2}])

15.815341722s ago: executing program 7 (id=5603):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000340)={0x4, {{0xa, 0x0, 0xffffffff, @private0, 0xffffffbb}}, {{0xa, 0x4e22, 0x806, @mcast1, 0x8}}}, 0x108)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021940000000c0a01030000000000000000070000000900020073797a31000000000900010073797a3000000000680003806400dec6080003400000000258000b80200001800a00010071756f7461000000100002800c0001400000000000000000340001800a0001006c696d69740000002400028008000440000000010c00024000000000000000000c0001"], 0x118}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

15.758980676s ago: executing program 2 (id=5604):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r1, 0x0, 0x2}, 0x18)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x3, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000020000000000000000000095"], &(0x7f0000000340)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0xc}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x406, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f00000000c0)="a0", 0x0}, 0x31)

15.758756256s ago: executing program 39 (id=5604):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r1, 0x0, 0x2}, 0x18)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x3, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000020000000000000000000095"], &(0x7f0000000340)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0xc}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x406, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f00000000c0)="a0", 0x0}, 0x31)

15.669368223s ago: executing program 9 (id=5606):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x3, &(0x7f00000004c0)=@framed, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r0}, 0x10)
r1 = memfd_create(&(0x7f0000000280)='\x01\xfd\xae.+\xa6\x8c\xb6?2\x199\x94S,|x?Ue[\xbd\xe1!\x033\xbc\'#\xff\x17\x9b%\xf3[d  \x97\xf5G\x97A\xc2\xd8\xf0Uq\xe6+\xa5l\x94\v\xb6\a\x17\\\xfb\x04!\xe4\xc4\xb1\xa2\x1c\xffC;\x94Q\r\xb6}\x9c\xecC\v\xcf\xeb\xe4\x9aR\xe5,\x82\x03\x00\x19\x8d\xe8\xc6\xb9\xe4\xb4\x99\x8a\x19P\xb8\x8cx\b\x99\x04R\x05\xaf\xa2\xea5\f\xcc\x1a\x9b\x00Uf\xa5\xf7\x80Tgiz\nX\b\x91\xfd0\x8e\xb6\xa3\v#\xa1\xdf\xb4\xc0\xe6\xb4\xef\xa8i\xd8\xa2\xd2(\x98\x9bA\x8f\x13\xeb\xf4b/\xef!\x8f\xf6]-\xe9k\xb62\x89gEv\x13\xf4\xc7\xb2\xf5\\\x17\x90\xb5\xa6\xa8\xb8o\x0f\xe2 \xe7\x9c$\xd7\xf2@\xf7cdv[\t\x00\x8d\xf3\xcc1\r$\x1e\xff\xf0P\xb2\x97\xb8\xbc\xeb\x91\x87\x8bu\xbf\xd4\'\xff\x1f\f\x016\x9dQ\xeeT\xe8\bY\x00\xb2\x06\xa6\xbel\x9b.o\xbe\x80\x9dx\xd5O\xd6h\\I\xc9\x8d\a\x1d\xc9\x0f\x82\xdbs\xc7\x83L\x9e\xa2\xd1\xb3\xac\x8d\xd8\xb4\xb4\xea\x90Q\xd8\xc7\xeb%\x8bOp\x1ab\x96\xcf\xbb\x15\xcf\xfcN\xed\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00s\xaf\xa2\x14]p+\x96\x1ei|n\xda\xee\\\xae\x96*\x82*\xb8j\xda\xaa\x14\x1f\x1d\xf8\xf8\xae\xfcH\xc4\xb3j\xe8\xcfO\xef\x0e\xafe\xb5*\x89\x18\xb2w\x96\b\x1by\xeaT\xdd\xb3g6\xbc\x85\xb2Y\xccv\x06\x00\x00\x00\xc5e\x90\xc51\x9f\v_# \b\xa5\xbcP,|\xe9\xd6s\x1f\x1f\xbe\xd3\x80\xb1\xa8 \xce|df\x903\v\x02\xea.\x03X\xb5\xe4,8\xb7\xadEI\xdcA\xa7\xcc\xd7\xf9n\x1b\x95\xf8\x11Z\xe6:\x03\xce\xfe\x02\x8ctdy~_oC\x9e\xef\xf0\xa2K\xe9;\x8e:\x01\x03C\x92\xeb\x16\x1c\xbf\xbe\xef\xccUxhg\xffY\xe6\x83\xa6z\xff\x01\x9d o_{!O\xaajU\x84 \xe9\xb59r\x9cw\x18Z\xd3\xcd\x0e\xba\\\xdb\xf0\xe1\x86\t\xaf\vi\xdc\xbf?\xf5\n\xbd^\x05\xc0\xceuC}\xa8\xc7\xad\x86\xd7\x15&\xb9]1\x05J\x96\xf0\x84\xc1\f\xa6p\x96\xb8\x02\x13pA\x19\tf\x12\x88\xc8\x9c\xc9Cn\xd4\xa47V\'+\xcc\xbf\r\xa9\x10\x1d\xcf\xebKlb\xe5:\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00G\xdf\xbb\xc0_\x99F\xf4n]\x14\xbc\xcd\xd3\x9f\x9fe\xc5\xe6\xe8Mb\xc6\x82\x82\xcc\xcaXe\xe1\xa2\xaa\x02\x86\xb8\x18\xe2C\xeb\xa9\x17&\x01&\'w\xa1t0\x80\xf0\x93\x80\x9f\x9b\xe0\x9f\xea\xb9\x9eD]#V\xda\x92\xca\xc6\xfa.\xd6\xe31\xfe\xe8\x02\xebX\xbd\nz\x01O\xd3r\xa2\xa9u\x93', 0x6)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0xe, 0x12, r1, 0x0)
fallocate(r1, 0x0, 0x0, 0x400)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140))

15.669135373s ago: executing program 40 (id=5606):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x3, &(0x7f00000004c0)=@framed, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r0}, 0x10)
r1 = memfd_create(&(0x7f0000000280)='\x01\xfd\xae.+\xa6\x8c\xb6?2\x199\x94S,|x?Ue[\xbd\xe1!\x033\xbc\'#\xff\x17\x9b%\xf3[d  \x97\xf5G\x97A\xc2\xd8\xf0Uq\xe6+\xa5l\x94\v\xb6\a\x17\\\xfb\x04!\xe4\xc4\xb1\xa2\x1c\xffC;\x94Q\r\xb6}\x9c\xecC\v\xcf\xeb\xe4\x9aR\xe5,\x82\x03\x00\x19\x8d\xe8\xc6\xb9\xe4\xb4\x99\x8a\x19P\xb8\x8cx\b\x99\x04R\x05\xaf\xa2\xea5\f\xcc\x1a\x9b\x00Uf\xa5\xf7\x80Tgiz\nX\b\x91\xfd0\x8e\xb6\xa3\v#\xa1\xdf\xb4\xc0\xe6\xb4\xef\xa8i\xd8\xa2\xd2(\x98\x9bA\x8f\x13\xeb\xf4b/\xef!\x8f\xf6]-\xe9k\xb62\x89gEv\x13\xf4\xc7\xb2\xf5\\\x17\x90\xb5\xa6\xa8\xb8o\x0f\xe2 \xe7\x9c$\xd7\xf2@\xf7cdv[\t\x00\x8d\xf3\xcc1\r$\x1e\xff\xf0P\xb2\x97\xb8\xbc\xeb\x91\x87\x8bu\xbf\xd4\'\xff\x1f\f\x016\x9dQ\xeeT\xe8\bY\x00\xb2\x06\xa6\xbel\x9b.o\xbe\x80\x9dx\xd5O\xd6h\\I\xc9\x8d\a\x1d\xc9\x0f\x82\xdbs\xc7\x83L\x9e\xa2\xd1\xb3\xac\x8d\xd8\xb4\xb4\xea\x90Q\xd8\xc7\xeb%\x8bOp\x1ab\x96\xcf\xbb\x15\xcf\xfcN\xed\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00s\xaf\xa2\x14]p+\x96\x1ei|n\xda\xee\\\xae\x96*\x82*\xb8j\xda\xaa\x14\x1f\x1d\xf8\xf8\xae\xfcH\xc4\xb3j\xe8\xcfO\xef\x0e\xafe\xb5*\x89\x18\xb2w\x96\b\x1by\xeaT\xdd\xb3g6\xbc\x85\xb2Y\xccv\x06\x00\x00\x00\xc5e\x90\xc51\x9f\v_# \b\xa5\xbcP,|\xe9\xd6s\x1f\x1f\xbe\xd3\x80\xb1\xa8 \xce|df\x903\v\x02\xea.\x03X\xb5\xe4,8\xb7\xadEI\xdcA\xa7\xcc\xd7\xf9n\x1b\x95\xf8\x11Z\xe6:\x03\xce\xfe\x02\x8ctdy~_oC\x9e\xef\xf0\xa2K\xe9;\x8e:\x01\x03C\x92\xeb\x16\x1c\xbf\xbe\xef\xccUxhg\xffY\xe6\x83\xa6z\xff\x01\x9d o_{!O\xaajU\x84 \xe9\xb59r\x9cw\x18Z\xd3\xcd\x0e\xba\\\xdb\xf0\xe1\x86\t\xaf\vi\xdc\xbf?\xf5\n\xbd^\x05\xc0\xceuC}\xa8\xc7\xad\x86\xd7\x15&\xb9]1\x05J\x96\xf0\x84\xc1\f\xa6p\x96\xb8\x02\x13pA\x19\tf\x12\x88\xc8\x9c\xc9Cn\xd4\xa47V\'+\xcc\xbf\r\xa9\x10\x1d\xcf\xebKlb\xe5:\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00G\xdf\xbb\xc0_\x99F\xf4n]\x14\xbc\xcd\xd3\x9f\x9fe\xc5\xe6\xe8Mb\xc6\x82\x82\xcc\xcaXe\xe1\xa2\xaa\x02\x86\xb8\x18\xe2C\xeb\xa9\x17&\x01&\'w\xa1t0\x80\xf0\x93\x80\x9f\x9b\xe0\x9f\xea\xb9\x9eD]#V\xda\x92\xca\xc6\xfa.\xd6\xe31\xfe\xe8\x02\xebX\xbd\nz\x01O\xd3r\xa2\xa9u\x93', 0x6)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0xe, 0x12, r1, 0x0)
fallocate(r1, 0x0, 0x0, 0x400)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140))

15.523668775s ago: executing program 7 (id=5607):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
open(&(0x7f0000000740)='./bus\x00', 0x143c62, 0x0)
mount(&(0x7f0000000100), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x0, &(0x7f0000000300)='trans=rdma,')

15.523302935s ago: executing program 41 (id=5607):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
open(&(0x7f0000000740)='./bus\x00', 0x143c62, 0x0)
mount(&(0x7f0000000100), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x0, &(0x7f0000000300)='trans=rdma,')

9.391677501s ago: executing program 6 (id=5605):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000004c0)=@bpf_lsm={0x6, 0x6, &(0x7f0000000040)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x2, 0xdd, &(0x7f00000001c0)=""/221, 0x0, 0x20}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="68000000180001002dbd7000fcdbdf2502201428ff00ff05"], 0x68}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000000000000001000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000280)='netlink_extack\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)=ANY=[], 0x114}], 0x1, 0x0, 0x0, 0x4000000}, 0x8040)

9.348973984s ago: executing program 6 (id=5677):
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000200)=@name={0x1e, 0x2, 0x3, {{0x42, 0x4}, 0xfffffffc}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x1}, 0x10)
r1 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000240)={0x42, 0x1}, 0x10)
bind$tipc(r0, 0x0, 0x0)

9.348593604s ago: executing program 6 (id=5678):
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1008082, &(0x7f00000004c0)={[{@nodioread_nolock}, {@nolazytime}, {@dioread_lock}, {@errors_continue}, {@dioread_nolock}, {@journal_dev={'journal_dev', 0x3d, 0x7}}, {@nomblk_io_submit}, {@nobarrier}]}, 0x0, 0x5e9, &(0x7f00000005c0)="$eJzs3c1vFVUbAPBnbj9oKe/bQt68igtpYgwkSksLGGJcwNaQBj/ixo2VFkQKNLRGiyaUBDcmxo0xJq5ciP+FEtmy0pULN64MCVHD0sRr5nam9GNuPy7tncr8fsmlM3PucJ7p7dNz7uk5cwOorMH0n1rE/oiYTiL6k/nFss7ICgcXnvfgz4/Opo8k6vXXfk8iyY7lz0+yr33ZyT0R8eMPSezrWF3vzNy1i+NTU5NXs/3h2UvTwzNz1w5fuDR+fvL85OXRF0ZPHD92/MTIkZau63rBsdM3332//5OxN7/56q9k5NtfxpI4GS9nT1x6HVtlMAYb35NkdVHfia2urCQd2c/J0pc46Sx44q42BsWG5a9fV0Q8Ef3REQ9fvP74+JVSgwO2VT2JqAMVlch/qKi8H5C/t1/5PrhWSq8EaIf7pxYGAFbnf+fC2GD0NMYGdj9IYumwThIRrY3MLbcnIu7eGbt57s7YzdjMOFzRGBOwKfM3IuLJovxPGvk/ED0x0Mj/2rKUS/sFZ7Kv6fFXW6x/ZRpvxzg8UGwh/3vWzP9okv9vLcn/t1usf/Dh5ju9y/K/t9VLAgAAAAAAgMq6fSoini/6+39tcf5PFMz/6YuIk1tQ/+CK/dV//6/d24JqgAL3T0W8VDj/t5bP/h3oyLb+05gP0JWcuzA1eSQi/hsRh6JrV7o/skYdhz/d92WzssFs/l/+SOu/m80FzOK417li7ejE+Oz4o143EHH/RsRThfN/k8X2Pylo/9PfB9MbrGPfs7fONCtbP/+B7VL/OuJgYfv/8K4Vydr35xhu9AeG817Bak9/+Nl3zepvNf9N/4dHl7b/u9fO/4Fk6f16ZjZfx9G5znqzslb7/93J641bznRnxz4Yn529OhLRnZzuSI8uOz66+ZjhcZTnQ54vaf4fembt8b+i/n9vRMyv+L+TP5avKc79/+++X5vFo/8P5Unzf2JT7f/mN0ZvDXzfrP6Ntf/HGm39oeyI8T9Y8EWept3LjxekY2dRUbvjBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDHQS0i9kRSG1rcrtWGhiL6IuJ/sbs2dWVm9rlzV967PJGWNT7/v5Z/0m//wn6Sf/7/wJL90RX7RyNib0R83tHb2B86e2VqouyLBwAAAAAAAAAAAAAAAAAAgB2ir8n6/9RvHWVHB2y7zrIDAEpTkP8/lREH0H6ttf+7tjwOoP30/6G65D9Ul/yH6pL/UF3yH6pL/kN1yX8AAAAAAHis7D1w++ckIuZf7G08Ut1ZWVepkQHbrVZ2AEBp3OIHqsvUH6gu7/GBZJ3ynqYnrXfmWqbPPsLJAAAAAAAAAAAAAFA5B/db/w9VZf0/VJf1/1Bd+fr/AyXHAbSf9/hArLOSv3D9/7pnAQAAAAAAAAAAAABbaWbu2sXxqanJqzbe2BlhtHOjXq9fT38Kdko8//KNfCr8TolnxUa+1m9jZ5X3OwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFjunwAAAP//OKok1w==")
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f00000000c0)="26fe25", 0x3}], 0x1, 0x0, 0x0, 0x11000000}, 0x0)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000540))
ptrace$cont(0x20, r0, 0x0, 0x0)

9.28348741s ago: executing program 6 (id=5679):
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40a01, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x381, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x5032})
io_setup(0xbf, &(0x7f0000000100)=<r1=>0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000007c0)=ANY=[], 0x24}}, 0x0)
io_submit(r1, 0x1, &(0x7f00000001c0)=[&(0x7f00000000c0)={0x20000000, 0x0, 0x7, 0x8, 0x0, r0, &(0x7f0000000080)='\x00\x00', 0x2}])

7.681496999s ago: executing program 6 (id=5709):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
semget$private(0x0, 0x2, 0x24)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[], 0x50)
listen(r0, 0x0)
syz_emit_ethernet(0x4e, &(0x7f00000000c0)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x5a}, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "f900f5", 0x18, 0x6, 0x0, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0x2, 0x0, 0x0, 0x0, {[@fastopen={0x1e, 0x2}]}}}}}}}}, 0x0)

7.681289349s ago: executing program 42 (id=5709):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
semget$private(0x0, 0x2, 0x24)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[], 0x50)
listen(r0, 0x0)
syz_emit_ethernet(0x4e, &(0x7f00000000c0)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x5a}, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "f900f5", 0x18, 0x6, 0x0, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0x2, 0x0, 0x0, 0x0, {[@fastopen={0x1e, 0x2}]}}}}}}}}, 0x0)

2.369253979s ago: executing program 5 (id=5905):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000005c0), 0x2, 0x0)
r2 = openat$selinux_policy(0xffffff9c, &(0x7f0000000300), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r2, 0x0)
write$selinux_load(r1, &(0x7f0000000000)=ANY=[], 0xffa8)

2.182795224s ago: executing program 5 (id=5912):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r0, &(0x7f0000000500)=[{{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f00000001c0)='t', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000004080)=[{&(0x7f0000000a00)='R', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f00000012c0)=[{&(0x7f0000000e00)="174dbbc4cb440e66b35d7806d5d0fd6202b490652f26aaf1216beeb537d5665c2268fea65d415252fa850f143fa5ccef495735ec2d6f9769a5869a149ab97877cef8e410fce906f7c4a609c5186492f03ab3ab56cffa8ef4d2337f4a7029c1adc31517557fae5abed00ebc2a3e3bcef4b82e05aec92550fc8ed146da40335055f1312d3954880c9f0c6974282b64764729ccbd5402e751511ea4902d77d8349b1952281a536805e27bb31df49587d23ab5ee13a84238f8a138931badf4cb17c6ff8107159e605e4daba2e3c99764b2db85dc8fe6fbc658f882ad56605508177f3141af4cc6b01fe20c5a7e", 0xeb}, {&(0x7f0000000700)="75fa", 0x2}, {&(0x7f0000000f00)="dccba3d357820841deb7a91d662fc5addabec7d63648c75e172ca244e88e045c1f7965611b2fd952040760c9b1c789556ff82c609dd6ff540b9338ea20919fc69ec1f8f233b76f120e8c4b47b21f0b2738d73f5c5d000b2b7fed46aa04b5a3d0f771e9261d70f8f4c26ff029a40ff04c98786260277f8ed6bf5d43d87b68ea922ba984966c16a5796cf829d9b9aa1c6e3f655a946f4e689ee393d67b768c03bf3483f7baa3afac58d6e5df78a886de84c6281aa1d9bda705795b3190062dbe3bd3afd32c65107004d747774be50638870a1848d16132497a023048ed983d24", 0xdf}, {&(0x7f0000001000)="9f285c6be7891ac4ba5aecbe8d8d727fc4e347dd771bfdd867ca16fb5cc4079164f9ce7aab941259170f588736b3ecb502c76dd9e80f2cee15fd936c7d5d2bcc9fca173c5452fc101072c8ca24525e13ccbf967d739b", 0x56}], 0x4}}], 0x3, 0x4)

1.543820385s ago: executing program 3 (id=5951):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000d00)='sched_switch\x00', r0}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="4000000010001fff000000000000000000060000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00b8"], 0x40}}, 0x0)

1.450290823s ago: executing program 0 (id=5942):
syz_mount_image$ext4(&(0x7f0000000d80)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x21881e, &(0x7f00000000c0)={[{@mb_optimize_scan}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@stripe={'stripe', 0x3d, 0x4}}]}, 0x1, 0x50f, &(0x7f0000000140)="$eJzs3c9vI1cdAPCvnThxsmmTlh4AQbu0hQWt1km8bVT1AOUCQqgSokeQtiHxRlHsOIqd0oQ9pGeuSFTiBEf+AG5IPSFx5ILgxqUckPgRgRokDoNmPMk6WbuJNokdxZ+PNJr35s36+32bnffWL4lfACPrdkTsR8RERLwbEbP59UJ+xFudI73vk4NHK4cHj1YKkSTv/LOQtafXouvPpG7lr1mOiO9/O+JHhSfjtnb3Npbr9dp2Xp9vN7bmW7t799Yby2u1tdpmtbq0uLTwxv3Xq5fW15caE3npix//Yf9rP0nTmsmvdPfjMnW6XjqOkxqPiO9eRbAhGMv7MzHsRHgqxYh4PiJezp7/2RjLvpoAwE2WJLORzHbXAYCbrpitgRWKlXwtYCaKxUqls4b3QkwX681W++7D5s7mametbC5KxYfr9dpCvlY4F6VCWl/Myo/r1VP1+xHxXET8bHIqq1dWmvXVYf7HBwBG2K1T8/9/JjvzPwBww5WHnQAAMHDmfwAYPeZ/ABg95n8AGD2d+X9q2GkAAAPk/T8AjB7zPwCMlO+9/XZ6JIf551+vvre7s9F8795qrbVRaeysVFaa21uVtWZzLfvMnsZZr1dvNrcWX4ud9+e+vtVqz7d29x40mjub7QfZ53o/qJWyu/YH0DMAoJ/nXvroz4V0Rn5zKjuiay+H0lAzA65acdgJAEMzNuwEgKGx2xeMrgu8x7c8ADdEjy16j/3+W0lS7vULQkmSJFebFnCF7nzO+j+Mqq71fz8FDCPG+j+MLuv/MLqSpHDePf/jvDcCANebNX6gz/f/n8/Pv86/OfDD1dN3fHiVWQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD1drT/byXfC3wmisVKJeKZiJiLUuHher22EBHPRsSfJkuTaX1xyDkDABdV/Fsh3//rzuyrMyeaXrx1XJyIiB//4p2fv7/cbm//MWKi8K/Jo+vtD/Pr1cFnDwCc7Wiezs5db+Q/OXi0cnQMMp+/fzMiyp34hwcTcXgcfzzGs3M5ShEx/e9CXu8odK1dXMT+BxHx2V79L8RMtgbS2fn0dPw09jMDjV88Eb+YtXXO6d/FZy4hFxg1H6Xjz1u9nr9i3M7OvZ//cjZCXVw+/qUvtXKYjYGP4x+Nf2N9xr/b543x2u++0ylNPdn2QcTnxyOOYh92jT9H8Qt94r96+sX6DIh/+cKLL/fLLfllxJ3oHb871ny7sTXf2t27t95YXqut1Tar1aXFpYU37r9enc/WqOf7zwb/ePPus/3a0v5P94lfPqP/X+4b8aRf/e/dH3zpU+J/9ZVe8YvxwqfET+fEr5wz/vL0b8r92tL4q336f9bX/+4543/8170ntg0HAIantbu3sVyv17b7Fn47ffY9CgoDKaT/ZK9BGj0L3xhUrIno3fTTVzrP9KmmJHmqWCfHicfvHC9j1Q24Do4f+oj477CTAQAAAAAAAAAAAAAAehrEbywNu48AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcXP8PAAD//9140jY=")
r0 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x94)
ftruncate(r0, 0x2007ffc)
sendfile(r0, r0, 0x0, 0x800000009)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000000)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0xfffffdab)

1.447271863s ago: executing program 3 (id=5953):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
close(r2)

1.340101282s ago: executing program 3 (id=5945):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r3=>0x0)
sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010026bd70003c0200000200000008000100", @ANYRES32=r3], 0x1c}}, 0x0)
write$nci(r0, &(0x7f0000000600)=ANY=[@ANYBLOB="600608feffffff05040601b8"], 0xc)

1.305780955s ago: executing program 5 (id=5946):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r3 = dup(r2)
ioctl$PTP_EXTTS_REQUEST2(r3, 0x43403d05, 0x0)

1.271555268s ago: executing program 5 (id=5948):
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000200)=@name={0x1e, 0x2, 0x3, {{0x42, 0x4}, 0xfffffffc}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x1}, 0x10)
r1 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000240)={0x42, 0x1}, 0x10)
bind$tipc(r0, 0x0, 0x0)

1.23752842s ago: executing program 5 (id=5949):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f00000003c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_SURVEY(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000980)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="a90303000000000000003200000008004001"], 0x1c}}, 0x4004050)

941.869754ms ago: executing program 0 (id=5957):
mremap(&(0x7f0000041000/0x2000)=nil, 0x2000, 0x2000, 0x3, &(0x7f00004c3000/0x2000)=nil)
r0 = socket$kcm(0x29, 0x2, 0x0)
write$cgroup_pressure(r0, &(0x7f0000000140)={'full'}, 0xfffffdef)
ioctl$int_in(r0, 0x5452, &(0x7f0000000240)=0x3)
sendmsg$kcm(r0, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x20000818)
setsockopt$sock_attach_bpf(r0, 0x1, 0x7, &(0x7f0000000340), 0x4)

804.278215ms ago: executing program 1 (id=5963):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x5, 0x7ff, 0x0, 0x1}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001440)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00', r1}, 0x10)
r2 = socket$inet6(0xa, 0x800000000000002, 0x0)
sendto$inet6(r2, 0x0, 0x5c4, 0x404c844, &(0x7f0000000540)={0xa, 0x4e24, 0x0, @local}, 0x1c)

784.575727ms ago: executing program 1 (id=5965):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
r1 = syz_io_uring_setup(0x10f, &(0x7f0000000200)={0x0, 0xc9ab, 0x2, 0xc}, &(0x7f0000000140)=<r2=>0x0, &(0x7f0000000280))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0x200, 0x0, 0x4)
io_uring_enter(r1, 0x66a8, 0x4000, 0xf, 0x0, 0x18)

757.917479ms ago: executing program 1 (id=5967):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xffd, 0x7}, 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x1f, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc9aa}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
lsetxattr$security_selinux(&(0x7f00000001c0)='.\x00', &(0x7f0000000300), &(0x7f0000000280)='system_u:object_r:hwdata_t:s0\x00', 0x1e, 0x1)

757.579189ms ago: executing program 0 (id=5968):
syz_mount_image$ext4(&(0x7f0000000d80)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x21881e, &(0x7f00000000c0)={[{@mb_optimize_scan}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@stripe={'stripe', 0x3d, 0x4}}]}, 0x1, 0x50f, &(0x7f0000000140)="$eJzs3c9vI1cdAPCvnThxsmmTlh4AQbu0hQWt1km8bVT1AOUCQqgSokeQtiHxRlHsOIqd0oQ9pGeuSFTiBEf+AG5IPSFx5ILgxqUckPgRgRokDoNmPMk6WbuJNokdxZ+PNJr35s36+32bnffWL4lfACPrdkTsR8RERLwbEbP59UJ+xFudI73vk4NHK4cHj1YKkSTv/LOQtafXouvPpG7lr1mOiO9/O+JHhSfjtnb3Npbr9dp2Xp9vN7bmW7t799Yby2u1tdpmtbq0uLTwxv3Xq5fW15caE3npix//Yf9rP0nTmsmvdPfjMnW6XjqOkxqPiO9eRbAhGMv7MzHsRHgqxYh4PiJezp7/2RjLvpoAwE2WJLORzHbXAYCbrpitgRWKlXwtYCaKxUqls4b3QkwX681W++7D5s7mametbC5KxYfr9dpCvlY4F6VCWl/Myo/r1VP1+xHxXET8bHIqq1dWmvXVYf7HBwBG2K1T8/9/JjvzPwBww5WHnQAAMHDmfwAYPeZ/ABg95n8AGD2d+X9q2GkAAAPk/T8AjB7zPwCMlO+9/XZ6JIf551+vvre7s9F8795qrbVRaeysVFaa21uVtWZzLfvMnsZZr1dvNrcWX4ud9+e+vtVqz7d29x40mjub7QfZ53o/qJWyu/YH0DMAoJ/nXvroz4V0Rn5zKjuiay+H0lAzA65acdgJAEMzNuwEgKGx2xeMrgu8x7c8ADdEjy16j/3+W0lS7vULQkmSJFebFnCF7nzO+j+Mqq71fz8FDCPG+j+MLuv/MLqSpHDePf/jvDcCANebNX6gz/f/n8/Pv86/OfDD1dN3fHiVWQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD1drT/byXfC3wmisVKJeKZiJiLUuHher22EBHPRsSfJkuTaX1xyDkDABdV/Fsh3//rzuyrMyeaXrx1XJyIiB//4p2fv7/cbm//MWKi8K/Jo+vtD/Pr1cFnDwCc7Wiezs5db+Q/OXi0cnQMMp+/fzMiyp34hwcTcXgcfzzGs3M5ShEx/e9CXu8odK1dXMT+BxHx2V79L8RMtgbS2fn0dPw09jMDjV88Eb+YtXXO6d/FZy4hFxg1H6Xjz1u9nr9i3M7OvZ//cjZCXVw+/qUvtXKYjYGP4x+Nf2N9xr/b543x2u++0ylNPdn2QcTnxyOOYh92jT9H8Qt94r96+sX6DIh/+cKLL/fLLfllxJ3oHb871ny7sTXf2t27t95YXqut1Tar1aXFpYU37r9enc/WqOf7zwb/ePPus/3a0v5P94lfPqP/X+4b8aRf/e/dH3zpU+J/9ZVe8YvxwqfET+fEr5wz/vL0b8r92tL4q336f9bX/+4543/8170ntg0HAIantbu3sVyv17b7Fn47ffY9CgoDKaT/ZK9BGj0L3xhUrIno3fTTVzrP9KmmJHmqWCfHicfvHC9j1Q24Do4f+oj477CTAQAAAAAAAAAAAAAAehrEbywNu48AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcXP8PAAD//9140jY=")
r0 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x94)
ftruncate(r0, 0x2007ffc)
sendfile(r0, r0, 0x0, 0x800000009)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000000)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0xfffffdab)

723.909402ms ago: executing program 1 (id=5970):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000005c0), 0x2, 0x0)
r2 = openat$selinux_policy(0xffffff9c, &(0x7f0000000300), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r2, 0x0)
write$selinux_load(r1, &(0x7f0000000000)=ANY=[], 0xffa8)

641.611138ms ago: executing program 1 (id=5971):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000240)='kmem_cache_free\x00', r0}, 0x18)
r1 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c)
write$binfmt_script(r1, 0x0, 0x0)
sendmsg(r1, &(0x7f00000000c0)={0x0, 0x9504, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xffbd}], 0x1, 0x0, 0x0, 0x2c}, 0x4)

603.738302ms ago: executing program 1 (id=5973):
socketpair$tipc(0x1e, 0x4, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$tipc(r1, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
recvmsg(r0, &(0x7f0000000b00)={0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000e40)=""/4096, 0x1000}], 0x1}, 0x0)

480.419662ms ago: executing program 5 (id=5976):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4000, &(0x7f0000000140)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@quota}, {@resuid}, {@lazytime}]}, 0x1, 0x445, &(0x7f0000000200)="$eJzs28tvG0UYAPBv105KX8RU5dEHECiIikfSpKX0wAEQSBxAQoJDOYYkrUrdBjVBolUFBaFyRJW4I45I/AWc4IKAExJX4IwqVSiXFk5Ga+82jmunSbDrEP9+0tYzu+POfJ4de3YnG8DAGs3+SSJ2RMRvETHSyC4vMNp4ubF4cfrvxYvTSdRqb/6V1MtdX7w4XRQt3re9yJQj0k+T2Nem3vnzF05PVauz5/L8+MKZ98bnz1945tSZqZOzJ2fPTh47duTwxHNHJ5/tSpxZXNf3fji3f8+rb195ffr4lXd++iYp4m+Jo0tG2+4tN14er9W6XF1/7WxKJ+U+NoQ1KeWn5FB9/I9EKZY6byRe+aSvjQN6qlar1e7rfPhSDdjEkuh3C4D+KH7os+vfYrtDU48N4dqLjQugLO4b+dY4Uo40LzPUcn3bTaMRcfzSP19mW7Teh9jao0oBgIH2XTb/ebrd/C+N5vtCd+drKJWIuCcidkXE0YjYHRH3RtTL3h8RD6yx/tZFklvnn+nVdQW2Stn87/l8bWv5/K+Y/UWllOd21uMfSk6cqs4eyj+TgzG0JctPrFDH9y//+nmnY83zv2zL6i/mgnk7rpa3LH/PzNTC1H+Judm1jyP2ltvFn9xcCUgiYk9EvLDOOk49+fX+Tsc6xD+8qv+4C+tMta8inmj0/6Voib+QrLw+OX5XVGcPjRdnxa1+/uXyG53qv33/91bW/9vanv9F/H9Ukub12vm113H59886XlOu9/wfTt5atu+DqYWFcxMRw8lr9Xylef9kS7nJpfJZ/AcPtB//u2Lpk9gXEdlJ/GBEPBQRD+dtfyQiHo2IAyvE/+NLj727/vh7K4t/ZsX+j5b+X0oMR+ue9onS6R++XVZpZS3xZ/1/pJ46mO9Zzfffatq1vrMZAAAA/n/SiNgRSTp2M52mY2ONv+HfHdvS6tz8wlMn5t4/O9N4RqASQ2lxp2uk6X7oRH5ZX+QnW/KH8/vGX5S21vNj03PVmX4HDwNue4fxn/mz1O/WAT3neS0YXMY/DC7jHwaX8Q+Dq8349+gZDIh2v/8f9aEdwJ3XMv5XXPYzMYDNxfU/DC7jHwaX8Q8DaX5r3P4h+c2RSCNiAzRjsyQi3RDNkOhRot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xbwAAAP//ynflmQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12)
write(r1, &(0x7f00000009c0)="3bf58d7d45d32cfe1da7c797b82f16713d1cb80b3fa1bda74e3977b40e7af46b4c60b70d7a79ed5d8c48f52a50185980d6", 0x31)
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7fffeffd)

477.110412ms ago: executing program 3 (id=5977):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @private1, 0x200000}, 0x1c)
sendto$inet6(r0, &(0x7f00000001c0)='N', 0x1, 0x80, &(0x7f0000000280)={0xa, 0x4e24, 0x0, @private2}, 0x1c)
shutdown(r0, 0x1)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000300)={0x0, 0x2}, 0x8)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7c, &(0x7f00000000c0), &(0x7f0000000180)=0x8)

464.080413ms ago: executing program 8 (id=5978):
r0 = socket(0x11, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000005c0)={'gre0\x00', <r2=>0x0})
bind$packet(r0, &(0x7f0000000180)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @dev}, 0x14)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000240)=0xe9, 0x4)
sendmsg$netlink(r0, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000280)=ANY=[@ANYBLOB="02011400012918000e3580009f0001140000002f0600ac141430e0000003808a8972bd0b72e41082b1a3d2061fd7fdfe4b88942a31f48597e36e039b1c599db6e466749c2d4c8303a0f7fbda34fb8825f80200e3c0aba61f6304a80500ffffca88faca"], 0xdd12}], 0x1}, 0x0)

432.252415ms ago: executing program 3 (id=5979):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000380), 0x1, r1}, 0x38)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2, 0x0, 0x2}, 0x18)
write$cgroup_int(r0, &(0x7f0000000000)=0xfe8e, 0x12)

414.068917ms ago: executing program 3 (id=5980):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x4e20, 0x0, @private2}]}, &(0x7f0000000180)=0x10)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0xe, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x85, &(0x7f0000000000)={r2, @in={{0x2, 0x0, @empty}}, 0x27c0}, 0x90)

354.272162ms ago: executing program 8 (id=5981):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x1, 0x7fe2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000540)='inet_sock_set_state\x00', r1}, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r2, 0x0)

336.148473ms ago: executing program 8 (id=5982):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
close(r2)

310.938575ms ago: executing program 0 (id=5983):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000d00)='sched_switch\x00', r0}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="4000000010001fff000000000000000000060000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00b8"], 0x40}}, 0x0)

274.758698ms ago: executing program 8 (id=5984):
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x1, 0xf, &(0x7f00000006c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x8000}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000040)=r3, 0x4)
close_range(r0, 0xffffffffffffffff, 0x0)

89.246513ms ago: executing program 0 (id=5985):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000000000008500000023000000850000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000200)='qdisc_reset\x00', r0}, 0x18)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00', <r2=>0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000005a40)=ANY=[@ANYBLOB="b400000010000904000000000000000000002200", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32=r2, @ANYBLOB='\b\x00\n\x00', @ANYRESOCT], 0xb4}}, 0x0)

89.101433ms ago: executing program 8 (id=5986):
r0 = creat(&(0x7f0000000540)='./file0\x00', 0x0)
close(r0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r1, 0x107, 0xd, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1, 0x40, 0x9, 0xfffffffe}, 0x1c)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000640), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

18.968089ms ago: executing program 8 (id=5987):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r3=>0x0)
sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010026bd70003c0200000200000008000100", @ANYRES32=r3], 0x1c}}, 0x0)
write$nci(r0, &(0x7f0000000600)=ANY=[@ANYBLOB="600608feffffff05040601b8"], 0xc)

0s ago: executing program 0 (id=5988):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f00000003c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_SURVEY(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000980)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="a90303000000000000003200000008004001"], 0x1c}}, 0x4004050)

kernel console output (not intermixed with test programs):

130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14025 comm="syz.5.4155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=237 compat=0 ip=0x7fd26071ebe9 code=0x7ffc0000
[  140.675297][   T29] audit: type=1326 audit(1756059928.556:4131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14025 comm="syz.5.4155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd26071ebe9 code=0x7ffc0000
[  140.699048][   T29] audit: type=1326 audit(1756059928.556:4132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14025 comm="syz.5.4155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd26071ebe9 code=0x7ffc0000
[  140.722852][   T29] audit: type=1326 audit(1756059928.566:4133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14025 comm="syz.5.4155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=450 compat=0 ip=0x7fd26071ebe9 code=0x7ffc0000
[  140.746372][   T29] audit: type=1326 audit(1756059928.566:4134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14025 comm="syz.5.4155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd26071ebe9 code=0x7ffc0000
[  140.770034][   T29] audit: type=1326 audit(1756059928.566:4135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14025 comm="syz.5.4155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd26071ebe9 code=0x7ffc0000
[  140.795192][   T29] audit: type=1326 audit(1756059928.736:4136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14030 comm="syz.7.4157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3cabfebe9 code=0x7ffc0000
[  140.818785][   T29] audit: type=1326 audit(1756059928.736:4137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14030 comm="syz.7.4157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3cabfebe9 code=0x7ffc0000
[  140.893710][T14039] lo speed is unknown, defaulting to 1000
[  140.904098][T14046] serio: Serial port ptm1
[  140.965842][T14053] __nla_validate_parse: 9 callbacks suppressed
[  140.965859][T14053] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4167'.
[  142.045773][T14126] loop5: detected capacity change from 0 to 1024
[  142.052433][T14126] EXT4-fs: Ignoring removed orlov option
[  142.060637][T14126] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  142.183917][T11497] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.224960][T14137] netlink: 332 bytes leftover after parsing attributes in process `syz.9.4203'.
[  142.377305][T14165] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  142.385700][T14167] netlink: 'syz.9.4219': attribute type 12 has an invalid length.
[  142.429434][T14171] lo speed is unknown, defaulting to 1000
[  142.530565][T14182] loop5: detected capacity change from 0 to 128
[  142.544249][T14182] EXT4-fs: Ignoring removed nobh option
[  142.559411][T14182] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  142.585769][T14182] ext4 filesystem being mounted at /184/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  142.619912][T11497] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  142.633254][T14190] netlink: 116 bytes leftover after parsing attributes in process `syz.0.4230'.
[  142.642387][T14190] netlink: 'syz.0.4230': attribute type 1 has an invalid length.
[  142.650185][T14190] netlink: 680 bytes leftover after parsing attributes in process `syz.0.4230'.
[  142.685151][T14194] loop0: detected capacity change from 0 to 2048
[  142.692235][T14194] EXT4-fs: Ignoring removed bh option
[  142.701763][T14196] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4233'.
[  142.712421][T14194] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  142.732940][T14196] team0: Port device team_slave_0 removed
[  142.753414][T11044] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.840296][T14213] loop0: detected capacity change from 0 to 2048
[  142.946150][T14213]  loop0: p2 p3 p7
[  142.987140][   T23] hid_parser_main: 23 callbacks suppressed
[  142.987162][   T23] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  143.002479][   T23] hid-generic 0000:0000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  143.018876][T14240] loop0: detected capacity change from 0 to 128
[  143.053274][T14240] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  143.088885][T14240] ext4 filesystem being mounted at /237/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  143.167729][T14254] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14254 comm=syz.2.4257
[  143.190167][T11044] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  143.357700][T14289] netlink: 20 bytes leftover after parsing attributes in process `syz.7.4275'.
[  143.376619][T14289] x_tables: ip_tables: udp match: only valid for protocol 17
[  143.498229][T14303] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4281'.
[  143.507507][T14303] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4281'.
[  143.548479][T14303] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4281'.
[  143.557553][T14303] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4281'.
[  143.588361][T14311] loop9: detected capacity change from 0 to 2048
[  143.642770][T14311]  loop9: p2 p3 p7
[  143.799991][T14345] lo speed is unknown, defaulting to 1000
[  143.832725][T14352] loop5: detected capacity change from 0 to 764
[  143.908036][T14363] loop7: detected capacity change from 0 to 1024
[  143.921223][T14361] loop5: detected capacity change from 0 to 2048
[  143.934400][T14363] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  143.983217][T14361]  loop5: p2 p3 p7
[  143.986667][T14363] EXT4-fs error (device loop7): ext4_xattr_inode_iget:437: comm syz.7.4308: inode #2594100238: comm syz.7.4308: iget: illegal inode #
[  144.039099][T14363] EXT4-fs error (device loop7): ext4_xattr_inode_iget:442: comm syz.7.4308: error while reading EA inode 2594100238 err=-117
[  144.074021][ T5185] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.110113][T14380] loop7: detected capacity change from 0 to 512
[  144.130040][T14380] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  144.142351][T14376] loop9: detected capacity change from 0 to 1024
[  144.152182][T14382] bond2: entered promiscuous mode
[  144.157268][T14382] bond2: entered allmulticast mode
[  144.162830][T14382] 8021q: adding VLAN 0 to HW filter on device bond2
[  144.171165][T14376] EXT4-fs (loop9): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  144.188604][T14376] EXT4-fs (loop9): revision level too high, forcing read-only mode
[  144.190602][T14382] bond2 (unregistering): Released all slaves
[  144.197042][T14376] EXT4-fs (loop9): orphan cleanup on readonly fs
[  144.214045][T14376] EXT4-fs error (device loop9): ext4_free_blocks:6696: comm syz.9.4312: Freeing blocks not in datazone - block = 0, count = 4096
[  144.229630][T14376] EXT4-fs (loop9): 1 orphan inode deleted
[  144.235972][T14376] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  144.265658][T14391] SELinux: failed to load policy
[  144.273882][ T9597] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.331775][ T5185] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.374688][T14405] loop9: detected capacity change from 0 to 1024
[  144.391912][T14405] EXT4-fs (loop9): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  144.417133][T14405] EXT4-fs (loop9): revision level too high, forcing read-only mode
[  144.430676][T14405] EXT4-fs (loop9): orphan cleanup on readonly fs
[  144.452309][T14405] EXT4-fs error (device loop9): ext4_acquire_dquot:6933: comm syz.9.4325: Failed to acquire dquot type 0
[  144.472456][T14405] EXT4-fs error (device loop9): ext4_acquire_dquot:6933: comm syz.9.4325: Failed to acquire dquot type 0
[  144.506596][T14405] EXT4-fs error (device loop9): ext4_free_blocks:6696: comm syz.9.4325: Freeing blocks not in datazone - block = 0, count = 4096
[  144.523362][T14405] EXT4-fs error (device loop9): ext4_acquire_dquot:6933: comm syz.9.4325: Failed to acquire dquot type 0
[  144.535489][T14405] EXT4-fs (loop9): 1 orphan inode deleted
[  144.546146][T14405] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  144.568359][T14424] loop5: detected capacity change from 0 to 512
[  144.596843][ T9597] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.604271][T14430] lo speed is unknown, defaulting to 1000
[  144.605881][T14424] EXT4-fs error (device loop5): ext4_iget_extra_inode:5104: inode #15: comm syz.5.4330: corrupted in-inode xattr: invalid ea_ino
[  144.640134][T14424] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.4330: couldn't read orphan inode 15 (err -117)
[  144.654354][T14424] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  144.697426][T14430] loop0: detected capacity change from 0 to 8192
[  144.754011][T11497] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.913886][T14484] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  144.936269][T14487] loop5: detected capacity change from 0 to 1024
[  144.975840][T14487] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  145.019617][T14487] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  145.080817][T11497] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.188420][T14528] team0: Port device team_slave_0 removed
[  145.224260][T14538] wireguard0: entered promiscuous mode
[  145.229882][T14538] wireguard0: entered allmulticast mode
[  145.355698][T14567] pimreg: entered allmulticast mode
[  145.362299][T14567] pimreg: left allmulticast mode
[  145.441501][T14586] loop7: detected capacity change from 0 to 1024
[  145.457314][T14586] EXT4-fs (loop7): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  145.477539][T14587] loop5: detected capacity change from 0 to 4096
[  145.484266][T14586] EXT4-fs (loop7): revision level too high, forcing read-only mode
[  145.493641][T14586] EXT4-fs (loop7): orphan cleanup on readonly fs
[  145.501528][T14586] EXT4-fs error (device loop7): ext4_acquire_dquot:6933: comm syz.7.4405: Failed to acquire dquot type 0
[  145.511454][T14587] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  145.525995][T14586] EXT4-fs error (device loop7): ext4_acquire_dquot:6933: comm syz.7.4405: Failed to acquire dquot type 0
[  145.529281][T14587] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #15: comm syz.5.4403: corrupted inode contents
[  145.552200][T14586] EXT4-fs error (device loop7): ext4_free_blocks:6696: comm syz.7.4405: Freeing blocks not in datazone - block = 0, count = 4096
[  145.552250][T14587] EXT4-fs error (device loop5): ext4_dirty_inode:6538: inode #15: comm syz.5.4403: mark_inode_dirty error
[  145.578166][T14587] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #15: comm syz.5.4403: corrupted inode contents
[  145.578223][T14586] EXT4-fs error (device loop7): ext4_acquire_dquot:6933: comm syz.7.4405: Failed to acquire dquot type 0
[  145.606517][T14586] EXT4-fs (loop7): 1 orphan inode deleted
[  145.614074][T14587] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #15: comm syz.5.4403: mark_inode_dirty error
[  145.627872][T14586] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  145.641046][T14587] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #15: comm syz.5.4403: corrupted inode contents
[  145.676194][T14587] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #15: comm syz.5.4403: mark_inode_dirty error
[  145.688166][ T5185] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.697701][T14587] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #15: comm syz.5.4403: corrupted inode contents
[  145.710054][T14587] EXT4-fs error (device loop5): ext4_truncate:4666: inode #15: comm syz.5.4403: mark_inode_dirty error
[  145.722277][T14587] EXT4-fs error (device loop5): ext4_evict_inode:265: comm syz.5.4403: couldn't truncate inode 15 (err -117)
[  145.738220][   T29] kauditd_printk_skb: 512 callbacks suppressed
[  145.738235][   T29] audit: type=1326 audit(1756059933.673:4638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14585 comm="syz.5.4403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd26071ebe9 code=0x7ffc0000
[  145.768867][   T29] audit: type=1326 audit(1756059933.703:4639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14585 comm="syz.5.4403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd26071ebe9 code=0x7ffc0000
[  145.806015][T11497] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.894655][T14626] loop9: detected capacity change from 0 to 1024
[  145.918964][T14626] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  145.946627][T14626] EXT4-fs (loop9): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  145.989550][ T9597] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  146.199494][   T29] audit: type=1326 audit(1756059934.133:4640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14650 comm="syz.7.4438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3cabfebe9 code=0x7ffc0000
[  146.223314][   T29] audit: type=1326 audit(1756059934.133:4641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14650 comm="syz.7.4438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd3cabfebe9 code=0x7ffc0000
[  146.247006][   T29] audit: type=1326 audit(1756059934.133:4642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14650 comm="syz.7.4438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3cabfebe9 code=0x7ffc0000
[  146.270623][   T29] audit: type=1326 audit(1756059934.133:4643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14650 comm="syz.7.4438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3cabfebe9 code=0x7ffc0000
[  146.294227][   T29] audit: type=1326 audit(1756059934.133:4644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14650 comm="syz.7.4438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd3cabfebe9 code=0x7ffc0000
[  146.317964][   T29] audit: type=1326 audit(1756059934.133:4645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14650 comm="syz.7.4438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3cabfebe9 code=0x7ffc0000
[  146.341827][   T29] audit: type=1326 audit(1756059934.233:4646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14650 comm="syz.7.4438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd3cabfebe9 code=0x7ffc0000
[  146.401442][   T29] audit: type=1326 audit(1756059934.303:4647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14650 comm="syz.7.4438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3cabfebe9 code=0x7ffc0000
[  146.478889][T14668] loop9: detected capacity change from 0 to 512
[  146.496246][T14668] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  146.520721][T14666] lo speed is unknown, defaulting to 1000
[  146.565677][T14676] loop7: detected capacity change from 0 to 512
[  146.601655][T14676] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  146.626680][T14679] wireguard0: entered promiscuous mode
[  146.632209][T14679] wireguard0: entered allmulticast mode
[  146.663758][ T9597] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  146.768327][ T5185] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  146.845016][T14697] loop9: detected capacity change from 0 to 512
[  146.878001][T14697] EXT4-fs error (device loop9): ext4_iget_extra_inode:5104: inode #15: comm syz.9.4449: corrupted in-inode xattr: invalid ea_ino
[  146.908745][T14697] EXT4-fs error (device loop9): ext4_orphan_get:1397: comm syz.9.4449: couldn't read orphan inode 15 (err -117)
[  146.913384][T14704] lo speed is unknown, defaulting to 1000
[  146.940530][T14697] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  146.948169][T14703] bond2: entered promiscuous mode
[  146.957750][T14703] bond2: entered allmulticast mode
[  146.963739][T14703] 8021q: adding VLAN 0 to HW filter on device bond2
[  146.971110][T14706] __nla_validate_parse: 10 callbacks suppressed
[  146.971125][T14706] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4453'.
[  146.993412][T14703] bond2 (unregistering): Released all slaves
[  147.098412][ T9597] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  147.100994][T14710] lo speed is unknown, defaulting to 1000
[  147.182872][T14718] SELinux: failed to load policy
[  147.205465][T14716] lo speed is unknown, defaulting to 1000
[  147.288938][T14721] loop5: detected capacity change from 0 to 8192
[  147.329425][T14730] loop9: detected capacity change from 0 to 512
[  147.335765][T14728] wireguard0: entered promiscuous mode
[  147.341391][T14728] wireguard0: entered allmulticast mode
[  147.354662][T14730] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  147.424041][T14748] pimreg: entered allmulticast mode
[  147.433941][T14748] pimreg: left allmulticast mode
[  147.451516][T14752] lo speed is unknown, defaulting to 1000
[  147.468265][ T9597] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  147.504115][T14759] netlink: 14593 bytes leftover after parsing attributes in process `syz.2.4473'.
[  147.513783][T14757] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4469'.
[  147.600629][T14771] lo speed is unknown, defaulting to 1000
[  147.650358][T14779] loop0: detected capacity change from 0 to 512
[  147.668004][T14779] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  147.682135][T14771] loop9: detected capacity change from 0 to 8192
[  147.711908][T14786] netlink: 20 bytes leftover after parsing attributes in process `syz.7.4496'.
[  147.763611][T14792] netlink: 156 bytes leftover after parsing attributes in process `syz.9.4489'.
[  147.780640][T14792] netlink: 24 bytes leftover after parsing attributes in process `syz.9.4489'.
[  147.780933][T11044] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  147.815348][T14794] IPVS: stopping master sync thread 14798 ...
[  147.815893][T14798] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  148.633525][T14817] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4498'.
[  148.695545][T14822] lo speed is unknown, defaulting to 1000
[  148.785207][T14829] loop7: detected capacity change from 0 to 8192
[  148.965792][T14866] lo speed is unknown, defaulting to 1000
[  149.031992][T14871] loop7: detected capacity change from 0 to 8192
[  149.152330][T14884] loop7: detected capacity change from 0 to 128
[  149.169366][T14884] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  149.182014][T14884] ext4 filesystem being mounted at /775/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  149.213752][ T5185] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  149.303171][T14909] netlink: 'syz.9.4541': attribute type 1 has an invalid length.
[  149.316733][T14909] 8021q: adding VLAN 0 to HW filter on device bond2
[  149.331234][T14913] sctp: [Deprecated]: syz.7.4538 (pid 14913) Use of struct sctp_assoc_value in delayed_ack socket option.
[  149.331234][T14913] Use struct sctp_sack_info instead
[  149.341154][T14909] bond2: (slave geneve2): making interface the new active one
[  149.359167][T14909] bond2: (slave geneve2): Enslaving as an active interface with an up link
[  149.392680][T14917] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4544'.
[  149.527405][T14943] netlink: 'syz.0.4556': attribute type 1 has an invalid length.
[  149.545759][T14943] 8021q: adding VLAN 0 to HW filter on device bond3
[  149.569413][T14943] bond3: (slave geneve2): making interface the new active one
[  149.578399][T14943] bond3: (slave geneve2): Enslaving as an active interface with an up link
[  149.971717][T14988] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4577'.
[  149.980898][T14988] netlink: 'syz.2.4577': attribute type 30 has an invalid length.
[  149.988800][T14988] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4577'.
[  149.998074][T14988] netlink: 'syz.2.4577': attribute type 30 has an invalid length.
[  150.273566][T15023] netem: change failed
[  150.333780][T15033] ALSA: seq fatal error: cannot create timer (-19)
[  150.394977][T15048] loop9: detected capacity change from 0 to 128
[  150.402685][T15048] EXT4-fs (loop9): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  150.417831][T15048] ext4 filesystem being mounted at /449/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  150.449776][T15051] serio: Serial port ttyS3
[  150.466450][ T9597] EXT4-fs (loop9): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  150.551328][T15063] ALSA: seq fatal error: cannot create timer (-19)
[  150.570257][    C1] vcan0: j1939_tp_rxtimer: 0xffff888118fa4400: rx timeout, send abort
[  150.604920][T15070] vhci_hcd: invalid port number 96
[  150.610274][T15070] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  150.787977][   T29] kauditd_printk_skb: 147 callbacks suppressed
[  150.787992][   T29] audit: type=1400 audit(1756059938.711:4795): avc:  denied  { rename } for  pid=15099 comm="syz.7.4631" name="file0" dev="tmpfs" ino=4128 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  150.841223][   T29] audit: type=1400 audit(1756059938.771:4796): avc:  denied  { getopt } for  pid=15105 comm="syz.7.4634" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  150.965855][T15129] netlink: 'syz.9.4645': attribute type 1 has an invalid length.
[  151.017515][   T29] audit: type=1400 audit(1756059938.941:4797): avc:  denied  { setopt } for  pid=15136 comm="syz.5.4649" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  151.048446][T15140] wg2: entered promiscuous mode
[  151.053398][T15140] wg2: entered allmulticast mode
[  151.070496][    C1] vcan0: j1939_tp_rxtimer: 0xffff88811a083e00: rx timeout, send abort
[  151.078736][    C1] vcan0: j1939_tp_rxtimer: 0xffff888118fa4400: abort rx timeout. Force session deactivation
[  151.244536][T15180] loop5: detected capacity change from 0 to 128
[  151.257404][T15180] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  151.270661][T15180] ext4 filesystem being mounted at /256/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  151.385843][   T29] audit: type=1326 audit(1756059939.311:4798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15191 comm="syz.7.4674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3cabfebe9 code=0x7ffc0000
[  151.430951][T11497] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  151.440505][   T29] audit: type=1326 audit(1756059939.311:4799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15191 comm="syz.7.4674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd3cabfebe9 code=0x7ffc0000
[  151.464150][   T29] audit: type=1326 audit(1756059939.311:4800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15191 comm="syz.7.4674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3cabfebe9 code=0x7ffc0000
[  151.487953][   T29] audit: type=1326 audit(1756059939.311:4801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15191 comm="syz.7.4674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=221 compat=0 ip=0x7fd3cabfebe9 code=0x7ffc0000
[  151.511580][   T29] audit: type=1326 audit(1756059939.311:4802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15191 comm="syz.7.4674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3cabfebe9 code=0x7ffc0000
[  151.537002][   T29] audit: type=1326 audit(1756059939.311:4803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15191 comm="syz.7.4674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3cabfebe9 code=0x7ffc0000
[  151.578970][    C1] vcan0: j1939_tp_rxtimer: 0xffff88811a083e00: abort rx timeout. Force session deactivation
[  152.017066][T15220] __nla_validate_parse: 5 callbacks suppressed
[  152.017081][T15220] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4682'.
[  152.035408][T15222] netlink: 'syz.7.4696': attribute type 30 has an invalid length.
[  152.073552][T15226] netlink: 'syz.5.4685': attribute type 1 has an invalid length.
[  152.326566][T15261] netlink: 'syz.9.4703': attribute type 30 has an invalid length.
[  152.549817][T15295] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  152.563373][T15295] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  152.581471][   T29] audit: type=1400 audit(1756059940.520:4804): avc:  denied  { append } for  pid=15294 comm="syz.0.4720" name="rtc0" dev="devtmpfs" ino=244 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  153.727925][T15358] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  153.737978][T15358] SELinux: failed to load policy
[  153.880077][T15377] SELinux: failed to load policy
[  154.105955][T15410] SELinux: failed to load policy
[  154.317446][T15438] loop9: detected capacity change from 0 to 8192
[  154.781749][T15491] loop9: detected capacity change from 0 to 512
[  154.789784][T15491] EXT4-fs (loop9): Cannot turn on journaled quota: type 0: error -2
[  154.798795][T15491] EXT4-fs error (device loop9): ext4_free_branches:1023: inode #13: comm syz.9.4809: invalid indirect mapped block 2683928664 (level 1)
[  154.814182][T15491] EXT4-fs (loop9): 1 truncate cleaned up
[  154.825965][T15491] EXT4-fs error (device loop9): htree_dirblock_to_tree:1080: inode #2: block 13: comm syz.9.4809: bad entry in directory: rec_len % 4 != 0 - offset=108, inode=4294901777, rec_len=65535, size=1024 fake=0
[  154.995589][T15514] syz_tun: entered allmulticast mode
[  155.001298][T15513] syz_tun: left allmulticast mode
[  155.488966][T15540] netlink: 8 bytes leftover after parsing attributes in process `+}[@'.
[  155.499476][T15540] netlink: 8 bytes leftover after parsing attributes in process `+}[@'.
[  155.509185][T15540] netlink: 8 bytes leftover after parsing attributes in process `+}[@'.
[  155.519828][T15540] netlink: 8 bytes leftover after parsing attributes in process `+}[@'.
[  155.879895][   T29] kauditd_printk_skb: 79 callbacks suppressed
[  155.879912][   T29] audit: type=1326 audit(155.015:4884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15593 comm="syz.9.4855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedea17ebe9 code=0x7ffc0000
[  155.913259][   T29] audit: type=1326 audit(155.015:4885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15593 comm="syz.9.4855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedea17ebe9 code=0x7ffc0000
[  155.936287][   T29] audit: type=1326 audit(155.015:4886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15593 comm="syz.9.4855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=97 compat=0 ip=0x7fedea17ebe9 code=0x7ffc0000
[  155.959205][   T29] audit: type=1326 audit(155.015:4887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15593 comm="syz.9.4855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedea17ebe9 code=0x7ffc0000
[  155.982497][   T29] audit: type=1326 audit(155.015:4888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15593 comm="syz.9.4855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedea17ebe9 code=0x7ffc0000
[  156.055047][T15614] bridge0: entered promiscuous mode
[  156.061533][T15614] bridge0: port 3(macsec1) entered blocking state
[  156.068170][T15614] bridge0: port 3(macsec1) entered disabled state
[  156.080471][T15614] macsec1: entered allmulticast mode
[  156.085821][T15614] bridge0: entered allmulticast mode
[  156.092194][T15614] macsec1: left allmulticast mode
[  156.097236][T15614] bridge0: left allmulticast mode
[  156.107764][T15614] bridge0: left promiscuous mode
[  156.179809][T15627] loop5: detected capacity change from 0 to 512
[  156.234696][T15635] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4872'.
[  156.328234][   T29] audit: type=1326 audit(155.465:4889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15654 comm="syz.2.4881" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2505cfebe9 code=0x7ffc0000
[  156.351571][   T29] audit: type=1326 audit(155.465:4890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15654 comm="syz.2.4881" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2505cfebe9 code=0x7ffc0000
[  156.438298][   T29] audit: type=1326 audit(155.515:4891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15654 comm="syz.2.4881" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2505cfebe9 code=0x7ffc0000
[  156.461320][   T29] audit: type=1326 audit(155.515:4892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15654 comm="syz.2.4881" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2505cfebe9 code=0x7ffc0000
[  156.484312][   T29] audit: type=1326 audit(155.515:4893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15654 comm="syz.2.4881" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2505cfebe9 code=0x7ffc0000
[  156.635322][T15677] vhci_hcd: invalid port number 96
[  156.640541][T15677] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  157.146377][T15697] loop5: detected capacity change from 0 to 512
[  157.154835][T15697] EXT4-fs warning (device loop5): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  157.170022][T15697] EXT4-fs (loop5): mount failed
[  157.175642][T15702] loop9: detected capacity change from 0 to 512
[  158.192575][T15817] 9pnet_fd: Insufficient options for proto=fd
[  158.228729][T15819] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4959'.
[  159.221731][T15878] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4985'.
[  159.271190][T15883] loop7: detected capacity change from 0 to 512
[  159.286008][T15883] EXT4-fs warning (device loop7): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  159.301146][T15883] EXT4-fs (loop7): mount failed
[  159.376892][   T41] nci: nci_extract_activation_params_nfc_dep: unsupported activation_rf_tech_and_mode 0x1
[  159.410187][T15907] netlink: 16 bytes leftover after parsing attributes in process `syz.5.4995'.
[  159.419216][T15907] netlink: 16 bytes leftover after parsing attributes in process `syz.5.4995'.
[  159.428199][T15907] netlink: 16 bytes leftover after parsing attributes in process `syz.5.4995'.
[  159.446367][T15907] netlink: 16 bytes leftover after parsing attributes in process `syz.5.4995'.
[  159.455463][T15907] netlink: 16 bytes leftover after parsing attributes in process `syz.5.4995'.
[  159.464413][T15907] netlink: 16 bytes leftover after parsing attributes in process `syz.5.4995'.
[  159.502647][T15907] netlink: 16 bytes leftover after parsing attributes in process `syz.5.4995'.
[  159.511765][T15907] netlink: 16 bytes leftover after parsing attributes in process `syz.5.4995'.
[  159.544982][T15917] loop7: detected capacity change from 0 to 512
[  159.553300][T15917] EXT4-fs error (device loop7): ext4_orphan_get:1392: inode #15: comm syz.7.4997: iget: bad i_size value: 38620345925642
[  159.566178][T15917] EXT4-fs error (device loop7): ext4_orphan_get:1397: comm syz.7.4997: couldn't read orphan inode 15 (err -117)
[  159.581041][T15917] EXT4-fs error (device loop7): ext4_validate_block_bitmap:432: comm syz.7.4997: bg 0: block 5: invalid block bitmap
[  160.053778][T15956] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  160.110921][T15956] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  160.156694][T15956] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  160.207009][T15956] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  160.271348][ T5119] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  160.290829][ T5119] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  160.300443][ T5119] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  160.318803][ T5119] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  160.425365][T15977] loop9: detected capacity change from 0 to 512
[  160.433299][T15977] EXT4-fs error (device loop9): ext4_orphan_get:1392: inode #15: comm syz.9.5025: iget: bad i_size value: 38620345925642
[  160.446839][T15977] EXT4-fs error (device loop9): ext4_orphan_get:1397: comm syz.9.5025: couldn't read orphan inode 15 (err -117)
[  160.461467][T15977] EXT4-fs error (device loop9): ext4_validate_block_bitmap:432: comm syz.9.5025: bg 0: block 5: invalid block bitmap
[  160.630813][T15995] netdevsim netdevsim9 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  160.641319][T15995] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  160.687771][T15995] netdevsim netdevsim9 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  160.698139][T15995] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  160.748752][T15995] netdevsim netdevsim9 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  160.759152][T15995] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  160.820075][T16007] netlink: 'syz.5.5040': attribute type 2 has an invalid length.
[  160.850515][T15995] netdevsim netdevsim9 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  160.860905][T15995] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  160.895344][   T29] kauditd_printk_skb: 73 callbacks suppressed
[  160.895358][   T29] audit: type=1326 audit(160.033:4965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16016 comm="syz.5.5046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd26071ebe9 code=0x7ffc0000
[  160.926719][   T29] audit: type=1326 audit(160.063:4966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16016 comm="syz.5.5046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd26071ebe9 code=0x7ffc0000
[  160.949967][   T29] audit: type=1326 audit(160.063:4967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16016 comm="syz.5.5046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd26071ebe9 code=0x7ffc0000
[  160.973327][   T29] audit: type=1326 audit(160.063:4968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16016 comm="syz.5.5046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd26071ebe9 code=0x7ffc0000
[  160.997601][   T29] audit: type=1326 audit(160.093:4969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16018 comm="syz.7.5045" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3cabfebe9 code=0x7ffc0000
[  161.020597][   T29] audit: type=1326 audit(160.093:4970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16018 comm="syz.7.5045" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3cabfebe9 code=0x7ffc0000
[  161.043482][   T29] audit: type=1326 audit(160.093:4971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16018 comm="syz.7.5045" exe="/root/syz-executor" sig=0 arch=c000003e syscall=305 compat=0 ip=0x7fd3cabfebe9 code=0x7ffc0000
[  161.066441][   T29] audit: type=1326 audit(160.103:4972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16018 comm="syz.7.5045" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3cabfebe9 code=0x7ffc0000
[  161.089368][   T29] audit: type=1326 audit(160.103:4973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16018 comm="syz.7.5045" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3cabfebe9 code=0x7ffc0000
[  161.112415][   T29] audit: type=1326 audit(160.133:4974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16016 comm="syz.5.5046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd26071ebe9 code=0x7ffc0000
[  161.150424][   T41] netdevsim netdevsim9 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  161.158718][   T41] netdevsim netdevsim9 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  161.171746][   T41] netdevsim netdevsim9 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  161.180212][   T41] netdevsim netdevsim9 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  161.211041][   T41] netdevsim netdevsim9 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  161.219312][   T41] netdevsim netdevsim9 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  161.234423][   T41] netdevsim netdevsim9 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  161.242729][   T41] netdevsim netdevsim9 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  161.263739][T16030] netlink: 'syz.9.5051': attribute type 21 has an invalid length.
[  161.272894][T16030] netlink: 'syz.9.5051': attribute type 21 has an invalid length.
[  161.331384][T16036] netlink: 'syz.5.5054': attribute type 4 has an invalid length.
[  161.345451][T16036] netlink: 'syz.5.5054': attribute type 4 has an invalid length.
[  161.415843][T16053] rdma_rxe: rxe_newlink: failed to add bond0
[  161.517037][T16076] netlink: 'syz.2.5072': attribute type 4 has an invalid length.
[  161.529205][T16076] netlink: 'syz.2.5072': attribute type 4 has an invalid length.
[  161.593579][T16091] rdma_rxe: rxe_newlink: failed to add bond0
[  161.946741][T16138] netlink: 'syz.2.5099': attribute type 21 has an invalid length.
[  161.955098][T16138] netlink: 'syz.2.5099': attribute type 21 has an invalid length.
[  162.077735][T16153] loop9: detected capacity change from 0 to 256
[  162.388701][T16184] lo speed is unknown, defaulting to 1000
[  162.403219][T16190] netlink: 'syz.2.5124': attribute type 5 has an invalid length.
[  162.454929][T16197] 0ªX¹¦À: renamed from caif0
[  162.468655][T16197] 0ªX¹¦À: entered allmulticast mode
[  162.473882][T16197] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[  162.518326][T16202] loop5: detected capacity change from 0 to 256
[  162.800799][T16245] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  162.847492][T16245] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  162.899232][T16245] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  162.938621][T16245] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  162.968708][T16272] sd 0:0:1:0: device reset
[  162.982108][   T41] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  162.995097][   T41] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  163.005316][   T41] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  163.017671][T16274] vlan2: entered allmulticast mode
[  163.031490][   T41] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  163.127206][T16281] loop5: detected capacity change from 0 to 8192
[  163.188069][T16291] lo speed is unknown, defaulting to 1000
[  163.319407][T16308] loop9: detected capacity change from 0 to 128
[  163.360315][  T144] kworker/u8:4: attempt to access beyond end of device
[  163.360315][  T144] loop9: rw=1, sector=145, nr_sectors = 896 limit=128
[  163.871531][T16327] __nla_validate_parse: 13 callbacks suppressed
[  163.871549][T16327] netlink: 8 bytes leftover after parsing attributes in process `syz.9.5187'.
[  163.886780][T16327] netlink: 8 bytes leftover after parsing attributes in process `syz.9.5187'.
[  163.908766][T16328] netlink: 268 bytes leftover after parsing attributes in process `syz.2.5196'.
[  163.941267][T16332] netlink: 144 bytes leftover after parsing attributes in process `syz.2.5189'.
[  164.079786][T16336] loop9: detected capacity change from 0 to 512
[  164.094251][T16336] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended
[  164.103316][T16336] EXT4-fs (loop9): mounting ext2 file system using the ext4 subsystem
[  164.115863][T16336] EXT4-fs (loop9): warning: mounting unchecked fs, running e2fsck is recommended
[  164.136395][T16336] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  164.149402][T16336] System zones: 0-2, 18-18, 34-35
[  164.155752][T16345] lo speed is unknown, defaulting to 1000
[  164.156519][T16336] EXT4-fs mount: 6 callbacks suppressed
[  164.156532][T16336] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  164.257111][ T9597] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.273095][T16358] sd 0:0:1:0: device reset
[  164.316479][ T3383] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  164.324001][ T3383] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  164.331416][ T3383] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  164.338989][ T3383] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  164.346541][ T3383] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  164.354009][ T3383] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  164.358819][T16365] netlink: 4 bytes leftover after parsing attributes in process `syz.9.5200'.
[  164.361459][ T3383] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  164.373573][T16365] netlink: 4 bytes leftover after parsing attributes in process `syz.9.5200'.
[  164.377723][ T3383] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  164.394035][ T3383] hid-generic 0000:0000:0000.0004: item fetching failed at offset 8/43
[  164.448580][T16378] loop9: detected capacity change from 0 to 512
[  164.475497][T16378] FAT-fs (loop9): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  164.494556][T16383] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5212'.
[  164.498647][ T3383] hid-generic 0000:0000:0000.0004: probe with driver hid-generic failed with error -22
[  164.503449][T16383] tipc: Started in network mode
[  164.518148][T16383] tipc: Node identity aaaaaaaaaaaa, cluster identity 4711
[  164.525545][T16383] tipc: Enabled bearer <eth:syz_tun>, priority 10
[  164.548755][T16383] netlink: 14 bytes leftover after parsing attributes in process `syz.5.5212'.
[  164.573924][T16383] tipc: Resetting bearer <eth:syz_tun>
[  164.588385][T16383] tipc: Disabling bearer <eth:syz_tun>
[  164.766145][T16403] netlink: 8 bytes leftover after parsing attributes in process `syz.9.5222'.
[  165.035289][T16429] loop9: detected capacity change from 0 to 8192
[  165.141394][T16444] lo speed is unknown, defaulting to 1000
[  165.270375][T16455] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5244'.
[  165.456705][T16472] loop5: detected capacity change from 0 to 1024
[  165.477201][T16472] EXT4-fs (loop5): couldn't mount as ext3 due to feature incompatibilities
[  165.572629][    T9] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  165.580261][    T9] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  165.587847][    T9] hid-generic 0000:0000:0000.0005: item fetching failed at offset 8/43
[  165.647292][    T9] hid-generic 0000:0000:0000.0005: probe with driver hid-generic failed with error -22
[  165.657066][T16485] lo speed is unknown, defaulting to 1000
[  165.928416][T16512] validate_nla: 4 callbacks suppressed
[  165.928432][T16512] netlink: 'syz.2.5272': attribute type 1 has an invalid length.
[  166.023594][   T29] kauditd_printk_skb: 332 callbacks suppressed
[  166.023608][   T29] audit: type=1326 audit(165.153:5307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16521 comm="syz.2.5277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2505cfebe9 code=0x7ffc0000
[  166.095487][   T29] audit: type=1326 audit(165.153:5308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16521 comm="syz.2.5277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2505cfebe9 code=0x7ffc0000
[  166.118529][   T29] audit: type=1326 audit(165.203:5309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16521 comm="syz.2.5277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2505cfebe9 code=0x7ffc0000
[  166.141456][   T29] audit: type=1326 audit(165.203:5310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16521 comm="syz.2.5277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2505cfebe9 code=0x7ffc0000
[  166.164535][   T29] audit: type=1326 audit(165.203:5311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16521 comm="syz.2.5277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2505cfebe9 code=0x7ffc0000
[  166.187448][   T29] audit: type=1326 audit(165.203:5312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16521 comm="syz.2.5277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2505cfebe9 code=0x7ffc0000
[  166.210475][   T29] audit: type=1326 audit(165.203:5313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16521 comm="syz.2.5277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2505cfebe9 code=0x7ffc0000
[  166.233529][   T29] audit: type=1326 audit(165.203:5314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16521 comm="syz.2.5277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2505cfebe9 code=0x7ffc0000
[  166.256501][   T29] audit: type=1326 audit(165.213:5315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16521 comm="syz.2.5277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2505cfebe9 code=0x7ffc0000
[  166.279559][   T29] audit: type=1326 audit(165.213:5316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16521 comm="syz.2.5277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2505cfebe9 code=0x7ffc0000
[  166.485241][T16529] loop5: detected capacity change from 0 to 128
[  166.505539][T16529] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  166.513427][T16529] FAT-fs (loop5): Filesystem has been set read-only
[  166.536609][T16529] syz.5.5279: attempt to access beyond end of device
[  166.536609][T16529] loop5: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  166.564107][T16529] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  166.571961][T16529] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  166.580340][T16532] lo speed is unknown, defaulting to 1000
[  166.587334][T16528] syz.5.5279: attempt to access beyond end of device
[  166.587334][T16528] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  166.617720][T16528] syz.5.5279: attempt to access beyond end of device
[  166.617720][T16528] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  166.633609][T16529] syz.5.5279: attempt to access beyond end of device
[  166.633609][T16529] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  166.658229][T16528] syz.5.5279: attempt to access beyond end of device
[  166.658229][T16528] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  166.682584][T16529] syz.5.5279: attempt to access beyond end of device
[  166.682584][T16529] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  166.709905][T16540] syz.5.5279: attempt to access beyond end of device
[  166.709905][T16540] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  166.726600][T16529] syz.5.5279: attempt to access beyond end of device
[  166.726600][T16529] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  166.759946][T16540] syz.5.5279: attempt to access beyond end of device
[  166.759946][T16540] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  167.524572][T16599] netlink: 'syz.5.5313': attribute type 1 has an invalid length.
[  167.605275][T16603] 8021q: adding VLAN 0 to HW filter on device bond3
[  167.613375][T16603] bond2: (slave bond3): making interface the new active one
[  167.621258][T16603] bond2: (slave bond3): Enslaving as an active interface with an up link
[  167.847921][T16613] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  167.858407][T16613] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  167.949678][T16613] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  167.960411][T16613] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  167.990332][T16623] SELinux:  Context system_u:object_r:netutils_exec_t:s0 is not valid (left unmapped).
[  168.126194][T16613] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  168.136587][T16613] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  168.270050][T16613] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  168.280463][T16613] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  168.469945][ T5119] netdevsim netdevsim2 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  168.478197][ T5119] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  168.492462][T16667] netlink: 'syz.9.5342': attribute type 1 has an invalid length.
[  168.521261][ T5119] netdevsim netdevsim2 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  168.529558][ T5119] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  168.554958][ T5119] netdevsim netdevsim2 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  168.563173][ T5119] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  168.594958][T16673] 8021q: adding VLAN 0 to HW filter on device bond4
[  168.602962][T16673] bond3: (slave bond4): making interface the new active one
[  168.612036][T16673] bond3: (slave bond4): Enslaving as an active interface with an up link
[  168.642534][ T5119] netdevsim netdevsim2 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  168.650908][ T5119] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  168.693999][T16682] netlink: 'syz.5.5348': attribute type 3 has an invalid length.
[  168.972822][T16710] lo speed is unknown, defaulting to 1000
[  169.007337][T16719] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  169.021079][T16716] netlink: 'syz.7.5361': attribute type 3 has an invalid length.
[  169.040426][T16719] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  169.064068][T16721] syz.9.5366: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0
[  169.078698][T16721] CPU: 1 UID: 0 PID: 16721 Comm: syz.9.5366 Tainted: G        W           6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(voluntary) 
[  169.078734][T16721] Tainted: [W]=WARN
[  169.078792][T16721] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  169.078806][T16721] Call Trace:
[  169.078814][T16721]  <TASK>
[  169.078823][T16721]  __dump_stack+0x1d/0x30
[  169.078849][T16721]  dump_stack_lvl+0xe8/0x140
[  169.078872][T16721]  dump_stack+0x15/0x1b
[  169.078915][T16721]  warn_alloc+0x12b/0x1a0
[  169.078955][T16721]  __vmalloc_node_range_noprof+0x9c/0xe00
[  169.078991][T16721]  ? __futex_wait+0x1ff/0x260
[  169.079072][T16721]  ? __pfx_futex_wake_mark+0x10/0x10
[  169.079107][T16721]  ? __rcu_read_unlock+0x4f/0x70
[  169.079135][T16721]  ? avc_has_perm_noaudit+0x1b1/0x200
[  169.079161][T16721]  ? should_fail_ex+0x30/0x280
[  169.079195][T16721]  ? xskq_create+0x36/0xe0
[  169.079315][T16721]  vmalloc_user_noprof+0x7d/0xb0
[  169.079359][T16721]  ? xskq_create+0x80/0xe0
[  169.079422][T16721]  xskq_create+0x80/0xe0
[  169.079450][T16721]  xsk_init_queue+0x95/0xf0
[  169.079523][T16721]  xsk_setsockopt+0x477/0x640
[  169.079587][T16721]  ? __pfx_xsk_setsockopt+0x10/0x10
[  169.079612][T16721]  __sys_setsockopt+0x181/0x200
[  169.079643][T16721]  __x64_sys_setsockopt+0x64/0x80
[  169.079681][T16721]  x64_sys_call+0x20ec/0x2ff0
[  169.079706][T16721]  do_syscall_64+0xd2/0x200
[  169.079733][T16721]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  169.079807][T16721]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  169.079831][T16721]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.079851][T16721] RIP: 0033:0x7fedea17ebe9
[  169.079872][T16721] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  169.079889][T16721] RSP: 002b:00007fede87e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  169.079931][T16721] RAX: ffffffffffffffda RBX: 00007fedea3a5fa0 RCX: 00007fedea17ebe9
[  169.079987][T16721] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000004
[  169.080002][T16721] RBP: 00007fedea201e19 R08: 0000000000000004 R09: 0000000000000000
[  169.080017][T16721] R10: 0000200000000900 R11: 0000000000000246 R12: 0000000000000000
[  169.080031][T16721] R13: 00007fedea3a6038 R14: 00007fedea3a5fa0 R15: 00007ffe627fcfe8
[  169.080049][T16721]  </TASK>
[  169.080058][T16721] Mem-Info:
[  169.311141][T16721] active_anon:62331 inactive_anon:39 isolated_anon:0
[  169.311141][T16721]  active_file:13118 inactive_file:15088 isolated_file:0
[  169.311141][T16721]  unevictable:16819 dirty:316 writeback:0
[  169.311141][T16721]  slab_reclaimable:3652 slab_unreclaimable:18848
[  169.311141][T16721]  mapped:28753 shmem:50888 pagetables:1268
[  169.311141][T16721]  sec_pagetables:0 bounce:0
[  169.311141][T16721]  kernel_misc_reclaimable:0
[  169.311141][T16721]  free:1806375 free_pcp:5902 free_cma:0
[  169.357005][T16721] Node 0 active_anon:249440kB inactive_anon:156kB active_file:52472kB inactive_file:60352kB unevictable:67276kB isolated(anon):0kB isolated(file):0kB mapped:115012kB dirty:1264kB writeback:0kB shmem:203552kB kernel_stack:4512kB pagetables:5072kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  169.386121][T16721] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  169.414808][T16721] lowmem_reserve[]: 0 2883 7862 7862
[  169.420223][T16721] Node 0 DMA32 free:2949328kB boost:0kB min:4132kB low:7064kB high:9996kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2952860kB mlocked:0kB bounce:0kB free_pcp:3532kB local_pcp:0kB free_cma:0kB
[  169.450333][T16721] lowmem_reserve[]: 0 0 4978 4978
[  169.455420][T16721] Node 0 Normal free:4260752kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB free_highatomic:0KB active_anon:249448kB inactive_anon:156kB active_file:52472kB inactive_file:60352kB unevictable:67364kB writepending:1264kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:19956kB local_pcp:17816kB free_cma:0kB
[  169.488182][T16721] lowmem_reserve[]: 0 0 0 0
[  169.492935][T16721] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  169.505744][T16721] Node 0 DMA32: 4*4kB (M) 4*8kB (M) 4*16kB (M) 5*32kB (M) 3*64kB (M) 4*128kB (M) 3*256kB (M) 3*512kB (M) 3*1024kB (M) 3*2048kB (M) 717*4096kB (M) = 2949328kB
[  169.522021][T16721] Node 0 Normal: 2*4kB (UE) 1*8kB (M) 2*16kB (UE) 1*32kB (U) 1*64kB (U) 2*128kB (ME) 4*256kB (UME) 45*512kB (UME) 13*1024kB (U) 8*2048kB (UME) 1027*4096kB (UME) = 4260752kB
[  169.539671][T16721] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  169.549137][T16721] 95975 total pagecache pages
[  169.553902][T16721] 54 pages in swap cache
[  169.558229][T16721] Free swap  = 124780kB
[  169.562371][T16721] Total swap = 124996kB
[  169.566562][T16721] 2097051 pages RAM
[  169.570370][T16721] 0 pages HighMem/MovableOnly
[  169.575062][T16721] 80436 pages reserved
[  169.621688][T16733] __nla_validate_parse: 1 callbacks suppressed
[  169.621703][T16733] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5371'.
[  169.700062][T16744] SELinux:  Context system_u:object_r:utempter_exec_t:s0 is not valid (left unmapped).
[  169.783643][T16755] atomic_op ffff88811a130928 conn xmit_atomic 0000000000000000
[  170.225558][T16812] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=16812 comm=syz.5.5406
[  170.264094][T16812] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=263 sclass=netlink_audit_socket pid=16812 comm=syz.5.5406
[  170.401386][T16824] loop9: detected capacity change from 0 to 764
[  170.423389][T16824] Symlink component flag not implemented
[  170.432653][T16824] Symlink component flag not implemented (129)
[  170.447677][T16831] netlink: 48 bytes leftover after parsing attributes in process `syz.0.5416'.
[  170.454869][T16833] veth1_to_bridge: entered promiscuous mode
[  170.463518][T16824] rock: directory entry would overflow storage
[  170.465836][T16833] veth1_to_bridge: left promiscuous mode
[  170.469754][T16824] rock: sig=0x4f50, size=4, remaining=3
[  170.480978][T16824] iso9660: Corrupted directory entry in block 6 of inode 1792
[  170.684098][T16863] loop5: detected capacity change from 0 to 764
[  170.693899][T16863] Symlink component flag not implemented
[  170.700458][T16863] Symlink component flag not implemented (129)
[  170.708966][T16863] rock: directory entry would overflow storage
[  170.715261][T16863] rock: sig=0x4f50, size=4, remaining=3
[  170.720943][T16863] iso9660: Corrupted directory entry in block 6 of inode 1792
[  170.799250][T16876] loop5: detected capacity change from 0 to 512
[  170.827321][T16876] EXT4-fs error (device loop5): ext4_ext_check_inode:523: inode #3: comm syz.5.5438: pblk 24 bad header/extent: invalid extent entries - magic f30a, entries 3, max 4(4), depth 0(0)
[  170.849931][T16876] EXT4-fs error (device loop5): ext4_quota_enable:7127: comm syz.5.5438: Bad quota inode: 3, type: 0
[  170.861496][T16876] EXT4-fs warning (device loop5): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  170.877040][T16876] EXT4-fs (loop5): mount failed
[  170.877630][T16885] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  170.921768][T16889] netlink: 'syz.7.5443': attribute type 29 has an invalid length.
[  170.930582][T16889] netlink: 'syz.7.5443': attribute type 29 has an invalid length.
[  170.949581][T16885] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  170.960128][T16889] netlink: 480 bytes leftover after parsing attributes in process `syz.7.5443'.
[  171.005063][T16885] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  171.096521][T16914] netlink: 36 bytes leftover after parsing attributes in process `syz.2.5453'.
[  171.107765][T16885] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  171.126762][T16914] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5453'.
[  171.152905][T16916] netlink: 48 bytes leftover after parsing attributes in process `syz.7.5455'.
[  171.175538][   T41] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  171.187174][T16919] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5457'.
[  171.188419][  T144] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  171.212905][  T144] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  171.236392][  T144] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  171.261787][T16925] netlink: 'syz.0.5459': attribute type 29 has an invalid length.
[  171.270724][T16925] netlink: 'syz.0.5459': attribute type 29 has an invalid length.
[  171.279503][T16925] netlink: 480 bytes leftover after parsing attributes in process `syz.0.5459'.
[  171.306731][T16928] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=16928 comm=syz.0.5460
[  171.320883][T16928] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=263 sclass=netlink_audit_socket pid=16928 comm=syz.0.5460
[  171.451463][   T29] kauditd_printk_skb: 189 callbacks suppressed
[  171.451476][   T29] audit: type=1326 audit(170.584:5506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16939 comm="syz.7.5466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3cabfebe9 code=0x7ffc0000
[  171.505399][   T29] audit: type=1326 audit(170.584:5507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16939 comm="syz.7.5466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3cabfebe9 code=0x7ffc0000
[  171.528545][   T29] audit: type=1326 audit(170.614:5508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16939 comm="syz.7.5466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7fd3cabfebe9 code=0x7ffc0000
[  171.551247][   T29] audit: type=1326 audit(170.614:5509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16939 comm="syz.7.5466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3cabfebe9 code=0x7ffc0000
[  171.574167][   T29] audit: type=1326 audit(170.614:5510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16939 comm="syz.7.5466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3cabfebe9 code=0x7ffc0000
[  171.597102][   T29] audit: type=1326 audit(170.614:5511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16939 comm="syz.7.5466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=40 compat=0 ip=0x7fd3cabfebe9 code=0x7ffc0000
[  171.619987][   T29] audit: type=1326 audit(170.614:5512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16939 comm="syz.7.5466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3cabfebe9 code=0x7ffc0000
[  171.642942][   T29] audit: type=1326 audit(170.614:5513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16939 comm="syz.7.5466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3cabfebe9 code=0x7ffc0000
[  171.692556][   T29] audit: type=1400 audit(170.824:5514): avc:  denied  { transition } for  pid=16943 comm="syz.0.5468" path="/412/file0" dev="tmpfs" ino=2140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=process permissive=1
[  171.696323][T16942] netlink: 'syz.7.5467': attribute type 10 has an invalid length.
[  171.715849][   T29] audit: type=1400 audit(170.824:5515): avc:  denied  { entrypoint } for  pid=16943 comm="syz.0.5468" path="/412/file0" dev="tmpfs" ino=2140 scontext=system_u:object_r:hugetlbfs_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  171.723737][T16942] netlink: 40 bytes leftover after parsing attributes in process `syz.7.5467'.
[  171.831430][T16957] loop9: detected capacity change from 0 to 764
[  171.870202][T16965] netlink: 'syz.9.5478': attribute type 3 has an invalid length.
[  171.897313][T16970] 9pnet: p9_errstr2errno: server reported unknown error 1844674
[  172.009885][T16986] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5489'.
[  172.123674][T16999] netlink: 'syz.7.5505': attribute type 2 has an invalid length.
[  172.215896][T17011] loop5: detected capacity change from 0 to 764
[  172.274158][   T10] kernel write not supported for file bpf-prog (pid: 10 comm: kworker/0:1)
[  172.407348][T17024] loop7: detected capacity change from 0 to 8192
[  172.417089][T17024] FAT-fs (loop7): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  172.485313][T17040] loop7: detected capacity change from 0 to 764
[  173.283880][T17128] rdma_op ffff888119576180 conn xmit_rdma 0000000000000000
[  173.297842][T17132] netlink: 'syz.5.5558': attribute type 2 has an invalid length.
[  173.520935][T17157] lo speed is unknown, defaulting to 1000
[  173.552276][T17162] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  173.577360][T17162] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  173.887220][T17211] rdma_op ffff88811b16f980 conn xmit_rdma 0000000000000000
[  174.379383][T17235] syz_tun (unregistering): left promiscuous mode
[  174.634858][ T5119] dummy0: left allmulticast mode
[  174.639874][ T5119] bridge0: port 3(dummy0) entered disabled state
[  174.646664][ T5119] bridge_slave_1: left allmulticast mode
[  174.652342][ T5119] bridge_slave_1: left promiscuous mode
[  174.658065][ T5119] bridge0: port 2(bridge_slave_1) entered disabled state
[  174.665590][ T5119] bridge_slave_0: left allmulticast mode
[  174.671276][ T5119] bridge_slave_0: left promiscuous mode
[  174.676970][ T5119] bridge0: port 1(bridge_slave_0) entered disabled state
[  174.725274][ T5119] bond3 (unregistering): (slave bridge1): Releasing active interface
[  174.775038][ T5119] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  174.784255][ T5119] bond0 (unregistering): Released all slaves
[  174.792345][ T5119] bond1 (unregistering): Released all slaves
[  174.800412][ T5119] bond2 (unregistering): Released all slaves
[  174.808579][ T5119] bond3 (unregistering): Released all slaves
[  174.866021][ T5119] batadv_slave_0: left promiscuous mode
[  174.873205][ T5119] hsr_slave_0: left promiscuous mode
[  174.879129][ T5119] hsr_slave_1: left promiscuous mode
[  174.885572][ T5119] batman_adv: batadv0: Removing interface: batadv_slave_0
[  174.892939][ T5119] batman_adv: batadv0: Removing interface: batadv_slave_1
[  174.928822][ T5119] team0 (unregistering): Port device team_slave_1 removed
[  175.005224][T17269] lo speed is unknown, defaulting to 1000
[  175.048673][T17269] chnl_net:caif_netlink_parms(): no params data found
[  175.079384][T17269] bridge0: port 1(bridge_slave_0) entered blocking state
[  175.086523][T17269] bridge0: port 1(bridge_slave_0) entered disabled state
[  175.094063][T17269] bridge_slave_0: entered allmulticast mode
[  175.100537][T17269] bridge_slave_0: entered promiscuous mode
[  175.107045][T17269] bridge0: port 2(bridge_slave_1) entered blocking state
[  175.114101][T17269] bridge0: port 2(bridge_slave_1) entered disabled state
[  175.121241][T17269] bridge_slave_1: entered allmulticast mode
[  175.127683][T17269] bridge_slave_1: entered promiscuous mode
[  175.144746][T17269] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  175.156303][T17269] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  175.175680][T17269] team0: Port device team_slave_0 added
[  175.182233][T17269] team0: Port device team_slave_1 added
[  175.196742][T17269] batman_adv: batadv0: Adding interface: batadv_slave_0
[  175.203730][T17269] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  175.229982][T17269] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  175.241926][T17269] batman_adv: batadv0: Adding interface: batadv_slave_1
[  175.248951][T17269] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  175.274913][T17269] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  175.289489][ T5119] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.315236][T17269] hsr_slave_0: entered promiscuous mode
[  175.321508][T17269] hsr_slave_1: entered promiscuous mode
[  175.328140][T17269] debugfs: 'hsr0' already exists in 'hsr'
[  175.334461][T17269] Cannot create hsr debugfs directory
[  175.366133][ T5119] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.454420][ T5119] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.504771][ T5119] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.586800][ T5119] bridge_slave_1: left allmulticast mode
[  175.592460][ T5119] bridge_slave_1: left promiscuous mode
[  175.598324][ T5119] bridge0: port 2(bridge_slave_1) entered disabled state
[  175.606274][ T5119] bridge_slave_0: left allmulticast mode
[  175.611986][ T5119] bridge_slave_0: left promiscuous mode
[  175.617858][ T5119] bridge0: port 1(bridge_slave_0) entered disabled state
[  175.659515][ T5119] bond3 (unregistering): (slave geneve2): Releasing active interface
[  175.704633][ T5119] bond2 (unregistering): (slave bridge1): Releasing active interface
[  175.755542][ T5119] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  175.765795][ T5119] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  175.775895][ T5119] bond0 (unregistering): (slave dummy0): Releasing backup interface
[  175.784842][ T5119] bond0 (unregistering): Released all slaves
[  175.793367][ T5119] bond1 (unregistering): (slave veth0_to_bond): Releasing backup interface
[  175.803806][ T5119] bond1 (unregistering): Released all slaves
[  175.812016][ T5119] bond2 (unregistering): Released all slaves
[  175.820552][ T5119] bond3 (unregistering): Released all slaves
[  175.843460][T17269] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  175.852304][T17269] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  175.864444][T17269] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  175.875583][ T5119] hsr_slave_0: left promiscuous mode
[  175.881431][ T5119] hsr_slave_1: left promiscuous mode
[  175.887193][ T5119] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  175.894767][ T5119] batman_adv: batadv0: Removing interface: batadv_slave_0
[  175.902495][ T5119] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  175.909924][ T5119] batman_adv: batadv0: Removing interface: batadv_slave_1
[  175.918865][ T5119] veth1_macvtap: left promiscuous mode
[  175.924409][ T5119] veth0_macvtap: left promiscuous mode
[  175.929910][ T5119] veth1_vlan: left promiscuous mode
[  175.935197][ T5119] veth0_vlan: left promiscuous mode
[  175.986563][ T5119] team0 (unregistering): Port device team_slave_1 removed
[  175.995945][ T5119] team0 (unregistering): Port device team_slave_0 removed
[  176.022130][T17269] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  176.055112][T17269] 8021q: adding VLAN 0 to HW filter on device bond0
[  176.066548][T17269] 8021q: adding VLAN 0 to HW filter on device team0
[  176.075905][ T5131] bridge0: port 1(bridge_slave_0) entered blocking state
[  176.082978][ T5131] bridge0: port 1(bridge_slave_0) entered forwarding state
[  176.093769][ T5131] bridge0: port 2(bridge_slave_1) entered blocking state
[  176.100952][ T5131] bridge0: port 2(bridge_slave_1) entered forwarding state
[  176.156317][T17269] 8021q: adding VLAN 0 to HW filter on device batadv0
[  176.214525][T17269] veth0_vlan: entered promiscuous mode
[  176.222260][T17269] veth1_vlan: entered promiscuous mode
[  176.247237][ T5119] ------------[ cut here ]------------
[  176.253065][ T5119] WARNING: CPU: 1 PID: 5119 at net/xfrm/xfrm_state.c:3303 xfrm_state_fini+0x17c/0x1f0
[  176.254945][T17269] veth0_macvtap: entered promiscuous mode
[  176.262823][ T5119] Modules linked in:
[  176.272463][T17269] veth1_macvtap: entered promiscuous mode
[  176.273230][ T5119] CPU: 1 UID: 0 PID: 5119 Comm: kworker/u8:40 Tainted: G        W           6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(voluntary) 
[  176.284423][T17269] batman_adv: batadv0: Interface activated: batadv_slave_0
[  176.293057][ T5119] Tainted: [W]=WARN
[  176.304700][ T5119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  176.306153][T17269] batman_adv: batadv0: Interface activated: batadv_slave_1
[  176.314861][ T5119] Workqueue: netns cleanup_net
[  176.326974][ T5119] RIP: 0010:xfrm_state_fini+0x17c/0x1f0
[  176.327155][   T41] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  176.332577][ T5119] Code: 48 8d bb 30 0e 00 00 e8 c2 4d bd fc 48 8b bb 30 0e 00 00 e8 f6 cd c9 fc 5b 41 5e 41 5f 5d c3 cc cc cc cc cc e8 45 90 a2 fc 90 <0f> 0b 90 e9 d9 fe ff ff e8 37 90 a2 fc 90 0f 0b 90 4c 89 f7 e8 8b
[  176.364871][ T5119] RSP: 0018:ffffc9000159fc60 EFLAGS: 00010293
[  176.371099][ T5119] RAX: ffffffff84b5697b RBX: ffff88810a96c740 RCX: ffff8881179fc200
[  176.379299][ T5119] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88810a96d540
[  176.388091][ T5119] RBP: ffffffff86c8a420 R08: 0001ffff86847f7f R09: 0000000000000000
[  176.396425][ T5119] R10: ffffc9000159fbe8 R11: 0001c9000159fbe8 R12: ffffffff86c8a440
[  176.405048][ T5119] R13: ffff88810a96c768 R14: ffff88810a96d540 R15: ffff88810a96c740
[  176.413531][ T5119] FS:  0000000000000000(0000) GS:ffff8882aef47000(0000) knlGS:0000000000000000
[  176.422634][ T5119] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  176.429279][ T5119] CR2: 00007f6e45003e9c CR3: 00000001192e0000 CR4: 00000000003506f0
[  176.437269][ T5119] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  176.445366][ T5119] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  176.453448][ T5119] Call Trace:
[  176.456738][ T5119]  <TASK>
[  176.459660][ T5119]  xfrm_net_exit+0x2d/0x60
[  176.464131][ T5119]  ops_undo_list+0x27b/0x410
[  176.468895][ T5119]  cleanup_net+0x2de/0x4d0
[  176.473334][ T5119]  process_scheduled_works+0x4ce/0x9d0
[  176.479001][ T5119]  worker_thread+0x582/0x770
[  176.483713][ T5119]  kthread+0x486/0x510
[  176.487925][ T5119]  ? finish_task_switch+0xad/0x2b0
[  176.493686][ T5119]  ? __pfx_worker_thread+0x10/0x10
[  176.498874][ T5119]  ? __pfx_kthread+0x10/0x10
[  176.503585][ T5119]  ret_from_fork+0xda/0x150
[  176.508102][ T5119]  ? __pfx_kthread+0x10/0x10
[  176.512914][ T5119]  ret_from_fork_asm+0x1a/0x30
[  176.517881][ T5119]  </TASK>
[  176.520968][ T5119] ---[ end trace 0000000000000000 ]---
[  176.527090][ T5119] ------------[ cut here ]------------
[  176.532689][ T5119] WARNING: CPU: 1 PID: 5119 at net/xfrm/xfrm_state.c:3306 xfrm_state_fini+0x18a/0x1f0
[  176.542270][ T5119] Modules linked in:
[  176.547038][ T5119] CPU: 1 UID: 0 PID: 5119 Comm: kworker/u8:40 Tainted: G        W           6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(voluntary) 
[  176.561744][ T5119] Tainted: [W]=WARN
[  176.565701][ T5119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  176.576389][ T5119] Workqueue: netns cleanup_net
[  176.581321][ T5119] RIP: 0010:xfrm_state_fini+0x18a/0x1f0
[  176.587057][ T5119] Code: bb 30 0e 00 00 e8 f6 cd c9 fc 5b 41 5e 41 5f 5d c3 cc cc cc cc cc e8 45 90 a2 fc 90 0f 0b 90 e9 d9 fe ff ff e8 37 90 a2 fc 90 <0f> 0b 90 4c 89 f7 e8 8b 4d bd fc 4d 8b 3e e9 06 ff ff ff e8 1e 90
[  176.607524][ T5119] RSP: 0018:ffffc9000159fc60 EFLAGS: 00010293
[  176.613737][ T5119] RAX: ffffffff84b56989 RBX: ffff88810a96c740 RCX: ffff8881179fc200
[  176.621870][ T5119] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88811607a640
[  176.629874][ T5119] RBP: 0000000000000040 R08: 000188810a96d56f R09: 0000000000000000
[  176.637980][ T5119] R10: ffffc9000159fbe8 R11: 0001c9000159fbe8 R12: ffffffff86c8a440
[  176.646099][ T5119] R13: ffff88810a96c768 R14: ffff88810a96d568 R15: ffff88811607a640
[  176.654466][ T5119] FS:  0000000000000000(0000) GS:ffff8882aef47000(0000) knlGS:0000000000000000
[  176.663590][ T5119] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  176.670347][ T5119] CR2: 00007f6e45003e9c CR3: 00000001192e0000 CR4: 00000000003506f0
[  176.678346][ T5119] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  176.686507][ T5119] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  176.694573][ T5119] Call Trace:
[  176.697898][ T5119]  <TASK>
[  176.701043][ T5119]  xfrm_net_exit+0x2d/0x60
[  176.705612][ T5119]  ops_undo_list+0x27b/0x410
[  176.710232][ T5119]  cleanup_net+0x2de/0x4d0
[  176.714756][ T5119]  process_scheduled_works+0x4ce/0x9d0
[  176.720407][ T5119]  worker_thread+0x582/0x770
[  176.725029][ T5119]  kthread+0x486/0x510
[  176.729105][ T5119]  ? finish_task_switch+0xad/0x2b0
[  176.734280][ T5119]  ? __pfx_worker_thread+0x10/0x10
[  176.739420][ T5119]  ? __pfx_kthread+0x10/0x10
[  176.744337][ T5119]  ret_from_fork+0xda/0x150
[  176.748919][ T5119]  ? __pfx_kthread+0x10/0x10
[  176.753818][ T5119]  ret_from_fork_asm+0x1a/0x30
[  176.758654][ T5119]  </TASK>
[  176.761803][ T5119] ---[ end trace 0000000000000000 ]---
[  176.769639][   T41] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  176.783894][   T41] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  176.792852][   T41] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  176.814400][   T29] kauditd_printk_skb: 131 callbacks suppressed
[  176.814415][   T29] audit: type=1400 audit(175.954:5647): avc:  denied  { write } for  pid=17269 comm="syz-executor" name="cgroup.procs" dev="cgroup" ino=200 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:setrans_var_run_t:s0"
[  176.847613][   T29] audit: type=1400 audit(175.954:5648): avc:  denied  { open } for  pid=17269 comm="syz-executor" path="/syzcgroup/cpu/syz3/cgroup.procs" dev="cgroup" ino=200 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:setrans_var_run_t:s0"
[  176.877082][ T2145] netdevsim netdevsim2 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  176.887009][ T2145] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  176.928185][T17301] lo speed is unknown, defaulting to 1000
[  176.949009][ T2145] netdevsim netdevsim2 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  176.958927][ T2145] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  176.994440][ T2145] netdevsim netdevsim2 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  177.004459][ T2145] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  177.017264][T17301] chnl_net:caif_netlink_parms(): no params data found
[  177.047408][T17301] bridge0: port 1(bridge_slave_0) entered blocking state
[  177.054669][T17301] bridge0: port 1(bridge_slave_0) entered disabled state
[  177.061950][T17301] bridge_slave_0: entered allmulticast mode
[  177.068319][T17301] bridge_slave_0: entered promiscuous mode
[  177.075916][T17301] bridge0: port 2(bridge_slave_1) entered blocking state
[  177.082967][T17301] bridge0: port 2(bridge_slave_1) entered disabled state
[  177.090229][T17301] bridge_slave_1: entered allmulticast mode
[  177.096720][T17301] bridge_slave_1: entered promiscuous mode
[  177.104321][ T2145] netdevsim netdevsim2 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  177.114167][ T2145] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  177.135558][T17301] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  177.146213][T17301] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  177.165661][T17301] team0: Port device team_slave_0 added
[  177.172240][T17301] team0: Port device team_slave_1 added
[  177.188634][T17301] batman_adv: batadv0: Adding interface: batadv_slave_0
[  177.195775][T17301] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  177.221925][T17301] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  177.233934][T17301] batman_adv: batadv0: Adding interface: batadv_slave_1
[  177.241062][T17301] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  177.268248][T17301] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  177.295947][ T2145] bridge_slave_1: left promiscuous mode
[  177.301610][ T2145] bridge0: port 2(bridge_slave_1) entered disabled state
[  177.309576][ T2145] bridge_slave_0: left allmulticast mode
[  177.315327][ T2145] bridge_slave_0: left promiscuous mode
[  177.321116][ T2145] bridge0: port 1(bridge_slave_0) entered disabled state
[  177.394190][ T2145] bond1 (unregistering): (slave bridge1): Releasing active interface
[  177.485514][   T29] audit: type=1326 audit(176.624:5649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17318 comm="syz.5.5608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd26071ebe9 code=0x7ffc0000
[  177.509489][   T29] audit: type=1326 audit(176.624:5650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17318 comm="syz.5.5608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd26071ebe9 code=0x7ffc0000
[  177.534053][   T29] audit: type=1326 audit(176.624:5651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17318 comm="syz.5.5608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=451 compat=0 ip=0x7fd26071ebe9 code=0x7ffc0000
[  177.557047][   T29] audit: type=1326 audit(176.624:5652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17318 comm="syz.5.5608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd26071ebe9 code=0x7ffc0000
[  177.580070][   T29] audit: type=1326 audit(176.624:5653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17318 comm="syz.5.5608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd26071ebe9 code=0x7ffc0000
[  177.619987][ T2145] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  177.630703][ T2145] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  177.639301][   T29] audit: type=1326 audit(176.744:5654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17318 comm="syz.5.5608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=451 compat=0 ip=0x7fd26071ebe9 code=0x7ffc0000
[  177.663321][   T29] audit: type=1326 audit(176.744:5655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17318 comm="syz.5.5608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd26071ebe9 code=0x7ffc0000
[  177.686513][   T29] audit: type=1326 audit(176.744:5656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17318 comm="syz.5.5608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd26071ebe9 code=0x7ffc0000
[  177.722667][ T2145] bond0 (unregistering): (slave dummy0): Releasing backup interface
[  177.734436][ T2145] bond0 (unregistering): Released all slaves
[  177.743363][ T2145] bond1 (unregistering): Released all slaves
[  177.782429][T17301] hsr_slave_0: entered promiscuous mode
[  177.804845][T17301] hsr_slave_1: entered promiscuous mode
[  177.814234][ T2145] hsr_slave_0: left promiscuous mode
[  177.824330][ T2145] hsr_slave_1: left promiscuous mode
[  177.839762][ T2145] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  177.847478][ T2145] batman_adv: batadv0: Removing interface: batadv_slave_0
[  177.856344][ T2145] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  177.863827][ T2145] batman_adv: batadv0: Removing interface: batadv_slave_1
[  177.871391][ T2145] batman_adv: batadv0: Interface deactivated: ipvlan2
[  177.878392][ T2145] batman_adv: batadv0: Removing interface: ipvlan2
[  177.888422][ T2145] veth1_macvtap: left promiscuous mode
[  177.893967][ T2145] veth0_macvtap: left promiscuous mode
[  177.899281][T17348] netlink: 'syz.3.5618': attribute type 1 has an invalid length.
[  177.899469][ T2145] veth1_vlan: left promiscuous mode
[  177.912610][ T2145] veth0_vlan: left promiscuous mode
[  178.004939][T17350] smc: net device bond0 applied user defined pnetid SYZ2
[  178.024264][T17351] smc: net device bond0 erased user defined pnetid SYZ2
[  178.060079][T17329] lo speed is unknown, defaulting to 1000
[  178.112859][T17364] __nla_validate_parse: 9 callbacks suppressed
[  178.112874][T17364] netlink: 32 bytes leftover after parsing attributes in process `syz.5.5622'.
[  178.130290][T17364] netlink: 16402 bytes leftover after parsing attributes in process `syz.5.5622'.
[  178.168452][T17326] lo speed is unknown, defaulting to 1000
[  178.259315][T17329] chnl_net:caif_netlink_parms(): no params data found
[  178.344956][T17395] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5633'.
[  178.350308][T17329] bridge0: port 1(bridge_slave_0) entered blocking state
[  178.360914][T17329] bridge0: port 1(bridge_slave_0) entered disabled state
[  178.368349][T17329] bridge_slave_0: entered allmulticast mode
[  178.374969][T17329] bridge_slave_0: entered promiscuous mode
[  178.384570][T17395] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5633'.
[  178.395811][ T2145] ------------[ cut here ]------------
[  178.398982][T17326] chnl_net:caif_netlink_parms(): no params data found
[  178.401621][ T2145] WARNING: CPU: 0 PID: 2145 at net/ipv6/xfrm6_tunnel.c:341 xfrm6_tunnel_net_exit+0x94/0x100
[  178.410890][T17329] bridge0: port 2(bridge_slave_1) entered blocking state
[  178.419278][ T2145] Modules linked in:
[  178.419296][ T2145] CPU: 0 UID: 0 PID: 2145 Comm: kworker/u8:6 Tainted: G        W           6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(voluntary) 
[  178.419327][ T2145] Tainted: [W]=WARN
[  178.419333][ T2145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  178.426512][T17329] bridge0: port 2(bridge_slave_1) entered disabled state
[  178.430382][ T2145] Workqueue: netns cleanup_net
[  178.445780][T17329] bridge_slave_1: entered allmulticast mode
[  178.449383][ T2145] 
[  178.461591][T17329] bridge_slave_1: entered promiscuous mode
[  178.469370][ T2145] RIP: 0010:xfrm6_tunnel_net_exit+0x94/0x100
[  178.495467][ T2145] Code: b2 a2 ab fc 4b 83 3c 3e 00 75 19 e8 96 d1 90 fc 49 81 ff f8 07 00 00 74 1d e8 88 d1 90 fc 49 83 c7 08 eb d7 e8 7d d1 90 fc 90 <0f> 0b 90 49 81 ff f8 07 00 00 75 e3 49 81 c6 00 08 00 00 31 db 49
[  178.515729][ T2145] RSP: 0018:ffffc90002577c78 EFLAGS: 00010293
[  178.521846][ T2145] RAX: ffffffff84c72843 RBX: ffff888118a297c0 RCX: ffff888104242100
[  178.530114][ T2145] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff888103e62000
[  178.538131][ T2145] RBP: ffffffff86c925a0 R08: 0001ffff86847f7f R09: 0000000000000000
[  178.546190][ T2145] R10: 0000000000000000 R11: 0000000000000800 R12: ffffffff86c925c0
[  178.554723][ T2145] R13: ffff888118a297e8 R14: ffff888103e62000 R15: 0000000000000000
[  178.562708][ T2145] FS:  0000000000000000(0000) GS:ffff8882aee47000(0000) knlGS:0000000000000000
[  178.571843][ T2145] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  178.578472][ T2145] CR2: fffffffff0000000 CR3: 000000010e0f2000 CR4: 00000000003506f0
[  178.586640][ T2145] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  178.594649][ T2145] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  178.602659][ T2145] Call Trace:
[  178.605965][ T2145]  <TASK>
[  178.608974][ T2145]  ops_undo_list+0x27b/0x410
[  178.613659][ T2145]  cleanup_net+0x2de/0x4d0
[  178.618097][ T2145]  process_scheduled_works+0x4ce/0x9d0
[  178.623684][ T2145]  worker_thread+0x582/0x770
[  178.628744][ T2145]  kthread+0x486/0x510
[  178.632852][ T2145]  ? finish_task_switch+0xad/0x2b0
[  178.638018][ T2145]  ? __pfx_worker_thread+0x10/0x10
[  178.643266][ T2145]  ? __pfx_kthread+0x10/0x10
[  178.647963][ T2145]  ret_from_fork+0xda/0x150
[  178.652844][ T2145]  ? __pfx_kthread+0x10/0x10
[  178.657735][ T2145]  ret_from_fork_asm+0x1a/0x30
[  178.662862][ T2145]  </TASK>
[  178.666023][ T2145] ---[ end trace 0000000000000000 ]---
[  178.672717][ T2145] ------------[ cut here ]------------
[  178.678523][ T2145] WARNING: CPU: 0 PID: 2145 at net/ipv6/xfrm6_tunnel.c:344 xfrm6_tunnel_net_exit+0xd8/0x100
[  178.688664][ T2145] Modules linked in:
[  178.693797][ T2145] CPU: 0 UID: 0 PID: 2145 Comm: kworker/u8:6 Tainted: G        W           6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(voluntary) 
[  178.708433][ T2145] Tainted: [W]=WARN
[  178.712256][ T2145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  178.723381][ T2145] Workqueue: netns cleanup_net
[  178.728969][ T2145] RIP: 0010:xfrm6_tunnel_net_exit+0xd8/0x100
[  178.735171][ T2145] Code: 6e a2 ab fc 49 83 3c 1e 00 75 19 e8 52 d1 90 fc 48 81 fb f8 07 00 00 74 1d e8 44 d1 90 fc 48 83 c3 08 eb d7 e8 39 d1 90 fc 90 <0f> 0b 90 48 81 fb f8 07 00 00 75 e3 e8 27 d1 90 fc 5b 41 5e 41 5f
[  178.754799][ T2145] RSP: 0018:ffffc90002577c78 EFLAGS: 00010293
[  178.761015][ T2145] RAX: ffffffff84c72887 RBX: 0000000000000008 RCX: ffff888104242100
[  178.769970][ T2145] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff888103e62808
[  178.778076][ T2145] RBP: ffffffff86c925a0 R08: 0001ffff86847f7f R09: 0000000000000000
[  178.786219][ T2145] R10: 0000000000000000 R11: 0000000000000800 R12: ffffffff86c925c0
[  178.794539][ T2145] R13: ffff888118a297e8 R14: ffff888103e62800 R15: 00000000000007f8
[  178.802774][ T2145] FS:  0000000000000000(0000) GS:ffff8882aee47000(0000) knlGS:0000000000000000
[  178.813129][ T2145] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  178.819782][ T2145] CR2: fffffffff0000000 CR3: 000000010e0f2000 CR4: 00000000003506f0
[  178.827845][ T2145] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  178.835958][ T2145] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  178.843954][ T2145] Call Trace:
[  178.847472][ T2145]  <TASK>
[  178.850397][ T2145]  ops_undo_list+0x27b/0x410
[  178.855039][ T2145]  cleanup_net+0x2de/0x4d0
[  178.859461][ T2145]  process_scheduled_works+0x4ce/0x9d0
[  178.865049][ T2145]  worker_thread+0x582/0x770
[  178.869738][ T2145]  kthread+0x486/0x510
[  178.873919][ T2145]  ? finish_task_switch+0xad/0x2b0
[  178.879109][ T2145]  ? __pfx_worker_thread+0x10/0x10
[  178.884313][ T2145]  ? __pfx_kthread+0x10/0x10
[  178.889013][ T2145]  ret_from_fork+0xda/0x150
[  178.893645][ T2145]  ? __pfx_kthread+0x10/0x10
[  178.898387][ T2145]  ret_from_fork_asm+0x1a/0x30
[  178.903322][ T2145]  </TASK>
[  178.906366][ T2145] ---[ end trace 0000000000000000 ]---
[  178.917791][ T2145] IPVS: stop unused estimator thread 0...
[  178.974399][ T2145] ------------[ cut here ]------------
[  178.980450][ T2145] WARNING: CPU: 0 PID: 2145 at net/xfrm/xfrm_state.c:3303 xfrm_state_fini+0x17c/0x1f0
[  178.990341][ T2145] Modules linked in:
[  178.994343][ T2145] CPU: 0 UID: 0 PID: 2145 Comm: kworker/u8:6 Tainted: G        W           6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(voluntary) 
[  179.008389][ T2145] Tainted: [W]=WARN
[  179.012197][ T2145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  179.022708][ T2145] Workqueue: netns cleanup_net
[  179.027536][ T2145] RIP: 0010:xfrm_state_fini+0x17c/0x1f0
[  179.033141][ T2145] Code: 48 8d bb 30 0e 00 00 e8 c2 4d bd fc 48 8b bb 30 0e 00 00 e8 f6 cd c9 fc 5b 41 5e 41 5f 5d c3 cc cc cc cc cc e8 45 90 a2 fc 90 <0f> 0b 90 e9 d9 fe ff ff e8 37 90 a2 fc 90 0f 0b 90 4c 89 f7 e8 8b
[  179.052870][ T2145] RSP: 0018:ffffc90002577c60 EFLAGS: 00010293
[  179.059033][ T2145] RAX: ffffffff84b5697b RBX: ffff888118a297c0 RCX: ffff888104242100
[  179.067473][ T2145] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff888118a2a5c0
[  179.075547][ T2145] RBP: ffffffff86c8a420 R08: 0001ffff86847f7f R09: 0000000000000000
[  179.083559][ T2145] R10: ffffc90002577be8 R11: 0001c90002577be8 R12: ffffffff86c8a440
[  179.091693][ T2145] R13: ffff888118a297e8 R14: ffff888118a2a5c0 R15: ffff888118a297c0
[  179.099806][ T2145] FS:  0000000000000000(0000) GS:ffff8882aee47000(0000) knlGS:0000000000000000
[  179.108874][ T2145] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  179.115641][ T2145] CR2: 00007ff43a5f6f98 CR3: 0000000006834000 CR4: 00000000003506f0
[  179.123707][ T2145] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  179.131696][ T2145] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  179.139804][ T2145] Call Trace:
[  179.143126][ T2145]  <TASK>
[  179.146154][ T2145]  xfrm_net_exit+0x2d/0x60
[  179.150616][ T2145]  ops_undo_list+0x27b/0x410
[  179.155303][ T2145]  cleanup_net+0x2de/0x4d0
[  179.159753][ T2145]  process_scheduled_works+0x4ce/0x9d0
[  179.165410][ T2145]  worker_thread+0x582/0x770
[  179.170046][ T2145]  kthread+0x486/0x510
[  179.174156][ T2145]  ? finish_task_switch+0xad/0x2b0
[  179.179369][ T2145]  ? __pfx_worker_thread+0x10/0x10
[  179.184547][ T2145]  ? __pfx_kthread+0x10/0x10
[  179.189167][ T2145]  ret_from_fork+0xda/0x150
[  179.193793][ T2145]  ? __pfx_kthread+0x10/0x10
[  179.198397][ T2145]  ret_from_fork_asm+0x1a/0x30
[  179.203217][ T2145]  </TASK>
[  179.206251][ T2145] ---[ end trace 0000000000000000 ]---
[  179.212323][T17326] bridge0: port 1(bridge_slave_0) entered blocking state
[  179.219658][T17326] bridge0: port 1(bridge_slave_0) entered disabled state
[  179.237324][T17326] bridge_slave_0: entered allmulticast mode
[  179.247695][T17326] bridge_slave_0: entered promiscuous mode
[  179.256320][T17329] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  179.265560][T17326] bridge0: port 2(bridge_slave_1) entered blocking state
[  179.273138][T17326] bridge0: port 2(bridge_slave_1) entered disabled state
[  179.280876][T17326] bridge_slave_1: entered allmulticast mode
[  179.289573][T17326] bridge_slave_1: entered promiscuous mode
[  179.308328][T17329] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  179.312721][T17417] SELinux:  policydb version 0 does not match my version range 15-35
[  179.328384][T17417] SELinux: failed to load policy
[  179.379053][T17326] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  179.389898][T17326] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  179.418944][T17421] SELinux: failed to load policy
[  179.426665][T17425] SELinux:  policydb magic number 0x4c5047 does not match expected magic number 0xf97cff8c
[  179.437214][T17425] SELinux: failed to load policy
[  179.443680][T17329] team0: Port device team_slave_0 added
[  179.459605][T17326] team0: Port device team_slave_0 added
[  179.475452][T17329] team0: Port device team_slave_1 added
[  179.487589][T17326] team0: Port device team_slave_1 added
[  179.504658][T17429] loop5: detected capacity change from 0 to 1024
[  179.512040][T17429] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  179.523682][T17329] batman_adv: batadv0: Adding interface: batadv_slave_0
[  179.530639][T17329] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  179.538330][T17435] netlink: 348 bytes leftover after parsing attributes in process `syz.3.5649'.
[  179.556679][T17329] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  179.573844][T17429] EXT4-fs error (device loop5): ext4_map_blocks:814: inode #3: block 1: comm syz.5.5647: lblock 1 mapped to illegal pblock 1 (length 1)
[  179.576979][T17329] batman_adv: batadv0: Adding interface: batadv_slave_1
[  179.597054][T17329] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  179.607554][T17429] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.5647: Failed to acquire dquot type 0
[  179.623066][T17329] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  179.641352][T17301] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  179.651913][T17429] EXT4-fs error (device loop5): ext4_free_blocks:6696: comm syz.5.5647: Freeing blocks not in datazone - block = 0, count = 4096
[  179.666530][T17326] batman_adv: batadv0: Adding interface: batadv_slave_0
[  179.666712][T17429] EXT4-fs error (device loop5): ext4_read_inode_bitmap:139: comm syz.5.5647: Invalid inode bitmap blk 0 in block_group 0
[  179.675704][T17326] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  179.688522][T17429] EXT4-fs error (device loop5) in ext4_free_inode:361: Corrupt filesystem
[  179.715060][T17326] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  179.716062][T17326] batman_adv: batadv0: Adding interface: batadv_slave_1
[  179.726057][   T41] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:2: lblock 1 mapped to illegal pblock 1 (length 1)
[  179.734232][T17326] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  179.781652][T17326] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  179.797359][T17301] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  179.803070][   T41] EXT4-fs error (device loop5): ext4_release_dquot:6969: comm kworker/u8:2: Failed to release dquot type 0
[  179.811967][T17429] EXT4-fs (loop5): 1 orphan inode deleted
[  179.825196][T17301] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  179.831178][T17429] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  179.848205][T17301] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  179.886635][T11497] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  179.904980][T17329] hsr_slave_0: entered promiscuous mode
[  179.911152][T17329] hsr_slave_1: entered promiscuous mode
[  179.919938][T17329] debugfs: 'hsr0' already exists in 'hsr'
[  179.925809][T17329] Cannot create hsr debugfs directory
[  179.949570][T17326] hsr_slave_0: entered promiscuous mode
[  179.963535][T17326] hsr_slave_1: entered promiscuous mode
[  179.972552][T17326] debugfs: 'hsr0' already exists in 'hsr'
[  179.978460][T17326] Cannot create hsr debugfs directory
[  180.059577][T17301] 8021q: adding VLAN 0 to HW filter on device bond0
[  180.105048][T17468] SELinux: security_context_str_to_sid (
) failed with errno=-22
[  180.142265][T17301] 8021q: adding VLAN 0 to HW filter on device team0
[  180.159580][T17473] bridge0: port 3(batadv0) entered blocking state
[  180.166333][T17473] bridge0: port 3(batadv0) entered disabled state
[  180.174451][T17473] batadv0: entered allmulticast mode
[  180.180293][T17473] batadv0: entered promiscuous mode
[  180.197753][ T2145] bridge0: port 1(bridge_slave_0) entered blocking state
[  180.204949][ T2145] bridge0: port 1(bridge_slave_0) entered forwarding state
[  180.236068][ T2145] bridge0: port 2(bridge_slave_1) entered blocking state
[  180.243307][ T2145] bridge0: port 2(bridge_slave_1) entered forwarding state
[  180.315591][T17301] 8021q: adding VLAN 0 to HW filter on device batadv0
[  180.362158][T17502] netlink: 256 bytes leftover after parsing attributes in process `syz.3.5670'.
[  180.474159][T17301] veth0_vlan: entered promiscuous mode
[  180.483068][T17301] veth1_vlan: entered promiscuous mode
[  180.499016][T17301] veth0_macvtap: entered promiscuous mode
[  180.506779][T17301] veth1_macvtap: entered promiscuous mode
[  180.519238][T17301] batman_adv: batadv0: Interface activated: batadv_slave_0
[  180.530705][T17301] batman_adv: batadv0: Interface activated: batadv_slave_1
[  180.541608][   T41] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  180.556643][   T41] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  180.573932][   T41] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  180.583205][ T5130] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  180.601118][T17532] netlink: 76 bytes leftover after parsing attributes in process `syz.6.5605'.
[  180.642374][T17536] loop6: detected capacity change from 0 to 1024
[  180.649622][T17536] EXT4-fs: Ignoring removed nomblk_io_submit option
[  180.658406][T17536] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  180.673259][   T41] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  180.682562][   T41] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  180.722510][T17301] EXT4-fs error (device loop6): ext4_iget_extra_inode:5104: inode #15: comm syz-executor: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  180.739779][T17301] EXT4-fs error (device loop6): ext4_iget_extra_inode:5104: inode #15: comm syz-executor: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  181.194042][T17329] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  181.212621][T17326] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  181.225614][T17329] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  181.236667][T17326] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  181.246590][T17329] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  181.253828][T17543] netlink: 'syz.3.5681': attribute type 2 has an invalid length.
[  181.261653][T17543] netlink: 'syz.3.5681': attribute type 1 has an invalid length.
[  181.269511][T17543] netlink: 199820 bytes leftover after parsing attributes in process `syz.3.5681'.
[  181.281060][T17329] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  181.291080][T17326] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  181.304904][T17326] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  181.321162][T17549] 9pnet: Could not find request transport: rche_free
[  181.367345][T17329] 8021q: adding VLAN 0 to HW filter on device bond0
[  181.397461][T17326] 8021q: adding VLAN 0 to HW filter on device bond0
[  181.406263][T17329] 8021q: adding VLAN 0 to HW filter on device team0
[  181.417824][T17564] vlan2: entered allmulticast mode
[  181.430391][ T5130] bridge0: port 1(bridge_slave_0) entered blocking state
[  181.437523][ T5130] bridge0: port 1(bridge_slave_0) entered forwarding state
[  181.451430][ T5130] bridge0: port 2(bridge_slave_1) entered blocking state
[  181.458522][ T5130] bridge0: port 2(bridge_slave_1) entered forwarding state
[  181.475910][T17326] 8021q: adding VLAN 0 to HW filter on device team0
[  181.507189][ T5130] bridge0: port 1(bridge_slave_0) entered blocking state
[  181.514341][ T5130] bridge0: port 1(bridge_slave_0) entered forwarding state
[  181.524492][ T5130] bridge0: port 2(bridge_slave_1) entered blocking state
[  181.531613][ T5130] bridge0: port 2(bridge_slave_1) entered forwarding state
[  181.548478][T17571] SELinux:  Context system_u:object_r:hwdata_t:s0 is not valid (left unmapped).
[  181.645042][T17329] 8021q: adding VLAN 0 to HW filter on device batadv0
[  181.677043][T17592] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=17592 comm=syz.3.5694
[  181.685082][T17326] 8021q: adding VLAN 0 to HW filter on device batadv0
[  181.689750][T17592] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=17592 comm=syz.3.5694
[  181.780986][T17329] veth0_vlan: entered promiscuous mode
[  181.793770][T17329] veth1_vlan: entered promiscuous mode
[  181.811247][T17329] veth0_macvtap: entered promiscuous mode
[  181.817736][T17611] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5697'.
[  181.838868][T17329] veth1_macvtap: entered promiscuous mode
[  181.851236][T17326] veth0_vlan: entered promiscuous mode
[  181.868731][T17326] veth1_vlan: entered promiscuous mode
[  181.878849][T17329] batman_adv: batadv0: Interface activated: batadv_slave_0
[  181.899503][T17329] batman_adv: batadv0: Interface activated: batadv_slave_1
[  181.910198][T17326] veth0_macvtap: entered promiscuous mode
[  181.919020][T17326] veth1_macvtap: entered promiscuous mode
[  181.931617][ T5135] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  181.947152][ T5135] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  181.958776][ T5135] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  181.971130][T17326] batman_adv: batadv0: Interface activated: batadv_slave_0
[  181.980067][ T5135] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  182.002509][T17326] batman_adv: batadv0: Interface activated: batadv_slave_1
[  182.018668][ T2145] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  182.039932][T17627] loop5: detected capacity change from 0 to 1024
[  182.040229][ T2145] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  182.067486][ T2145] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  182.077812][ T2145] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  182.096576][T17627] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  182.111141][   T29] kauditd_printk_skb: 83 callbacks suppressed
[  182.111158][   T29] audit: type=1400 audit(181.244:5737): avc:  denied  { write } for  pid=17626 comm="syz.5.5704" name="file0" dev="loop5" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  182.150908][ T2145] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  182.174945][   T29] audit: type=1400 audit(181.314:5738): avc:  denied  { mounton } for  pid=17636 comm="syz.3.5705" path="/51/file0" dev="tmpfs" ino=278 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  182.176688][T11497] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  182.212567][T17539] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  182.243102][   T29] audit: type=1326 audit(181.364:5739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17639 comm="syz.0.5707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a40eeebe9 code=0x7ffc0000
[  182.266778][   T29] audit: type=1326 audit(181.364:5740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17639 comm="syz.0.5707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a40eeebe9 code=0x7ffc0000
[  182.290906][   T29] audit: type=1326 audit(181.364:5741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17639 comm="syz.0.5707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2a40eeebe9 code=0x7ffc0000
[  182.314567][   T29] audit: type=1326 audit(181.364:5742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17639 comm="syz.0.5707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a40eeebe9 code=0x7ffc0000
[  182.337968][   T29] audit: type=1326 audit(181.364:5743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17639 comm="syz.0.5707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a40eeebe9 code=0x7ffc0000
[  182.361653][   T29] audit: type=1326 audit(181.364:5744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17639 comm="syz.0.5707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=267 compat=0 ip=0x7f2a40eeebe9 code=0x7ffc0000
[  182.384555][   T29] audit: type=1326 audit(181.364:5745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17639 comm="syz.0.5707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a40eeebe9 code=0x7ffc0000
[  182.407752][   T29] audit: type=1326 audit(181.364:5746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17639 comm="syz.0.5707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a40eeebe9 code=0x7ffc0000
[  182.570077][T17648] lo speed is unknown, defaulting to 1000
[  182.638974][T17648] chnl_net:caif_netlink_parms(): no params data found
[  182.647554][T17694] SELinux: security_context_str_to_sid () failed with errno=-22
[  182.687509][T17648] bridge0: port 1(bridge_slave_0) entered blocking state
[  182.694749][T17648] bridge0: port 1(bridge_slave_0) entered disabled state
[  182.702596][T17648] bridge_slave_0: entered allmulticast mode
[  182.709339][T17648] bridge_slave_0: entered promiscuous mode
[  182.716757][T17648] bridge0: port 2(bridge_slave_1) entered blocking state
[  182.723932][T17648] bridge0: port 2(bridge_slave_1) entered disabled state
[  182.732757][T17648] bridge_slave_1: entered allmulticast mode
[  182.740526][T17648] bridge_slave_1: entered promiscuous mode
[  182.763783][T17648] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  182.775100][T17648] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  182.797361][T17648] team0: Port device team_slave_0 added
[  182.804031][T17648] team0: Port device team_slave_1 added
[  182.823511][T17648] batman_adv: batadv0: Adding interface: batadv_slave_0
[  182.830541][T17648] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  182.856490][T17648] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  182.868340][T17648] batman_adv: batadv0: Adding interface: batadv_slave_1
[  182.875354][T17648] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  182.901520][T17648] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  182.933136][T17648] hsr_slave_0: entered promiscuous mode
[  182.939248][T17648] hsr_slave_1: entered promiscuous mode
[  182.945273][T17648] debugfs: 'hsr0' already exists in 'hsr'
[  182.951029][T17648] Cannot create hsr debugfs directory
[  183.239187][T17648] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  183.254634][T17648] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  183.264475][T17750] netlink: 'syz.0.5749': attribute type 3 has an invalid length.
[  183.264644][T17749] netlink: 3 bytes leftover after parsing attributes in process `syz.5.5748'.
[  183.285127][T17648] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  183.301517][T17648] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  183.321917][T17749] 1ªX¹¦À: renamed from 
60ªX¹¦À
[  183.334475][T17749] A link change request failed with some changes committed already. Interface 
61ªX¹¦À may have been left with an inconsistent configuration, please check.
[  183.386275][T17648] bridge0: port 2(bridge_slave_1) entered blocking state
[  183.393476][T17648] bridge0: port 2(bridge_slave_1) entered forwarding state
[  183.400737][T17648] bridge0: port 1(bridge_slave_0) entered blocking state
[  183.402368][T17756] netlink: 'syz.0.5753': attribute type 13 has an invalid length.
[  183.407829][T17648] bridge0: port 1(bridge_slave_0) entered forwarding state
[  183.486803][T17756] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  183.508658][   T41] bridge0: port 1(bridge_slave_0) entered disabled state
[  183.523729][   T41] bridge0: port 2(bridge_slave_1) entered disabled state
[  183.546381][T17648] 8021q: adding VLAN 0 to HW filter on device bond0
[  183.578168][T17648] 8021q: adding VLAN 0 to HW filter on device team0
[  183.621087][ T5131] bridge0: port 1(bridge_slave_0) entered blocking state
[  183.628215][ T5131] bridge0: port 1(bridge_slave_0) entered forwarding state
[  183.646685][   T41] bridge0: port 2(bridge_slave_1) entered blocking state
[  183.653801][   T41] bridge0: port 2(bridge_slave_1) entered forwarding state
[  183.698516][T17789] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5765'.
[  183.742504][T17648] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  183.753075][T17648] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  183.896702][T17648] 8021q: adding VLAN 0 to HW filter on device batadv0
[  183.918748][ T2145] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  183.975736][ T2145] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  184.035681][ T2145] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  184.128529][ T2145] bridge_slave_1: left allmulticast mode
[  184.134409][ T2145] bridge_slave_1: left promiscuous mode
[  184.140147][ T2145] bridge0: port 2(bridge_slave_1) entered disabled state
[  184.166128][ T2145] bridge_slave_0: left allmulticast mode
[  184.171397][T17833] loop3: detected capacity change from 0 to 128
[  184.171824][ T2145] bridge_slave_0: left promiscuous mode
[  184.183962][ T2145] bridge0: port 1(bridge_slave_0) entered disabled state
[  184.205917][T17833] bio_check_eod: 6605 callbacks suppressed
[  184.205933][T17833] syz.3.5777: attempt to access beyond end of device
[  184.205933][T17833] loop3: rw=2049, sector=138, nr_sectors = 112 limit=128
[  184.254116][T17833] syz.3.5777: attempt to access beyond end of device
[  184.254116][T17833] loop3: rw=2049, sector=144, nr_sectors = 2 limit=128
[  184.267695][T17833] Buffer I/O error on dev loop3, logical block 72, lost async page write
[  184.355423][ T2145] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  184.374412][ T2145] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  184.389061][ T2145] bond0 (unregistering): Released all slaves
[  184.408877][T17648] veth0_vlan: entered promiscuous mode
[  184.417404][T17648] veth1_vlan: entered promiscuous mode
[  184.439519][ T2145] hsr_slave_0: left promiscuous mode
[  184.446906][ T2145] hsr_slave_1: left promiscuous mode
[  184.452517][ T2145] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  184.459974][ T2145] batman_adv: batadv0: Removing interface: batadv_slave_0
[  184.470415][ T2145] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  184.478020][ T2145] batman_adv: batadv0: Removing interface: batadv_slave_1
[  184.490465][ T2145] veth1_macvtap: left promiscuous mode
[  184.496453][ T2145] veth0_macvtap: left promiscuous mode
[  184.502054][ T2145] veth1_vlan: left promiscuous mode
[  184.518022][ T2145] veth0_vlan: left promiscuous mode
[  184.620446][ T2145] team0 (unregistering): Port device team_slave_1 removed
[  184.631851][ T2145] team0 (unregistering): Port device team_slave_0 removed
[  184.678100][T17648] veth0_macvtap: entered promiscuous mode
[  184.685472][T17846] netlink: 'syz.3.5783': attribute type 3 has an invalid length.
[  184.704976][T17648] veth1_macvtap: entered promiscuous mode
[  184.735383][T17648] batman_adv: batadv0: Interface activated: batadv_slave_0
[  184.754952][T17648] batman_adv: batadv0: Interface activated: batadv_slave_1
[  184.767353][ T5119] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  184.777214][ T5119] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  184.826160][ T5119] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  184.846268][ T5119] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  184.888780][T17856] siw: device registration error -23
[  185.567331][T17923] macvlan1: entered promiscuous mode
[  185.585037][T17923] ipvlan0: entered promiscuous mode
[  185.623178][T17923] ipvlan0: left promiscuous mode
[  185.628309][T17923] macvlan1: left promiscuous mode
[  185.794212][T17944] netlink: 'syz.8.5830': attribute type 1 has an invalid length.
[  186.036348][T17981] bridge1: entered promiscuous mode
[  186.041969][T17981] bridge1: entered allmulticast mode
[  186.054239][T17985] loop8: detected capacity change from 0 to 512
[  186.093405][T17985] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  186.150720][T18004] netlink: 'syz.1.5843': attribute type 10 has an invalid length.
[  186.163008][T18004] team0: Port device dummy0 added
[  186.225303][T18017] netlink: 'syz.1.5847': attribute type 3 has an invalid length.
[  186.233791][T18009] loop3: detected capacity change from 0 to 512
[  186.249649][T18009] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  186.293246][T18009] EXT4-fs (loop3): 1 truncate cleaned up
[  186.314853][T18009] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  186.368729][T17648] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  186.388457][T17269] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  186.627904][T18078] netlink: 'syz.3.5876': attribute type 10 has an invalid length.
[  186.638610][T18081] loop5: detected capacity change from 0 to 512
[  186.664887][T18078] team0: Port device dummy0 added
[  186.676952][T18081] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  186.728358][T11497] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  186.740910][T18091] netlink: 'syz.3.5869': attribute type 1 has an invalid length.
[  186.794454][T18095] siw: device registration error -23
[  186.932320][T18119] netlink: 'syz.5.5882': attribute type 10 has an invalid length.
[  186.948210][T18119] bond0: (slave dummy0): Releasing backup interface
[  186.964959][T18119] team0: Port device dummy0 added
[  187.013347][T18134] loop5: detected capacity change from 0 to 512
[  187.034310][T18139] netlink: 'syz.1.5886': attribute type 3 has an invalid length.
[  187.043503][T18134] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  187.132189][   T29] kauditd_printk_skb: 117 callbacks suppressed
[  187.132205][   T29] audit: type=1326 audit(186.265:5864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18156 comm="syz.3.5888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff43bf8ebe9 code=0x7ffc0000
[  187.164622][T11497] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  187.183937][   T29] audit: type=1326 audit(186.305:5865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18156 comm="syz.3.5888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff43bf8ebe9 code=0x7ffc0000
[  187.207159][   T29] audit: type=1326 audit(186.305:5866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18156 comm="syz.3.5888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7ff43bf8ebe9 code=0x7ffc0000
[  187.230140][   T29] audit: type=1326 audit(186.305:5867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18156 comm="syz.3.5888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff43bf8ebe9 code=0x7ffc0000
[  187.253476][   T29] audit: type=1326 audit(186.305:5868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18156 comm="syz.3.5888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7ff43bf8ebe9 code=0x7ffc0000
[  187.276560][   T29] audit: type=1326 audit(186.305:5869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18156 comm="syz.3.5888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff43bf8ebe9 code=0x7ffc0000
[  187.299595][   T29] audit: type=1326 audit(186.305:5870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18156 comm="syz.3.5888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff43bf8ebe9 code=0x7ffc0000
[  187.324168][   T29] audit: type=1326 audit(186.305:5871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18156 comm="syz.3.5888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7ff43bf8ebe9 code=0x7ffc0000
[  187.347071][   T29] audit: type=1326 audit(186.305:5872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18156 comm="syz.3.5888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=96 compat=0 ip=0xffffffffff600000 code=0x7ffc0000
[  187.370227][   T29] audit: type=1326 audit(186.305:5873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18156 comm="syz.3.5888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff43bf8ebe9 code=0x7ffc0000
[  187.430329][T18173] siw: device registration error -23
[  187.443171][T18183] bridge1: entered promiscuous mode
[  187.448446][T18183] bridge1: entered allmulticast mode
[  187.539164][T18207] team0: Port device dummy0 added
[  187.551350][T18208] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5909'.
[  187.604175][T18218] loop8: detected capacity change from 0 to 512
[  187.632894][T18218] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  187.684855][T18233] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5908'.
[  187.698362][T18233] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5908'.
[  187.699048][ T2145] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  187.729856][T18234] SELinux:  policydb magic number 0x6d656d6b does not match expected magic number 0xf97cff8c
[  187.734682][ T2145] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  187.749391][ T2145] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  187.758219][ T2145] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  187.767304][T18234] SELinux: failed to load policy
[  187.774644][T18237] bridge1: entered promiscuous mode
[  187.779876][T18237] bridge1: entered allmulticast mode
[  187.834271][T17648] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  187.894946][T18245] SELinux: failed to load policy
[  187.936120][T18252] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5916'.
[  188.016492][T18254] SELinux: failed to load policy
[  188.094642][T18278] loop3: detected capacity change from 0 to 512
[  188.133916][T18278] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  188.159741][T18288] netlink: 348 bytes leftover after parsing attributes in process `syz.1.5928'.
[  188.164488][T18281] SELinux: failed to load policy
[  188.231911][T17269] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  188.266200][T18303] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5932'.
[  188.397640][T18328] SELinux: security_context_str_to_sid (
) failed with errno=-22
[  188.612634][T18357] SELinux: failed to load policy
[  188.879665][T18407] 9pnet: Could not find request transport: rche_free
[  188.895081][T18410] vlan2: entered allmulticast mode
[  189.036579][T18415] SELinux: failed to load policy
[  189.306197][T18448] SELinux: failed to load policy
[  189.512162][T18462] loop5: detected capacity change from 0 to 512
[  189.520613][T18462] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  189.579695][T18462] EXT4-fs (loop5): 1 truncate cleaned up
[  189.587335][T18462] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  189.910239][T18483] vlan2: entered allmulticast mode
[  190.187384][T18476] ==================================================================
[  190.195491][T18476] BUG: KCSAN: data-race in filemap_splice_read / filemap_splice_read
[  190.203997][T18476] 
[  190.206406][T18476] write to 0xffff8881038d4be8 of 8 bytes by task 18462 on cpu 1:
[  190.214108][T18476]  filemap_splice_read+0x47e/0x6b0
[  190.219224][T18476]  ext4_file_splice_read+0x8f/0xb0
[  190.224348][T18476]  splice_direct_to_actor+0x26f/0x680
[  190.229709][T18476]  do_splice_direct+0xda/0x150
[  190.234487][T18476]  do_sendfile+0x380/0x650
[  190.238904][T18476]  __x64_sys_sendfile64+0x105/0x150
[  190.244191][T18476]  x64_sys_call+0x2bb0/0x2ff0
[  190.248859][T18476]  do_syscall_64+0xd2/0x200
[  190.253358][T18476]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.259251][T18476] 
[  190.261565][T18476] write to 0xffff8881038d4be8 of 8 bytes by task 18476 on cpu 0:
[  190.269278][T18476]  filemap_splice_read+0x47e/0x6b0
[  190.274395][T18476]  ext4_file_splice_read+0x8f/0xb0
[  190.279516][T18476]  splice_direct_to_actor+0x26f/0x680
[  190.284883][T18476]  do_splice_direct+0xda/0x150
[  190.289643][T18476]  do_sendfile+0x380/0x650
[  190.294078][T18476]  __x64_sys_sendfile64+0x105/0x150
[  190.299278][T18476]  x64_sys_call+0x2bb0/0x2ff0
[  190.304035][T18476]  do_syscall_64+0xd2/0x200
[  190.308542][T18476]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.314449][T18476] 
[  190.316753][T18476] value changed: 0x000000000000b410 -> 0x000000000000b441
[  190.324012][T18476] 
[  190.326333][T18476] Reported by Kernel Concurrency Sanitizer on:
[  190.332470][T18476] CPU: 0 UID: 0 PID: 18476 Comm: syz.5.5976 Tainted: G        W           6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(voluntary) 
[  190.346204][T18476] Tainted: [W]=WARN
[  190.350002][T18476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  190.360053][T18476] ==================================================================
[  190.475195][T11497] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.969270][    C1] BUG: kernel NULL pointer dereference, address: 0000000000000008
[  196.977097][    C1] #PF: supervisor read access in kernel mode
[  196.983070][    C1] #PF: error_code(0x0000) - not-present page
[  196.989024][    C1] PGD 0 P4D 0 
[  196.992378][    C1] Oops: Oops: 0000 [#1] SMP PTI
[  196.997210][    C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G        W           6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(voluntary) 
[  197.010469][    C1] Tainted: [W]=WARN
[  197.014256][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  197.024567][    C1] RIP: 0010:pfkey_send_notify+0x7c/0x5c0
[  197.030206][    C1] Code: 00 e8 18 49 a6 fc 4d 8b a4 24 90 0d 00 00 4b 8d 3c ec e8 57 35 a6 fc 4f 8b 24 ec e8 de 04 7d fc 49 8d 7c 24 08 e8 b4 45 a6 fc <41> 8b 6c 24 08 45 31 e4 31 ff 89 ee e8 13 7c 8b fc 85 ed 0f 84 87
[  197.049794][    C1] RSP: 0018:ffffc900000dcde0 EFLAGS: 00010246
[  197.055851][    C1] RAX: ffff888237d25820 RBX: ffffc900000dce40 RCX: ffffffff84cc81c9
[  197.063811][    C1] RDX: 000000000000055a RSI: 0000000000000000 RDI: 0000000000000008
[  197.071777][    C1] RBP: ffff88811cea63c0 R08: 000188810faac237 R09: 0000000000000000
[  197.079735][    C1] R10: 000188812a03c500 R11: ffffffff84cc8160 R12: 0000000000000000
[  197.087706][    C1] R13: 0000000000000046 R14: ffff88811cea63c0 R15: ffffc900000dce50
[  197.095668][    C1] FS:  0000000000000000(0000) GS:ffff8882aef47000(0000) knlGS:0000000000000000
[  197.104687][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  197.111284][    C1] CR2: 0000000000000008 CR3: 0000000104722000 CR4: 00000000003506f0
[  197.119241][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  197.127243][    C1] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  197.135216][    C1] Call Trace:
[  197.138476][    C1]  <IRQ>
[  197.141302][    C1]  ? __pfx_pfkey_send_notify+0x10/0x10
[  197.146758][    C1]  xfrm_timer_handler+0x1fb/0x690
[  197.151793][    C1]  ? __pfx_xfrm_timer_handler+0x10/0x10
[  197.157336][    C1]  __hrtimer_run_queues+0x20c/0x5a0
[  197.162520][    C1]  hrtimer_run_softirq+0xe0/0x2c0
[  197.167564][    C1]  handle_softirqs+0xb7/0x290
[  197.172222][    C1]  __irq_exit_rcu+0x3a/0xc0
[  197.176706][    C1]  sysvec_apic_timer_interrupt+0x74/0x80
[  197.182352][    C1]  </IRQ>
[  197.185260][    C1]  <TASK>
[  197.188181][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  197.194141][    C1] RIP: 0010:pv_native_safe_halt+0x13/0x20
[  197.199873][    C1] Code: cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d d9 17 19 00 f3 0f 1e fa fb f4 <c3> cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90
[  197.219469][    C1] RSP: 0018:ffffc900000a7ee0 EFLAGS: 000002c2
[  197.225517][    C1] RAX: ffff8882aef47000 RBX: 0000000000000001 RCX: 4000000000000000
[  197.233555][    C1] RDX: 00000000000006b4 RSI: 0000000000000001 RDI: 00000000000b23b4
[  197.241531][    C1] RBP: ffffc900000a7ef8 R08: 0001888237d1b84f R09: 0000000000000000
[  197.249487][    C1] R10: 00018881027090e8 R11: ffffffff812ec060 R12: 0000000000000000
[  197.257436][    C1] R13: ffff8881002b4200 R14: 0000000000000000 R15: 0000000000000000
[  197.265410][    C1]  ? __pfx_read_tsc+0x10/0x10
[  197.270103][    C1]  default_idle+0x13/0x20
[  197.274422][    C1]  default_idle_call+0x3d/0x70
[  197.279170][    C1]  do_idle+0xcb/0x240
[  197.283153][    C1]  cpu_startup_entry+0x25/0x30
[  197.287906][    C1]  start_secondary+0x95/0xa0
[  197.292480][    C1]  common_startup_64+0x13e/0x147
[  197.297451][    C1]  </TASK>
[  197.300446][    C1] Modules linked in:
[  197.304321][    C1] CR2: 0000000000000008
[  197.308454][    C1] ---[ end trace 0000000000000000 ]---
[  197.313882][    C1] RIP: 0010:pfkey_send_notify+0x7c/0x5c0
[  197.319504][    C1] Code: 00 e8 18 49 a6 fc 4d 8b a4 24 90 0d 00 00 4b 8d 3c ec e8 57 35 a6 fc 4f 8b 24 ec e8 de 04 7d fc 49 8d 7c 24 08 e8 b4 45 a6 fc <41> 8b 6c 24 08 45 31 e4 31 ff 89 ee e8 13 7c 8b fc 85 ed 0f 84 87
[  197.339087][    C1] RSP: 0018:ffffc900000dcde0 EFLAGS: 00010246
[  197.345165][    C1] RAX: ffff888237d25820 RBX: ffffc900000dce40 RCX: ffffffff84cc81c9
[  197.353116][    C1] RDX: 000000000000055a RSI: 0000000000000000 RDI: 0000000000000008
[  197.361067][    C1] RBP: ffff88811cea63c0 R08: 000188810faac237 R09: 0000000000000000
[  197.369027][    C1] R10: 000188812a03c500 R11: ffffffff84cc8160 R12: 0000000000000000
[  197.376985][    C1] R13: 0000000000000046 R14: ffff88811cea63c0 R15: ffffc900000dce50
[  197.385053][    C1] FS:  0000000000000000(0000) GS:ffff8882aef47000(0000) knlGS:0000000000000000
[  197.393975][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  197.400648][    C1] CR2: 0000000000000008 CR3: 0000000104722000 CR4: 00000000003506f0
[  197.408610][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  197.416573][    C1] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  197.424548][    C1] Kernel panic - not syncing: Fatal exception in interrupt
[  197.431981][    C1] Kernel Offset: disabled
[  197.436302][    C1] Rebooting in 86400 seconds..