last executing test programs:

1m57.872135369s ago: executing program 4 (id=801):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
pipe(&(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000940)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
writev(r2, &(0x7f0000000400)=[{&(0x7f0000000100)='|', 0x1}], 0x1)
pipe(&(0x7f0000000140)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
splice(r4, 0x0, r5, 0x0, 0xf3a, 0x0)
splice(r1, 0x0, r5, 0x0, 0xc, 0x2)
write(r3, 0x0, 0x0)

1m57.580674318s ago: executing program 4 (id=806):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x7, 0x4008032, 0xffffffffffffffff, 0xd06d000)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r0, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0x10007ffffffff}, 0x18)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)

1m57.35359581s ago: executing program 4 (id=812):
r0 = io_uring_setup(0x54d1, &(0x7f00000001c0)={0x0, 0xf04d, 0x1, 0xfffffffc, 0x211})
close(r0)
r1 = socket(0x10, 0x3, 0x0)
bind$netlink(r1, &(0x7f0000177ff4)={0x10, 0x0, 0x1}, 0xc)
write(r1, &(0x7f0000000140)="2600000022004701050000070000000000000020002b1f000a4a51f1ee839cd53400b017ca5b", 0x26)
connect$netlink(r1, &(0x7f00000005c0)=@proc={0x10, 0x0, 0x1}, 0xc)
setsockopt$sock_int(r1, 0x1, 0x21, &(0x7f0000b4bffc)=0x8, 0x4)
sendmmsg(r1, &(0x7f0000014140)=[{{0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000700)="a3", 0x1}], 0x1}}], 0x1, 0x20)
readv(r0, &(0x7f0000000300)=[{&(0x7f0000000240)=""/145, 0x91}], 0x1)

1m57.276399848s ago: executing program 4 (id=816):
pipe(0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x220)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x800)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x20000, 0x0)
open_tree(r0, &(0x7f0000000640)='\x00', 0x89901)

1m57.226067583s ago: executing program 4 (id=818):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r1, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
listen(r1, 0x0)
r2 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r2, &(0x7f0000002300)={&(0x7f0000000040)=@id={0x1e, 0x3, 0x0, {0x4e22, 0x1}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x44}, 0x4)
sendmsg$tipc(r2, &(0x7f00000002c0)={&(0x7f0000000080)=@nameseq={0x1e, 0x2, 0x0, {0x41}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x480c0}, 0x0)
accept4(r1, 0x0, 0x0, 0x400000000000000)

1m56.837442001s ago: executing program 4 (id=827):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x2440, 0x0)
open(&(0x7f0000000000)='./file0\x00', 0x80140, 0x0)
r1 = creat(&(0x7f0000000200)='./file0\x00', 0x100)
mount$9p_fd(0x0, 0x0, &(0x7f0000000040), 0x200400, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r1}})
r2 = socket(0x10, 0x3, 0x9)
connect$netlink(r2, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x25dfdbfc}, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000001c0)={&(0x7f0000000080), 0xc, &(0x7f0000000180)={&(0x7f0000000b00)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [], {0x14}}, 0x28}}, 0x0)
r3 = syz_genetlink_get_family_id$batadv(0x0, r0)
sendmsg$BATADV_CMD_SET_MESH(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x14, r3, 0x100, 0x70bd28, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x20000010}, 0x40080)

1m56.837248022s ago: executing program 32 (id=827):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x2440, 0x0)
open(&(0x7f0000000000)='./file0\x00', 0x80140, 0x0)
r1 = creat(&(0x7f0000000200)='./file0\x00', 0x100)
mount$9p_fd(0x0, 0x0, &(0x7f0000000040), 0x200400, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r1}})
r2 = socket(0x10, 0x3, 0x9)
connect$netlink(r2, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x25dfdbfc}, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000001c0)={&(0x7f0000000080), 0xc, &(0x7f0000000180)={&(0x7f0000000b00)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [], {0x14}}, 0x28}}, 0x0)
r3 = syz_genetlink_get_family_id$batadv(0x0, r0)
sendmsg$BATADV_CMD_SET_MESH(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x14, r3, 0x100, 0x70bd28, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x20000010}, 0x40080)

1m55.393057443s ago: executing program 0 (id=849):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x1a00404, &(0x7f0000000080)={[{@grpquota}, {@nomblk_io_submit}]}, 0x1, 0xbac, &(0x7f00000017c0)="$eJzs3M1rXOUaAPDnnEy+c5v0crn3tggGpCqK07QpFbpqXYsKunDZmExKyPTDJIIJXaR1ry5EXBSkf4Lg3m5cCS7qQutfUMQiRTdtFyNnPtKxk5nGdGaOSX8/eHPe97wn8zxPTmfOe2BOA3hqTWc/0ohDEXE2iZis708jYqjaG4nYrB13/+7l+awlUam8/VsSSUTcu3t5vvFaSX07Xh+MRMTN15L490etcVfXN5bnyuXSSn18dO38paOr6xuvLJ2fO1c6V7pwYvbVE7MnZ2e7WOvtS+998cwPbzx/9frHM29+fuC7JE7HRH2uuY5umY7prb9Js0JEzHU7WE4G6vU015kUckwIAICO0qY13H9jMgbi4eJtMr79MdfkAAAAgK6oDERUAAAAgH0ucf8PAAAA+1zjewD37l6eb7R8v5HQX3fORMRUrf7G8821mUJsVrcjMRgRY78n0fxYa1L7tSc2nUX6+vtS1qJHzyF3snklIv6/3flPqvVPVZ/ibq0/jYiZLsSffmS8l+o/3YX4edcPwNPpxpnahaz1+pdurX9im+tfYZtr127kff1rrP/ut6z/HtY/0Gb999YOYxx+8NLNdnPN6793P/l5IYufbZ+oqL/hzpWIw4Xt6k+26k/a1H92hzHG529fazeX1Z/V22j9rr9yPeJIdTXXWn9D0un/Jzq6uFQuzdR+bvP66yc7x28+/1nL4jfuBfohO/9jsbvzf2mHMab+9+uhdnOPrz/9ZSh5p9obqu/5cG5tbeVYxFDyeuv+451zaRzTeI2s/hef6/z+367+7DNhs/53yP71XKlvs/HVR2KOHzn+1e7r762s/oVdnv9Pdxjjy2+uvd9uLu/6AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANgb0oiYiCQtbvXTtFiMGI+I/8RYWr64uvby4sUPLixkcxFTMZguLpVLMxExWRsn2fhYtf9wfPyR8WxEHIyIzyZHq+Pi/MXyQt7FAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsGU8IiYiSYsRkUbEH5NpWizmnRUAAADQdVN5JwAAAAD0nPt/AAAA2P9a7v8LfxmN9DMXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9qWDz964lUTE5qnRassM1ecGc80M6LV0Z4eN9ToPoP8G8k4AyE2hqV+pVCo5pgL0mXt8IHnM/EjbmeGu5wIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAP9cLh27cSiJi89RotWWG6nODuWYG9FqadwJAbgY6TSaP3QHsYYW8EwBy4x4fqK3sH1RqWudH2v7m8BNHBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDvmKi2JC1GRFrtp2mxGPGviJiKwWRxqVyaiYgDEfHT5OBwNj6Wd9IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB03er6xvJcuVxa0dHR6WJnNPoWa7T+Zm5zzHD7qQ6dnD+YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADIxer6xvJcuVxaWc07EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACBvq+sby3Plcmmlh528awQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID9/BgAA///GyAmy")
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cgroup.controllers\x00', 0x275a, 0x0)
fsetxattr(r1, &(0x7f0000000000)=@known='security.selinux\x00', &(0x7f0000000680)='@\x18\x93|\b\xc10\xaeA\x95\xd9Wi\x1b\xe4S\x89\xbe\xd1\xb1\x1a4\x8d\xc0$\x80\v\x9c\xd4Et\x10\xda\x8d\x18y\xd6gB\xb1E\xbc\x11\x06E\xc7A\x8a2z\x14L\xb3\xbb\x97p\x04{\bc|^;t\xdd\xbe\xeeHR\xd7\x9f\xe8\x87\x9f\x02\xc1\xf1g\x000\xc7GC>\x14\xa3\xbc\xd78\xdf\x99;\x15\\\x1aI\xe1\x04s\x9en\xf6\xab\xfb\xd0G\xc9p\x15I\xe0Qr\xa15\xf4\xe4\x00\xff>\xc9)\x9eK\x82a\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x87, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
write$cgroup_type(r2, &(0x7f0000000180), 0xfffffe51)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x8, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000069117e0000000000c6"], 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb}, 0x94)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40305829, &(0x7f0000000040))

1m54.993130153s ago: executing program 0 (id=855):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f00000003c0)='GPL\x00'}, 0x94)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x19, 0x4, 0x8, 0x1}, 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r4}, &(0x7f0000000240), &(0x7f00000006c0)=r0}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000700)={r5, r2, 0x25, 0x2, @void}, 0x10)
syz_emit_ethernet(0x2a, &(0x7f0000000580)={@link_local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x5}, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x64, 0x0, 0x0, 0x2, 0x0, @broadcast, @multicast1}, @address_reply={0x12, 0x0, 0x0, 0x6}}}}}, 0x0)

1m54.860992946s ago: executing program 0 (id=858):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2c}}, 0x10)
connect$inet(r2, &(0x7f0000000280)={0x2, 0x4, @multicast1}, 0x10)
sendmmsg$inet(r2, &(0x7f0000004540)=[{{&(0x7f0000000040)={0x2, 0x4e22, @multicast1}, 0xb87, 0x0}, 0xee0000b0}, {{0x0, 0x0, &(0x7f00000012c0)=[{&(0x7f0000001100)="15b26f226e2966667482d50903b0a8d92ccd9e69d5cc4cb3d467a670b237a9225fb56c0f7ea725dee27c4bb43bb50c6748c83b71d59f0537405dfab648c096607340fac939a2efd31cbe2f8ca29c409e87ea0974b7bceff9afef5d07d691575f5115f2f961ad488e3386036913e98181a6034febaab853a3e928b9035b0e3a8e1cb393c70f6d0448970e0af2476f8b923ee09c19deca55d58f70e8eeff55dda6381cb96afe97196c0af0a8fd450a1447a1a521e2c211fb84cbcf4aebd31298972ec6bea1764fbde5500fa30c5f2459cff4d7f123ab94cfd5762d586ec7a28abc2f8c9e608f8f964b96ecb0883d60d444f317834a3d734cb304051a60d1a084a84da8f9a23a1b9d4951c0a81985c63ae193f40e9deb358b2f08553324fd6086be9e70e5061568abefebcda50e70f4dab2e4dc0cf6d85aced044d7005326922886194895267165f7f592036ebe11dcf1cad98f5cda766eaea90fb4cb5e793525126c7594f8599055192d63a81d3cd26aadd50983f1c3f1d4655c1b5f59e80f733e3abc4792b760729fd26298ef15141cf76cc4", 0xc3}, {&(0x7f0000000d80)="7d68e6de85f9b0cbc9d710267f321ec64eab043ecad9af7e01e9463218ec45924a99867163e468d36a682fadd749caa325e685d75559a87139e02fae7271be8f55671cfd32a09896278d1941370174720838039d0989bc3394b8a4c4f4a30f0496be313d6d60fe47966c634a3ee1f659e8ef310647725bda0130d5de5028220a4cf5fc808a75694738ee26cb21302b4bba4265b845a5d5dce706d9820c6936b122f9658446d74a9016b94424971dd443a6907eb5c73b6b200e92b23f2c36a214729b0bc231511e4c", 0xc8}, {&(0x7f0000000380)="73fd71361e8d6c80ae1bc9953e2a4aeac7a314273066fc7f65a51969b46df1774bb0be94ccd4824f2d57ad2cd37242b1258402395481f9f07e067652e52aa8ccefcd0962ba0c48757b68d493f3ad702e65d4daa7dfc1605a173185472ae12470eea64c70ef4e64793b8a830447de0f423bef3964934eef4243cac42939ba6fa68d821b9373b5f3e2c26e7ca75ed8fb3203aef3a6637cecdd0251532b99537e02f604058f50e66c8a657d59beeed127695475f082d3d2b9790181fc987ad000ac00887d1506be89f388ecb405660b4ea196ee8f5a92b12ec43bbf49567db613d478ebe2358364f7600bf4f80ef4b2756fb13416c4fa22880cc96a03f07888575aedb001d5a74bb2f906797912b5ac080a0a3d361425f1a92ab03bbe65d5dcb235f43b5ad1162a16ebdc647baac013bf076945126cdd5a080853976a97ad55184601102fbb8df86b21aa8162858d74465c5fb7dc766602a3567f6eaf441f85ec50ca7fb3a4fdb450d1420531da25d01a412958a5e3895c59542238cf8e188e7fb5641eb24a5f1819bf8d2e9dd6c1d0e93564d723e311db9cd268bb1e477036e822b135cdbaf40f812aa7db01d22c829ab01ae24997dae96ddeed49e62d285701d5419e3f94a8b95790cf5a296ed15bffae1f71470c6a6eda872528844a2df42590d898630263cab5cccec57b7cea365ad8c91bfbe7cb419635ce6bf340a56115c0ad922b6fade9538e543bc5def2a85d35ab16d20c219c4733837be2c14ba4d3d32c3a6882ce6857626f55109b4cdcb634425d710bf3108f9b31b4af0cc17a58e49e871a56126dd8bed08e038ba64008587237b3442d28032e52fc9fae1a5784ba59d0edfa03d38352724903ed6f6970b3f4dfa6e40bf933b6765c6ee648174765f1e8ec71b80cac86abd065a3005b40a43a665707cc590997c5048183006a9dd8026d39def05950183b3d4f12f4e1644ef78cddac7c5569985c2c232bb350f28857675339e53f63a868704d2e0b38993dc57a02d3e297fc9a5b9384622841018c303a05bac25d509df5a2d0e3232927283fcc3ec67e4fa7b71d22f115cf693851dcceab4bce38cbfbb32829e211cdcb6a359e14fe416663541050d340aef2555dbd292bd9cbab8fcf20378149cc994569c2bc95fb33fd2d9321b8ac8e5160b02e202492f470eb719a8f2ac3a4be37ea0918b54b14789b7aa228d47f7b13fd9af608740c5a8fe02109a7cc0e555b22628ef790e513ecadfd338d30aed8ca219e64ee4fb0bd0e21e5101bf2072ffa071eb1aa0454caccc015ff1e166813f819a142b56a22e4ff387bb319288a0ef747c6fc8fdee3a0e193b0d086eb816e97e0322fcdaa30da61cd26ac9d8d0748fccd911ce0fd4adc953e9486e137fe66bc8aedfd5b78c562ebfc578ac9f96a453311766564541e16955e30b95914e9411a0b4cd95e0d8732d5ff7a4f921ef41d986a195334266585353b16b9449955523913a30c087532bcb899f733af3abea59baea174cf04359547a633b5f8a582ae3ef12a1d0125bef8c6e8c9fb589d3597c5ab3879491b0c5e3607203f06836a6805d3f7979c4325f9fecb2aceddedb272237132460cda812ef7d613a585898d59f92ef68ec95f12b47b440f6d899ecbfab48055e0c1605ba4cd9dbc17c4cbfec8a953ebbd38c45a6737a57ee58e21a20e530171137968ae4f0d0366cdb0b9d6a4667b011fcd7cd9e77364e5221989d8f0d80793260e748e3bd394849c090c744f6044328304cd6f02e941c5405647daffc1fd2f2864b37f92bbf4931c8e4a7c6bafd0ea79d39d330e70e6776bf6a926de227e5a43653bba04883e98d67bb64aa86e8bf271ba87604bc598e47f2992c7618ad25068860a481554b53352c7339de7e79c3bd1aed5bef8f398432858c888a5d8651969ea40eb3d486e9fe61d49b20500fdfd1548f567da970103d36730657c35d03d2c36b142665f62203b1fb12d616478cfef6f38b34cda87a634dd06d359f33e98b94a5e5b46b2a8d73126352d1d5b65af75055455cc903e384c41876fbdff935d047284d9d203b147a6ba0e9cb50beef7798886c33d2f2f0c0d9abe0e32c7c809f8b0b28fc59471987353c862a311776b8275bf319d5cb9a59f8f103b6e567ef5dd8859973cc3fe41e356bf5bd3186240e49286977eca36a8ad44185973b276cd7958b73e14a221b7fd567818bebf54ad27ee95161bd2aeeb356482ff467500a7d36f0464f58a591ec6b728f984ec78d0abe14c6d3411ac3ffc4c3179d1f95d029f26cceb545723519d3d4209a2b1243e78767273c13dc2bd320512674b6f1a50313bae7b9d16aebb476dbc829e8fd8dd46a1696efaff5795cf75de57c90f05ed9ef4a5cdfbf20d3d9ed95fb4114b1d5c9ade0856212e7ba330ce5bccf2c993dff89112b28bd3b17d3fcfacef7590f62bf948977dd79e2d8025946c80bf263e34035409b5ba1443d4929727180761bd56d258c3670a0aa4de21111fc3172367582de2d164ff3a18d0696b8dd8e5c1423b2ea1e2c0cfe141e4cf04f8cdaed48976b94c40d6a581300458661bbdbfeeb4969af6319eb1798843d0872f68f0c6537bbc9c7dd1e9b0564bf442d8d25f8aa884aba1df074d374f99750d9227bb821ba0355f60de2829a5c8cd47c89d29a2e3d7d53d59db5c3ace8f484664202c210c68a3b33076fb00d59938e84fbad6d6618c0bb89cf94035fa2de4da351e0d71df416450ea7ec3af33aa5c0313c63e654bd79c73b39dc1933636956761058d76648746daca469f8fce62c17a8160cdefc6a927eef9ec4a8dd684e46f35282546ce2362ab8afedd39bf699fd7c2cde538f52ea43c08558f42ba77b2986b800c45fa76a130b30919b3e1d504573e3c1e7dd2dc5d81379df53d736511f1da4ad8791e46adb27bb5c38129e89edda0aed99dcc03fe400f7d05d48e3e9e17744e8487f8ac464c86f7332211fb9799e9d27a6832d5f17ccd1a2da255f6da047e4728dd80860c04391bca4b7833f0346866401ec20033bcf6dfa85fd1520de5a03b4f9f6f5d2f8d7b6e7d7df1cbe5c05e23e080cf335639c94c48aaeb0bfebbe79530d67d35fb101c91839954c0e50dd4b90a86428b22b0be1e906fee30f68d7ce4bf9c68eafe695f07f5e4e4d473d77104b7b1b5dcfeb84e8c83624c0068d4e1cccfe740f8e5d5699603f8481ef2a1f2d4b8fd2314c5cb1985fe34cf8ede7d2e8bddea269422490903489c7f5951114d7ccb29a19455a987d538955712a460243105b25ccb6e6f34c370a6bbb234bee150dbcea5188e45305253f1014f7c0b5d60d517d2d05707f5ca9249a921d6c5307caf41deca0509b49102d801320db65c00f6e1c05fb8c2e1cc554673bf6168dd64086b19af28eec508fd0c304837e802173ac9947c4d73929c61d9632ab929a25f2a04350954612c2de705c1c25215284fe933fc8ccfd30ab3fc9ff5e04dd68d4720d95a29d6da176ac9d332c9ce77358f3c262777ea828fe6473638bc77be2aa586a3733e275744bc42c3742c1ad8f89d25c31958902f2f498c58fc85e9b78fb7a331734cb081cfa9ccfd262df927c0ff46983f8765af4add3532de2b91f2436df028", 0x9fd}], 0x3}}, {{0x0, 0x0, &(0x7f00000017c0)=[{&(0x7f0000001700)="a6", 0x1}], 0x300}}], 0x3, 0x0)

1m54.705808782s ago: executing program 0 (id=860):
pipe(0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x220)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x800)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x20000, 0x0)
open_tree(r0, &(0x7f0000000640)='\x00', 0x89901)

1m54.651821807s ago: executing program 0 (id=862):
r0 = socket(0x1e, 0x4, 0x0)
r1 = socket(0x1e, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0xfffffffc}, 0x10)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2, 0x4}, 0x10)
sendmmsg(r0, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x3514}], 0x1}}], 0x400000000000181, 0x9200000000000000)
r3 = dup3(r1, r0, 0x0)
recvmmsg(r3, &(0x7f0000008840)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000040)=""/8, 0x8}], 0x1}, 0xffffffff}], 0x1, 0x40000001, 0x0)

1m52.48920033s ago: executing program 0 (id=902):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f0000000040)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2d}}, 0x10)
setsockopt$sock_int(r2, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
sendto$inet(r2, 0x0, 0x0, 0xc806, &(0x7f0000000180)={0x2, 0x4e21, @multicast1}, 0x10)
sendto$inet(r2, &(0x7f0000000100)='J', 0xfdbe, 0x4004084, 0x0, 0x11000a00)

1m52.467447862s ago: executing program 33 (id=902):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f0000000040)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2d}}, 0x10)
setsockopt$sock_int(r2, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
sendto$inet(r2, 0x0, 0x0, 0xc806, &(0x7f0000000180)={0x2, 0x4e21, @multicast1}, 0x10)
sendto$inet(r2, &(0x7f0000000100)='J', 0xfdbe, 0x4004084, 0x0, 0x11000a00)

44.201512708s ago: executing program 1 (id=2445):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r0, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
r2 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
waitid(0x0, 0x0, 0x0, 0x4, 0x0)
r3 = syz_pidfd_open(r2, 0x0)
pidfd_send_signal(r3, 0x29, 0x0, 0x0)

43.873399631s ago: executing program 1 (id=2450):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f0000000380)=0x20000, 0x4)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0xf)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000100)={&(0x7f0000000000)=""/5, 0x204000, 0x1000}, 0x20)
r2 = socket$phonet(0x23, 0x2, 0x1)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', <r3=>0x0})
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4)
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000040)=0x4000, 0x4)
bind$xdp(r0, &(0x7f00000002c0)={0x2c, 0x4, r3, 0x30, r0}, 0x10)

43.870289331s ago: executing program 1 (id=2451):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = syz_io_uring_setup(0x499, &(0x7f0000000400)={0x0, 0xd146, 0x0, 0x3, 0x288}, &(0x7f0000000100)=<r3=>0x0, &(0x7f0000000140)=<r4=>0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, @fallback=0x3c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x40, 0x0, r1, 0x0, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='0'], 0x30}})
io_uring_enter(r2, 0x3516, 0xddd3, 0x4, 0x0, 0x0)
shutdown(r0, 0x1)
syz_mount_image$ext4(&(0x7f0000000840)='ext4\x00', &(0x7f0000000800)='./file1\x00', 0x40, &(0x7f00000000c0)={[{@user_xattr}, {@nodioread_nolock}]}, 0x1, 0x576, &(0x7f0000000140)="$eJzs3T1sG2UfAPD/neO3X3nf9JXeVwLUoQKkIlV1kn5AYWpXRKVKHZBYIHLcqIoTV7EDTZQh3StEBwSoS9lgYAQxMCAWRlYWEDNSRSOQmg5g5K80TZzglDouud9POvuee87+P8+d/499pzs5gMw62nhII56OiItJxMi6uqFoVx5trbe6slS8v7JUTKJev/RLEklE3FtZKnbWT9rPhyJiOSKeiohv8hHH081xqwuL0xPlcmmuXR6tzVwdrS4snrgyMzFVmirNnnrp5TNnT58ZPzm+/mX36+tL+Z319caPN9+98d2rt29++tmR5eL7E0mci+F23fp+PE6tbZKPcxuWn+5HsAFKBt0AHkmuneeNVPp/jESunfXd1Ed2tWlAn9X3RdSBjErkP2RU53dA4/i3M+3m748751sHII24q+2pVTPUOjcR+5vHJgd/TR46Mmkcbx7ezYayJy1fj4ixoaHNn/+k/fl7dGOPo4H01dfnWztq8/5P18af6DL+DHfOnf5NnfFvddP49yB+bovx72KPMX5/46ePtox/PeKZrvGTtfhJl/hpRLzVY/xbr395dqu6+scRx6J7/I5k+/PDo5evlEtjrceuMb46duSV7fp/cIv4rXO2+5tfM922f5fT2l198e3nzy5vE/+F57bf/922/4GIeK/H+P+998lrW9XduZ7cbfwK2On+TyIft3uM/+K5oz/0uCoAAAAAAAAAALADafNatiQtrM2naaHQuof3f3EwLVeqteOXK/Ozk61r3g5HPu1caTXSKieN8nj7etxO+eSG8qlcO2DuQLNcKFbKkwPuOwAAAAAAAAAAAAAAAAAAADwpDm24//+3XPP+/41/Vw3sVVv/5Tew18l/yK6H8z8ZWDuA3ef7HzKrLv8hu+Q/ZJf8h+yS/5Bd8h+yS/5Ddsl/AAAAAAAAAAAAAAAAAAAAAAAAAADoi4sXLjSm+v2VpWKjPDm0MD9defvEZKk6XZiZLxaKlbmrhalKZapcKhQrM3/1fkmlcnUsZuevjdZK1dpodWHxzZnK/GznP0VL+b73CAAAAAAAAAAAAAAAAAAAAP55hptTkhYiIm3Op2mhEPHviDicRHL5Srk0FhH/iYjvc/l9jfL4oBsNAAAAAAAAAAAAAAAAAAAAe0x1YXF6olwuzWVkZmgnK0fE8uNtRuMdd/yqfHtfPSnb0EwWZgY8MAEAAAAAAAAAAAAAAAAAQAY9uOm311f80d8GAQAAAAAAAAAAAAAAAAAAQCalPycR0ZiOjTw/vLH2X8lqrvkcEe/cuvTBtYlabW68sfzu2vLah+3lJwfRfqBXnTzt5DEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwQHVhcXqiXC7N9XFm0H0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBR/BgAA///eANcP")
bind$802154_raw(0xffffffffffffffff, 0x0, 0x0)

43.652986313s ago: executing program 1 (id=2455):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x8, 0x2, 0x4, 0x5}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000b00), &(0x7f0000000300)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='kmem_cache_free\x00', r2}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='sysfs\x00', 0x800000, 0x0)
chroot(&(0x7f0000000100)='./file0\x00')
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r3, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
pivot_root(&(0x7f0000000240)='./file0\x00', &(0x7f0000000000)='./file0/../file0\x00')

43.609379627s ago: executing program 1 (id=2456):
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x3000046, &(0x7f00000004c0)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@usrquota}, {@data_err_ignore}, {@nobarrier}, {@oldalloc}, {@grpquota}, {@noload}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x4, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x1c1840, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000e80)='./bus\x00', 0x1c1002, 0x0)
write(r2, &(0x7f00000001c0)="f1", 0x1)
sendfile(r2, r0, 0x0, 0x40001)
sendfile(r2, r1, 0x0, 0x7ffff000)
creat(&(0x7f00000000c0)='./bus\x00', 0x182)

43.609016147s ago: executing program 1 (id=2457):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000280)='./file1\x00', 0x800, &(0x7f00000000c0)=ANY=[], 0x1, 0x256, &(0x7f0000000bc0)="$eJzs2s9rHGUYB/Bn0takqclG/EUL4ose1MvQ5OyhQVoQA4o2QhWkUzPRJeNuyCyBFaE56dWjR8/i0YMgSI9ecvEv6MFbLjn2II6ku9ZtE0sx224pn89lH3jmu/sM8zI8h91789svNtbrfL3oxVSWxdSF2IlbWSzEVPxjJ9547cpvL31w5aN3lldWLr6f0qXly4tLKaX5l3/9+KsfX7nRO/PhT/O/TMfuwid7+0t/7L6we3bvr8uft+vUrlOn20tFutbt9oprVZnW2vVGntJ7VVnUZWp36nLrrv561d3c7KeiszY3u7lV1nUqOv20UfZTr5t6W/1UfFa0OynP8zQ3GxzH6g+3mib2m1NXo2ma09/HmRsxdzNakT2TsmcvZM9fzV7cyc5+Nz3pQXlIHuj57zdNa9KD8lCMvNRnIqpvtle3Vwefg/7yerSjijLORyv+jINjMjSoL729cvF8um0hvq6uD/PXt1dPDPIxzC9GKxaOzi8O8unu/HTMjv7+UrTiuaPzS0fmZ+L1V0fyebTi90+jG1WsxUH2Tv7niEhvvbtyT/7c7esAAJ40ebrj0P5286Cf/1d/kL/ffjgTESP74T371ck4d3LSd0/d/3KjqKpySzG+4uDwPwZjTKg4dZz46eG5vM81Tx9uTcV4hn/qeN8zP6Yxxlec+P/xCb+YeCT+feiHe9kkBgIAAAAAAAAAAOCBPIo/IU76HgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgMfb3wEAAP//R7zIZg==")
fchmodat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x16f)
r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendmsg$802154_raw(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000500)="d7bb33", 0x3}, 0x1, 0x0, 0x0, 0x40000}, 0x4058040)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xc0)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r3, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000002ec0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="5953fdfffffffddbdf256b000000080043"], 0x28}}, 0x50)

43.608642307s ago: executing program 34 (id=2457):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000280)='./file1\x00', 0x800, &(0x7f00000000c0)=ANY=[], 0x1, 0x256, &(0x7f0000000bc0)="$eJzs2s9rHGUYB/Bn0takqclG/EUL4ose1MvQ5OyhQVoQA4o2QhWkUzPRJeNuyCyBFaE56dWjR8/i0YMgSI9ecvEv6MFbLjn2II6ku9ZtE0sx224pn89lH3jmu/sM8zI8h91789svNtbrfL3oxVSWxdSF2IlbWSzEVPxjJ9547cpvL31w5aN3lldWLr6f0qXly4tLKaX5l3/9+KsfX7nRO/PhT/O/TMfuwid7+0t/7L6we3bvr8uft+vUrlOn20tFutbt9oprVZnW2vVGntJ7VVnUZWp36nLrrv561d3c7KeiszY3u7lV1nUqOv20UfZTr5t6W/1UfFa0OynP8zQ3GxzH6g+3mib2m1NXo2ma09/HmRsxdzNakT2TsmcvZM9fzV7cyc5+Nz3pQXlIHuj57zdNa9KD8lCMvNRnIqpvtle3Vwefg/7yerSjijLORyv+jINjMjSoL729cvF8um0hvq6uD/PXt1dPDPIxzC9GKxaOzi8O8unu/HTMjv7+UrTiuaPzS0fmZ+L1V0fyebTi90+jG1WsxUH2Tv7niEhvvbtyT/7c7esAAJ40ebrj0P5286Cf/1d/kL/ffjgTESP74T371ck4d3LSd0/d/3KjqKpySzG+4uDwPwZjTKg4dZz46eG5vM81Tx9uTcV4hn/qeN8zP6Yxxlec+P/xCb+YeCT+feiHe9kkBgIAAAAAAAAAAOCBPIo/IU76HgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgMfb3wEAAP//R7zIZg==")
fchmodat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x16f)
r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendmsg$802154_raw(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000500)="d7bb33", 0x3}, 0x1, 0x0, 0x0, 0x40000}, 0x4058040)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xc0)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r3, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000002ec0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="5953fdfffffffddbdf256b000000080043"], 0x28}}, 0x50)

2.081070645s ago: executing program 7 (id=3325):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[@ANYBLOB="0500000004000000080000000b"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3, 0x0, 0xae8}, 0x18)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r4, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r5, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010005"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x43d, 0x70bd2b, 0x25dfdbfe, {0x0, 0x0, 0x0, r5, {0xc, 0xffff}, {0x0, 0xf}, {0xfff3, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x8014}, 0x0)

1.830118269s ago: executing program 7 (id=3331):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r1 = io_uring_setup(0x42a5, &(0x7f0000000040)={0x0, 0x36d, 0xc000, 0xc, 0xa0002f5})
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x3, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x80000000, 0xfffffffffffffda2, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x24, &(0x7f0000000000)=0xa, 0x4)
io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000180)={0x20, 0xff, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x2, 0x0, 0x93}, 0xe)
sendto$inet6(r0, &(0x7f0000000300)="8b", 0x34000, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @private1}, 0x1c)
shutdown(r0, 0x1)

1.677281854s ago: executing program 7 (id=3335):
r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
fchdir(r1)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
write$binfmt_elf32(r3, &(0x7f0000000000)=ANY=[], 0x58)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)=[0x1], 0x0, 0x0, 0x1, 0x1}}, 0x40)
r4 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r4, 0x0)

1.628043169s ago: executing program 7 (id=3337):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x2, 0x5}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="0207000902"], 0x10}}, 0x0)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r2, &(0x7f0000000480)={0x2, 0x4e23, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x7}, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4={'\x00', '\xff\xff', @private=0xa010100}, 0x0, 0x32}, 0x0, @in=@private=0xa010100, 0x0, 0x0, 0x0, 0xb7, 0x2, 0xfffffffe}}, 0xe8)
sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x1c)

1.271071955s ago: executing program 5 (id=3346):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000c80)={0x11, 0xb, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$selinux_attr(0xffffffffffffff9c, 0x0, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
getgid()
syz_clone(0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x40)
r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r1, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000680)={0x0, 0x61, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73772cc9f1ba1f848430000005e1406ca000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)

1.052704826s ago: executing program 5 (id=3353):
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x2, 0x5}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000500)='9p_client_req\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000500)='9p_client_req\x00', r2}, 0x10)
pipe2$9p(&(0x7f0000001900)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
r5 = dup(r4)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[], [], 0x6b}})

979.590273ms ago: executing program 6 (id=3355):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'sit0\x00', <r1=>0x0})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000ed074479000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r2}, 0x18)
socketpair(0x18, 0x0, 0x2, &(0x7f0000000000))
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000280)='kfree\x00', r3}, 0x18)
sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r1, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0xc, 0x2, [@TCA_HHF_QUANTUM={0x8}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x48801}, 0x0)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f0000000080)={0x0, 0x12, &(0x7f0000000000)={&(0x7f0000000240)={0x38, 0x1403, 0x1, 0x70bd29, 0x25dfdbff, "", [{{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'veth0_to_bridge\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x8081}, 0x20000010)

895.512951ms ago: executing program 5 (id=3357):
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0xfffffffe, 0x2, 0x0, 0x101}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1700000000000000040000000300000000", @ANYRES32=0x1, @ANYRES32=0x0], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000800000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='hrtimer_start\x00', r2}, 0x18)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000380)='hrtimer_start\x00', r3}, 0x18)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)

841.162537ms ago: executing program 6 (id=3358):
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000280)='sched_switch\x00', r1}, 0x18)
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)={0x160, 0x0, 0x2, 0x301, 0x0, 0x0, {0x7, 0x0, 0x2}, [@CTA_EXPECT_NAT={0x2c, 0xa, 0x0, 0x1, [@CTA_EXPECT_NAT_DIR={0x8}, @CTA_EXPECT_NAT_DIR={0x8}, @CTA_EXPECT_NAT_DIR={0x8}, @CTA_EXPECT_NAT_DIR={0x8, 0x1, 0x1, 0x0, 0x1}, @CTA_EXPECT_NAT_DIR={0x8, 0x1, 0x1, 0x0, 0x1}]}, @CTA_EXPECT_MASK={0xf0, 0x3, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x84}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast2}, {0x14, 0x4, @mcast2}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x2f}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev={0xac, 0x14, 0x14, 0x23}}, {0x8, 0x2, @multicast2}}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @private0}}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @remote}, {0x8, 0x2, @multicast2}}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast2}, {0x14, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @remote}, {0x8, 0x2, @local}}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @rand_addr=0x64010101}, {0x8, 0x2, @broadcast}}}]}, @CTA_EXPECT_HELP_NAME={0xe, 0x6, 'sip-20000\x00'}, @CTA_EXPECT_HELP_NAME={0xe, 0x6, 'snmp_trap\x00'}, @CTA_EXPECT_HELP_NAME={0xe, 0x6, 'sip-20000\x00'}]}, 0x160}, 0x1, 0x0, 0x0, 0x40010}, 0x4008000)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000200)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_DELCHAIN={0x20, 0x5, 0xa, 0x5, 0x0, 0x0, {0x1, 0x0, 0x7}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_DELRULE={0x14, 0x8, 0xa, 0x801, 0x0, 0x0, {0x1}}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x200088c0)
sendto(r2, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x321}, {&(0x7f0000000280)=""/85, 0x21}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000580)=""/106, 0x659}, {&(0x7f0000000980)=""/73, 0xd}, {&(0x7f0000000200)=""/77, 0x69}, {&(0x7f00000007c0)=""/141, 0xc4}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}, 0x5}], 0x4000000000003b4, 0x2000, &(0x7f0000003700)={0x77359400})

838.040237ms ago: executing program 5 (id=3359):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
personality(0x500006)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x10)
set_mempolicy_home_node(&(0x7f0000146000/0x1000)=nil, 0x1000, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x0)

798.192361ms ago: executing program 6 (id=3360):
bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xadfd82f5f27d2a52, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
r2 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x0)
symlinkat(&(0x7f0000000000)='.\x00', r3, &(0x7f0000000140)='./file0\x00')
readlinkat(r3, &(0x7f0000000040)='./file0/../file0\x00', &(0x7f0000000240)=""/65, 0x41)

681.842943ms ago: executing program 7 (id=3361):
r0 = perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_config_ext={0x1, 0x552}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x600, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0x0)

646.807576ms ago: executing program 6 (id=3363):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x7fff}, 0x18)
pipe2(&(0x7f0000000c40)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x4800)
vmsplice(r1, &(0x7f00000005c0)=[{&(0x7f0000001cc0)="b70cdbd771882612c450d694c9dd7d7f28d237e84e2780ca6428d132e03f188fff6bd9f85ead7e68f90830db9295022700491841f4a15a000aa4e29ac23601041ec521aa0ea8044f23feb74151693f228ba89f0a43385617bc7930f30a52ca91d02c64bd39d3d581abe9089b2284f876f9c58c124aba7a28700efcb0588ff4ab54a62c0c64fd577d85f5f753ec15281cf73fc37442b0a5ca4a1818cb01590d6415b1e9fda6c7d63cd293d7cc7ca5581041a2736e95b9b0322880b5fd7f27c0d4a59df8101b755fd6cc495963381c8a95d5d605b8ef4800b47091c8749f9e8e9fce163e46db0f7c0e4d0d3a621e3c999453e95aaa56090f220b220c50b31b9d6af722477ab1cda6d561156d85c658a3cd42d777314d154bf31bb61918ac7de8bfad7a5825be505af82806130e8dd03816b86086cc3361bf3a2a0cf6c18b7c84503477660ef5a0bf92d8169c43df1d7bb140652c799a4ac292b94fcea7f0c74413791879104e2bc9b414eda6c74f3625299f67d03e3ef58eeae5ca5fb029005ffa0fe23fb541bc24a57e9c6d8169702998273789ee8c9f08132ab9f76c02a6696c3ad68bf7a772d8be6b1840cfad2184edcf10bd5620f51657239e8eb49b8e77c1483dcc3dc04aeb6cae2922af4be346d52f2983dd5330cbef40b3207432ea6d2a6d2ffb0c3440c78add8395da089aa80e21d8692b16582edea583b73266fd1ab37abc02aa89310ed72a827153f1cbba0f76147a09977724706fdcd68ac168ceb433eba816f55bb5069924c0a6c59b1116e27de7938b835c467dbd9be1843913748e5a2e6f6621bf4944045d82b5124d23fa1d87e780b54a6955a51e47fbf36432be1b3d9d01c05d86e390e497856e476ce5b101c837cef62edce520860667c5259478602febbc5e87f216a6f1452b285f44282333569cbd2f49613730b86a74485e49e1979690ee2c11e1fb49d642c9f515d9e0cf30fe8995379b0b4b2177b2541a34cef72af676c2402b3ab03993047186d45016f83a735b7babda7b3e408f9a7b5c36e7daaaad51e437060c8a5a07646a31a43ebdda0b12a3f64f963315febebf0ad610f2ec9500717c4f33d8bf0e5b55ed2a976339643658df80f07bb29f5fac6f25957ef64ef1bac93f0ea64bfea48b38a4985ff610259762996044543bdf2c", 0x341}], 0x1, 0xa)
fcntl$setpipe(r1, 0x407, 0x6)

599.797371ms ago: executing program 7 (id=3365):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007500000004000000070000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff})
pipe(&(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
splice(r2, 0x0, r4, 0x0, 0x7, 0x9)
write$P9_RWRITE(r4, &(0x7f0000000340)={0xb, 0x77, 0xfffd, 0xf}, 0xb)
read(r3, &(0x7f0000000840)=""/102364, 0x18fdc)

525.156288ms ago: executing program 6 (id=3366):
unshare(0x62040200)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0xc, &(0x7f0000000480)=ANY=[], &(0x7f0000001480)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$kcm(0x10, 0x2, 0x4)
socket$packet(0x11, 0xa, 0x300)
socket$packet(0x11, 0xa, 0x300)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x6, 0x3, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0xb}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='kmem_cache_free\x00'}, 0x10)
socket$packet(0x11, 0xa, 0x300)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="219a53f271a76d2608004c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
sendmsg$kcm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000440)="89", 0x1}], 0x1}, 0x8050)

386.192602ms ago: executing program 3 (id=3368):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x0, 0x0, &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r0 = syz_io_uring_setup(0xa4d, &(0x7f0000000480)={0x0, 0x0, 0x80, 0x1, 0x24f}, &(0x7f00000000c0)=<r1=>0x0, &(0x7f0000000340)=<r2=>0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x18)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2c, 0x0, 0x0, 0x4}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x42, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, {0x2}})
io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0)

385.168732ms ago: executing program 2 (id=3378):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={0x0}, 0x18)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1000040, &(0x7f00000003c0)={[{@barrier}, {@nodioread_nolock}, {@noquota}, {@nodioread_nolock}, {@noload}, {@dioread_nolock}]}, 0x1, 0x599, &(0x7f0000001280)="$eJzs3T9sG2UbAPDnznHTP/m+9JO+T/pAHSpAKlJVJ+kfKEztiqhUqQMSC0SOG1Vx4ipOoIkike4VogMC1KVsMDCCGBgQCyMrC4gZqaIRSE0HMHJ8TtPULk6I4xL/ftLZ73t39vO+d35e+053cgB962j9IY14KiIuJhHDG5YNRLbwaGO91ZWl4v2VpWIStdqlX5JIIuLeylKxuX6SPR+KiOWI+H9EfJOPOJ6uv+W+ZqG6sDg1Xi6XZrP6yNz01ZHqwuKJK9Pjk6XJ0sypF186c/b0mbGTYxube7+2sZbfWl9v/Hjz3RvfvXL75qefHVkuvj+exLkYypZt7MdOamyTfJzbNP90N4L1UNLrBrAtuSzP66n0vxiOXJb1rdQ2Dg6Du9I8oItqgxE1oE8l8h/6VPN3QP34tznt5u+PO+cbByD1uKsrS8V3ohl/oHFuIvavHZsc/DV56Mikfrx5eDcbyp60fD0iRgcGHv38J9nnb/tGd6KBdNXX5xs76tH9n66PP9Fi/Blqnjv9m5rj32o2/q22iJ9rM/5d7DDG76//9FHb+NcH4+mW8ZP1+EmL+GlEvNlh/FuvfXm23bLaxxHHonX8puTx54dHLl8pl0Ybjy1jfHXsyMvt+x9xsE38xjnb/WtfMxv7vy9rU9ph/7/49vNnlh8T//lnH7//W23/AxHxXofx/3Pvk1fbLbtzPblb/xWw1f2fRD5udxj/hXNHf8iKzhoCAAAAAAAAAMAOSteuZUvSwno5TQuFxj28/42DablSnTt+uTI/M9G45u1w5NPmlVbDjXpSr49l1+M26yc31U/lsoC5A2v1QrFSnuhx3wEAAAAAAAAAAAAAAAAAAOBJcWjT/f+/5dbu/9/8d9XAXtX+L7+BvU7+Q/96OP+TnrUD2H2+/6Fv1eQ/9C/5D/1L/kP/kv/Qv+Q/9C/5D/1L/gMAAAAAAAAAAAAAAAAAAAAAAAAAQFdcvHChPtXurywV6/WJgYX5qcpbJyZK1anC9HyxUKzMXi1MViqT5VKhWJn+q/dLKpWrozEzf21krlSdG6kuLL4xXZmfaf6naCnf9R4BAAAAAAAAAAAAAAAAAADAP8/Q2pSkhYh8o56mhULEvyLicBLJ5Svl0mhE/Dsivs/lB+v1sV43GgAAAAAAAAAAAAAAAAAAAPaY6sLi1Hi5XJrtXmEgC9XFEJ0XBrayckQs72wz6u+45Vflsw3Y4023Nwq5J+Nz+OQXejgoAQAAAAAAAAAAAAAAAABAn3pw02+nr/ijuw0CAAAAAAAAAAAAAAAAAACAvpT+nEREfTo2/NzQ5qX7ktXc2nNEvH3r0gfXxufmZsfq8++uz5/7MJt/shftBzrVzNM0Iup5DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADxQXVicGi+XS7PbLAx2sE6v+wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwHX8GAAD//xLkz18=")
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = memfd_create(&(0x7f0000000800)='\x00\xc76\xbe\x91\x8d\x182)!\x9a%\xd9\x19\x17\xb0\xed|\xb3\xc2\x017h\xe9kL\xa2\xd28\xd6\x06\a\x0e\xfc\xfe\x12\x8f&\x13\xae%@T\xa3\xb0>\\\xec\xa9\xf9Q@6A\x10\x8cn|\x00\x00\x00\x00\x00\x00\x00\x00\xeb0\xdd\xe8\x87\x05=\xfb\x8b$\xdcQ\xee\xc5\x1f\x8bQ\xf7fo\"i\xa1hk\x1d\xf5z\xc1\x7f\xa4\\]\xc4\xbe3\xf9\xa8\t?:\xd8\xda\x84\xeepI[\x1c\x00\x00\x00\x00\xf9v\x00\x00\x00\x00\x00T\xb6\xbe\x0f~\xc0\x92\xe9O{\xa8\x81(\x01\x14\xfc\x83\xf9\xfb\x05\x94Tr@Lq]\xf9\x15zj\x87\xc4\x8e\xe8/\xb9-&R\x8e\xb2\xb3bBx\x1e1\x18\x8f2\xf7]#\xed,\xc7\x03\x00\x00\x00\xa3\xee\xcb\xaf\xb3\xe3\'}\x18\xe8O\xa8#K\xb6\xe4R$\xaa\xb4\v\x92\xd2\x99\xb8<X\xfa\xdd\x8a6\xa1\x82\xf7r8\xfe\x85\x8do\xa5\xed\xd4\xbc8\xfb\x16\x8e\x8b-W\xd4\xc9\xbc\x94CR[Du8U^\xf2tl8\xfe\xd0\x94\xfe\xf5\x1c+\x00U\te\xfa6\xca\xb9\xb4Q\xd9\xee\r6\x861h{\xc7z\'F\xc7\x91\x06x\xe1`\xf1:\xbd+\xd5\f\xb2\xce\xa4\x06\x90\x90\x9b\x1d\xcaa\xf7\x8f\x9e\x80\x93\xafT\xdfl\xec\xc6\x8e\x96', 0x6)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)
fsetxattr$security_selinux(r0, &(0x7f0000000480), &(0x7f00000004c0)='system_u:object_r:hwdata_t:s0\x00', 0x1a, 0x0)

259.433014ms ago: executing program 5 (id=3369):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, @perf_bp={0x0, 0xb}, 0x110d41, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x3}, 0x18)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_GET(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000004c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000fbdb0cf81c000000180001801400020074756e6c30"], 0x2c}}, 0x0)

251.420405ms ago: executing program 6 (id=3370):
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
prctl$PR_SET_NAME(0xf, &(0x7f0000000180)='wg1\x00')
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85eff010000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1099e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c391339878b699644c96bd6ea589765ed2a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac4741201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6d00000000000000000000008f6555f3b7d5021dfc8eb504f1e4fef716d60f0d50b03fc014fd3dff46f56750f0ba4f1b9f7de5c17e7d1f18522897edab8e9e76b667ec6b01908400f55e16f0cfbf026be5f5acc681053f697d62b3545aec4606e190216c22c1d8807b6c43f0f0a4b53619fe5c9412821c3816194a5e29cf12cc7a197b5bdafb096d2d7f6be483814c92ef29c3a21c169794c7de3b4c706f4de5f4b93c831944c7b66fa49f317aa22dbc211e19f031c4f8bee14ecd5eb061a052044adc4dd1b63a1500a9c0e09dbba23f2726a55975efb4519d864d984dcb3a1dcafa1124a6b004029a706478df3be2438d2e35e6ca674dc190143a0b6f7db3408c0c08011e5d8f54711a0bd410ab53a15b1596cb77d2b58df2d8d8"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00', r2}, 0x10)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r3, 0x1, 0x3, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

229.035027ms ago: executing program 3 (id=3371):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="09000000070000000080000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f0000000180)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xb, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000d0039000000000000b4a518110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000400)='io_uring_create\x00', r2}, 0x18)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000400)='io_uring_create\x00', r3}, 0x18)
syz_io_uring_setup(0x1113, &(0x7f0000000280)={0x0, 0xb44a, 0x0, 0x0, 0x21e}, 0x0, 0x0)
syz_io_uring_setup(0x496, &(0x7f0000000940)={0x0, 0x422e, 0x800, 0x3, 0xac}, &(0x7f0000000080), &(0x7f0000000400))

200.69975ms ago: executing program 2 (id=3372):
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[], 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, 0xffffffffffffffff, 0x0, 0xfffffffffffffffe}, 0x18)
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x7fff}, 0x18)
setrlimit(0x9, &(0x7f0000000080)={0x8606, 0xffff})
io_setup(0x8f0, &(0x7f0000002400))

200.29393ms ago: executing program 5 (id=3373):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x601c2, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
ftruncate(r0, 0x8800000)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000400)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
recvmmsg(r4, &(0x7f00000034c0)=[{{0x0, 0x0, &(0x7f0000001e40)=[{&(0x7f0000000b80)=""/4096, 0x20001b80}, {&(0x7f0000001b80)=""/112, 0x70}], 0x2, 0x0, 0xa0028cb4}}], 0x40000000000013c, 0x700, 0x0)
sendfile(r3, r0, 0x0, 0x578410e9)
sendfile(r3, r0, 0x0, 0x100000000)

183.179142ms ago: executing program 3 (id=3374):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="01000000040000000800000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r2}, &(0x7f00000001c0), &(0x7f0000000240)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='hrtimer_start\x00', r1}, 0x3d)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='hrtimer_start\x00', r3}, 0x3d)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001, 0xfe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)

161.202624ms ago: executing program 3 (id=3375):
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffc0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002078316e00000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000008500000006000000850000000500000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x10)
socket$inet_sctp(0x2, 0x5, 0x84)
unshare(0x28040680)
r1 = syz_clone(0x100411, 0x0, 0x0, 0x0, 0x0, 0x0)
tkill(r1, 0x13)
tkill(r1, 0x12)
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
close(r2)

158.013685ms ago: executing program 2 (id=3376):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r2}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r3, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000c00)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="010028bd7000fcdbdf2504"], 0x14}}, 0x0)

98.33368ms ago: executing program 3 (id=3377):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r2, 0x6, 0x14, &(0x7f0000000000)=0x1, 0x4)
setsockopt$sock_int(r2, 0x1, 0x3c, &(0x7f0000000400)=0x1, 0xa)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x58}}, 0x10)
sendto(r2, &(0x7f0000000140)='A', 0xfffff, 0x40008c1, 0x0, 0x0)

83.525502ms ago: executing program 2 (id=3379):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="190000000400000008000000080000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='leases_conflict\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='leases_conflict\x00', r3}, 0x10)
fcntl$setlease(r1, 0x400, 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)

82.808912ms ago: executing program 3 (id=3380):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0xff, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r3, 0x89f1, &(0x7f0000000440)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', <r4=>0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @private=0xa010100}}}})
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f00000000c0)={'syztnl0\x00', &(0x7f0000000240)={'tunl0\x00', r4, 0x700, 0x7800, 0xffff, 0x8001, {{0x5, 0x4, 0x0, 0x28, 0x14, 0x68, 0x0, 0x10, 0x4, 0x0, @local, @initdev={0xac, 0x1e, 0x0, 0x0}}}}})

1.26017ms ago: executing program 2 (id=3381):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_lru_insertion\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_lru_insertion\x00', r1}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r3, &(0x7f0000000180), 0x40010)

0s ago: executing program 2 (id=3382):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x7}}, [@NFT_MSG_NEWRULE={0x1bc, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x18c, 0x4, 0x0, 0x1, [{0x160, 0x1, 0x0, 0x1, @match={{0xa}, @val={0x150, 0x2, 0x0, 0x1, [@NFTA_MATCH_REV={0x8}, @NFTA_MATCH_NAME={0xb, 0x1, 'policy\x00'}, @NFTA_MATCH_INFO={0x138, 0x3, "ebae551382395afa4d23edfcbe6d55b57cb15e63c15c46395916e2b388abc3d6ce2316334e8278ad51f6d123a616cf3eb44b275fe6bc6bf402a3f9335458bb7a92f23fc0aa88f2495ff70157ea6b29f7fab11ec362920cab3350208c749f342b38e0df9334cea6fe1e331d76beb7094102d5d409992dcd236e3fd7a8785f97ae9d01b0822c161a491bef0501f8e81ddd66d1b676e8c9f0b2159c2cc0b069669b5af546f644c39bedd627181d27d9c185aae5d910550f08822c6fec60302779b9e812403a2ff826781b4c761bd14eb7515ae224260c9534891afdd05d18b2ffe91f4052766a0b9fe3955bfb1866142e7c1caceb88de7d6e8a5c08ce052bb461f0c7ee914ca5c98c19442d0262a6d04a8e3e29360a9b5871812e08542d54775f5843d70b15871bc247e30d66b83560c014f5000000"}]}}}, {0x28, 0x1, 0x0, 0x1, @last={{0x9}, @val={0x18, 0x2, 0x0, 0x1, [@NFTA_LAST_SET={0x8, 0x1, 0x1, 0x0, 0xff}, @NFTA_LAST_MSECS={0xc, 0x2, 0x1, 0x0, 0xfc26}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_COMPAT={0x4}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0x1e4}, 0x1, 0x0, 0x0, 0x10}, 0x4000800)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x19f, &(0x7f0000000140)={[{@sysvgroups}, {@noblock_validity}, {@min_batch_time={'min_batch_time', 0x3d, 0x82f}}, {@grpquota}, {@debug}, {@journal_dev={'journal_dev', 0x3d, 0x1}}, {@grpid}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x2000}}]}, 0x80, 0x54f, &(0x7f0000000a00)="$eJzs3c9vHFcdAPDvbLxufji1SzlAJUqBoqSC7MY1bS0OJUgITpUQ5R6MvbGsrL2Rd93GViScvwAJIUBwggsXJP4AJBSJC0eEFAnOIBWBEDhwQAIy1cyOHdeZ3WzSza5/fD7SZN68+fF9bzYznjfzNBPAifVSRFyJiPtpmr4SEdNFfqUYYrs7ZMvd27m1mA1JpOnb/0giKfJ2t5UU43PFaqcj4htfi/h28nDc9ubW9YVms7FeTNc7qzfq7c2tSyurC8uN5cba3Nzs6/NvzL82f3ko9TwfEW9+5S8/+O7Pv/rmrz//7p+v/u1iVu2YKubvr8djyHbRRL8FulWv5vtiV7bC+hMEO6wm8hoWzpQtkaZpej+d3pdzeyQlAwDgoOwC9iMR8emIeCWm41T/y1kAAADgCEq/NBX/S7pPaEpM9sgHAAAAjpBK3gc2qdSKvgBTUanUat0+vB+Ns5Vmq9353LXWxtrS3R9PRcRMVCvXVpqNy0Vf4ZmoJtn0bJ5+MP3qgem5iHguIr4/fSafri22mkvjvvkBAAAAJ8S5A+3/f0932/8AAADAMTPzcFZlHOUAAAAAnp6S9j8AAABwzGj/AwAAwLH29bfeyoZ09/vXS+9sblxvvXNpqdG+XlvdWKwtttZv1JZbreX8nX2r+9c9VbK9Zqt14wuxtnGz3mm0O/X25tbV1dbGWufqygc+gQ0AAACM0HOfvPPHJCK2v3gmHzKT4y4UMBITe6mkGJcc/X96tjt+b0SFAkai7B7+Qe89M4KCACM38URrpYOcNoBDrjruAgBjlzxifs/OO78rxp8abnkAAIDhu/Dx3s//+38DYNsnAuCIcxDDyXXgQV46Pa6CACOXP/8ftMOviwU4VqoD9QAEjrMP/fz/kdL0sQoEAAAM3VQ+JJVacXtvKiqVWi3ifP5ZgGpybaXZuBwRz0bEH6arz2TTs/maySPbDAAAAAAAAAAAAAAAAAAAAAAAAABAV5omkfZzpe9cAAAA4AiIqPw1+U33Xf4Xpl+eOnh/YDL5T/5J4MmIePcnb//w5kKnsz6b5f9zL7/zoyL/1XHcwQAAAAAO2m2n77bjAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGCY7u3cWry3cyv9786txVHG/fuXI2JmL34+dOdMxOl8fDqqEXH2X0lM7FsviYhTQ4i/fTsiPlYWP8mKtReyLP6Zpx8/Zoq9UBb/3BDiw0l2Jzv/XCk7/irxUj4uP/4mIj4w/aR6n/9i7/x3qsfxf37AGC/c/WW9Z/zbES9MlJ9/duMnD8VPinFloPjf+ubWVq956U8jLkR5/P3R6p3VG/X25talldWF5cZyY21ubvb1+TfmX5u/XL+20mwU/5bG+N4nfnW/X/3P9og/07P+3TK9PFDtI/5/9+bO8z3+XmXxL36mJP5vf1Ys8XD8SrGtzxbpbP6F3fR2N73fi7/4/Yv96r/0oP7VwX7/bsyL/av94AccxoECAAxNe3Pr+kKz2Vg/Conqk6yVtdLLZj1f7IEPX7DJw7J/JB4z8Z2hbjBN07TH/6g7ETHIdpI4DLslT4z3vAQAAAzfg4v+cZcEAAAAAAAAAAAAAAAAAAAATq4hvjNssvQ1eyVvFtjeSyXeDAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBrvBwAA//9pfNv4")
mount(0x0, &(0x7f0000000240)='.\x00', 0x0, 0x2390024, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a0ef010095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000200)='kmem_cache_free\x00', r1}, 0x10)
open_tree(0xffffffffffffffff, &(0x7f0000000440)='./file0\x00', 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x0, 0x0)
fsetxattr$system_posix_acl(r2, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x1)

kernel console output (not intermixed with test programs):

mtu (1514) !
[  114.754552][ T9098] netlink: 'syz.3.1901': attribute type 10 has an invalid length.
[  114.763311][ T9098] bond0: (slave dummy0): Releasing backup interface
[  114.772444][ T9098] netlink: 'syz.3.1901': attribute type 10 has an invalid length.
[  114.781667][ T9098] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  114.857669][ T9107] lo speed is unknown, defaulting to 1000
[  115.703967][ T9140] syzkaller0: entered promiscuous mode
[  115.709541][ T9140] syzkaller0: entered allmulticast mode
[  115.824877][ T9143] lo speed is unknown, defaulting to 1000
[  115.879474][ T9144] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1919'.
[  115.888591][ T9144] netlink: 108 bytes leftover after parsing attributes in process `syz.2.1919'.
[  115.937209][ T9144] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1919'.
[  115.947681][ T9144] netlink: 108 bytes leftover after parsing attributes in process `syz.2.1919'.
[  115.956873][ T9144] netlink: 84 bytes leftover after parsing attributes in process `syz.2.1919'.
[  116.082451][ T9162] bond0: (slave dummy0): Releasing backup interface
[  116.180738][ T9184] SELinux:  Context system_u:object_r:hald_var_lib_t:s0 is not valid (left unmapped).
[  118.189120][ T9243] netlink: 'syz.5.1958': attribute type 10 has an invalid length.
[  118.219610][ T9243] team0: Port device dummy0 added
[  118.261360][ T9243] netlink: 'syz.5.1958': attribute type 10 has an invalid length.
[  118.286358][ T9243] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  118.316131][ T9243] team0: Failed to send options change via netlink (err -105)
[  118.343641][ T9243] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  118.381654][ T9243] team0: Port device dummy0 removed
[  118.394221][ T9243] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  118.937768][   T29] kauditd_printk_skb: 1485 callbacks suppressed
[  118.937822][   T29] audit: type=1400 audit(1761090195.386:5718): avc:  denied  { connect } for  pid=9250 comm="syz.6.1961" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  118.992491][   T29] audit: type=1400 audit(1761090195.386:5719): avc:  denied  { write } for  pid=9250 comm="syz.6.1961" path="socket:[29770]" dev="sockfs" ino=29770 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  119.052405][ T9260] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1965'.
[  119.067916][ T9262] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=4 sclass=netlink_route_socket pid=9262 comm=syz.1.1963
[  119.187122][ T9266] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.238915][   T29] audit: type=1400 audit(1761090195.686:5720): avc:  denied  { create } for  pid=9265 comm="syz.2.1967" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  119.268765][   T29] audit: type=1400 audit(1761090195.706:5721): avc:  denied  { read } for  pid=9267 comm="syz.6.1968" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  119.268760][ T9266] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.345804][ T9274] loop3: detected capacity change from 0 to 128
[  119.352179][   T29] audit: type=1400 audit(1761090195.796:5722): avc:  denied  { setopt } for  pid=9265 comm="syz.2.1967" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  119.377783][   T29] audit: type=1326 audit(1761090195.826:5723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9275 comm="syz.6.1971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f303d94efc9 code=0x7ffc0000
[  119.420696][   T29] audit: type=1326 audit(1761090195.826:5724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9275 comm="syz.6.1971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f303d94efc9 code=0x7ffc0000
[  119.444369][   T29] audit: type=1326 audit(1761090195.836:5725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9275 comm="syz.6.1971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f303d94efc9 code=0x7ffc0000
[  119.467921][   T29] audit: type=1326 audit(1761090195.836:5726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9275 comm="syz.6.1971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f303d94f003 code=0x7ffc0000
[  119.491190][   T29] audit: type=1326 audit(1761090195.836:5727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9275 comm="syz.6.1971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f303d94da7f code=0x7ffc0000
[  119.587001][ T9266] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.702626][ T9266] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.714122][ T9296] netlink: 52 bytes leftover after parsing attributes in process `syz.3.1978'.
[  119.786472][ T4665] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  119.816578][ T4665] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  119.835413][ T4665] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  119.886442][ T4665] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  120.376275][ T9333] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1993'.
[  120.386906][ T9333] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  120.394344][ T9333] batman_adv: batadv0: Removing interface: batadv_slave_0
[  120.416356][ T9333] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  120.423814][ T9333] batman_adv: batadv0: Removing interface: batadv_slave_1
[  120.593941][ T9339] netlink: 76 bytes leftover after parsing attributes in process `syz.6.1995'.
[  120.940700][ T9367] loop3: detected capacity change from 0 to 512
[  120.960832][ T9367] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.2009: inode has both inline data and extents flags
[  120.991684][ T9367] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.2009: couldn't read orphan inode 15 (err -117)
[  121.016900][ T9373] veth6: entered promiscuous mode
[  121.022274][ T9373] veth6: entered allmulticast mode
[  121.082125][ T9379] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  121.092536][ T9367] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  121.169693][ T9381] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2015'.
[  121.235446][ T9387] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.254144][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.419583][ T9387] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.442779][ T9402] pimreg: entered allmulticast mode
[  121.454166][ T9394] pimreg: left allmulticast mode
[  121.463985][ T9396] lo speed is unknown, defaulting to 1000
[  121.482350][ T9387] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.572511][ T9387] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.683999][   T31] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  121.700258][   T31] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  121.711975][   T31] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  121.724222][   T31] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  121.767544][ T9428] loop2: detected capacity change from 0 to 512
[  121.829041][ T9428] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  121.849102][ T9428] ext4 filesystem being mounted at /365/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  121.980018][ T4101] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  122.022292][ T9439] lo speed is unknown, defaulting to 1000
[  122.136290][ T9454] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2053'.
[  122.145698][ T9454] netlink: 44 bytes leftover after parsing attributes in process `syz.5.2053'.
[  122.715625][ T9480] lo speed is unknown, defaulting to 1000
[  122.767264][ T9483] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2052'.
[  122.776380][ T9483] netlink: 108 bytes leftover after parsing attributes in process `syz.1.2052'.
[  122.792485][ T9483] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2052'.
[  122.802590][ T9483] netlink: 108 bytes leftover after parsing attributes in process `syz.1.2052'.
[  123.231693][ T9499] loop2: detected capacity change from 0 to 512
[  123.234557][ T9505] veth2: entered promiscuous mode
[  123.243115][ T9505] veth2: entered allmulticast mode
[  123.262448][ T9499] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  123.277995][ T9499] ext4 filesystem being mounted at /369/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  123.279982][ T9507] veth4: entered promiscuous mode
[  123.293721][ T9507] veth4: entered allmulticast mode
[  123.344522][ T4101] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  123.399097][ T9518] macvtap1: entered allmulticast mode
[  123.404571][ T9518] bridge0: entered allmulticast mode
[  123.422802][ T9518] bridge0: port 1(macvtap1) entered blocking state
[  123.429781][ T9518] bridge0: port 1(macvtap1) entered disabled state
[  123.440372][ T9518] bridge0: left allmulticast mode
[  123.451796][ T9527] loop2: detected capacity change from 0 to 512
[  123.464393][ T9527] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  123.567658][ T9547] loop3: detected capacity change from 0 to 128
[  123.652772][ T9558] loop3: detected capacity change from 0 to 512
[  123.662486][ T9558] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  123.676066][ T9558] ext4 filesystem being mounted at /410/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  123.724681][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  123.982632][   T29] kauditd_printk_skb: 352 callbacks suppressed
[  123.982648][   T29] audit: type=1400 audit(1761090200.436:6080): avc:  denied  { mount } for  pid=9574 comm="syz.1.2094" name="/" dev="configfs" ino=2061 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  124.040739][   T29] audit: type=1400 audit(1761090200.436:6081): avc:  denied  { search } for  pid=9574 comm="syz.1.2094" name="/" dev="configfs" ino=2061 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  124.063009][   T29] audit: type=1400 audit(1761090200.476:6082): avc:  denied  { search } for  pid=9574 comm="syz.1.2094" name="/" dev="configfs" ino=2061 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  124.085416][   T29] audit: type=1400 audit(1761090200.476:6083): avc:  denied  { read open } for  pid=9574 comm="syz.1.2094" path="/" dev="configfs" ino=2061 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  124.219614][ T9594] xt_hashlimit: max too large, truncated to 1048576
[  124.227064][ T9594] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  124.254798][ T9597] netlink: 'syz.5.2091': attribute type 13 has an invalid length.
[  124.292253][ T9597] bridge0: port 2(bridge_slave_1) entered disabled state
[  124.299524][ T9597] bridge0: port 1(bridge_slave_0) entered disabled state
[  124.372667][ T4665] netdevsim netdevsim5 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  124.386711][ T4665] netdevsim netdevsim5 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  124.400718][ T4665] netdevsim netdevsim5 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  124.412912][ T4665] netdevsim netdevsim5 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  124.531291][   T29] audit: type=1326 audit(1761090200.976:6084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9605 comm="syz.2.2096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36ad82efc9 code=0x7ffc0000
[  124.554863][   T29] audit: type=1326 audit(1761090200.976:6085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9605 comm="syz.2.2096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36ad82efc9 code=0x7ffc0000
[  124.578425][   T29] audit: type=1326 audit(1761090200.976:6086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9605 comm="syz.2.2096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f36ad82efc9 code=0x7ffc0000
[  124.601890][   T29] audit: type=1326 audit(1761090200.976:6087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9605 comm="syz.2.2096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36ad82efc9 code=0x7ffc0000
[  124.625335][   T29] audit: type=1326 audit(1761090200.976:6088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9605 comm="syz.2.2096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7f36ad82efc9 code=0x7ffc0000
[  124.648839][   T29] audit: type=1326 audit(1761090200.976:6089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9605 comm="syz.2.2096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36ad82efc9 code=0x7ffc0000
[  124.674599][ T9600] lo speed is unknown, defaulting to 1000
[  124.843439][ T9614] Bluetooth: hci0: Frame reassembly failed (-90)
[  124.886712][ T4594] Bluetooth: hci0: Frame reassembly failed (-84)
[  124.902086][ T9614] Bluetooth: hci0: Frame reassembly failed (-84)
[  124.971193][ T9618] __nla_validate_parse: 3 callbacks suppressed
[  124.971208][ T9618] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2100'.
[  125.025748][ T9622] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2102'.
[  125.025898][ T9618] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2100'.
[  125.377349][ T9635] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2108'.
[  125.501890][ T9643] netlink: 240 bytes leftover after parsing attributes in process `syz.6.2109'.
[  126.230015][ T9687] netlink: 'syz.1.2122': attribute type 13 has an invalid length.
[  126.411351][ T9698] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  126.452181][ T9698] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  126.508768][ T9698] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  126.602478][ T9712] netlink: 64 bytes leftover after parsing attributes in process `syz.6.2130'.
[  126.621697][ T9698] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  126.706455][ T4621] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  126.732092][ T4621] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  126.754207][ T4621] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  126.772774][ T4621] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  126.825735][ T9721] 8021q: adding VLAN 0 to HW filter on device bond0
[  126.843609][ T9721] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  126.860397][ T9723] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2137'.
[  126.870751][ T3494] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  126.953533][ T9728] lo speed is unknown, defaulting to 1000
[  126.977291][ T9732] veth6: entered promiscuous mode
[  126.982409][ T9732] veth6: entered allmulticast mode
[  127.233542][ T9758] netlink: 'syz.3.2150': attribute type 30 has an invalid length.
[  127.376990][ T9765] GUP no longer grows the stack in syz.3.2153 (9765): 200000003000-20000000a000 (200000001000)
[  127.387683][ T9765] CPU: 1 UID: 0 PID: 9765 Comm: syz.3.2153 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  127.387710][ T9765] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  127.387722][ T9765] Call Trace:
[  127.387726][ T9765]  <TASK>
[  127.387732][ T9765]  __dump_stack+0x1d/0x30
[  127.387810][ T9765]  dump_stack_lvl+0xe8/0x140
[  127.387868][ T9765]  dump_stack+0x15/0x1b
[  127.387894][ T9765]  __get_user_pages+0x1968/0x1ed0
[  127.387922][ T9765]  ? bpf_trace_run3+0x12c/0x1d0
[  127.387946][ T9765]  ? __bpf_trace_mmap_lock_acquire_returned+0x28/0x40
[  127.388046][ T9765]  __gup_longterm_locked+0x8ef/0xe60
[  127.388205][ T9765]  ? __list_add_valid_or_report+0x38/0xe0
[  127.388231][ T9765]  ? __rcu_read_unlock+0x34/0x70
[  127.388268][ T9765]  ? try_get_folio+0x379/0x3c0
[  127.388285][ T9765]  ? try_grab_folio_fast+0xdc/0x370
[  127.388353][ T9765]  gup_fast_fallback+0x1f5/0x1420
[  127.388410][ T9765]  get_user_pages_fast+0x5f/0x90
[  127.388530][ T9765]  __iov_iter_get_pages_alloc+0x250/0x730
[  127.388638][ T9765]  ? __rcu_read_unlock+0x4f/0x70
[  127.388675][ T9765]  iov_iter_get_pages2+0x5e/0xa0
[  127.388695][ T9765]  __se_sys_vmsplice+0x4db/0xee0
[  127.388814][ T9765]  __x64_sys_vmsplice+0x55/0x70
[  127.388844][ T9765]  x64_sys_call+0x1dde/0x3000
[  127.388974][ T9765]  do_syscall_64+0xd2/0x200
[  127.389002][ T9765]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  127.389030][ T9765]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  127.389055][ T9765] RIP: 0033:0x7effe435efc9
[  127.389126][ T9765] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  127.389143][ T9765] RSP: 002b:00007effe2dbf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000116
[  127.389164][ T9765] RAX: ffffffffffffffda RBX: 00007effe45b5fa0 RCX: 00007effe435efc9
[  127.389179][ T9765] RDX: 0000000000000001 RSI: 00002000000000c0 RDI: 0000000000000007
[  127.389192][ T9765] RBP: 00007effe43e1f91 R08: 0000000000000000 R09: 0000000000000000
[  127.389206][ T9765] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  127.389220][ T9765] R13: 00007effe45b6038 R14: 00007effe45b5fa0 R15: 00007fff883e08a8
[  127.389311][ T9765]  </TASK>
[  127.683349][ T9773] loop3: detected capacity change from 0 to 512
[  127.701440][ T9773] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  127.709535][ T9773] EXT4-fs (loop3): orphan cleanup on readonly fs
[  127.717568][ T9773] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #16: comm syz.3.2157: corrupted inode contents
[  127.729664][ T9773] EXT4-fs (loop3): Remounting filesystem read-only
[  127.736384][ T9773] EXT4-fs (loop3): 1 truncate cleaned up
[  127.742273][ T4594] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  127.752868][ T4594] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  127.763457][ T4594] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  127.773946][ T9773] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  127.797554][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  127.844347][ T9783] lo speed is unknown, defaulting to 1000
[  127.904747][ T9793] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2160'.
[  127.913841][ T9793] netlink: 108 bytes leftover after parsing attributes in process `syz.5.2160'.
[  127.940437][ T9793] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2160'.
[  127.975432][ T9799] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[  128.029885][ T9803] loop3: detected capacity change from 0 to 512
[  128.050223][ T9803] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  128.059010][ T9803] EXT4-fs (loop3): orphan cleanup on readonly fs
[  128.065832][ T9803] EXT4-fs error (device loop3): ext4_ext_check_inode:523: inode #13: comm syz.3.2168: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  128.084125][ T9803] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.2168: couldn't read orphan inode 13 (err -117)
[  128.096584][ T9803] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  128.111096][ T9803] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[  128.120823][ T9803] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  128.131174][ T9803] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  128.140811][ T9803] ext4 filesystem being remounted at /427/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  128.159455][ T9803] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2168: bg 0: block 248: padding at end of block bitmap is not set
[  128.174464][ T9803] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.2168: Failed to acquire dquot type 1
[  128.198809][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.065782][   T29] kauditd_printk_skb: 91 callbacks suppressed
[  129.065798][   T29] audit: type=1326 audit(1761090205.516:6173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9853 comm="syz.3.2188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7effe4355e67 code=0x7ffc0000
[  129.126997][ T9855] loop3: detected capacity change from 0 to 1024
[  129.154325][   T29] audit: type=1326 audit(1761090205.516:6174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9853 comm="syz.3.2188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7effe42fb099 code=0x7ffc0000
[  129.157433][ T9855] EXT4-fs: Ignoring removed oldalloc option
[  129.177815][   T29] audit: type=1326 audit(1761090205.516:6175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9853 comm="syz.3.2188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7effe4355e67 code=0x7ffc0000
[  129.183740][ T9855] EXT4-fs: Ignoring removed bh option
[  129.185253][ T9857] dvmrp1: entered allmulticast mode
[  129.207154][   T29] audit: type=1326 audit(1761090205.516:6176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9853 comm="syz.3.2188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7effe42fb099 code=0x7ffc0000
[  129.241029][   T29] audit: type=1326 audit(1761090205.516:6177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9853 comm="syz.3.2188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effe435efc9 code=0x7ffc0000
[  129.264442][   T29] audit: type=1326 audit(1761090205.516:6178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9853 comm="syz.3.2188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7effe435efc9 code=0x7ffc0000
[  129.287949][   T29] audit: type=1326 audit(1761090205.516:6179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9853 comm="syz.3.2188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effe435efc9 code=0x7ffc0000
[  129.311576][   T29] audit: type=1326 audit(1761090205.516:6180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9853 comm="syz.3.2188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=162 compat=0 ip=0x7effe435efc9 code=0x7ffc0000
[  129.314647][ T9855] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  129.386057][   T29] audit: type=1326 audit(1761090205.606:6181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9853 comm="syz.3.2188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effe435efc9 code=0x7ffc0000
[  129.409613][   T29] audit: type=1326 audit(1761090205.606:6182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9853 comm="syz.3.2188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effe435efc9 code=0x7ffc0000
[  129.415543][ T9858] dvmrp1: left allmulticast mode
[  129.562409][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.595239][ T9874] netlink: 'syz.3.2195': attribute type 7 has an invalid length.
[  129.765908][ T9874] bridge1: port 1(bond3) entered blocking state
[  129.772256][ T9874] bridge1: port 1(bond3) entered disabled state
[  129.961306][ T9874] bond3: entered allmulticast mode
[  130.044281][ T9880] lo speed is unknown, defaulting to 1000
[  130.272759][ T9900] netlink: 'syz.3.2204': attribute type 1 has an invalid length.
[  130.293304][ T9893] loop1: detected capacity change from 0 to 512
[  130.309125][ T9902] __nla_validate_parse: 4 callbacks suppressed
[  130.309196][ T9902] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2205'.
[  130.356579][ T9900] 8021q: adding VLAN 0 to HW filter on device bond4
[  130.375520][ T9903] 8021q: adding VLAN 0 to HW filter on device batadv0
[  130.405543][ T9903] bond4: (slave batadv0): making interface the new active one
[  130.423261][ T9903] bond4: (slave batadv0): Enslaving as an active interface with an up link
[  130.441755][ T9893] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  130.465771][ T9893] ext4 filesystem being mounted at /444/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  130.478164][ T9902] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2205'.
[  130.541416][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.980138][ T9895] 9pnet_fd: p9_fd_create_tcp (9895): problem connecting socket to 127.0.0.1
[  131.554567][ T9980] loop1: detected capacity change from 0 to 2048
[  131.629082][ T9980] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  131.767502][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.569223][T10031] netlink: 'syz.6.2250': attribute type 7 has an invalid length.
[  132.577147][T10031] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2250'.
[  132.641252][T10031] bridge3: port 1(bond2) entered blocking state
[  132.647707][T10031] bridge3: port 1(bond2) entered disabled state
[  132.654177][T10031] bond2: entered allmulticast mode
[  132.702146][T10037] veth4: entered promiscuous mode
[  132.707238][T10037] veth4: entered allmulticast mode
[  132.972901][T10054] pimreg: entered allmulticast mode
[  133.004492][T10054] pimreg: left allmulticast mode
[  133.908429][T10096] loop1: detected capacity change from 0 to 1024
[  133.917149][T10096] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  133.928355][T10096] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  133.966957][T10096] JBD2: no valid journal superblock found
[  133.972895][T10096] EXT4-fs (loop1): Could not load journal inode
[  133.996659][T10096] SELinux: security_context_str_to_sid (�-�Xܘ7.H\��%�ue�…W���Fct̝�3�L;-n�����9�;=�B�9g�=g&��K�"�D��$b���Y�X�;��:ݒ��^�-�$��<>���'�=��7I�.��wn����ju�J����pybn��s��Ξ��8����#���<x_�WjK����;#�|����J&���d���3�����,c1�j,ߟ�����rRn��ܕ,���U�bd0"��(��o�ć/��8��jID(�D�CA5�) failed with errno=-22
[  134.108530][   T29] kauditd_printk_skb: 110 callbacks suppressed
[  134.108548][   T29] audit: type=1400 audit(1761090210.556:6293): avc:  denied  { create } for  pid=10103 comm="syz.5.2277" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  134.157176][   T29] audit: type=1400 audit(1761090210.556:6294): avc:  denied  { connect } for  pid=10103 comm="syz.5.2277" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  134.177993][   T29] audit: type=1326 audit(1761090210.636:6295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10110 comm="syz.5.2281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f049e17efc9 code=0x7ffc0000
[  134.201691][   T29] audit: type=1326 audit(1761090210.636:6296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10110 comm="syz.5.2281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f049e17efc9 code=0x7ffc0000
[  134.226135][   T29] audit: type=1326 audit(1761090210.656:6297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10110 comm="syz.5.2281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f049e17efc9 code=0x7ffc0000
[  134.249691][   T29] audit: type=1326 audit(1761090210.656:6298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10110 comm="syz.5.2281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f049e17efc9 code=0x7ffc0000
[  134.273301][   T29] audit: type=1326 audit(1761090210.656:6299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10110 comm="syz.5.2281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f049e17efc9 code=0x7ffc0000
[  134.296806][   T29] audit: type=1326 audit(1761090210.656:6300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10110 comm="syz.5.2281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f049e17efc9 code=0x7ffc0000
[  134.320353][   T29] audit: type=1326 audit(1761090210.656:6301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10110 comm="syz.5.2281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f049e17efc9 code=0x7ffc0000
[  134.344060][   T29] audit: type=1326 audit(1761090210.656:6302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10110 comm="syz.5.2281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f049e17efc9 code=0x7ffc0000
[  134.600503][T10118] lo speed is unknown, defaulting to 1000
[  134.639004][T10122] loop3: detected capacity change from 0 to 512
[  134.679799][T10118] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2293'.
[  134.731296][T10130] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2286'.
[  134.740532][T10130] IPVS: Unknown mcast interface: 
[  134.761515][T10122] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  134.774692][T10122] ext4 filesystem being mounted at /447/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  134.804801][T10132] netlink: 96 bytes leftover after parsing attributes in process `syz.2.2287'.
[  134.883787][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.897180][T10134] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2289'.
[  135.093854][T10151] netlink: 240 bytes leftover after parsing attributes in process `syz.2.2291'.
[  135.263512][T10164] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2296'.
[  135.419434][T10182] loop2: detected capacity change from 0 to 2048
[  135.474414][T10184] loop3: detected capacity change from 0 to 1024
[  135.482026][T10182]  loop2: p2 < > p4
[  135.487923][T10182] loop2: p4 size 262144 extends beyond EOD, truncated
[  135.510866][T10184] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  135.608389][T10184] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4193: comm syz.3.2307: Allocating blocks 449-513 which overlap fs metadata
[  135.633490][T10183] EXT4-fs (loop3): pa ffff8881071d12a0: logic 48, phys. 177, len 21
[  135.641571][T10183] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4
[  135.666977][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.831194][T10206] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2316'.
[  135.858830][T10209] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2317'.
[  135.910461][T10214] loop3: detected capacity change from 0 to 512
[  135.918363][T10214] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  135.933230][T10214] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1137: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  135.961552][T10214] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2319: bg 0: block 248: padding at end of block bitmap is not set
[  135.977319][T10214] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.2319: Failed to acquire dquot type 1
[  135.994915][T10214] EXT4-fs (loop3): 1 truncate cleaned up
[  136.013451][T10214] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback.
[  136.056801][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0008-000000000000.
[  136.069483][T10232] loop2: detected capacity change from 0 to 128
[  136.138327][T10232] syz.2.2326: attempt to access beyond end of device
[  136.138327][T10232] loop2: rw=2049, sector=145, nr_sectors = 16 limit=128
[  136.152539][T10232] syz.2.2326: attempt to access beyond end of device
[  136.152539][T10232] loop2: rw=2049, sector=169, nr_sectors = 8 limit=128
[  136.166248][T10232] syz.2.2326: attempt to access beyond end of device
[  136.166248][T10232] loop2: rw=2049, sector=185, nr_sectors = 8 limit=128
[  136.179811][T10232] syz.2.2326: attempt to access beyond end of device
[  136.179811][T10232] loop2: rw=2049, sector=201, nr_sectors = 8 limit=128
[  136.193395][T10232] syz.2.2326: attempt to access beyond end of device
[  136.193395][T10232] loop2: rw=2049, sector=217, nr_sectors = 8 limit=128
[  136.208738][T10232] syz.2.2326: attempt to access beyond end of device
[  136.208738][T10232] loop2: rw=2049, sector=233, nr_sectors = 8 limit=128
[  136.222338][T10232] syz.2.2326: attempt to access beyond end of device
[  136.222338][T10232] loop2: rw=2049, sector=249, nr_sectors = 8 limit=128
[  136.235843][T10232] syz.2.2326: attempt to access beyond end of device
[  136.235843][T10232] loop2: rw=2049, sector=265, nr_sectors = 8 limit=128
[  136.249358][T10232] syz.2.2326: attempt to access beyond end of device
[  136.249358][T10232] loop2: rw=2049, sector=281, nr_sectors = 8 limit=128
[  136.262855][T10232] syz.2.2326: attempt to access beyond end of device
[  136.262855][T10232] loop2: rw=2049, sector=297, nr_sectors = 8 limit=128
[  136.350259][T10245] 9pnet_fd: Insufficient options for proto=fd
[  136.445986][T10239] futex_wake_op: syz.3.2328 tries to shift op by 144; fix this program
[  136.564718][T10270] lo speed is unknown, defaulting to 1000
[  136.606517][T10270] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2341'.
[  136.648744][T10277] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  136.716910][T10287] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=1551 sclass=netlink_xfrm_socket pid=10287 comm=syz.5.2348
[  136.794836][T10293] lo speed is unknown, defaulting to 1000
[  136.894391][T10302] lo speed is unknown, defaulting to 1000
[  136.917755][T10303] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2354'.
[  137.125669][T10316] loop3: detected capacity change from 0 to 164
[  137.125858][T10312] loop2: detected capacity change from 0 to 512
[  137.205068][T10321] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2362'.
[  137.483035][T10343] lo speed is unknown, defaulting to 1000
[  137.524382][T10343] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2371'.
[  137.525460][T10351] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2367'.
[  138.039308][T10375] loop1: detected capacity change from 0 to 1024
[  138.150962][T10375] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  138.228657][T10375] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4193: comm syz.1.2381: Allocating blocks 449-513 which overlap fs metadata
[  138.263913][T10374] EXT4-fs (loop1): pa ffff888107289770: logic 48, phys. 177, len 21
[  138.272089][T10374] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4
[  138.294055][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.446380][T10387] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2387'.
[  138.607132][   T23] Process accounting resumed
[  138.639758][T10400] loop2: detected capacity change from 0 to 1024
[  138.642659][T10387] team0: entered promiscuous mode
[  138.651208][T10387] team0: entered allmulticast mode
[  138.654898][T10400] EXT4-fs: Ignoring removed oldalloc option
[  138.662353][T10400] EXT4-fs: Ignoring removed bh option
[  138.667948][T10401] loop3: detected capacity change from 0 to 2048
[  138.674545][T10387] 8021q: adding VLAN 0 to HW filter on device team0
[  138.692521][T10401] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  138.699470][T10400] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  138.783498][ T4101] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.997354][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.115579][   T29] kauditd_printk_skb: 253 callbacks suppressed
[  139.115594][   T29] audit: type=1326 audit(1761090215.566:6554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10437 comm="syz.1.2411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe84335efc9 code=0x7ffc0000
[  139.159299][   T29] audit: type=1326 audit(1761090215.576:6555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10437 comm="syz.1.2411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe84335efc9 code=0x7ffc0000
[  139.182891][   T29] audit: type=1326 audit(1761090215.576:6556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10437 comm="syz.1.2411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe84335efc9 code=0x7ffc0000
[  139.206424][   T29] audit: type=1326 audit(1761090215.576:6557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10437 comm="syz.1.2411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe84335efc9 code=0x7ffc0000
[  139.229917][   T29] audit: type=1326 audit(1761090215.576:6558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10437 comm="syz.1.2411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe84335efc9 code=0x7ffc0000
[  139.253467][   T29] audit: type=1326 audit(1761090215.576:6559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10437 comm="syz.1.2411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe84335efc9 code=0x7ffc0000
[  139.277019][   T29] audit: type=1326 audit(1761090215.576:6560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10437 comm="syz.1.2411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe84335efc9 code=0x7ffc0000
[  139.300604][   T29] audit: type=1326 audit(1761090215.576:6561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10437 comm="syz.1.2411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe84335efc9 code=0x7ffc0000
[  139.324153][   T29] audit: type=1326 audit(1761090215.576:6562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10437 comm="syz.1.2411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe84335efc9 code=0x7ffc0000
[  139.347692][   T29] audit: type=1326 audit(1761090215.596:6563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10437 comm="syz.1.2411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe84335efc9 code=0x7ffc0000
[  139.605592][T10447] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  139.612959][T10446] tipc: Resetting bearer <eth:syzkaller0>
[  139.636750][T10446] tipc: Disabling bearer <eth:syzkaller0>
[  139.653041][T10449] lo speed is unknown, defaulting to 1000
[  139.713183][T10454] siw: device registration error -23
[  139.734065][T10460] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2409'.
[  139.744108][T10460] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2409'.
[  139.909266][ T4643] syzkaller0: tun_net_xmit 76
[  139.914161][ T4643] syzkaller0: tun_net_xmit 48
[  139.925131][T10472] syzkaller0: create flow: hash 4117281746 index 1
[  139.935790][T10471] syzkaller0: delete flow: hash 4117281746 index 1
[  140.283864][T10520] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  140.373564][T10534] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10534 comm=syz.5.2442
[  140.436110][T10545] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  140.481804][T10545] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  140.551529][T10545] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  140.621575][T10545] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  140.687182][ T4643] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  140.705988][ T4643] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  140.724334][ T4643] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  140.733834][ T4643] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  140.837762][T10562] loop2: detected capacity change from 0 to 512
[  140.844625][T10560] loop1: detected capacity change from 0 to 1024
[  140.862526][T10562] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  140.862526][T10560] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  140.862637][T10562] ext4 filesystem being mounted at /432/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  140.875880][T10560] ext4 filesystem being mounted at /500/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  140.924637][ T4101] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  140.935630][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  140.951956][T10570] wireguard0: entered promiscuous mode
[  140.957664][T10570] wireguard0: entered allmulticast mode
[  141.138421][T10590] loop2: detected capacity change from 0 to 512
[  141.147842][T10590] EXT4-fs (loop2): orphan cleanup on readonly fs
[  141.159027][T10590] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm wޣ�: bg 0: block 248: padding at end of block bitmap is not set
[  141.174356][T10590] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm wޣ�: Failed to acquire dquot type 1
[  141.186681][T10590] EXT4-fs (loop2): 1 truncate cleaned up
[  141.193167][T10590] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  141.222045][T10575] chnl_net:caif_netlink_parms(): no params data found
[  141.269984][T10575] bridge0: port 1(bridge_slave_0) entered blocking state
[  141.277179][T10575] bridge0: port 1(bridge_slave_0) entered disabled state
[  141.284480][T10575] bridge_slave_0: entered allmulticast mode
[  141.291070][T10575] bridge_slave_0: entered promiscuous mode
[  141.297961][T10575] bridge0: port 2(bridge_slave_1) entered blocking state
[  141.305089][T10575] bridge0: port 2(bridge_slave_1) entered disabled state
[  141.312534][T10575] bridge_slave_1: entered allmulticast mode
[  141.320710][T10590] wޣ� (10590) used greatest stack depth: 8656 bytes left
[  141.329206][T10575] bridge_slave_1: entered promiscuous mode
[  141.329304][ T4101] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.369393][T10575] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  141.392353][T10575] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  141.414002][ T4598] bond2 (unregistering): (slave ip6gretap1): Releasing active interface
[  141.431113][ T4598] ip6gretap1 (unregistering): left allmulticast mode
[  141.682456][ T4598] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  141.691854][ T4598] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  141.702912][ T4598] bond0 (unregistering): (slave dummy0): Releasing backup interface
[  141.722962][ T4598] bond0 (unregistering): Released all slaves
[  141.744958][ T4598] bond1 (unregistering): Released all slaves
[  141.760627][ T4598] bond2 (unregistering): Released all slaves
[  141.797399][T10575] team0: Port device team_slave_0 added
[  141.807200][ T4598] tipc: Disabling bearer <udp:�>
[  141.812224][ T4598] tipc: Left network mode
[  141.817687][T10575] team0: Port device team_slave_1 added
[  141.843769][ T4598] hsr_slave_0: left promiscuous mode
[  141.850812][ T4598] hsr_slave_1: left promiscuous mode
[  141.863215][ T4598] batman_adv: batadv0: Removing interface: batadv_slave_0
[  141.871830][ T4598] batman_adv: batadv0: Removing interface: batadv_slave_1
[  141.889502][ T4598] batman_adv: batadv0: Removing interface: veth1_vlan
[  141.973388][T10631] __nla_validate_parse: 1 callbacks suppressed
[  141.973406][T10631] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2477'.
[  141.989560][T10575] batman_adv: batadv0: Adding interface: batadv_slave_0
[  141.996569][T10575] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  142.022545][T10575] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  142.034499][T10632] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2477'.
[  142.035130][T10575] batman_adv: batadv0: Adding interface: batadv_slave_1
[  142.050471][T10575] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  142.076486][T10575] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  142.119955][T10575] hsr_slave_0: entered promiscuous mode
[  142.129816][T10575] hsr_slave_1: entered promiscuous mode
[  142.135662][T10575] debugfs: 'hsr0' already exists in 'hsr'
[  142.141443][T10575] Cannot create hsr debugfs directory
[  142.358726][T10651] veth10: entered promiscuous mode
[  142.364027][T10651] veth10: entered allmulticast mode
[  142.404855][T10575] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  142.431378][T10575] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  142.461346][T10575] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  142.504067][T10575] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  142.541271][T10660] kernel profiling enabled (shift: 63)
[  142.546786][T10660] profiling shift: 63 too large
[  142.619257][T10575] 8021q: adding VLAN 0 to HW filter on device bond0
[  142.640101][T10575] 8021q: adding VLAN 0 to HW filter on device team0
[  142.791747][T10575] 8021q: adding VLAN 0 to HW filter on device batadv0
[  142.806337][ T4593] bridge0: port 1(bridge_slave_0) entered blocking state
[  142.813456][ T4593] bridge0: port 1(bridge_slave_0) entered forwarding state
[  142.825619][ T4593] bridge0: port 2(bridge_slave_1) entered blocking state
[  142.832731][ T4593] bridge0: port 2(bridge_slave_1) entered forwarding state
[  142.916711][T10649] Set syz1 is full, maxelem 65536 reached
[  143.031700][T10575] veth0_vlan: entered promiscuous mode
[  143.062275][T10700] netlink: 60 bytes leftover after parsing attributes in process `syz.6.2489'.
[  143.071604][T10575] veth1_vlan: entered promiscuous mode
[  143.085457][T10575] veth0_macvtap: entered promiscuous mode
[  143.093400][T10700] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2489'.
[  143.097273][T10575] veth1_macvtap: entered promiscuous mode
[  143.126222][T10575] batman_adv: batadv0: Interface activated: batadv_slave_0
[  143.137756][T10575] batman_adv: batadv0: Interface activated: batadv_slave_1
[  143.155975][ T4593] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  143.165949][ T4593] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  143.186747][ T4593] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  143.202571][ T4593] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  143.259090][T10721] pimreg: entered allmulticast mode
[  143.265975][T10721] pimreg: left allmulticast mode
[  143.368716][T10727] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  143.430467][T10736] xt_nat: multiple ranges no longer supported
[  143.462534][T10739] pim6reg1: entered promiscuous mode
[  143.467861][T10739] pim6reg1: entered allmulticast mode
[  143.672098][T10761] loop7: detected capacity change from 0 to 512
[  143.690876][T10761] EXT4-fs: Ignoring removed orlov option
[  143.697153][T10761] EXT4-fs (loop7): mounting ext3 file system using the ext4 subsystem
[  143.720591][T10761] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002]
[  143.730650][T10761] EXT4-fs error (device loop7): ext4_iget_extra_inode:5075: inode #15: comm syz.7.2516: corrupted in-inode xattr: e_value size too large
[  143.756824][T10761] EXT4-fs error (device loop7): ext4_orphan_get:1397: comm syz.7.2516: couldn't read orphan inode 15 (err -117)
[  143.782779][T10761] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  143.813664][T10575] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.825213][T10768] veth8: entered promiscuous mode
[  143.830298][T10768] veth8: entered allmulticast mode
[  143.888142][T10770] bridge0: vlan filtering disabled, automatically disabling multicast vlan snooping
[  144.007375][T10779] wireguard0: entered promiscuous mode
[  144.012972][T10779] wireguard0: entered allmulticast mode
[  144.218846][T10791] pim6reg: entered allmulticast mode
[  144.254316][T10791] pim6reg: left allmulticast mode
[  144.266786][   T29] kauditd_printk_skb: 325 callbacks suppressed
[  144.266803][   T29] audit: type=1326 audit(1761090220.716:6887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10794 comm="syz.7.2528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f872294efc9 code=0x7ffc0000
[  144.296669][   T29] audit: type=1326 audit(1761090220.716:6888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10794 comm="syz.7.2528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f872294efc9 code=0x7ffc0000
[  144.320234][   T29] audit: type=1326 audit(1761090220.716:6889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10794 comm="syz.7.2528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f872294efc9 code=0x7ffc0000
[  144.343746][   T29] audit: type=1326 audit(1761090220.716:6890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10794 comm="syz.7.2528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f872294efc9 code=0x7ffc0000
[  144.367465][   T29] audit: type=1326 audit(1761090220.716:6891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10794 comm="syz.7.2528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f872294efc9 code=0x7ffc0000
[  144.391081][   T29] audit: type=1326 audit(1761090220.716:6892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10794 comm="syz.7.2528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f872294efc9 code=0x7ffc0000
[  144.414604][   T29] audit: type=1326 audit(1761090220.716:6893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10794 comm="syz.7.2528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f872294efc9 code=0x7ffc0000
[  144.606814][   T29] audit: type=1326 audit(1761090220.826:6894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10794 comm="syz.7.2528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f872294efc9 code=0x7ffc0000
[  144.630477][   T29] audit: type=1326 audit(1761090220.826:6895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10785 comm="syz.7.2524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7f872294efc9 code=0x7ffc0000
[  144.653956][   T29] audit: type=1326 audit(1761090220.846:6896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10794 comm="syz.7.2528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f872294efc9 code=0x7ffc0000
[  144.802195][T10818] wireguard0: entered promiscuous mode
[  144.807726][T10818] wireguard0: entered allmulticast mode
[  144.852982][T10825] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2540'.
[  144.865632][T10809] loop7: detected capacity change from 0 to 1024
[  144.892731][T10825] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2540'.
[  144.967183][T10809] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  145.087009][T10800] EXT4-fs error (device loop7): ext4_mb_mark_diskspace_used:4193: comm syz.7.2530: Allocating blocks 449-513 which overlap fs metadata
[  145.105843][T10837] loop3: detected capacity change from 0 to 1024
[  145.128363][T10837] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  145.145527][T10799] EXT4-fs (loop7): pa ffff8881071d10e0: logic 48, phys. 177, len 21
[  145.153631][T10799] EXT4-fs error (device loop7): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4
[  145.161436][T10837] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  145.191067][T10837] EXT4-fs (loop3): orphan cleanup on readonly fs
[  145.203520][T10840] team0: left promiscuous mode
[  145.208353][T10840] team0: left allmulticast mode
[  145.213559][T10840] veth4: left promiscuous mode
[  145.218325][T10840] veth4: left allmulticast mode
[  145.223476][T10840] veth6: left promiscuous mode
[  145.228309][T10840] veth6: left allmulticast mode
[  145.234455][T10837] EXT4-fs error (device loop3): __ext4_get_inode_loc:4832: comm syz.3.2543: Invalid inode table block 0 in block_group 0
[  145.248181][T10575] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.257721][T10837] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  145.267959][T10837] EXT4-fs error (device loop3): ext4_quota_write:7334: inode #3: comm syz.3.2543: mark_inode_dirty error
[  145.288258][T10840] veth8: left promiscuous mode
[  145.293143][T10840] veth8: left allmulticast mode
[  145.305853][T10837] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.2543: Failed to acquire dquot type 0
[  145.320911][T10837] EXT4-fs error (device loop3): __ext4_get_inode_loc:4832: comm syz.3.2543: Invalid inode table block 0 in block_group 0
[  145.348247][T10837] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  145.358383][T10837] EXT4-fs error (device loop3): ext4_ext_truncate:4475: inode #15: comm syz.3.2543: mark_inode_dirty error
[  145.370674][T10837] EXT4-fs error (device loop3): __ext4_get_inode_loc:4832: comm syz.3.2543: Invalid inode table block 0 in block_group 0
[  145.383688][T10837] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  145.393702][T10837] EXT4-fs error (device loop3) in ext4_orphan_del:301: Corrupt filesystem
[  145.402722][T10837] EXT4-fs error (device loop3): __ext4_get_inode_loc:4832: comm syz.3.2543: Invalid inode table block 0 in block_group 0
[  145.430255][T10837] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  145.440497][T10837] EXT4-fs error (device loop3): ext4_truncate:4637: inode #15: comm syz.3.2543: mark_inode_dirty error
[  145.452803][T10837] EXT4-fs error (device loop3) in ext4_process_orphan:343: Corrupt filesystem
[  145.462188][T10837] EXT4-fs (loop3): 1 truncate cleaned up
[  145.469674][T10837] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  145.510213][T10837] xt_hashlimit: max too large, truncated to 1048576
[  145.524363][T10855] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2549'.
[  145.554839][T10837] EXT4-fs error (device loop3): ext4_search_dir:1474: inode #2: block 16: comm syz.3.2543: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0
[  145.727527][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.757060][T10877] netlink: 'syz.3.2557': attribute type 1 has an invalid length.
[  145.770724][T10877] 8021q: adding VLAN 0 to HW filter on device bond6
[  145.783861][T10877] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2557'.
[  145.801735][T10877] bond6 (unregistering): Released all slaves
[  145.847324][T10888] loop2: detected capacity change from 0 to 512
[  145.854204][T10888] EXT4-fs: Ignoring removed orlov option
[  145.860311][T10888] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  145.869728][T10888] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002]
[  145.893273][T10888] EXT4-fs error (device loop2): ext4_iget_extra_inode:5075: inode #15: comm syz.2.2560: corrupted in-inode xattr: e_value size too large
[  145.907857][T10888] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.2560: couldn't read orphan inode 15 (err -117)
[  145.921955][T10888] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  145.970022][ T4101] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  146.329471][T10897] Set syz1 is full, maxelem 65536 reached
[  146.745399][T10924] bridge: RTM_NEWNEIGH with invalid ether address
[  146.887286][T10934] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2579'.
[  146.921942][T10934] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2579'.
[  147.281243][T10945] wireguard0: entered promiscuous mode
[  147.286782][T10945] wireguard0: entered allmulticast mode
[  147.447704][T10951] netlink: 'syz.6.2586': attribute type 1 has an invalid length.
[  147.461466][T10951] 8021q: adding VLAN 0 to HW filter on device bond4
[  147.476419][T10951] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2586'.
[  147.487029][T10951] bond4 (unregistering): Released all slaves
[  147.552357][T10958] netlink: 'syz.6.2588': attribute type 2 has an invalid length.
[  147.560147][T10958] netlink: 'syz.6.2588': attribute type 2 has an invalid length.
[  147.567901][T10958] netlink: 'syz.6.2588': attribute type 1 has an invalid length.
[  147.575630][T10958] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2588'.
[  147.761406][T10972] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2593'.
[  147.773503][T10972] vlan2: entered allmulticast mode
[  147.778637][T10972] bridge0: entered allmulticast mode
[  147.958511][T10984] netlink: 32 bytes leftover after parsing attributes in process `syz.6.2598'.
[  148.070908][T10993] netlink: 'syz.6.2602': attribute type 10 has an invalid length.
[  148.083641][T10993] netlink: 'syz.6.2602': attribute type 10 has an invalid length.
[  148.095806][T10993] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  148.378775][T11023] loop7: detected capacity change from 0 to 512
[  148.394189][T11023] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  148.428747][T11023] ext4 filesystem being mounted at /32/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  148.502466][T10575] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  148.523929][T11038] loop2: detected capacity change from 0 to 1024
[  148.554174][T11038] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  148.675752][T11060] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2628'.
[  148.688208][T11053] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4193: comm syz.2.2618: Allocating blocks 449-513 which overlap fs metadata
[  148.707352][T11056] loop7: detected capacity change from 0 to 512
[  148.730590][T11056] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  148.746726][T11036] EXT4-fs (loop2): pa ffff8881071d10e0: logic 48, phys. 177, len 21
[  148.754856][T11036] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4
[  148.762476][T11056] ext4 filesystem being mounted at /36/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  148.827046][T10575] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  148.827369][ T4101] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  148.913792][T11082] netlink: 96 bytes leftover after parsing attributes in process `syz.3.2638'.
[  149.364168][   T29] kauditd_printk_skb: 239 callbacks suppressed
[  149.364187][   T29] audit: type=1400 audit(1761090225.816:7134): avc:  denied  { write } for  pid=11094 comm="syz.3.2642" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  149.469330][T11100] loop3: detected capacity change from 0 to 1024
[  149.506671][T11100] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  149.594764][T11100] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4193: comm syz.3.2644: Allocating blocks 449-513 which overlap fs metadata
[  149.616715][T11099] EXT4-fs (loop3): pa ffff8881071d10e0: logic 48, phys. 177, len 21
[  149.624889][T11099] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4
[  149.644901][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  149.679291][T11107] loop3: detected capacity change from 0 to 1024
[  149.692379][T11107] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  149.729629][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  149.736461][T11112] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2648'.
[  149.749545][T11112] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2648'.
[  149.783383][   T29] audit: type=1326 audit(1761090226.226:7135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11115 comm="syz.3.2649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effe435efc9 code=0x7ffc0000
[  149.807096][   T29] audit: type=1326 audit(1761090226.226:7136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11115 comm="syz.3.2649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7effe435efc9 code=0x7ffc0000
[  149.830654][   T29] audit: type=1326 audit(1761090226.226:7137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11115 comm="syz.3.2649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effe435efc9 code=0x7ffc0000
[  149.854302][   T29] audit: type=1326 audit(1761090226.236:7138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11115 comm="syz.3.2649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7effe435efc9 code=0x7ffc0000
[  149.877858][   T29] audit: type=1326 audit(1761090226.236:7139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11115 comm="syz.3.2649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7effe435f003 code=0x7ffc0000
[  149.901201][   T29] audit: type=1326 audit(1761090226.236:7140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11115 comm="syz.3.2649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7effe435f003 code=0x7ffc0000
[  149.924630][   T29] audit: type=1326 audit(1761090226.236:7141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11115 comm="syz.3.2649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effe435efc9 code=0x7ffc0000
[  149.948893][   T29] audit: type=1400 audit(1761090226.236:7142): avc:  denied  { name_bind } for  pid=11114 comm="syz.6.2650" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[  149.970212][   T29] audit: type=1326 audit(1761090226.326:7143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11115 comm="syz.3.2649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effe435efc9 code=0x7ffc0000
[  150.013169][T11125] blktrace: Concurrent blktraces are not allowed on loop4
[  150.042549][T11130] atomic_op ffff88812e030928 conn xmit_atomic 0000000000000000
[  150.051703][T11128] macvtap1: entered promiscuous mode
[  150.057148][T11128] syz_tun: entered promiscuous mode
[  150.062474][T11128] macvtap1: entered allmulticast mode
[  150.067879][T11128] syz_tun: entered allmulticast mode
[  150.078392][T11134] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2657'.
[  150.111495][T11128] syz_tun: left allmulticast mode
[  150.116637][T11128] syz_tun: left promiscuous mode
[  150.267388][T11145] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2654'.
[  150.881093][T11153] ref_ctr going negative. vaddr: 0x200000ffc002, curr val: -29824, delta: 1
[  150.889830][T11153] ref_ctr increment failed for inode: 0x979 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff88810440d080
[  150.932176][T11159] netlink: 'syz.3.2666': attribute type 39 has an invalid length.
[  150.996871][T11166] SELinux: security_context_str_to_sid (�-�Xܘ7.H\��%�u@
) failed with errno=-22
[  151.065330][T11169] netlink: 'syz.2.2671': attribute type 21 has an invalid length.
[  151.269696][T11194] ipvlan2: entered promiscuous mode
[  151.281034][T11194] bridge0: port 3(ipvlan2) entered blocking state
[  151.287619][T11194] bridge0: port 3(ipvlan2) entered disabled state
[  151.302286][T11194] ipvlan2: entered allmulticast mode
[  151.307729][T11194] bridge0: entered allmulticast mode
[  151.326371][T11194] ipvlan2: left allmulticast mode
[  151.331494][T11194] bridge0: left allmulticast mode
[  151.477075][T11200] loop2: detected capacity change from 0 to 8192
[  151.530487][T11205] loop3: detected capacity change from 0 to 1024
[  151.540957][T11205] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (58532!=20869)
[  151.561785][T11205] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a040e11d, mo2=0002]
[  151.574471][T11205] EXT4-fs (loop3): failed to initialize system zone (-117)
[  151.589439][T11205] EXT4-fs (loop3): mount failed
[  151.802272][T11213] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  151.823793][T11213] batman_adv: batadv0: Removing interface: batadv_slave_1
[  151.848736][T11216] batadv_slave_1: entered promiscuous mode
[  151.863704][T11216] batadv_slave_1 (unregistering): left promiscuous mode
[  151.914233][T11221] loop7: detected capacity change from 0 to 256
[  151.935873][T11221] FAT-fs (loop7): codepage cp866 not found
[  151.997144][T11228] netlink: 'syz.7.2690': attribute type 4 has an invalid length.
[  152.019715][T11228] netlink: 'syz.7.2690': attribute type 4 has an invalid length.
[  152.153634][T11242] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[  152.432928][T11263] SELinux: security_context_str_to_sid (�-�Xܘ7.H\��%�u@
) failed with errno=-22
[  152.605581][T11278] syz_tun: entered allmulticast mode
[  152.635753][T11281] ipvlan0: entered promiscuous mode
[  152.646740][T11281] bridge0: port 4(ipvlan0) entered blocking state
[  152.653586][T11281] bridge0: port 4(ipvlan0) entered disabled state
[  152.660868][T11281] ipvlan0: entered allmulticast mode
[  152.666196][T11281] bridge0: entered allmulticast mode
[  152.672727][T11281] ipvlan0: left allmulticast mode
[  152.677780][T11281] bridge0: left allmulticast mode
[  152.737877][T11285] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  152.759681][T11284] tipc: Resetting bearer <eth:syzkaller0>
[  152.779727][T11284] tipc: Disabling bearer <eth:syzkaller0>
[  152.839596][T11305] loop2: detected capacity change from 0 to 512
[  152.850700][T11305] EXT4-fs warning (device loop2): ext4_xattr_inode_get:560: inode #11: comm syz.2.2722: EA inode hash validation failed
[  152.863774][T11305] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #15: comm syz.2.2722: corrupted inode contents
[  152.880953][T11305] EXT4-fs error (device loop2): ext4_dirty_inode:6517: inode #15: comm syz.2.2722: mark_inode_dirty error
[  152.893088][T11305] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #15: comm syz.2.2722: corrupted inode contents
[  152.905538][T11305] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2996: inode #15: comm syz.2.2722: mark_inode_dirty error
[  152.918152][T11305] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2999: inode #15: comm syz.2.2722: mark inode dirty (error -117)
[  152.947621][T11305] EXT4-fs warning (device loop2): ext4_evict_inode:274: xattr delete (err -117)
[  152.982331][T11305] EXT4-fs (loop2): 1 orphan inode deleted
[  152.999020][T11305] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  153.051544][ T4101] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  153.140398][T11353] loop2: detected capacity change from 0 to 256
[  153.156364][T11353] FAT-fs (loop2): codepage cp866 not found
[  153.196465][T11363] lo speed is unknown, defaulting to 1000
[  153.202405][T11363] lo speed is unknown, defaulting to 1000
[  153.208419][T11363] lo speed is unknown, defaulting to 1000
[  153.215315][T11363] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  153.236960][T11363] lo speed is unknown, defaulting to 1000
[  153.245436][T11363] lo speed is unknown, defaulting to 1000
[  153.260231][T11363] lo speed is unknown, defaulting to 1000
[  153.267722][T11372] loop2: detected capacity change from 0 to 512
[  153.274563][T11363] lo speed is unknown, defaulting to 1000
[  153.287473][T11363] lo speed is unknown, defaulting to 1000
[  153.294681][T11372] EXT4-fs warning (device loop2): ext4_xattr_inode_get:560: inode #11: comm syz.2.2734: EA inode hash validation failed
[  153.307474][T11372] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #15: comm syz.2.2734: corrupted inode contents
[  153.325272][T11372] EXT4-fs error (device loop2): ext4_dirty_inode:6517: inode #15: comm syz.2.2734: mark_inode_dirty error
[  153.337624][T11372] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #15: comm syz.2.2734: corrupted inode contents
[  153.350093][T11372] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2996: inode #15: comm syz.2.2734: mark_inode_dirty error
[  153.362368][T11372] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2999: inode #15: comm syz.2.2734: mark inode dirty (error -117)
[  153.375220][T11372] EXT4-fs warning (device loop2): ext4_evict_inode:274: xattr delete (err -117)
[  153.384354][T11372] EXT4-fs (loop2): 1 orphan inode deleted
[  153.390473][T11372] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  153.404020][T11372] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  153.459958][T11397] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11397 comm=syz.3.2741
[  153.561322][T11420] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  153.587017][T11424] syz_tun: entered allmulticast mode
[  153.718702][T11454] netem: change failed
[  153.946056][T11467] loop2: detected capacity change from 0 to 1024
[  153.952937][T11467] EXT4-fs: Ignoring removed orlov option
[  153.960776][T11467] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  154.073306][ T4101] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  154.115118][T11483] netlink: 'syz.5.2758': attribute type 11 has an invalid length.
[  154.149925][T11485] lo speed is unknown, defaulting to 1000
[  154.420111][   T29] kauditd_printk_skb: 143 callbacks suppressed
[  154.420129][   T29] audit: type=1400 audit(1761090230.866:7287): avc:  denied  { mount } for  pid=11493 comm="syz.5.2761" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[  154.479258][   T29] audit: type=1400 audit(1761090230.906:7288): avc:  denied  { remount } for  pid=11493 comm="syz.5.2761" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  154.858664][T11508] __nla_validate_parse: 8 callbacks suppressed
[  154.858682][T11508] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2767'.
[  154.894366][T11513] netlink: 52 bytes leftover after parsing attributes in process `syz.3.2768'.
[  154.980424][   T29] audit: type=1326 audit(1761090231.426:7289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11521 comm="syz.2.2772" exe="/root/syz-executor" sig=9 arch=c000003e syscall=39 compat=0 ip=0x7f36ad825e67 code=0x0
[  154.998606][T11519] tipc: Started in network mode
[  155.008174][T11519] tipc: Node identity 9a8c62c9fc61, cluster identity 4711
[  155.015469][T11519] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  155.071162][T11517] tipc: Resetting bearer <eth:syzkaller0>
[  155.101497][   T29] audit: type=1400 audit(1761090231.556:7290): avc:  denied  { execute } for  pid=11524 comm="syz.6.2773" path="/blkio.bfq.io_wait_time" dev="ramfs" ino=37451 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=file permissive=1
[  155.256176][T11517] tipc: Disabling bearer <eth:syzkaller0>
[  155.440195][T11532] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11532 comm=syz.5.2776
[  155.546189][T11540] netlink: 'syz.3.2779': attribute type 10 has an invalid length.
[  155.652233][T11524] syz.6.2773 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  155.663009][T11524] CPU: 1 UID: 0 PID: 11524 Comm: syz.6.2773 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  155.663033][T11524] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  155.663043][T11524] Call Trace:
[  155.663096][T11524]  <TASK>
[  155.663106][T11524]  __dump_stack+0x1d/0x30
[  155.663139][T11524]  dump_stack_lvl+0xe8/0x140
[  155.663171][T11524]  dump_stack+0x15/0x1b
[  155.663200][T11524]  dump_header+0x81/0x220
[  155.663221][T11524]  oom_kill_process+0x342/0x400
[  155.663255][T11524]  out_of_memory+0x979/0xb80
[  155.663283][T11524]  try_charge_memcg+0x610/0xa10
[  155.663328][T11524]  charge_memcg+0x51/0xc0
[  155.663406][T11524]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  155.663444][T11524]  __read_swap_cache_async+0x17b/0x2d0
[  155.663537][T11524]  swap_cluster_readahead+0x262/0x3c0
[  155.663605][T11524]  swapin_readahead+0xde/0x6f0
[  155.663701][T11524]  ? mod_memcg_lruvec_state+0x1fc/0x2c0
[  155.663725][T11524]  ? __lruvec_stat_mod_folio+0xd6/0x120
[  155.663791][T11524]  ? __rcu_read_unlock+0x4f/0x70
[  155.663854][T11524]  ? swap_cache_get_folio+0x277/0x280
[  155.663879][T11524]  do_swap_page+0x2ae/0x2370
[  155.663909][T11524]  ? css_rstat_updated+0xb7/0x240
[  155.663961][T11524]  ? __pfx_default_wake_function+0x10/0x10
[  155.664016][T11524]  handle_mm_fault+0x9a5/0x2be0
[  155.664050][T11524]  ? vma_start_read+0x141/0x1f0
[  155.664083][T11524]  do_user_addr_fault+0x630/0x1080
[  155.664162][T11524]  ? fpregs_restore_userregs+0xad/0x1d0
[  155.664191][T11524]  ? switch_fpu_return+0xe/0x20
[  155.664253][T11524]  ? fpregs_assert_state_consistent+0xb4/0xe0
[  155.664284][T11524]  exc_page_fault+0x62/0xa0
[  155.664314][T11524]  asm_exc_page_fault+0x26/0x30
[  155.664336][T11524] RIP: 0033:0x7f303d8258ec
[  155.664395][T11524] Code: 66 0f 1f 44 00 00 69 3d c6 fd ea 00 e8 03 00 00 48 8d 1d c7 06 38 00 e8 42 96 12 00 eb 0c 48 81 c3 f0 00 00 00 48 39 eb 74 24 <80> 7b 20 00 74 ee 8b 43 0c 85 c0 74 e7 48 89 df 48 81 c3 f0 00 00
[  155.664498][T11524] RSP: 002b:00007ffd47d01d20 EFLAGS: 00010206
[  155.664515][T11524] RAX: 0000000000000000 RBX: 00007f303dba5fa0 RCX: 0000000000000000
[  155.664528][T11524] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000055557b11b808
[  155.664538][T11524] RBP: 00007f303dba7da0 R08: 0000000000000000 R09: 7fffffffffffffff
[  155.664549][T11524] R10: 0000000000000000 R11: 0000000000000293 R12: 00000000000260cb
[  155.664619][T11524] R13: 00007f303dba6090 R14: ffffffffffffffff R15: 00007ffd47d01e30
[  155.664641][T11524]  </TASK>
[  155.664649][T11524] memory: usage 307200kB, limit 307200kB, failcnt 155
[  155.715651][   T29] audit: type=1400 audit(1761090232.166:7291): avc:  denied  { append } for  pid=11544 comm="syz.3.2782" name="autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  155.717965][T11524] memory+swap: usage 307748kB, limit 9007199254740988kB, failcnt 0
[  155.717980][T11524] kmem: usage 239696kB, limit 9007199254740988kB, failcnt 0
[  155.945388][T11524] Memory cgroup stats for /syz6:
[  155.945914][T11524] cache 69111808
[  155.954490][T11524] rss 0
[  155.957296][T11524] shmem 0
[  155.960252][T11524] mapped_file 0
[  155.963845][T11524] dirty 0
[  155.966783][T11524] writeback 8192
[  155.970329][T11524] workingset_refault_anon 656
[  155.975044][T11524] workingset_refault_file 0
[  155.979554][T11524] swap 561152
[  155.982893][T11524] swapcached 8192
[  155.986520][T11524] pgpgin 225918
[  155.989981][T11524] pgpgout 209042
[  155.993578][T11524] pgfault 152510
[  155.997132][T11524] pgmajfault 95
[  156.000629][T11524] inactive_anon 8192
[  156.004536][T11524] active_anon 0
[  156.008003][T11524] inactive_file 4096
[  156.011926][T11524] active_file 0
[  156.015390][T11524] unevictable 69111808
[  156.019474][T11524] hierarchical_memory_limit 314572800
[  156.024876][T11524] hierarchical_memsw_limit 9223372036854771712
[  156.031117][T11524] total_cache 69111808
[  156.035182][T11524] total_rss 0
[  156.038492][T11524] total_shmem 0
[  156.042023][T11524] total_mapped_file 0
[  156.046025][T11524] total_dirty 0
[  156.049553][T11524] total_writeback 8192
[  156.053791][T11524] total_workingset_refault_anon 656
[  156.059001][T11524] total_workingset_refault_file 0
[  156.064075][T11524] total_swap 561152
[  156.067888][T11524] total_swapcached 8192
[  156.072126][T11524] total_pgpgin 225918
[  156.076113][T11524] total_pgpgout 209042
[  156.080186][T11524] total_pgfault 152510
[  156.084356][T11524] total_pgmajfault 95
[  156.088337][T11524] total_inactive_anon 8192
[  156.092812][T11524] total_active_anon 0
[  156.096803][T11524] total_inactive_file 4096
[  156.101250][T11524] total_active_file 0
[  156.105300][T11524] total_unevictable 69111808
[  156.109893][T11524] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz6,task_memcg=/syz6,task=syz.6.2773,pid=11524,uid=0
[  156.113667][T11557] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2786'.
[  156.124677][T11524] Memory cgroup out of memory: Killed process 11524 (syz.6.2773) total-vm:96004kB, anon-rss:1264kB, file-rss:22188kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:0
[  156.275686][   T29] audit: type=1400 audit(1761090232.606:7292): avc:  denied  { read } for  pid=11560 comm="syz.2.2787" name="usbmon2" dev="devtmpfs" ino=148 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  156.299267][   T29] audit: type=1400 audit(1761090232.606:7293): avc:  denied  { open } for  pid=11560 comm="syz.2.2787" path="/dev/usbmon2" dev="devtmpfs" ino=148 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  156.323146][   T29] audit: type=1400 audit(1761090232.606:7294): avc:  denied  { ioctl } for  pid=11560 comm="syz.2.2787" path="/dev/usbmon2" dev="devtmpfs" ino=148 ioctlcmd=0x9207 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  156.371567][   T29] audit: type=1400 audit(1761090232.816:7295): avc:  denied  { create } for  pid=11565 comm="syz.5.2790" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  156.418344][   T29] audit: type=1400 audit(1761090232.866:7296): avc:  denied  { write } for  pid=11565 comm="syz.5.2790" name="file0" dev="tmpfs" ino=2174 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  156.447220][T11525] syz.6.2773 (11525) used greatest stack depth: 6376 bytes left
[  156.487098][T11572] lo speed is unknown, defaulting to 1000
[  156.526009][T11579] netlink: 36 bytes leftover after parsing attributes in process `GPL'.
[  156.537620][T11579] netlink: 12 bytes leftover after parsing attributes in process `GPL'.
[  156.698516][T11604] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2807'.
[  156.790330][T11606] netlink: 'syz.3.2808': attribute type 1 has an invalid length.
[  156.879452][T11608] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2808'.
[  156.953716][T11606] 8021q: adding VLAN 0 to HW filter on device bond6
[  156.994953][T11608] bond6 (unregistering): Released all slaves
[  157.198904][T11633] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  157.238228][T11633] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  157.364792][T11644] loop2: detected capacity change from 0 to 1024
[  157.381290][T11644] EXT4-fs: Ignoring removed nobh option
[  157.386924][T11644] EXT4-fs: Ignoring removed bh option
[  157.417798][T11644] EXT4-fs (loop2): stripe (8) is not aligned with cluster size (16), stripe is disabled
[  157.444267][T11644] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  157.470363][ T4101] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.533550][T11653] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2827'.
[  157.627341][T11658] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2829'.
[  157.636526][T11658] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2829'.
[  157.677121][ T4651] netdevsim netdevsim2 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  157.693788][ T4651] netdevsim netdevsim2 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  157.709740][ T4651] netdevsim netdevsim2 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  157.727712][ T4651] netdevsim netdevsim2 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  158.141847][T11687] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  158.141986][T11687] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  158.560365][T11706] syzkaller1: entered promiscuous mode
[  158.560382][T11706] syzkaller1: entered allmulticast mode
[  158.707716][T11718] sctp: [Deprecated]: syz.7.2857 (pid 11718) Use of struct sctp_assoc_value in delayed_ack socket option.
[  158.707716][T11718] Use struct sctp_sack_info instead
[  158.750005][T11721] netlink: 'syz.7.2858': attribute type 3 has an invalid length.
[  158.800084][T11724] team0: Port device team_slave_1 removed
[  159.062521][T11738] loop7: detected capacity change from 0 to 8192
[  159.385627][T11761] lo speed is unknown, defaulting to 1000
[  159.744036][   T29] kauditd_printk_skb: 156 callbacks suppressed
[  159.744053][   T29] audit: type=1326 audit(1761090236.196:7453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11784 comm="syz.2.2885" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36ad82efc9 code=0x7ffc0000
[  159.807962][   T29] audit: type=1326 audit(1761090236.226:7454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11784 comm="syz.2.2885" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f36ad82efc9 code=0x7ffc0000
[  159.831590][   T29] audit: type=1326 audit(1761090236.226:7455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11784 comm="syz.2.2885" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36ad82efc9 code=0x7ffc0000
[  159.855349][   T29] audit: type=1326 audit(1761090236.226:7456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11784 comm="syz.2.2885" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36ad82efc9 code=0x7ffc0000
[  159.879397][   T29] audit: type=1326 audit(1761090236.226:7457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11784 comm="syz.2.2885" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f36ad82efc9 code=0x7ffc0000
[  159.902932][   T29] audit: type=1326 audit(1761090236.226:7458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11784 comm="syz.2.2885" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36ad82efc9 code=0x7ffc0000
[  159.926600][   T29] audit: type=1326 audit(1761090236.226:7459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11784 comm="syz.2.2885" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36ad82efc9 code=0x7ffc0000
[  159.950147][   T29] audit: type=1326 audit(1761090236.226:7460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11784 comm="syz.2.2885" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f36ad82efc9 code=0x7ffc0000
[  159.973681][   T29] audit: type=1326 audit(1761090236.226:7461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11784 comm="syz.2.2885" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36ad82efc9 code=0x7ffc0000
[  159.997230][   T29] audit: type=1326 audit(1761090236.226:7462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11784 comm="syz.2.2885" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36ad82efc9 code=0x7ffc0000
[  160.387984][T11823] netlink: 'syz.3.2903': attribute type 10 has an invalid length.
[  160.746386][T11833] vhci_hcd: invalid port number 96
[  160.751639][T11833] vhci_hcd: default hub control req: 2000 vfffc i0060 l7
[  160.838246][T11841] veth10: entered promiscuous mode
[  160.843522][T11841] veth10: entered allmulticast mode
[  161.119426][T11863] loop2: detected capacity change from 0 to 128
[  161.167987][T11865] lo speed is unknown, defaulting to 1000
[  161.295897][ T4652] bio_check_eod: 95 callbacks suppressed
[  161.295911][ T4652] kworker/u8:65: attempt to access beyond end of device
[  161.295911][ T4652] loop2: rw=1, sector=145, nr_sectors = 8 limit=128
[  161.340613][ T4652] kworker/u8:65: attempt to access beyond end of device
[  161.340613][ T4652] loop2: rw=1, sector=161, nr_sectors = 8 limit=128
[  161.374651][ T4652] kworker/u8:65: attempt to access beyond end of device
[  161.374651][ T4652] loop2: rw=1, sector=177, nr_sectors = 8 limit=128
[  161.420587][ T4652] kworker/u8:65: attempt to access beyond end of device
[  161.420587][ T4652] loop2: rw=1, sector=193, nr_sectors = 8 limit=128
[  161.439478][ T4652] kworker/u8:65: attempt to access beyond end of device
[  161.439478][ T4652] loop2: rw=1, sector=209, nr_sectors = 8 limit=128
[  161.481585][ T4652] kworker/u8:65: attempt to access beyond end of device
[  161.481585][ T4652] loop2: rw=1, sector=225, nr_sectors = 8 limit=128
[  161.512492][ T4652] kworker/u8:65: attempt to access beyond end of device
[  161.512492][ T4652] loop2: rw=1, sector=241, nr_sectors = 8 limit=128
[  161.539000][ T4652] kworker/u8:65: attempt to access beyond end of device
[  161.539000][ T4652] loop2: rw=1, sector=257, nr_sectors = 8 limit=128
[  161.567226][ T4652] kworker/u8:65: attempt to access beyond end of device
[  161.567226][ T4652] loop2: rw=1, sector=273, nr_sectors = 8 limit=128
[  161.595066][ T4652] kworker/u8:65: attempt to access beyond end of device
[  161.595066][ T4652] loop2: rw=1, sector=289, nr_sectors = 8 limit=128
[  161.679764][T11890] 
@0�: renamed from bond_slave_1 (while UP)
[  161.697041][T11892] __nla_validate_parse: 7 callbacks suppressed
[  161.697056][T11892] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2932'.
[  161.799213][T11892] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2932'.
[  162.288671][T11923] netlink: 260 bytes leftover after parsing attributes in process `syz.3.2940'.
[  162.297785][T11923] netlink: 260 bytes leftover after parsing attributes in process `syz.3.2940'.
[  162.384446][T11927] netlink: 'syz.5.2945': attribute type 4 has an invalid length.
[  162.412925][T11927] netlink: 'syz.5.2945': attribute type 4 has an invalid length.
[  163.503880][T11980] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2965'.
[  163.592598][T11988] netlink: 'syz.5.2968': attribute type 30 has an invalid length.
[  163.632537][T11992] syzkaller0: entered allmulticast mode
[  163.644260][T11992] syzkaller0: entered promiscuous mode
[  163.654543][T11992] syzkaller0 (unregistering): left allmulticast mode
[  163.661323][T11992] syzkaller0 (unregistering): left promiscuous mode
[  163.935719][T12029] netlink: 24 bytes leftover after parsing attributes in process `+}[@'.
[  164.043231][T12035] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2989'.
[  164.137892][T12045] netlink: 'syz.7.2993': attribute type 4 has an invalid length.
[  164.185122][T12047] netlink: 'syz.5.2994': attribute type 10 has an invalid length.
[  164.361323][T12055] loop7: detected capacity change from 0 to 128
[  164.422308][T12059] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2998'.
[  164.548567][T12066] netlink: 'syz.7.3002': attribute type 7 has an invalid length.
[  164.556519][T12066] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3002'.
[  165.417618][   T29] kauditd_printk_skb: 783 callbacks suppressed
[  165.417636][   T29] audit: type=1326 audit(1761090241.866:8246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12080 comm="syz.6.3008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f303d94efc9 code=0x7ffc0000
[  165.453757][T12084] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3012'.
[  165.466923][   T29] audit: type=1326 audit(1761090241.896:8247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12080 comm="syz.6.3008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f303d94efc9 code=0x7ffc0000
[  165.490676][   T29] audit: type=1326 audit(1761090241.896:8248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12080 comm="syz.6.3008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f303d94efc9 code=0x7ffc0000
[  165.514366][   T29] audit: type=1326 audit(1761090241.896:8249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12080 comm="syz.6.3008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f303d94efc9 code=0x7ffc0000
[  165.538013][   T29] audit: type=1326 audit(1761090241.906:8250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12080 comm="syz.6.3008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f303d94efc9 code=0x7ffc0000
[  165.561633][   T29] audit: type=1326 audit(1761090241.906:8251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12080 comm="syz.6.3008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f303d94efc9 code=0x7ffc0000
[  165.585393][   T29] audit: type=1326 audit(1761090241.906:8252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12080 comm="syz.6.3008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f303d94efc9 code=0x7ffc0000
[  165.608968][   T29] audit: type=1326 audit(1761090241.906:8253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12080 comm="syz.6.3008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f303d94efc9 code=0x7ffc0000
[  165.632538][   T29] audit: type=1326 audit(1761090241.906:8254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12080 comm="syz.6.3008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f303d94efc9 code=0x7ffc0000
[  165.656066][   T29] audit: type=1326 audit(1761090241.906:8255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12080 comm="syz.6.3008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f303d94efc9 code=0x7ffc0000
[  165.768086][T12103] loop3: detected capacity change from 0 to 128
[  166.567918][T12139] vlan2: entered allmulticast mode
[  166.800868][T12146] netlink: 'syz.2.3031': attribute type 1 has an invalid length.
[  166.852347][T12146] 8021q: adding VLAN 0 to HW filter on device bond3
[  166.884974][T12150] __nla_validate_parse: 7 callbacks suppressed
[  166.884993][T12150] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3031'.
[  166.922927][T12150] bond3 (unregistering): Released all slaves
[  167.096459][T12164] ������: renamed from vlan1
[  167.923620][T12208] lo speed is unknown, defaulting to 1000
[  168.319773][T12219] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3058'.
[  168.340977][T12219] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3058'.
[  168.360363][T12219] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3058'.
[  168.379704][T12219] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3058'.
[  168.389446][T12224] netdevsim netdevsim2 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  168.399536][T12224] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  168.492180][T12224] netdevsim netdevsim2 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  168.502144][T12224] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  168.571962][T12224] netdevsim netdevsim2 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  168.581810][T12224] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  168.661844][T12224] netdevsim netdevsim2 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  168.671764][T12224] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  168.738171][ T4650] netdevsim netdevsim2 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  168.746558][ T4650] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  168.775540][ T4650] netdevsim netdevsim2 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  168.783924][ T4650] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  168.802546][ T4651] netdevsim netdevsim2 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  168.810816][ T4651] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  168.825201][T12232] netlink: 'syz.2.3063': attribute type 1 has an invalid length.
[  168.829190][ T4651] netdevsim netdevsim2 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  168.841308][ T4651] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  168.864972][T12232] 8021q: adding VLAN 0 to HW filter on device bond3
[  168.891714][T12232] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3063'.
[  168.912496][T12232] bond3 (unregistering): Released all slaves
[  169.026383][T12239] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3066'.
[  169.203882][T12245] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3069'.
[  169.230966][T12245] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3069'.
[  169.662899][T12265] netlink: 96 bytes leftover after parsing attributes in process `syz.2.3078'.
[  169.916501][T12286] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  169.986135][T12303] loop3: detected capacity change from 0 to 512
[  170.016551][T12307] netlink: 'syz.2.3095': attribute type 30 has an invalid length.
[  170.034831][T12303] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  170.050102][T12303] EXT4-fs (loop3): orphan cleanup on readonly fs
[  170.058296][T12303] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #16: comm syz.3.3093: corrupted inode contents
[  170.081369][T12303] EXT4-fs (loop3): Remounting filesystem read-only
[  170.090014][T12303] EXT4-fs (loop3): 1 truncate cleaned up
[  170.096183][ T4652] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  170.107008][ T4652] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  170.118591][ T4652] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  170.137638][T12324] loop2: detected capacity change from 0 to 512
[  170.160048][T12303] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  170.187054][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.238079][T12331] loop7: detected capacity change from 0 to 512
[  170.247816][T12331] EXT4-fs (loop7): orphan cleanup on readonly fs
[  170.254773][T12331] EXT4-fs error (device loop7): ext4_orphan_get:1418: comm syz.7.3106: bad orphan inode 13
[  170.265256][T12331] ext4_test_bit(bit=12, block=18) = 1
[  170.270740][T12331] is_bad_inode(inode)=0
[  170.274922][T12331] NEXT_ORPHAN(inode)=2130706432
[  170.279818][T12331] max_ino=32
[  170.282247][T12336] lo speed is unknown, defaulting to 1000
[  170.283066][T12331] i_nlink=1
[  170.295459][T12331] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  170.317962][T12331] EXT4-fs (loop7): warning: mounting fs with errors, running e2fsck is recommended
[  170.336850][T12331] EXT4-fs (loop7): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  170.434434][T12349] geneve2: entered promiscuous mode
[  170.439711][T12349] geneve2: entered allmulticast mode
[  170.446010][ T4652] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  170.446413][T12331] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.454543][ T4652] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  170.489842][ T4652] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  170.498216][ T4652] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  170.547371][   T29] kauditd_printk_skb: 119 callbacks suppressed
[  170.547390][   T29] audit: type=1400 audit(1761090246.996:8369): avc:  denied  { shutdown } for  pid=12357 comm="syz.7.3114" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  170.583060][   T29] audit: type=1326 audit(1761090247.036:8370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12361 comm="syz.6.3116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f303d94efc9 code=0x7ffc0000
[  170.618648][   T29] audit: type=1326 audit(1761090247.036:8371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12361 comm="syz.6.3116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f303d94efc9 code=0x7ffc0000
[  170.642335][   T29] audit: type=1326 audit(1761090247.036:8372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12361 comm="syz.6.3116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f303d94efc9 code=0x7ffc0000
[  170.665854][   T29] audit: type=1326 audit(1761090247.036:8373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12361 comm="syz.6.3116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f303d94efc9 code=0x7ffc0000
[  170.689479][   T29] audit: type=1326 audit(1761090247.036:8374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12361 comm="syz.6.3116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f303d94efc9 code=0x7ffc0000
[  170.712993][   T29] audit: type=1326 audit(1761090247.036:8375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12361 comm="syz.6.3116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f303d94efc9 code=0x7ffc0000
[  170.736556][   T29] audit: type=1326 audit(1761090247.036:8376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12361 comm="syz.6.3116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f303d94efc9 code=0x7ffc0000
[  170.760148][   T29] audit: type=1326 audit(1761090247.036:8377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12361 comm="syz.6.3116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f303d94efc9 code=0x7ffc0000
[  170.783972][   T29] audit: type=1326 audit(1761090247.116:8378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12361 comm="syz.6.3116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f303d94efc9 code=0x7ffc0000
[  170.960539][T12382] loop7: detected capacity change from 0 to 2048
[  170.998663][T12382] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  171.024561][T10575] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[  171.044314][T10575] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.275784][T12435] __nla_validate_parse: 4 callbacks suppressed
[  172.275805][T12435] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3144'.
[  172.290995][T12435] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3144'.
[  172.466891][T12444] netlink: 'syz.5.3147': attribute type 1 has an invalid length.
[  172.603441][T12444] bond1: entered promiscuous mode
[  172.608533][T12444] bond1: entered allmulticast mode
[  172.651754][T12444] 8021q: adding VLAN 0 to HW filter on device bond1
[  172.658958][T12454] netlink: 'syz.3.3150': attribute type 7 has an invalid length.
[  172.666845][T12454] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3150'.
[  172.682253][T12445] vlan0: entered allmulticast mode
[  173.186463][T12468] lo speed is unknown, defaulting to 1000
[  173.648306][T12503] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3170'.
[  173.657504][T12503] netlink: 'syz.3.3170': attribute type 30 has an invalid length.
[  173.669423][ T4650] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  173.678825][ T4650] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  173.688700][ T4650] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  173.697393][ T4650] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  173.803134][T12513] loop3: detected capacity change from 0 to 128
[  173.889682][T12513] bio_check_eod: 191 callbacks suppressed
[  173.889703][T12513] syz.3.3172: attempt to access beyond end of device
[  173.889703][T12513] loop3: rw=2049, sector=145, nr_sectors = 896 limit=128
[  173.983344][T12507] syz.3.3172: attempt to access beyond end of device
[  173.983344][T12507] loop3: rw=524288, sector=145, nr_sectors = 224 limit=128
[  173.999112][T12507] syz.3.3172: attempt to access beyond end of device
[  173.999112][T12507] loop3: rw=0, sector=145, nr_sectors = 8 limit=128
[  174.013267][T12507] syz.3.3172: attempt to access beyond end of device
[  174.013267][T12507] loop3: rw=0, sector=145, nr_sectors = 8 limit=128
[  174.028660][T12507] syz.3.3172: attempt to access beyond end of device
[  174.028660][T12507] loop3: rw=0, sector=145, nr_sectors = 8 limit=128
[  174.478576][T12531] netlink: 96 bytes leftover after parsing attributes in process `syz.6.3192'.
[  174.644949][T12533] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3182'.
[  174.654000][T12533] netlink: 'syz.5.3182': attribute type 30 has an invalid length.
[  174.671916][T12531] netlink: 'syz.6.3192': attribute type 10 has an invalid length.
[  174.695279][ T4619] netdevsim netdevsim5 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  174.725477][ T4610] netdevsim netdevsim5 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  174.755950][ T4610] netdevsim netdevsim5 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  174.779840][ T4591] netdevsim netdevsim5 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  174.847299][T12550] loop2: detected capacity change from 0 to 512
[  174.854707][T12550] journal_path: Lookup failure for './file0/../file0'
[  174.861609][T12550] EXT4-fs: error: could not find journal device path
[  174.904639][T12558] netlink: 'syz.3.3191': attribute type 1 has an invalid length.
[  174.917985][T12558] bond7: entered promiscuous mode
[  174.923219][T12558] bond7: entered allmulticast mode
[  174.928700][T12558] 8021q: adding VLAN 0 to HW filter on device bond7
[  174.951909][T12558] bond7: (slave gretap0): making interface the new active one
[  174.959447][T12558] gretap0: entered promiscuous mode
[  174.964911][T12558] gretap0: entered allmulticast mode
[  174.972870][T12558] bond7: (slave gretap0): Enslaving as an active interface with an up link
[  175.009625][T12558] vlan1: entered allmulticast mode
[  175.026321][T12558] bond7: (slave vlan1): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[  175.364682][T12583] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3201'.
[  175.378911][T12585] loop3: detected capacity change from 0 to 512
[  175.382696][T12583] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3201'.
[  175.386199][T12585] journal_path: Lookup failure for './file0/../file0'
[  175.401150][T12585] EXT4-fs: error: could not find journal device path
[  175.626675][T12609] loop2: detected capacity change from 0 to 512
[  175.659422][T12609] EXT4-fs error (device loop2): ext4_orphan_get:1418: comm syz.2.3213: bad orphan inode 11862016
[  175.670757][T12609] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  175.683667][T12609] ext4 filesystem being mounted at /594/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  175.790223][ T4101] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  175.858725][T12624] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3218'.
[  175.958846][T12631] xt_nat: multiple ranges no longer supported
[  175.969081][T12635] loop2: detected capacity change from 0 to 512
[  175.975873][T12635] EXT4-fs: Ignoring removed nobh option
[  175.995097][T12635] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.3222: iget: bad i_size value: 38620345925642
[  176.009124][T12635] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.3222: couldn't read orphan inode 15 (err -117)
[  176.022163][T12635] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  176.040686][   T29] kauditd_printk_skb: 150 callbacks suppressed
[  176.040703][   T29] audit: type=1400 audit(1761090252.496:8529): avc:  denied  { append } for  pid=12632 comm="syz.2.3222" path="/596/file1/cgroup.controllers" dev="loop2" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  176.155435][   T29] audit: type=1400 audit(1761090252.606:8530): avc:  denied  { map } for  pid=12632 comm="syz.2.3222" path="/596/file1/cgroup.controllers" dev="loop2" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  176.194319][T12635] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.3222: bg 0: block 5: invalid block bitmap
[  176.224270][T12635] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 248 with max blocks 1540 with error 28
[  176.236958][T12635] EXT4-fs (loop2): This should not happen!! Data will be lost
[  176.236958][T12635] 
[  176.246684][T12635] EXT4-fs (loop2): Total free blocks count 0
[  176.252773][T12635] EXT4-fs (loop2): Free/Dirty block details
[  176.258717][T12635] EXT4-fs (loop2): free_blocks=0
[  176.263784][T12635] EXT4-fs (loop2): dirty_blocks=1792
[  176.269188][T12635] EXT4-fs (loop2): Block reservation details
[  176.275244][T12635] EXT4-fs (loop2): i_reserved_data_blocks=1792
[  176.288427][T12644] netdevsim netdevsim3 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  176.328103][T12644] netdevsim netdevsim3 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  176.340267][ T4101] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.341748][T12646] netlink: 'syz.5.3227': attribute type 30 has an invalid length.
[  176.372023][T12644] netdevsim netdevsim3 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  176.402780][   T29] audit: type=1326 audit(1761090252.846:8531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12648 comm="syz.6.3229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f303d94efc9 code=0x7ffc0000
[  176.426397][   T29] audit: type=1326 audit(1761090252.846:8532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12648 comm="syz.6.3229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=277 compat=0 ip=0x7f303d94efc9 code=0x7ffc0000
[  176.450339][   T29] audit: type=1326 audit(1761090252.846:8533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12648 comm="syz.6.3229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f303d94efc9 code=0x7ffc0000
[  176.474032][   T29] audit: type=1326 audit(1761090252.846:8534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12648 comm="syz.6.3229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f303d94efc9 code=0x7ffc0000
[  176.497763][   T29] audit: type=1326 audit(1761090252.846:8535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12648 comm="syz.6.3229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f303d94efc9 code=0x7ffc0000
[  176.521633][   T29] audit: type=1326 audit(1761090252.846:8536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12648 comm="syz.6.3229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f303d94efc9 code=0x7ffc0000
[  176.545337][   T29] audit: type=1326 audit(1761090252.846:8537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12648 comm="syz.6.3229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f303d94efc9 code=0x7ffc0000
[  176.559575][T12654] netlink: 'syz.7.3230': attribute type 30 has an invalid length.
[  176.568802][   T29] audit: type=1326 audit(1761090252.846:8538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12648 comm="syz.6.3229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f303d94efc9 code=0x7ffc0000
[  176.668925][T12644] netdevsim netdevsim3 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  176.761160][ T4604] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  176.791114][T12660] loop7: detected capacity change from 0 to 764
[  176.812968][T12660] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  176.896569][T12663] loop3: detected capacity change from 0 to 512
[  176.920640][ T4604] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  176.929650][ T4604] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  176.992265][T12663] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  177.000396][T12663] EXT4-fs (loop3): orphan cleanup on readonly fs
[  177.011646][T12663] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #16: comm syz.3.3234: corrupted inode contents
[  177.028457][ T4604] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  177.050576][T12663] EXT4-fs (loop3): Remounting filesystem read-only
[  177.085543][T12663] EXT4-fs (loop3): 1 truncate cleaned up
[  177.095250][ T4604] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  177.105932][ T4604] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  177.134557][T12672] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  177.140718][ T4604] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  177.161214][T12658] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3231'.
[  177.192529][T12663] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  177.301745][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  177.302591][T12672] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  177.350001][T12672] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  177.374533][T12680] lo speed is unknown, defaulting to 1000
[  177.424449][T12672] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  177.496191][ T4646] netdevsim netdevsim7 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  177.537011][ T4646] netdevsim netdevsim7 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  177.560588][ T4646] netdevsim netdevsim7 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  177.585035][ T4646] netdevsim netdevsim7 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  177.637421][T12699] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3245'.
[  177.686095][T12702] loop7: detected capacity change from 0 to 512
[  177.710616][T12702] EXT4-fs (loop7): blocks per group (95) and clusters per group (32768) inconsistent
[  177.779318][T12690] ip6gre1: entered allmulticast mode
[  178.529967][T12718] syz_tun: entered allmulticast mode
[  178.584329][T12723] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3258'.
[  178.984081][T12739] bond1 (unregistering): Released all slaves
[  179.003146][T12740] lo speed is unknown, defaulting to 1000
[  179.174568][T12749] netlink: 32 bytes leftover after parsing attributes in process `syz.7.3266'.
[  179.204214][T12749] netlink: 32 bytes leftover after parsing attributes in process `syz.7.3266'.
[  179.664299][T12769] netlink: 44 bytes leftover after parsing attributes in process `syz.6.3274'.
[  179.738613][T12780] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3278'.
[  179.819058][T12791] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3283'.
[  179.833836][T12791] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3283'.
[  180.088298][T12805] netlink: 'syz.5.3288': attribute type 1 has an invalid length.
[  180.112520][T12805] 8021q: adding VLAN 0 to HW filter on device bond2
[  180.137966][T12805] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3288'.
[  180.159005][T12805] bond2 (unregistering): Released all slaves
[  180.265006][T12810] netlink: 14 bytes leftover after parsing attributes in process `syz.3.3289'.
[  180.440089][T12814] loop2: detected capacity change from 0 to 2048
[  180.455711][T12814] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  180.641713][T12837] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  180.660495][T12837] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  180.742964][T12843] lo speed is unknown, defaulting to 1000
[  180.783125][T12844] SELinux: security_context_str_to_sid (�O�qs���:Lx�)���f�ob��M��I�Q��}�x��`���%��z+����N>޹}L5�/�ѣ��&e�k�ayʰ"{�/�؁f�l���k�ӟVDZ�a���e������a󤊸'W�|@�T���)������ג�@�)�+��W�7�
acW�MGw7&�V�M��ƛ�����Z�,K�'B����F�a�AϮTq2"w*���r:��)%gόfo0�=�Qv�츠dǴIu�dI.��3!*O��) failed with errno=-22
[  180.976296][T12829] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  181.010803][T12829] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  181.023347][T12829] EXT4-fs (loop2): This should not happen!! Data will be lost
[  181.023347][T12829] 
[  181.033140][T12829] EXT4-fs (loop2): Total free blocks count 0
[  181.039194][T12829] EXT4-fs (loop2): Free/Dirty block details
[  181.045140][T12829] EXT4-fs (loop2): free_blocks=2415919104
[  181.050966][T12829] EXT4-fs (loop2): dirty_blocks=8208
[  181.056323][T12829] EXT4-fs (loop2): Block reservation details
[  181.062349][T12829] EXT4-fs (loop2): i_reserved_data_blocks=513
[  181.192772][   T29] kauditd_printk_skb: 157 callbacks suppressed
[  181.192787][   T29] audit: type=1400 audit(1761090257.646:8690): avc:  denied  { getopt } for  pid=12847 comm="syz.6.3304" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  181.268477][ T4643] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28
[  181.313562][   T29] audit: type=1400 audit(1761090257.766:8691): avc:  denied  { unlink } for  pid=3316 comm="syz-executor" name="file0" dev="tmpfs" ino=3500 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  181.552325][   T29] audit: type=1326 audit(1761090258.006:8692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12870 comm="syz.3.3316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effe435efc9 code=0x7ffc0000
[  181.576015][   T29] audit: type=1326 audit(1761090258.006:8693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12870 comm="syz.3.3316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effe435efc9 code=0x7ffc0000
[  181.601470][   T29] audit: type=1326 audit(1761090258.006:8694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12870 comm="syz.3.3316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7effe435efc9 code=0x7ffc0000
[  181.625227][   T29] audit: type=1326 audit(1761090258.006:8695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12870 comm="syz.3.3316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effe435efc9 code=0x7ffc0000
[  181.648749][   T29] audit: type=1326 audit(1761090258.006:8696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12870 comm="syz.3.3316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effe435efc9 code=0x7ffc0000
[  181.672338][   T29] audit: type=1326 audit(1761090258.006:8697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12870 comm="syz.3.3316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7effe435efc9 code=0x7ffc0000
[  181.695848][   T29] audit: type=1326 audit(1761090258.006:8698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12870 comm="syz.3.3316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effe435efc9 code=0x7ffc0000
[  181.719526][   T29] audit: type=1326 audit(1761090258.006:8699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12870 comm="syz.3.3316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7effe435efc9 code=0x7ffc0000
[  181.871957][T12888] xt_nat: multiple ranges no longer supported
[  181.895200][T12875] team1: entered promiscuous mode
[  181.900311][T12875] team1: entered allmulticast mode
[  181.909574][T12875] 8021q: adding VLAN 0 to HW filter on device team1
[  181.980707][T12884] lo speed is unknown, defaulting to 1000
[  182.079101][T12893] loop2: detected capacity change from 0 to 512
[  182.092188][T12894] netlink: 'syz.7.3333': attribute type 27 has an invalid length.
[  182.140186][T12893] EXT4-fs (loop2): orphan cleanup on readonly fs
[  182.161274][T12893] EXT4-fs error (device loop2): ext4_orphan_get:1418: comm syz.2.3322: bad orphan inode 13
[  182.168886][T12898] netlink: 'syz.3.3323': attribute type 1 has an invalid length.
[  182.198280][T12894] bridge0: port 2(bridge_slave_1) entered disabled state
[  182.205557][T12894] bridge0: port 1(bridge_slave_0) entered disabled state
[  182.229184][T12893] ext4_test_bit(bit=12, block=18) = 1
[  182.234687][T12893] is_bad_inode(inode)=0
[  182.238866][T12893] NEXT_ORPHAN(inode)=2130706432
[  182.243731][T12893] max_ino=32
[  182.246930][T12893] i_nlink=1
[  182.251667][T12893] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  182.307319][ T4101] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  182.342044][T12894] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  182.377589][T12894] team1: left promiscuous mode
[  182.382619][T12894] team1: left allmulticast mode
[  182.427496][T12896] 8021q: adding VLAN 0 to HW filter on device bond0
[  182.435666][T12896] 8021q: adding VLAN 0 to HW filter on device team0
[  182.448593][T12896] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  182.476186][T12900] bond8: entered promiscuous mode
[  182.481313][T12900] bond8: entered allmulticast mode
[  182.491171][T12900] 8021q: adding VLAN 0 to HW filter on device bond8
[  182.523557][T12901] bridge4: entered promiscuous mode
[  182.528910][T12901] bridge4: entered allmulticast mode
[  182.547794][T12912] netlink: 'syz.5.3326': attribute type 1 has an invalid length.
[  182.560806][T12911] netlink: 'syz.7.3325': attribute type 1 has an invalid length.
[  182.569392][T12901] bond8: (slave bridge4): Enslaving as a backup interface with an up link
[  182.578124][ T4646] netdevsim netdevsim7 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  182.592182][ T4613] bond8: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  182.612146][T12912] 8021q: adding VLAN 0 to HW filter on device bond2
[  182.646869][T12918] __nla_validate_parse: 6 callbacks suppressed
[  182.646889][T12918] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3327'.
[  182.664276][ T4646] netdevsim netdevsim7 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  182.681068][T12911] 8021q: adding VLAN 0 to HW filter on device bond1
[  182.692831][T12915] bond1 (unregistering): Released all slaves
[  182.709508][T12916] 8021q: adding VLAN 0 to HW filter on device batadv0
[  182.721955][ T4613] bond8: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  182.723380][T12916] bond2: (slave batadv0): making interface the new active one
[  182.802113][T12916] bond2: (slave batadv0): Enslaving as an active interface with an up link
[  182.815548][ T4646] netdevsim netdevsim7 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  182.827579][ T4646] netdevsim netdevsim7 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  183.109589][T12955] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3340'.
[  183.192466][T12927] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3330'.
[  183.201558][T12927] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3330'.
[  183.255448][T12927] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3330'.
[  183.264538][T12927] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3330'.
[  183.392143][T12981] lo speed is unknown, defaulting to 1000
[  183.432681][T12990] netlink: 'syz.5.3346': attribute type 10 has an invalid length.
[  183.497629][T13004] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3351'.
[  183.524922][T13004] netlink: 84 bytes leftover after parsing attributes in process `syz.2.3351'.
[  183.548085][T13014] loop3: detected capacity change from 0 to 128
[  183.578921][T13014] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  183.584438][T13022] loop2: detected capacity change from 0 to 1024
[  183.598220][T13022] EXT4-fs: Ignoring removed orlov option
[  183.605207][T13014] ext4 filesystem being mounted at /684/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  183.618289][T13022] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  183.671533][T13030] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  183.679614][ T3316] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  184.104248][T13105] lo speed is unknown, defaulting to 1000
[  184.182425][ T4101] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  184.254024][T13114] loop2: detected capacity change from 0 to 1024
[  184.294909][T13114] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  184.317097][T13114] ext4 filesystem being mounted at /625/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  184.410057][T13122] netdevsim netdevsim6 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  184.426564][ T4101] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  184.522161][T13122] netdevsim netdevsim6 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  184.582295][T13122] netdevsim netdevsim6 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  184.598810][T13136] ==================================================================
[  184.606965][T13136] BUG: KCSAN: data-race in shmem_file_splice_read / shmem_file_splice_read
[  184.615606][T13136] 
[  184.617935][T13136] write to 0xffff8881049d2fa8 of 8 bytes by task 13139 on cpu 0:
[  184.625658][T13136]  shmem_file_splice_read+0x470/0x600
[  184.631084][T13136]  splice_direct_to_actor+0x26f/0x680
[  184.636496][T13136]  do_splice_direct+0xda/0x150
[  184.641324][T13136]  do_sendfile+0x380/0x650
[  184.645786][T13136]  __x64_sys_sendfile64+0x105/0x150
[  184.651112][T13136]  x64_sys_call+0x2bb4/0x3000
[  184.655867][T13136]  do_syscall_64+0xd2/0x200
[  184.660402][T13136]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.666316][T13136] 
[  184.668650][T13136] write to 0xffff8881049d2fa8 of 8 bytes by task 13136 on cpu 1:
[  184.676376][T13136]  shmem_file_splice_read+0x470/0x600
[  184.681806][T13136]  splice_direct_to_actor+0x26f/0x680
[  184.687205][T13136]  do_splice_direct+0xda/0x150
[  184.692078][T13136]  do_sendfile+0x380/0x650
[  184.696537][T13136]  __x64_sys_sendfile64+0x105/0x150
[  184.701757][T13136]  x64_sys_call+0x2bb4/0x3000
[  184.706473][T13136]  do_syscall_64+0xd2/0x200
[  184.711020][T13136]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.716921][T13136] 
[  184.719262][T13136] value changed: 0x000000000030c000 -> 0x0000000000310000
[  184.726386][T13136] 
[  184.728715][T13136] Reported by Kernel Concurrency Sanitizer on:
[  184.735130][T13136] CPU: 1 UID: 0 PID: 13136 Comm: syz.5.3373 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  184.744961][T13136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  184.755029][T13136] ==================================================================
[  184.770021][T13147] loop2: detected capacity change from 0 to 512
[  184.778827][T13147] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  184.787961][T13147] EXT4-fs (loop2): orphan cleanup on readonly fs
[  184.795662][T13147] EXT4-fs warning (device loop2): ext4_enable_quotas:7180: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  184.811395][T13147] EXT4-fs (loop2): Cannot turn on quotas: error -22
[  184.818219][T13147] EXT4-fs error (device loop2): ext4_ext_check_inode:523: inode #13: comm syz.2.3382: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  184.836447][T13147] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.3382: couldn't read orphan inode 13 (err -117)
[  184.849257][T13147] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  184.849774][T13122] netdevsim netdevsim6 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  184.885520][T13147] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[  184.895143][T13147] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  184.910995][T13147] EXT4-fs warning (device loop2): ext4_enable_quotas:7180: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  184.934241][ T4665] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  184.945874][ T4665] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  184.951346][ T4101] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  184.963045][ T4665] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  184.967328][ T4665] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0