last executing test programs:

3m47.10016954s ago: executing program 0 (id=58):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0xff, 0x7fffffff}]})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000c00)={&(0x7f0000000540)='inet_sock_set_state\x00', r1, 0x0, 0xfffffffffffffffd}, 0x18)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r2, 0x3)
close_range(r0, 0xffffffffffffffff, 0x0)

3m47.06460021s ago: executing program 0 (id=59):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmmsg$unix(r0, &(0x7f00000bd000), 0x318, 0x0)
r1 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)={0xb0000005})
epoll_pwait(r1, &(0x7f0000000100)=[{}], 0x1, 0xfffeffff, 0x0, 0x443c000000000000)
close(0x3)

3m46.906828713s ago: executing program 0 (id=66):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x8, &(0x7f0000000200)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0ff5b14104fe62cc60e413905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf2364149215108333719acd97cfa107d40224edc5465a93df8513a32ec450bebc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe511195418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4929330142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da8c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000dd11e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15f2a169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f000010000000000000905ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400bee3dfc8fb24f67c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341b74abaa7c95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb232bbdb9dc33cbd7643866fde41f94290c2a5ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595270fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f76dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d2e959efc71f665c4d75cf2458e3322c9062ece84c99a061997a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99f0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d164118e4cbe02400000000ff0700000000cc9d8046c216c1f895778cb25122a2a998de44aeadea2a40da8daccf080842a4867217373934bbd42dcb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcd62981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba495aea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b60000000000001700d6d5210d7560eb92d6a97a27602b81f76386f1535b1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294059323e7a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd704e4214de5946932d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1fc8df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1785eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba891cea599b079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be2f5656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fd78f9743af932cd6db49a47613808bad959719c0000000000378a921c7f7f6933c2e24c7e800003c9e8095e02985f28de0bbc76d58dd92606b1ef6486c85fa3e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6968d12418a4d2a0d086d8438d415d713acebc5b014e61a543a5a391f03daca80f08f0e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e112645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c000000000000000000000000000000a1c3da144589dcaddb71cf9374843e23f992a237a9040747e0434a8a643990b4059a98411ce867d1af7e8ea89f49e6f564d4dce8a7d6939a9214a7f39e83bd247e03a09dba000000000000000000000000aaf033d47249c8444bc13844cbf1be617d82b269e5ea0c0d525603c0ec543ea581f63893ae414a6683e941fdbdff03cfc5f8744583c0aa766a65321f907927a59d75b47f06895e8471ebc2840ce5bd054df223fb09b9c739ad64cfcfd2d498b0f11056f6c40874cb977c99b6bc1a8732198a17e610082b7ce0365f271b11d4b4a3d4c7d0bb273f406ecd4b26c93151c30f5a269991402d109becb1b9bafcb2b47e940000000000e540d8b0db3774effb7469a21f96e2594b2973ebf7a1bd9ace2ed4d6eb1735f85885be5be74dc2ea5d7d499bd28271b98f187f5879b16b409a04d78175cc8d0f707c822805d7011ed4b22419186dd2b22aadf15828db2ca19d79e1bf2f7989237ee5cb2e1eb7b2bfc92d3aa95a26f060935c4fee8b2d7d0bf3c6d82d04329164bd4ee0b8060183f36762b0440d9082d7c8b06e4c2024f77e1018758d28e7ee290f32a48bfc2aa10b3dba9bff00d2410f3477a8e0df689c880dc9a677cfaa16603527c06625a3363744cea5f2d350224cc0fea76c72ca08507235c67346722f20690fde0790f040f5fd3eff75f9b291cc5e9c686ebaadbe756c6fa039ff441e427ed12578d5cb041ebf729cfaa575cc852fbdb54e60435e6d62b9d270433b220ed9ff1ff042b8d3d866231c460765"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x1f)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d000000140000001100"], 0xa8}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000880)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000180a0500000000000000000002000000300003802c00038014000100776732000000000000000000000000001400010076657468315f746f5f627269646765000900020073797a30000000000900010073797a3000000000140000001100"], 0x84}, 0x1, 0x0, 0x0, 0x24040089}, 0x20008000)

3m46.878921853s ago: executing program 0 (id=68):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000000)='binfmt_misc\x00', 0xc00, 0x0)
chroot(&(0x7f0000000100)='./file0\x00')
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
chroot(&(0x7f0000000140)='./file0/../file0\x00')
pivot_root(&(0x7f0000007b00)='./file0/../file0\x00', &(0x7f0000000280)='./file0\x00')

3m46.861027684s ago: executing program 0 (id=70):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1a, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000750000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000e00000095"], 0x0, 0x3e33, 0x0, 0x0, 0x0, 0xb8e9ba3047a17b7d, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000400)='io_uring_create\x00', r0}, 0x18)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000400)='io_uring_create\x00', r1}, 0x18)
io_uring_setup(0xb3c, &(0x7f00000000c0)={0x0, 0x45d6, 0x1, 0x4, 0x7, 0x0, r1})

3m45.383437982s ago: executing program 0 (id=108):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000040), &(0x7f0000000280)='%pS    \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10)
mremap(&(0x7f000000d000/0x2000)=nil, 0xfffffffffffffe74, 0x1000, 0x3, &(0x7f0000007000/0x1000)=nil)

3m45.364794343s ago: executing program 32 (id=108):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000040), &(0x7f0000000280)='%pS    \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10)
mremap(&(0x7f000000d000/0x2000)=nil, 0xfffffffffffffe74, 0x1000, 0x3, &(0x7f0000007000/0x1000)=nil)

3m6.791896627s ago: executing program 2 (id=1649):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0)
pipe2$9p(&(0x7f0000000400)={<r2=>0xffffffffffffffff}, 0x80800)
fcntl$setpipe(r2, 0x407, 0x176)

3m6.743456418s ago: executing program 2 (id=1651):
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x51}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000003c0)='mm_page_alloc\x00', r1, 0x0, 0xffffffffffffffff}, 0x18)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0xa, 0x2)

3m6.729561448s ago: executing program 2 (id=1652):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0xa, 0x7, 0x6, 0x8c}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000500000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r0}, &(0x7f0000000200), &(0x7f0000000240)}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x1e, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
syz_open_procfs(0x0, 0x0)

3m6.63319326s ago: executing program 2 (id=1667):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000300)='proc\x00', 0x0, 0x0)
chroot(&(0x7f0000000000)='./file0/../file0\x00')
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
pivot_root(&(0x7f00000001c0)='./file0\x00', &(0x7f00000000c0)='./file0\x00')

3m6.359144485s ago: executing program 2 (id=1669):
socket$packet(0x11, 0x2, 0x300)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x1, @perf_config_ext={0x3, 0x6}, 0x120, 0x10000, 0x33f8, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r0, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0xf, 0x7ffc0001}]})
renameat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

3m5.967449483s ago: executing program 2 (id=1674):
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r0, 0x8)
r1 = accept4(r0, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f00000006c0)={0x0, 0x2}, 0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f00000007c0)={0x0, 0x1}, 0x8)

3m5.954523493s ago: executing program 33 (id=1674):
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r0, 0x8)
r1 = accept4(r0, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f00000006c0)={0x0, 0x2}, 0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f00000007c0)={0x0, 0x1}, 0x8)

1m16.372231557s ago: executing program 4 (id=6401):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8ff20c2c10f0093d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000040), &(0x7f0000000280)='%pS    \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='setgroups\x00')
close_range(r2, 0xffffffffffffffff, 0x0)

1m16.271246379s ago: executing program 4 (id=6404):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x60, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r0, 0x0, 0xd76}, 0x18)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000700)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000012c0), 0xfe, 0x244, &(0x7f0000000400)="$eJzs3T9oJFUcB/DvzO565m6RUxtB/AMiooFwdoJNbBQCEoKIoEJExEZJhJhgl1jZWGitksomiJ3RUtIEG0WwipoiNoIGC4OFFiu7k0hMVqNu3Dkynw9MZibz3vzesPN9u83sBmisq0mmk7SSTCbpJCmON7i7Wq4e7q5PbM8nvd4TPxWDdtV+5ajflSRrSR5KslUWeamdrGw+s/fLzmP3vbncuff9zacnxnqRh/b3dh8/eG/2jY9mHlz54qsfZotMp/un6zp/xZD/tYvklv+j2HWiaNc9Av6Judc+/Lqf+1uT3DPIfydlqhfvraUbtjp54N2/6vv2j1/ePs6xAuev1+v03wPXekDjlEm6KcqpJNV2WU5NVZ/hv2ldLl9eXHp18sXF5YUX6p6pgPPSTXYf/eTSx1dO5P/7VpV/4OLq5//JuY1v+9sHrbpHA4zFHdWqn//J51bvj/xD48g/NJf8Q3PJPzSX/ENzyT80l/zDBdb5+8PyD80l/9Bc8g/NdTz/AECz9C7V/QQyUJe65x8AAAAAAAAAAAAAAAAAAOC09Ynt+aNlXDU/eyfZfyRJe1j91uD3iJMbB38v/1z0m/2hqLqN5Nm7RjzBiD6o+enrm76rt/7nd9Zbf3UhWXs9ybV2+/T9Vxzef//dzWcc7zw/YoF/qTix//BT461/0m8b9daf2Uk+7c8/14bNP2VuG6yHzz/ds79i+Uyv/DriCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABib3wMAAP//+kBtTA==")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
fallocate(r1, 0x0, 0x3, 0xfff)
r2 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
sendfile(r2, r2, 0x0, 0x800000009)

1m16.055566363s ago: executing program 4 (id=6406):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001380)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000940)=ANY=[@ANYBLOB="140000001000010400000000000000000100000a74000000060a0b04000000000000000002000008400004803c000180080001006c6f670030000280060004400001000008000340fffffffa0a0002407d5def2e21000000080003400000000806000140000100000900010073797a30000000000900020073797a320000000008000b400000000314000000110001"], 0x9c}}, 0x0)
close(r2)

1m15.877269506s ago: executing program 4 (id=6407):
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1, &(0x7f00000000c0)={[{@errors_remount}, {@init_itable_val={'init_itable', 0x3d, 0x4}}, {@mblk_io_submit}, {@minixdf}, {@jqfmt_vfsv0}, {@grpjquota, 0x2e}], [], 0x2e}, 0x0, 0x450, &(0x7f0000000480)="$eJzs289vFFUcAPDvzLYgv2xF/MEPtYrGxh8tLagcvGg04WJiogc81lIIslBDayKESDUGj4a/QD2a+Bd40otRTxqvejcmxHARPZgxszsDS7tbd7tbtrCfTzLtezNv973vzLzdN/N2AhhYY/mfJGJ7RPwaESP17M0Fxur/rl29MPv31QuzSWTZG38mtXJ/Xb0wWxYtX7etyIynEenHSextUu/CufOnZqrVubNFfnLx9LuTC+fOP3vy9MyJuRNzZ6YPHz50cOqF56ef60mcO/K27vlgft/uI29dfm326OW3f/gqb+/2YntjHHWjXdc5FmM378sGT3T97hvLjoZ0MtTHhtCRSkTkh2u41v9HohI3Dt5IvPpRXxsHrKssy7LNK9ZWysRSBtzBkuh3C4D+KL/o8+vfcrmFw4++u/JS/QIoj/tasdS3DEValBledn3bS2MRcXTpn8/yJZrehwAA6K1v8vHPM83Gf2nc31Du7mJuaDQi7omInRFxb0Tsioj7ImplH4iIBzusf2xZfuX45+ctawqsTfn478Vibuvm8V85+ovRSpHbUYt/ODl+sjp3oNgn4zG8Oc9PrVLHt6/88mmrbY3jv3zJ6y/HgkU7/hhadoPu2MziTDcxN7ryYcSeoWbxJ9fnrvL/uyNizxreP99nJ5/6cl+r7f8f/yp6MM+UfRHxZP34L8Wy+EvJ6vOTk3dFde7AZHlWrPTjT5deb1V/V/H3QH78tzY9/6/HP5o0ztcudF7Hpd8+aXlNs9bzf1PyZi29qVj3/szi4tmpiE3J0sr10zdeW+bL8nn84/ub9/+dEf9+Xrxub0TkJ/FDEfFwRDxStP3RiHgsIvavEv/3Lz/+ztrjX195/Mc6Ov6dJyqnvvu6Vf3tHf9DtdR4saadz792G9jNvgMAAIDbRVr7DXySTlxPp+nERP03/Ltia1qdX1h8+vj8e2eO1X8rPxrDaXmna6ThfuhUcW+4zE8vyx+s3TfOsizbUstPzM5X12tOHWjPthb9P/d7pd+tA9ZdR/NorZ5oA25LnteEwaX/w+DS/2Fw6f8wuJr1/4sR1/rQFOAW8/0Pg0v/h8Gl/8Pg0v9hIHXzXP9qiZ1H1uud77REZWM0o+NEpBuiGWtLpBujGfXE5ohot/DFuFUN6/cnEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQG/8FwAA//8Hl+jb")
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x800)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x20000, 0x0)
open_tree(r0, &(0x7f0000000640)='\x00', 0x89901)

1m15.635588981s ago: executing program 4 (id=6412):
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xae, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='net_dev_xmit\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='net_dev_xmit\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000880)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1ff8d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002706870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a83984e68a6d80a5f5222ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a2d0e0007000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1f6428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e1700000000000000000a034000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1ebbb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa5210b16eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03076844268cb89e14f086dd47e0ffff00122b00631177fbac141416e000030a44079f034d2f87e589ca6aab845013f2325f1a3987050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000, 0x0, 0x7000000}, 0x2c)

1m15.195860869s ago: executing program 4 (id=6420):
r0 = syz_open_procfs(0x0, &(0x7f0000000480)='task\x00')
fchdir(r0)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r1 = syz_clone(0x2180, 0x0, 0x0, 0x0, 0x0, 0x0)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
r2 = syz_open_procfs(r1, &(0x7f0000000040)='syscall\x00')
pread64(r2, &(0x7f0000000500)=""/31, 0x1f, 0x40000000009)

1m15.18291957s ago: executing program 34 (id=6420):
r0 = syz_open_procfs(0x0, &(0x7f0000000480)='task\x00')
fchdir(r0)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r1 = syz_clone(0x2180, 0x0, 0x0, 0x0, 0x0, 0x0)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
r2 = syz_open_procfs(r1, &(0x7f0000000040)='syscall\x00')
pread64(r2, &(0x7f0000000500)=""/31, 0x1f, 0x40000000009)

1m8.43875656s ago: executing program 7 (id=6658):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
dup3(r1, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
setitimer(0x0, 0x0, 0x0)

1m8.4155163s ago: executing program 7 (id=6660):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r2, 0x400448dd, 0x0)
bind$bt_hci(r2, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)

1m8.369400741s ago: executing program 7 (id=6662):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000001b40)='sched_switch\x00', r1}, 0x10)
r2 = timerfd_create(0x8, 0x0)
read(r2, &(0x7f00000000c0)=""/252, 0xfc)
timerfd_settime(r2, 0x0, &(0x7f0000000080)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)

1m8.277591903s ago: executing program 7 (id=6668):
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1, &(0x7f00000000c0)={[{@errors_remount}, {@init_itable_val={'init_itable', 0x3d, 0x4}}, {@mblk_io_submit}, {@minixdf}, {@jqfmt_vfsv0}, {@grpjquota, 0x2e}], [], 0x2e}, 0x0, 0x450, &(0x7f0000000480)="$eJzs289vFFUcAPDvzLYgv2xF/MEPtYrGxh8tLagcvGg04WJiogc81lIIslBDayKESDUGj4a/QD2a+Bd40otRTxqvejcmxHARPZgxszsDS7tbd7tbtrCfTzLtezNv973vzLzdN/N2AhhYY/mfJGJ7RPwaESP17M0Fxur/rl29MPv31QuzSWTZG38mtXJ/Xb0wWxYtX7etyIynEenHSextUu/CufOnZqrVubNFfnLx9LuTC+fOP3vy9MyJuRNzZ6YPHz50cOqF56ef60mcO/K27vlgft/uI29dfm326OW3f/gqb+/2YntjHHWjXdc5FmM378sGT3T97hvLjoZ0MtTHhtCRSkTkh2u41v9HohI3Dt5IvPpRXxsHrKssy7LNK9ZWysRSBtzBkuh3C4D+KL/o8+vfcrmFw4++u/JS/QIoj/tasdS3DEValBledn3bS2MRcXTpn8/yJZrehwAA6K1v8vHPM83Gf2nc31Du7mJuaDQi7omInRFxb0Tsioj7ImplH4iIBzusf2xZfuX45+ctawqsTfn478Vibuvm8V85+ovRSpHbUYt/ODl+sjp3oNgn4zG8Oc9PrVLHt6/88mmrbY3jv3zJ6y/HgkU7/hhadoPu2MziTDcxN7ryYcSeoWbxJ9fnrvL/uyNizxreP99nJ5/6cl+r7f8f/yp6MM+UfRHxZP34L8Wy+EvJ6vOTk3dFde7AZHlWrPTjT5deb1V/V/H3QH78tzY9/6/HP5o0ztcudF7Hpd8+aXlNs9bzf1PyZi29qVj3/szi4tmpiE3J0sr10zdeW+bL8nn84/ub9/+dEf9+Xrxub0TkJ/FDEfFwRDxStP3RiHgsIvavEv/3Lz/+ztrjX195/Mc6Ov6dJyqnvvu6Vf3tHf9DtdR4saadz792G9jNvgMAAIDbRVr7DXySTlxPp+nERP03/Ltia1qdX1h8+vj8e2eO1X8rPxrDaXmna6ThfuhUcW+4zE8vyx+s3TfOsizbUstPzM5X12tOHWjPthb9P/d7pd+tA9ZdR/NorZ5oA25LnteEwaX/w+DS/2Fw6f8wuJr1/4sR1/rQFOAW8/0Pg0v/h8Gl/8Pg0v9hIHXzXP9qiZ1H1uud77REZWM0o+NEpBuiGWtLpBujGfXE5ohot/DFuFUN6/cnEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQG/8FwAA//8Hl+jb")
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x800)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x20000, 0x0)
open_tree(r0, &(0x7f0000000640)='\x00', 0x89901)

1m8.116414216s ago: executing program 7 (id=6672):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x100b28, 0x6, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
r1 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r1, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000000)={0x0, r0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x12, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x41000, 0x4b, '\x00', 0x0, @fallback=0xe, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x44f0)

1m8.027362458s ago: executing program 7 (id=6673):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000005000000005e002200850000006d00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
socket$key(0xf, 0x3, 0x2)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newsa={0x138, 0x10, 0x1, 0xfffffffe, 0x100, {{@in6=@remote, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x1, 0x714, 0x4e23, 0x5, 0x0, 0x0, 0x0, 0x3a}, {@in6=@mcast2, 0x4d4, 0x6c}, @in=@loopback, {0x0, 0x192, 0x6, 0xffff, 0x8251c, 0x2, 0xfffffffffffffff8}, {0xffffffffffffffff, 0x0, 0x1f, 0xfffffffffffffffe}, {0x2, 0xfffffffc, 0x7}, 0x70bd2a, 0x3504, 0xa, 0x1, 0x0, 0x20}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x138}, 0x1, 0x0, 0x0, 0x8801}, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="3801000018"], 0x138}, 0x1, 0x0, 0x0, 0x8801}, 0x0)

1m8.001377988s ago: executing program 35 (id=6673):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000005000000005e002200850000006d00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
socket$key(0xf, 0x3, 0x2)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newsa={0x138, 0x10, 0x1, 0xfffffffe, 0x100, {{@in6=@remote, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x1, 0x714, 0x4e23, 0x5, 0x0, 0x0, 0x0, 0x3a}, {@in6=@mcast2, 0x4d4, 0x6c}, @in=@loopback, {0x0, 0x192, 0x6, 0xffff, 0x8251c, 0x2, 0xfffffffffffffff8}, {0xffffffffffffffff, 0x0, 0x1f, 0xfffffffffffffffe}, {0x2, 0xfffffffc, 0x7}, 0x70bd2a, 0x3504, 0xa, 0x1, 0x0, 0x20}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x138}, 0x1, 0x0, 0x0, 0x8801}, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="3801000018"], 0x138}, 0x1, 0x0, 0x0, 0x8801}, 0x0)

28.377568783s ago: executing program 6 (id=7857):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000aac020000060a0b040000000000000000020000003c020480380201800a0001006d6174636800000028020280080002400000000114020300d67a8527f76ec1d39e537c4c3060c6a405106c72848aa8bcb429b3a20d532452032d5f166334739d1719a5778bd4f724ee4ca57f2527aeeb0c75755d68fc6fa55f4825682ee95e581039823e5963beedcf65b8b005623d90772b8b6ebd2498b0aff725a3eabb6c99cb2edfe10b9c33be8a971e08401bc0807e75a2ff376b7934473bc1f02bb512b77414daf260c9c7d4e1f0758b56ec5823892af310e6252fcfb1d9dbad362baa26f43f12f831fd221926d6536eeff641db46920ae0e48f3ff5de599714ba6510ce479d4116a519792281736f39c9fc0e10ef557392c43389271cebcf36543fcf6f83bf74b93ee4eb5e8c82e35bb4784cc1ed0ad291b16e8368487589f7590bf5896f340a36555a1cf69736da230a809176dbdfba3d47efb9a6932e5503d277532b7d4e6f7c7373a298e5843a9f74d5fd07fbc6ad22bc644ba9b3c94ec3c8f0b9321b16e5826b1f058f781760a5d4b6a8880202b41689139c37cd51f65a92d883f8901add03b650c9ec182fb565a4d657ebba9d6a5eb426b22d5933b72362e6ec327fb679aa8034b8b3b6680ad138be47652a3e77981187d2921cebfc1639aa280e3d38dba9b1af49ceded79c78a2d656b3a3e946e17e6257def6679f70f11aa01a2d906aecf4dbc7d1a332a8932ed719ce7eecb5450f494f944b3f6b637502ddba609c6e45dcfad1db7c7dda3e2c8d5ddcf27132985442e9b8df16f96c82e72e3e2491856d07756b9f08000100627066000900010073797a30000000000900020073797a32"], 0x2d4}}, 0x4048010)

28.277309554s ago: executing program 6 (id=7861):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="160000000000000061b1000002"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0, <r1=>0xffffffffffffffff}, 0x0, &(0x7f0000000040)}, 0x20)
unshare(0x4020400)
r2 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
bpf$MAP_LOOKUP_ELEM(0x15, &(0x7f0000000200)={r1, 0x0, &(0x7f0000001780)=""/4096}, 0x20)

28.219582616s ago: executing program 6 (id=7863):
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
perf_event_open(&(0x7f0000000500)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x0, @perf_bp={0x0, 0x91b1400079c52c93}, 0x105c34, 0x8000, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0xc0126080, 0x0, 0x0, 0x0, 0x0, 0x0)

25.315195311s ago: executing program 6 (id=7928):
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000280)='./file7\x00', 0x200000, &(0x7f0000000b40)=ANY=[@ANYBLOB="64656275672c757466383d312c757466383d302c757466383d312c73686f72746e616d653d77696e39352c636865636b3d7374726963742c73686f72746e616d653d77696e6e742c73686f72746e616d653d6c6f7765722c002bc08d8cca74e8ecafb48437094fe1a4a2383bd9d85bff651d1101fd722e01b9b5d22f08b5fc0ac7cbf33fb553a90ae4d01d71ddeeb089f517aeaaa271899287d5b8949b22b23c2807b7d81714b89e9682f6c3faa6107733a77a4cf985560ed64ec24e255dee3654aa2ba55be4bf3ae257adba34bb46aa57a75dab0288098e42f886f09bdf63537db28a454b02a4204a7e7dac3c30a6d4b5c814916b0284a6fbf80000a0ac567a0ebfa782c6c3729a2afa6f0e6a852e9b202dc9dcb97d35c8", @ANYRESDEC, @ANYRES32, @ANYRESOCT], 0x3, 0x250, &(0x7f0000001cc0)="$eJzs2s+LG2UYB/Bn1tb9UbZZ8RctiC96UC9Dd88eukgL4oKiXaEK0qmbaMiYLElYiIjdk179EzyKePQmSPHkZS/+BR687WWPPYgjSdZtWiMuSJtgPx8Iecg73/DMTHh5AnP46leftBq9vFH0YyHLYuFy7MedLNZiIf6yH6+8dP3n5965/t4bm1tbV95O6ermtfWNlNL55398/7PvXrjdP/fu9+d/WIyDtQ8OjzZ+O3jm4MLhH9c+bvZSs5fanX4q0s1Op1/cLOtpp9lr5Sm9VdaLXj0127169571RtnZ3R2kor2zurLb/SYiivYgteqD1O+kfneQio+KZjvleZ5WV4L/YvvbO1UVR9XZG1FV1fLXce52rP4atcieSNmTl7Onb2TP7mcXjqqqNutWeSDc/0fbxKa+FFF+ube9tz1+H64uxWYjmlFGPS7Fcvwew5/JsXF99fWtK5fSyFp8Ud46zt/a235s9P0n+fWoxdr0/Po4n+7NL8bKZH4javHU9PzG1PxSvPziRD6PWvzyYXSijJ0YZu/mP19P6bU3t+7LXxwdBwDwf5OnE1Pntzz/p/VxfmI+rP3LfHjffHUmLp6Z7bkT0Rt82irKst4d/sEbFSefPKrFckT8dHZ4cU6ZWj6+lvPQ/PwVixExB20ophdZRAxff1ua7b7Ew3H3pp/u+McfdEMAAAAAAAAAAACcysN40nDW5wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMy3PwMAAP//63rHLA==")
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
pivot_root(&(0x7f00000000c0)='./file0/../file0/../file0/../file0\x00', &(0x7f0000000080)='./file0/../file0/../file0/../file0/file0\x00')

25.241529843s ago: executing program 6 (id=7932):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000480)='kfree\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000940), 0x2, 0x5ad, &(0x7f0000000180)="$eJzs3c1vVFUbAPDnzkwLpe9rKzEqLkyjIZAoLS1g8GMBe0LwY+fGSgtBho/QGi2aWBLcmBg3LkhcuRD/CyW6dWXiwoUbV4akGsNGY3TMnbkzDO1MOy0dbu39/ZLbOeeeOz3nQp85Z+49ZyaAwhpLf5Qi9kTE5SRipK2sElnhWOO4O7+/fzrdkqjVXv0tiSTb1zw+yR6Hsyf/PRLx/TdJ7C6vrHdu4er56Wp19kqWn5i/cHlibuHqgXMXps/Onp29OPXc1NEjh48cnTx4X+dXakufuP7WOyMfnXz9i8/+Sia//OlkEsfi1zONsvbz2CxjMRZ/1GofLN+f/rse3ezKclJu/Z3clSzfwZZVyWJkMCIei5Eot/1vjsSHL+faOKCvaklEDSioRPxDQTXHAc339r29Dy71eVQCPAhLx9OfAx3iv9K4NhijMRARe5c9r8MlvQ1J6/ju25PX0y36dB0O6Gzx2o4stTz+k3psjsbOem7XndI913nTEcCp7DHd/8oG6x9blhf/8OAsXouIxzuN/9eO/zfa4v/NDdYv/gEAAAAAAGDz3DoeEc92uv9Xyu7N7Yyn6vf/ksb9vx/urhA8tgn1r33/r3R7E6oBOlg6HvFSx/m/rTm+o+Us9//GbMDkzLnq7MGIeCgi9sfAjjQ/uUodBz7efaNbWfv8v3RL62/OBczacbuy497nzEzPT9/POQMNS9cinqh0n/+T9v9Je/+fSV8PLvdYx+69N091K1s7/oF+qX0esa9j/5+0jklW/3yOifp4YKI5Kljpyfc++apb/eIf8pP2/7tWj//RpP3zeubW9/sHI+LQQqXWrXyj4//B5LVy8/en3p2en78yGTGYnFi5f2p9bYbtqhkPzXhJ43//06tf/2uN/9vicCgiFnus89F/hn/uVqb/h/yk8T+zrv5//Ympm6Nfd6u/t/7/cL1P35/tcf0PVtdrgObdTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LypFxP8iKY230qXS+HjEcEQ8ErtK1Utz88+cufT2xZm0rP79/6XmN/2ONPJJ8/v/R9vyU8vyhyLi4Yj4tDxUz4+fvlSdyfvkAQAAAAAAAAAAAAAAAAAAYIsY7rL+P/VLOe/WAX1XyR7FOxRPJe8GALkR/1Bc4h+KS/xDcYl/KK4Nxr/bBbAN6P+hqAZ6O2xnv9sB5EH/DwAAAAAA28qtF5+/kUTE4gtD9S01mJW1bgwO5dU6oJ9KeTcAyI05vFBcpv5AcfU4+RfYxpJW6s9ap/Lus/+T/jQIAAAAAAAAAAAAAFhh355bP665/h/Ylqz/h+Ky/h+Ky/p/KC7v8YG1VvFb/w8AAAAAAAAAAAAA+ZtbuHp+ulqdvSIhsdUSAxGxBZqRQ2Iw//DM+YUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo+TcAAP//Swsk/Q==")
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="14000000100001000000f5ffffffffffffff000a14000000060a0000000000000000000002"], 0x3c}}, 0x0)
mount(0x0, &(0x7f0000000240)='.\x00', &(0x7f00000000c0)='nfs\x00', 0x0, &(0x7f0000000000)='\x06\x00\x00\x00\x04\xb0\xfe\x98\x9a!s\x91]\xab\xc9\xa2IV\xb6-\xd9z\x81\x91\x8aP}I\xc6\x0e\xd9\v\xda\xbfS\x16 \x04\r\xcd\xdb:\xd4\xaf\r\x11\xa0\xd7\xd7\xb6\x9bz\x99\xaf\xfd\x87fN\xad\x90U\xb4A\xdf\xabB\xbba\x7f\xb8\x96\x1a\xe7\xc1\xab\x16\x02\x00<r\xe9\x9cD\x90\xce\xe1\xc5\x85=\\!\xbbQ\xde\xc3\xe3\x7f\xcf\x1f\x17G\xa6\x13\xae\x92 \x1c\xbf\xfa\xe8e\x8cD\"\xa3w')

24.983319438s ago: executing program 6 (id=7945):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x0, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18)
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r3 = dup(r2)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])

24.983145488s ago: executing program 36 (id=7945):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x0, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18)
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r3 = dup(r2)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])

1.109837078s ago: executing program 9 (id=8684):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{r0}, &(0x7f00000008c0), &(0x7f0000000880)=r1}, 0x20)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$xdp(0xffffffffffffffff, &(0x7f0000000100)={0x2c, 0x2}, 0x10)
sendmsg$NFT_BATCH(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c0003800800014000000000080002400000000010000380140001007465616d3000000000000000000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c00038014"], 0xfc}}, 0x0)

1.079661709s ago: executing program 3 (id=8676):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_DISALLOCATE(r2, 0x5608)

1.053082559s ago: executing program 3 (id=8677):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r3, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x28, r0, 0x10ada85e65c25359, 0xfffffffd, 0x25dfdbfd, {{0x6b}, {@val={0x8}, @val={0xc, 0x99, {0x2, 0x72}}}}}, 0x28}}, 0x24000000)

1.03401425s ago: executing program 3 (id=8678):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000440)='kfree\x00', r1, 0x0, 0x5}, 0x18)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x3000004, 0x3032, 0xffffffffffffffff, 0x0)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000600), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f00000003c0)={0x9c9, 0x0, 0x0, 'queue1\x00', 0x200000})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r2, 0x40605346, &(0x7f0000000280)={0x0, 0x0, {0x0, 0x0, 0x40000000, 0x0, 0x3}, 0x8})

1.03295313s ago: executing program 9 (id=8689):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_DISALLOCATE(r2, 0x5608)

819.665044ms ago: executing program 9 (id=8680):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000002c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = signalfd(0xffffffffffffffff, &(0x7f0000000300)={[0x3]}, 0x8)
faccessat2(r2, &(0x7f0000000000)='\x00', 0x2, 0x1100)

819.482914ms ago: executing program 3 (id=8681):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x61980, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000200)='kfree\x00', r0, 0x0, 0x80}, 0x18)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = syz_io_uring_setup(0x499, &(0x7f0000000400)={0x0, 0xd146, 0x0, 0x40003, 0x288}, &(0x7f0000000100)=<r3=>0x0, &(0x7f0000000140)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x40, 0x0, r1, 0x0, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='0'], 0x30}})
io_uring_enter(r2, 0x6b03, 0xd5c5, 0x4, 0x0, 0x0)

783.780145ms ago: executing program 9 (id=8685):
socket$nl_xfrm(0x10, 0x3, 0x6)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000895"], &(0x7f0000000c00)='GPL\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r0, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = dup(r1)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="640000000206030000000000fffff0000000000016000300686173683a6e65742c706f72742c6e6574000000050004000000000005000500020000000900020073797a3200000000050001000700000014000780080013400000000008001240"], 0x64}}, 0x0)

687.570377ms ago: executing program 9 (id=8690):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
kcmp(0x0, 0x0, 0xde6c8001d5ed5ea6, 0xffffffffffffffff, 0xffffffffffffffff)
syz_open_procfs$namespace(0x0, 0x0)
munlock(&(0x7f0000ffd000/0x2000)=nil, 0x2000)
link(0x0, 0x0)

664.904207ms ago: executing program 3 (id=8693):
syz_mount_image$ext4(&(0x7f0000000340)='ext4\x00', &(0x7f0000000980)='./file0\x00', 0x3000010, &(0x7f0000000100)={[{@resuid}, {@nobh}]}, 0x1, 0x51e, &(0x7f0000001140)="$eJzs3d9rZFcdAPDvvclss7upM1WRWrAWW9ktujObxrZBROuLPhXU9X2NySSEzGRCZlI3oWiK/4EICj755IvgHyCUPojPUijoi/ggKoroVh8EtVfmzp01m9xJok0yaebzgbNzzv0x33Pu7Jy5P07uDWBiPRURL0XEVEQ8GxHVYnpapNjrp0q+3Nv3X13qpySy7M5fkkiKacP36penI+J6sdpMRHzlixFfTw7H7e7sri+2Ws2totzotTcb3Z3dW2vtxdXmanNjfn7uhYUXF55fuJ0V3lU7a8PMj77w2dc/+Y3f3v3TzW/2q/WZD0UlDrTjNA2aXsm3xVB/G22dRbAxmCraUxl3RQAAOJH+Pv77I+Jj+f5/NabyvbkDpsZRMwAAAOC0ZJ+bjX8lERkAAABwaaURMRtJWi/GAsxGml4pzg18MK6lrU6394mVzvbGcn9eRC0q6cpaq3m7GCtci0rSL88VY2yH5ecOlOcj4rGI+G71al6uL3Vay2M+9wEAAACT4vqB4/+/V9M8f7ySvxMAAAAALq7ayAIAAABwWTjkBwAAgMvv4PH/62OqBwAAAHAmvvTyy/2UDZ9/vfzKzvZ655Vby83uer29vVRf6mxt1lc7ndX8nn3tfauWPvK51elsfio2tu81es1ur9Hd2b3b7mxv9O6uPfQIbAAAAOAcPfbRN36VRMTep6/mKYr7AAI85PfjrgBwmqbGXQFgbNzFGybXg4v4V8ZbD2B8kmPmG7wDAADvfTc+fPj6//BUQOkAf+DSMNYHACaP6/8wuSpGAMJESyPifYPsI6OWGXn9/xcnjZJlEW9W909xfhEAAM7XbJ6StF4cB8xGmtbrEY9GpLWoJCtrrebt4vjgl9XKI/3yXL5mcuyYYQAAAAAAAAAAAAAAAAAAAAAAAABgIMuSyAAAAIBLLSL9Y5LfzT/iRvWZ2YPnB64k/6jGH4rCD+58795ir7c115/+1/xZXlciovf9O5V8+nMjHx8GAAAAnLZkb+SswXF68Tp3rrUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYAK8ff/VpWE6z7h//nxE1MriT8dM/joTlYi49rckpvetl0TE1CnE33stIh4vi5/EO1mW1YpalMW/esbxa/mmKY+fRsT1U4gPk+yNfv/zUtn3L42n8tfy7990kd6t0f1fWkR+PO/nyvqfRw+9W7s0xhNv/aQxMv5rEU9Ml/c/w/43GRH/6UPv9s8syw7H+NpXd3dHxc9+GHGj9PcneShWo9febHR3dm+ttRdXm6vNjfn5uRcWXlx4fuF2Y2Wt1Sz+LY3xnY/89J2j2n+tJP5vfj3of49q/zMn/D/w77fu3f/AIFspi3/z6dLf35kYET8tfvs+XuT7828M83uD/H5P/vjNJ49q//KI7X/c53/zBG3ve/bL3/7dCRcFAM5Bd2d3fbHVam4dkZk5wTLvxczPZi5ENf7HTPatwSd3Uerz/2b6e6v/nTJs1QWo2L5Mdm6xpuKCNPlBZqzdEgAAcAZ+/mCnf9w1AQAAAAAAAAAAAAAAAAAAgMl1HrcTOxhzbzxNBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA40n8CAAD//xXF3+E=")
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000840000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
readlink(&(0x7f0000000180)='./file0\x00', &(0x7f0000000580)=""/131, 0x83)

662.447297ms ago: executing program 9 (id=8694):
r0 = gettid()
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000001400010000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000140)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
syz_clone(0xb44040, 0x0, 0x0, 0x0, 0x0, 0x0)
rt_sigaction(0x1b, &(0x7f0000000040)={0xfffffffffffffffc, 0x4c000000, 0x0, {[0x8000000000005a]}}, 0x0, 0x8, &(0x7f00000001c0))
tkill(r0, 0x1b)

618.937028ms ago: executing program 3 (id=8695):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000180)={0x20, 0xff, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x2, 0x0, 0x93}, 0xe)
bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="0b00000008000000010001000900000001"], 0x50)
ioctl$int_in(r0, 0x5452, &(0x7f0000000280)=0xffffffffffffffff)
pselect6(0x40, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x800010100000}, 0x0, &(0x7f00000000c0)={0x1c, 0x40002, 0x0, 0x0, 0x0, 0x200000000, 0x6a9}, 0x0, 0x0)
sendto$inet6(r0, &(0x7f0000000300)="8b", 0x34000, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @private1}, 0x1c)
shutdown(r0, 0x1)

507.12832ms ago: executing program 1 (id=8705):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
kcmp(0x0, 0x0, 0xde6c8001d5ed5ea6, 0xffffffffffffffff, 0xffffffffffffffff)
syz_open_procfs$namespace(0x0, 0x0)
munlock(&(0x7f0000ffd000/0x2000)=nil, 0x2000)
link(0x0, 0x0)

470.747571ms ago: executing program 1 (id=8707):
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
sendmsg(r1, &(0x7f00000000c0)={0x0, 0x953c, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xffbd}], 0x1, 0x0, 0x0, 0x2c}, 0x4)

397.701312ms ago: executing program 1 (id=8719):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="b4050000200080006110600000000000c60000000000000095000000000000009f33ef60916e6e893f1eeb0be20000d072f5b89c3043c47c896ce0bc8731fa595b6b4d45ef26dcca5582054d54d53cd2b6db714e4b94bdae214fa68a0557eb3c5ca683a4b6fc89398f2b9000f224891060017c4700de60beac671e8e8fdecb03588aa6007e71f871ab5c2ff88afc6002084e5b52710aeee835cf0d78e45f70983826fb8579c1fb47d2c5553d2ccb5fc5b51fe6b174ebd9907dcff414ed55b0d18a93ee341ab59016f81860324b800c00000000000092d9c5fe34ccb80a61ffcb3363073fd8962823ee45f5d7394e9510f4a801efdf008499d7aca1afac6c702cfabe8a9c55c8dafcdb110036e14c1035cafdfef6a358cbfadb3579a285580a3c080d4e0a48d7bdc38a0437c8c1b3aa408a"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x12, 0x4, 0x4, 0x12}, 0x50)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@map=r2, r1, 0x26}, 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000a80)={r2, &(0x7f0000000940), &(0x7f0000000a40)=@tcp6=r0}, 0x20)
recvmmsg(r0, &(0x7f0000000280)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000b80)=""/4119, 0xf72}], 0x1}}], 0x1, 0x140, 0x0)

377.741163ms ago: executing program 1 (id=8712):
r0 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r0, &(0x7f0000000200)={&(0x7f0000000000)={0x2, 0x3, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000001d00)=ANY=[], 0x30}, 0x4040810)
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0x840)
r1 = socket(0x2, 0x2, 0x1)
bind$unix(r1, &(0x7f0000000000)=@abs, 0x6e)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/icmp\x00')
preadv(r2, &(0x7f00000002c0)=[{&(0x7f0000000880)=""/175, 0xaf}, {&(0x7f0000000240)=""/90, 0x5a}], 0x2, 0x9, 0x2081)

346.807633ms ago: executing program 1 (id=8714):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7fff)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCMIWAIT(r1, 0x545c, 0x200000002000000)

346.190973ms ago: executing program 5 (id=8715):
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0xa, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000480)='kfree\x00', r1, 0x0, 0x7}, 0x18)
r2 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, &(0x7f0000000140)=[{{0x0, 0x0, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{}, {0x0, 0x0, 0x1, 0x1}}], 0x10)
setsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, &(0x7f0000000100)=[{{0x0, 0x0, 0x1}, {0x0, 0x0, 0x1, 0x1}}], 0x8)

312.982744ms ago: executing program 1 (id=8716):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x1, @perf_config_ext={0x7, 0x6}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1000, 0x1)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="14"], &(0x7f0000000180), 0x0)
open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x0)

312.737744ms ago: executing program 5 (id=8717):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfb, {0x0, 0x0, 0x0, r3, {0x0, 0x1}, {0xffff, 0xffff}, {0xffff, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40004}, 0x4000)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=@newtfilter={0x5c, 0x2c, 0xd27, 0x70bd2d, 0x25dfdbfa, {0x0, 0x0, 0x0, r3, {0x0, 0x2}, {}, {0x7, 0x9}}, [@filter_kind_options=@f_flower={{0xb}, {0x2c, 0x2, [@TCA_FLOWER_KEY_CT_LABELS={0x14, 0x61, "c92ad6ab8055fe39a5a9615d5ba410de"}, @TCA_FLOWER_KEY_CT_LABELS_MASK={0x14, 0x62, "988f88d52ae2aa1e44f0e5686a8da5d9"}]}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x24000810}, 0x20084084)

293.041314ms ago: executing program 8 (id=8720):
r0 = syz_open_dev$vcsa(&(0x7f00000000c0), 0x48f, 0x10400)
fchdir(r0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000013000000850000008600000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x18)
ioctl$TIOCGPTPEER(r1, 0x5441, 0x7ff)

276.455274ms ago: executing program 5 (id=8721):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000002001000001"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bc00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
r2 = syz_io_uring_setup(0x3b51, &(0x7f00000006c0)={0x0, 0x7759, 0x1000, 0x8003, 0x1bf}, &(0x7f0000000040)=<r3=>0x0, &(0x7f0000000680)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_RENAMEAT={0x23, 0x4, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000380)='./file0\x00', 0xffffffffffffffff, 0x0, 0x1})
io_uring_enter(r2, 0x10007b0f, 0x96f0, 0x20, 0x0, 0x0)

259.933925ms ago: executing program 8 (id=8722):
sendmsg$NFT_MSG_GETSETELEM(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB='l\x00'], 0x6c}, 0x1, 0x0, 0x0, 0x24000801}, 0x8000)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r0}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000140)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0)
bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000000), 0x4)

149.236007ms ago: executing program 5 (id=8723):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x61980, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000200)='kfree\x00', r0, 0x0, 0x80}, 0x18)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = syz_io_uring_setup(0x499, &(0x7f0000000400)={0x0, 0xd146, 0x0, 0x40003, 0x288}, &(0x7f0000000100)=<r3=>0x0, &(0x7f0000000140)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x40, 0x0, r1, 0x0, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='0'], 0x30}})
io_uring_enter(r2, 0x6b03, 0xd5c5, 0x4, 0x0, 0x0)

149.027197ms ago: executing program 8 (id=8724):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x57, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
acct(0xfffffffffffffffe)

124.002028ms ago: executing program 8 (id=8725):
epoll_create1(0x0)
openat$vcsu(0xffffffffffffff9c, &(0x7f0000000100), 0x40, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r0 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0xc1})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1600000004"], 0x50)
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)

102.459358ms ago: executing program 8 (id=8726):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500001000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x401)
ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000b40)={'\x00', 0x7, 0x8000, 0x8, 0x0, 0x806b})
ioctl$SG_BLKTRACETEARDOWN(r2, 0x1276, 0x0)

18.398059ms ago: executing program 8 (id=8727):
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r1, &(0x7f0000004200)='t', 0x1)
sendfile(r1, r0, 0x0, 0x3ffff)
setsockopt$netlink_NETLINK_CAP_ACK(r1, 0x10e, 0xa, &(0x7f0000000000)=0x3, 0x4)
sendfile(r1, r0, 0x0, 0x7ffff000)

17.877909ms ago: executing program 5 (id=8728):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x18, 0xf, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x5, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000000206030000000000ff0f00000000000005000100070000000900020073797a310000000014000780050015000c00000008001240000000000500050002000000050004000000000010000300686173683a69702c6d6163"], 0x5c}, 0x1, 0x0, 0x0, 0xc001}, 0xc814)
sendmsg$IPSET_CMD_DESTROY(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x1c, 0x3, 0x6, 0x201, 0x0, 0x0, {0xa, 0x0, 0x1}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4004810}, 0x840)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)

0s ago: executing program 5 (id=8729):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r0}, &(0x7f0000000000), &(0x7f00000005c0)=r1}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)
r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000580), 0x2, 0x0)
write$selinux_load(r2, &(0x7f0000000280)=ANY=[@ANYBLOB="8cff7cf9080000005345204c696e757813"], 0x65)

kernel console output (not intermixed with test programs):

[  200.018613][T18279] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  200.073940][ T3367] hid_parser_main: 48 callbacks suppressed
[  200.073960][ T3367] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  200.094037][ T3367] hid-generic 0000:0000:0000.000E: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  200.243159][T18884] loop7: detected capacity change from 0 to 512
[  200.259696][T18888] 9pnet: p9_errstr2errno: server reported unknown error 
[  200.267435][T18884] EXT4-fs: Ignoring removed mblk_io_submit option
[  200.274028][T18862] hid-generic 0000:0000:0000.000E: pid 18862 passed too short report
[  200.276337][T18884] EXT4-fs (loop7): orphan cleanup on readonly fs
[  200.288684][T18884] EXT4-fs (loop7): Cannot turn on journaled quota: type 1: error -13
[  200.297802][T18884] EXT4-fs error (device loop7): ext4_clear_blocks:876: inode #13: comm syz.7.6668: attempt to clear invalid blocks 2 len 1
[  200.312297][T18884] EXT4-fs (loop7): Remounting filesystem read-only
[  200.319611][T18884] EXT4-fs (loop7): 1 truncate cleaned up
[  200.331212][T18884] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  200.367347][T18891] netdevsim netdevsim1 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  200.377265][T18891] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.413829][T18279] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  200.435504][ T4174] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.458233][T18891] netdevsim netdevsim1 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  200.468040][T18891] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.513242][ T4174] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.551510][T18891] netdevsim netdevsim1 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  200.561390][T18891] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.617358][ T4174] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.662794][T18891] netdevsim netdevsim1 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  200.672699][T18891] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.704429][ T4205] netdevsim netdevsim6 eth0: set [0, 1] type 1 family 0 port 256 - 0
[  200.715724][ T4205] netdevsim netdevsim6 eth1: set [0, 1] type 1 family 0 port 256 - 0
[  200.727123][ T4174] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.753384][ T4205] netdevsim netdevsim6 eth2: set [0, 1] type 1 family 0 port 256 - 0
[  200.761889][ T4205] netdevsim netdevsim6 eth3: set [0, 1] type 1 family 0 port 256 - 0
[  200.797117][ T4168] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  200.805473][ T4168] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  200.838113][ T4168] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  200.846471][ T4168] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  200.863198][T18907] lo speed is unknown, defaulting to 1000
[  200.900053][ T4168] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  200.908273][ T4168] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  200.933987][ T4168] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  200.942256][ T4168] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  200.956545][ T4174] bridge0: port 3(batadv0) entered disabled state
[  200.997188][ T4174] bridge_slave_1: left allmulticast mode
[  201.002885][ T4174] bridge_slave_1: left promiscuous mode
[  201.008661][ T4174] bridge0: port 2(bridge_slave_1) entered disabled state
[  201.060560][ T4174] bridge_slave_0: left allmulticast mode
[  201.066302][ T4174] bridge_slave_0: left promiscuous mode
[  201.071677][T18945] __nla_validate_parse: 8 callbacks suppressed
[  201.071698][T18945] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6692'.
[  201.072373][ T4174] bridge0: port 1(bridge_slave_0) entered disabled state
[  201.127118][T18949] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6692'.
[  201.196185][ T4174] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  201.206522][ T4174] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  201.216569][ T4174] bond0 (unregistering): (slave dummy0): Releasing backup interface
[  201.226017][ T4174] bond0 (unregistering): Released all slaves
[  201.277715][T18953] loop6: detected capacity change from 0 to 1024
[  201.288483][T18953] EXT4-fs: Ignoring removed bh option
[  201.315017][T18953] EXT4-fs (loop6): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  201.343980][T18953] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  201.360468][ T4174] hsr_slave_0: left promiscuous mode
[  201.371102][ T4174] hsr_slave_1: left promiscuous mode
[  201.376683][T18953] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  201.377181][ T4174] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  201.392426][ T4174] batman_adv: batadv0: Removing interface: batadv_slave_0
[  201.439647][ T7426] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  201.465083][ T4174] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  201.472626][ T4174] batman_adv: batadv0: Removing interface: batadv_slave_1
[  201.505165][ T4174] veth1_macvtap: left promiscuous mode
[  201.519457][ T4174] veth0_macvtap: left promiscuous mode
[  201.533240][ T4174] veth1_vlan: left promiscuous mode
[  201.548907][ T4174] veth0_vlan: left promiscuous mode
[  201.667399][ T4174] team0 (unregistering): Port device team_slave_1 removed
[  201.683772][ T4174] team0 (unregistering): Port device team_slave_0 removed
[  201.765969][T18907] chnl_net:caif_netlink_parms(): no params data found
[  201.847372][T18907] bridge0: port 1(bridge_slave_0) entered blocking state
[  201.854723][T18907] bridge0: port 1(bridge_slave_0) entered disabled state
[  201.862359][T18907] bridge_slave_0: entered allmulticast mode
[  201.869177][T18907] bridge_slave_0: entered promiscuous mode
[  201.876198][T18907] bridge0: port 2(bridge_slave_1) entered blocking state
[  201.883304][T18907] bridge0: port 2(bridge_slave_1) entered disabled state
[  201.890729][T18907] bridge_slave_1: entered allmulticast mode
[  201.897260][T18907] bridge_slave_1: entered promiscuous mode
[  201.959988][T18907] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  201.972142][T18907] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  202.005331][T18907] team0: Port device team_slave_0 added
[  202.013806][T19005] geneve0: entered allmulticast mode
[  202.022688][T18907] team0: Port device team_slave_1 added
[  202.069477][T18907] batman_adv: batadv0: Adding interface: batadv_slave_0
[  202.076546][T18907] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  202.102690][T18907] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  202.174760][T18907] batman_adv: batadv0: Adding interface: batadv_slave_1
[  202.181795][T18907] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  202.207937][T18907] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  202.327540][T18907] hsr_slave_0: entered promiscuous mode
[  202.335281][T18907] hsr_slave_1: entered promiscuous mode
[  202.553209][T18907] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  202.578365][T18907] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  202.591952][T18907] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  202.624029][T18907] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  202.743028][T18907] 8021q: adding VLAN 0 to HW filter on device bond0
[  202.771908][T19066] netlink: 20 bytes leftover after parsing attributes in process `syz.1.6740'.
[  202.784047][T18907] 8021q: adding VLAN 0 to HW filter on device team0
[  202.795387][ T4174] bridge0: port 1(bridge_slave_0) entered blocking state
[  202.802595][ T4174] bridge0: port 1(bridge_slave_0) entered forwarding state
[  202.828881][ T4205] bridge0: port 2(bridge_slave_1) entered blocking state
[  202.836013][ T4205] bridge0: port 2(bridge_slave_1) entered forwarding state
[  202.919987][T19075] netlink: 24 bytes leftover after parsing attributes in process `syz.1.6742'.
[  202.985214][   T29] kauditd_printk_skb: 162 callbacks suppressed
[  202.985244][   T29] audit: type=1326 audit(2000000575.710:8006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19081 comm="syz.5.6747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf8c64eec9 code=0x7ffc0000
[  203.034951][   T29] audit: type=1326 audit(2000000575.742:8007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19081 comm="syz.5.6747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbf8c64eec9 code=0x7ffc0000
[  203.058514][   T29] audit: type=1326 audit(2000000575.742:8008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19081 comm="syz.5.6747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf8c64eec9 code=0x7ffc0000
[  203.060604][T18907] 8021q: adding VLAN 0 to HW filter on device batadv0
[  203.082161][   T29] audit: type=1326 audit(2000000575.752:8009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19081 comm="syz.5.6747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=428 compat=0 ip=0x7fbf8c64eec9 code=0x7ffc0000
[  203.112510][   T29] audit: type=1326 audit(2000000575.752:8010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19081 comm="syz.5.6747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf8c64eec9 code=0x7ffc0000
[  203.196513][T19098] bond0: (slave dummy0): Releasing backup interface
[  203.209601][T19098] bridge_slave_0: left allmulticast mode
[  203.215441][T19098] bridge_slave_0: left promiscuous mode
[  203.221288][T19098] bridge0: port 1(bridge_slave_0) entered disabled state
[  203.242429][T19098] bridge_slave_1: left allmulticast mode
[  203.248137][T19098] bridge_slave_1: left promiscuous mode
[  203.254020][T19098] bridge0: port 2(bridge_slave_1) entered disabled state
[  203.272150][T19098] bond0: (slave bond_slave_0): Releasing backup interface
[  203.286519][T19098] bond0: (slave bond_slave_1): Releasing backup interface
[  203.330023][T19098] team0: Port device team_slave_0 removed
[  203.339845][T19098] team0: Port device team_slave_1 removed
[  203.361804][T19098] bond1: (slave geneve2): Releasing active interface
[  203.470355][T19120] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6760'.
[  203.518405][T19120] netlink: 312 bytes leftover after parsing attributes in process `syz.3.6760'.
[  203.527853][T19120] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6760'.
[  203.591145][T18907] veth0_vlan: entered promiscuous mode
[  203.614800][T18907] veth1_vlan: entered promiscuous mode
[  203.646496][T18907] veth0_macvtap: entered promiscuous mode
[  203.667009][T18907] veth1_macvtap: entered promiscuous mode
[  203.698260][T18907] batman_adv: batadv0: Interface activated: batadv_slave_0
[  203.717434][T18907] batman_adv: batadv0: Interface activated: batadv_slave_1
[  203.730307][ T4154] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  203.745192][ T4154] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  203.776494][ T4154] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  203.785246][ T4154] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  203.902629][T19157] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6773'.
[  204.160824][T19191] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6786'.
[  204.177121][T19191] bridge0: port 3(dummy0) entered disabled state
[  204.191267][T19191] bridge_slave_0: left promiscuous mode
[  204.197339][T19191] bridge0: port 1(bridge_slave_0) entered disabled state
[  204.282743][T19194] lo speed is unknown, defaulting to 1000
[  204.407755][   T29] audit: type=1400 audit(2000000577.201:8011): avc:  denied  { ioctl } for  pid=19210 comm="syz.3.6793" path="socket:[54693]" dev="sockfs" ino=54693 ioctlcmd=0x89ed scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  204.538466][T19220] bond0: (slave bridge_slave_1): Releasing backup interface
[  204.563499][T19220] bond0: (slave bond_slave_0): Releasing backup interface
[  204.577719][T19223] loop8: detected capacity change from 0 to 1024
[  204.584816][T19223] EXT4-fs: Ignoring removed nomblk_io_submit option
[  204.595585][T19220] bond0: (slave bond_slave_1): Releasing backup interface
[  204.627117][T19220] team0: Port device team_slave_0 removed
[  204.633506][T19223] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  204.667373][T19220] team0: Port device team_slave_1 removed
[  204.703614][T19223] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  204.729433][T19220] bond1: (slave vxcan3): Releasing backup interface
[  204.760117][T19220] vxcan3: left promiscuous mode
[  204.797976][T19220] bond2: (slave geneve2): Releasing active interface
[  204.811185][   T29] audit: type=1326 audit(2000000577.621:8012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19231 comm="syz.3.6800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8bafdeec9 code=0x7ffc0000
[  204.834834][   T29] audit: type=1326 audit(2000000577.621:8013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19231 comm="syz.3.6800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa8bafdd710 code=0x7ffc0000
[  204.858524][   T29] audit: type=1326 audit(2000000577.621:8014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19231 comm="syz.3.6800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa8bafdd710 code=0x7ffc0000
[  204.882153][   T29] audit: type=1326 audit(2000000577.621:8015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19231 comm="syz.3.6800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8bafdeec9 code=0x7ffc0000
[  204.913381][T15141] lo speed is unknown, defaulting to 1000
[  204.927338][T18907] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  204.942771][   T10] !yz!: Port: 1 Link DOWN
[  204.990015][T19237] netlink: 16 bytes leftover after parsing attributes in process `syz.3.6803'.
[  205.156841][T19251] sd 0:0:1:0: device reset
[  205.193570][ T7426] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  205.204703][ T7426] CPU: 1 UID: 0 PID: 7426 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(voluntary) 
[  205.204734][ T7426] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  205.204747][ T7426] Call Trace:
[  205.204753][ T7426]  <TASK>
[  205.204761][ T7426]  __dump_stack+0x1d/0x30
[  205.204784][ T7426]  dump_stack_lvl+0xe8/0x140
[  205.204829][ T7426]  dump_stack+0x15/0x1b
[  205.204870][ T7426]  dump_header+0x81/0x220
[  205.204983][ T7426]  oom_kill_process+0x342/0x400
[  205.205026][ T7426]  out_of_memory+0x979/0xb80
[  205.205069][ T7426]  try_charge_memcg+0x5e6/0x9e0
[  205.205108][ T7426]  charge_memcg+0x51/0xc0
[  205.205134][ T7426]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  205.205164][ T7426]  __read_swap_cache_async+0x1df/0x350
[  205.205209][ T7426]  swap_cluster_readahead+0x277/0x3e0
[  205.205259][ T7426]  swapin_readahead+0xde/0x6f0
[  205.205375][ T7426]  ? __filemap_get_folio+0x4f7/0x6b0
[  205.205398][ T7426]  ? swap_cache_get_folio+0x77/0x200
[  205.205433][ T7426]  do_swap_page+0x301/0x2430
[  205.205459][ T7426]  ? finish_task_switch+0xad/0x2b0
[  205.205497][ T7426]  ? __pfx_default_wake_function+0x10/0x10
[  205.205523][ T7426]  handle_mm_fault+0x9a5/0x2c20
[  205.205561][ T7426]  do_user_addr_fault+0x636/0x1090
[  205.205657][ T7426]  ? fpregs_restore_userregs+0xe2/0x1d0
[  205.205696][ T7426]  ? switch_fpu_return+0xe/0x20
[  205.205788][ T7426]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  205.205822][ T7426]  exc_page_fault+0x62/0xa0
[  205.205856][ T7426]  asm_exc_page_fault+0x26/0x30
[  205.205935][ T7426] RIP: 0033:0x7f5047d71745
[  205.205962][ T7426] Code: 00 00 00 00 00 83 ff 03 74 7b 83 ff 02 b8 fa ff ff ff 49 89 ca 0f 44 f8 80 3d 1e 6e 1f 00 00 74 14 b8 e6 00 00 00 0f 05 f7 d8 <c3> 66 2e 0f 1f 84 00 00 00 00 00 48 83 ec 28 48 89 54 24 10 89 74
[  205.205984][ T7426] RSP: 002b:00007ffc97825cb8 EFLAGS: 00010246
[  205.206003][ T7426] RAX: 0000000000000000 RBX: 00000000000008cf RCX: 00007f5047d71743
[  205.206023][ T7426] RDX: 00007ffc97825cd0 RSI: 0000000000000000 RDI: 0000000000000000
[  205.206037][ T7426] RBP: 00007ffc97825d3c R08: 00000000144ce197 R09: 0000000000000000
[  205.206052][ T7426] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000001388
[  205.206084][ T7426] R13: 00000000000927c0 R14: 0000000000033c2c R15: 00007ffc97825d90
[  205.206109][ T7426]  </TASK>
[  205.206117][ T7426] memory: usage 307200kB, limit 307200kB, failcnt 219
[  205.433597][ T7426] memory+swap: usage 307844kB, limit 9007199254740988kB, failcnt 0
[  205.441592][ T7426] kmem: usage 307192kB, limit 9007199254740988kB, failcnt 0
[  205.448962][ T7426] Memory cgroup stats for /syz6:
[  205.465693][ T7426] cache 0
[  205.473698][ T7426] rss 0
[  205.476483][ T7426] shmem 0
[  205.479504][ T7426] mapped_file 0
[  205.483079][ T7426] dirty 0
[  205.486035][ T7426] writeback 0
[  205.489403][ T7426] workingset_refault_anon 67
[  205.494032][ T7426] workingset_refault_file 0
[  205.498560][ T7426] swap 659456
[  205.501900][ T7426] swapcached 0
[  205.505297][ T7426] pgpgin 107383
[  205.508822][ T7426] pgpgout 107381
[  205.512507][ T7426] pgfault 173002
[  205.516142][ T7426] pgmajfault 31
[  205.519665][ T7426] inactive_anon 0
[  205.523330][ T7426] active_anon 0
[  205.526798][ T7426] inactive_file 0
[  205.530533][ T7426] active_file 8192
[  205.534262][ T7426] unevictable 0
[  205.537762][ T7426] hierarchical_memory_limit 314572800
[  205.543170][ T7426] hierarchical_memsw_limit 9223372036854771712
[  205.549453][ T7426] total_cache 0
[  205.552920][ T7426] total_rss 0
[  205.556217][ T7426] total_shmem 0
[  205.559744][ T7426] total_mapped_file 0
[  205.563775][ T7426] total_dirty 0
[  205.567344][ T7426] total_writeback 0
[  205.571175][ T7426] total_workingset_refault_anon 67
[  205.576320][ T7426] total_workingset_refault_file 0
[  205.581431][ T7426] total_swap 659456
[  205.585253][ T7426] total_swapcached 0
[  205.589188][ T7426] total_pgpgin 107384
[  205.593177][ T7426] total_pgpgout 107382
[  205.597337][ T7426] total_pgfault 173003
[  205.601425][ T7426] total_pgmajfault 31
[  205.605445][ T7426] total_inactive_anon 0
[  205.609664][ T7426] total_active_anon 0
[  205.613727][ T7426] total_inactive_file 0
[  205.617929][ T7426] total_active_file 8192
[  205.622186][ T7426] total_unevictable 0
[  205.626205][ T7426] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz6,task_memcg=/syz6,task=syz.6.6787,pid=19189,uid=0
[  205.641006][ T7426] Memory cgroup out of memory: Killed process 19189 (syz.6.6787) total-vm:96004kB, anon-rss:1136kB, file-rss:22436kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  205.702548][T19266] bridge_slave_0: left allmulticast mode
[  205.708241][T19266] bridge_slave_0: left promiscuous mode
[  205.714089][T19266] bridge0: port 1(bridge_slave_0) entered disabled state
[  205.741086][T19266] bridge_slave_1: left allmulticast mode
[  205.746894][T19266] bridge_slave_1: left promiscuous mode
[  205.752647][T19266] bridge0: port 2(bridge_slave_1) entered disabled state
[  205.775676][T19266] bond0: (slave bond_slave_0): Releasing backup interface
[  205.801024][T19266] bond0: (slave bond_slave_1): Releasing backup interface
[  205.827758][T19266] team0: Port device team_slave_0 removed
[  205.847128][T19266] team0: Port device team_slave_1 removed
[  205.874044][T19266] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  205.881523][T19266] batman_adv: batadv0: Removing interface: batadv_slave_0
[  205.921149][T19266] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  205.928712][T19266] batman_adv: batadv0: Removing interface: batadv_slave_1
[  206.040585][T19285] netlink: 24 bytes leftover after parsing attributes in process `syz.5.6823'.
[  206.065611][T19285] IPVS: Unknown mcast interface: ipvlan1
[  206.089527][T19287] validate_nla: 2 callbacks suppressed
[  206.089543][T19287] netlink: 'syz.3.6824': attribute type 1 has an invalid length.
[  206.196790][T19299] netlink: 28 bytes leftover after parsing attributes in process `syz.3.6830'.
[  206.206014][T19299] netlink: 'syz.3.6830': attribute type 7 has an invalid length.
[  206.213796][T19299] netlink: 'syz.3.6830': attribute type 8 has an invalid length.
[  206.221602][T19299] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6830'.
[  206.250592][T19303] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6833'.
[  206.464211][T19337] lo speed is unknown, defaulting to 1000
[  206.474378][T19341] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6849'.
[  206.514787][T19341] netlink: 32 bytes leftover after parsing attributes in process `syz.5.6849'.
[  206.608677][T19352] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6855'.
[  206.664636][T19360] atomic_op ffff888105699d28 conn xmit_atomic 0000000000000000
[  206.938744][T19384] SELinux: failed to load policy
[  207.169932][T19413] netlink: 28 bytes leftover after parsing attributes in process `syz.3.6880'.
[  207.208763][T19419] netlink: 4 bytes leftover after parsing attributes in process `syz.6.6883'.
[  207.250504][T19419] netlink: 32 bytes leftover after parsing attributes in process `syz.6.6883'.
[  207.303551][T19431] IPVS: Unknown mcast interface: ipvlan1
[  207.341957][T19433] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  207.368820][T19433] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  207.416313][T19446] bridge_slave_0: left promiscuous mode
[  207.422072][T19446] bridge0: port 1(bridge_slave_0) entered disabled state
[  207.444978][T19446] bridge_slave_1: left allmulticast mode
[  207.450755][T19446] bridge_slave_1: left promiscuous mode
[  207.456568][T19446] bridge0: port 2(bridge_slave_1) entered disabled state
[  207.468843][T19446] bond0: (slave bond_slave_0): Releasing backup interface
[  207.505095][T19446] bond0: (slave bond_slave_1): Releasing backup interface
[  207.506165][T19459] loop6: detected capacity change from 0 to 128
[  207.520410][T19459] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  207.532943][T19459] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  207.542240][T19446] team_slave_0: left promiscuous mode
[  207.561481][T19446] team0: Port device team_slave_0 removed
[  207.583996][ T4174] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  207.593713][T19446] ±ÿ: left promiscuous mode
[  207.600012][T19446] team0: Port device 
2
6±ÿ removed
[  207.624748][T19446] bond2: (slave vxcan3): Releasing backup interface
[  207.634066][T19446] vxcan3: left promiscuous mode
[  207.655744][T19446] batadv0: left allmulticast mode
[  207.660838][T19446] batadv0: left promiscuous mode
[  207.666145][T19446] bridge0: port 3(batadv0) entered disabled state
[  207.675911][T19446] bond3: (slave geneve2): Releasing active interface
[  207.773759][T19471] IPVS: Error connecting to the multicast addr
[  207.858854][   T29] kauditd_printk_skb: 77 callbacks suppressed
[  207.858869][   T29] audit: type=1326 audit(2000000580.823:8093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19477 comm="syz.6.6913" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5047d3eec9 code=0x7ffc0000
[  207.888797][   T29] audit: type=1326 audit(2000000580.823:8094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19477 comm="syz.6.6913" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5047d3eec9 code=0x7ffc0000
[  207.912386][   T29] audit: type=1326 audit(2000000580.823:8095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19477 comm="syz.6.6913" exe="/root/syz-executor" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7f5047d3eec9 code=0x7ffc0000
[  207.936124][   T29] audit: type=1326 audit(2000000580.823:8096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19477 comm="syz.6.6913" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5047d3eec9 code=0x7ffc0000
[  207.959642][   T29] audit: type=1326 audit(2000000580.823:8097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19477 comm="syz.6.6913" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5047d3eec9 code=0x7ffc0000
[  207.986468][   T29] audit: type=1400 audit(2000000580.854:8098): avc:  denied  { firmware_load } for  pid=19483 comm="syz.8.6914" path="/lib/firmware/regulatory.db" dev="sda1" ino=448 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:lib_t tclass=system permissive=1
[  208.078922][   T29] audit: type=1400 audit(2000000581.043:8099): avc:  denied  { append } for  pid=19491 comm="syz.6.6919" name="001" dev="devtmpfs" ino=147 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  208.109492][T19494] bond0: (slave dummy0): Releasing backup interface
[  208.126506][T19494] bond0: (slave bond_slave_0): Releasing backup interface
[  208.136781][T19494] bond0: (slave bond_slave_1): Releasing backup interface
[  208.171207][T19494] team0: Port device team_slave_0 removed
[  208.178266][T19494] team0: Port device team_slave_1 removed
[  208.185518][T19494] bond1: (slave vxcan3): Releasing backup interface
[  208.193171][T19494] vxcan3: left promiscuous mode
[  208.200958][T19494] bond2: (slave geneve2): Releasing active interface
[  208.228199][ T4193] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  208.248050][ T4193] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  208.281764][ T4193] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  208.306461][ T4193] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  208.328247][   T29] audit: type=1400 audit(2000000581.306:8100): avc:  denied  { create } for  pid=19514 comm="syz.8.6926" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  208.354672][   T29] audit: type=1400 audit(2000000581.306:8101): avc:  denied  { bind } for  pid=19514 comm="syz.8.6926" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  208.375480][   T29] audit: type=1400 audit(2000000581.316:8102): avc:  denied  { write } for  pid=19514 comm="syz.8.6926" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  208.400622][T19517] tipc: Started in network mode
[  208.405580][T19517] tipc: Node identity 7, cluster identity 4711
[  208.411762][T19517] tipc: Node number set to 7
[  208.446453][T19522] lo speed is unknown, defaulting to 1000
[  209.197865][T19557] loop6: detected capacity change from 0 to 512
[  209.214095][T19557] EXT4-fs: Ignoring removed mblk_io_submit option
[  209.237231][T19557] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  209.272766][T19557] EXT4-fs error (device loop6): xattr_find_entry:333: inode #15: comm syz.6.6945: corrupted xattr entries
[  209.293866][T19557] EXT4-fs (loop6): 1 orphan inode deleted
[  209.313515][T19557] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  209.556852][T19563] lo speed is unknown, defaulting to 1000
[  209.572755][T19568] vlan2: entered allmulticast mode
[  209.577959][T19568] bridge_slave_0: entered allmulticast mode
[  209.858494][T19589] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19589 comm=syz.5.6960
[  209.990134][ T7426] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  210.049931][T19607] loop6: detected capacity change from 0 to 512
[  210.106824][T19607] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  210.136139][T19611] netlink: zone id is out of range
[  210.149647][T19607] EXT4-fs (loop6): 1 truncate cleaned up
[  210.155882][T19607] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  210.177792][T19611] netlink: zone id is out of range
[  210.183077][T19611] netlink: zone id is out of range
[  210.188246][T19611] netlink: zone id is out of range
[  210.193648][T19611] netlink: zone id is out of range
[  210.198822][T19611] netlink: zone id is out of range
[  210.203966][T19611] netlink: zone id is out of range
[  210.209240][T19611] netlink: zone id is out of range
[  210.214391][T19611] netlink: zone id is out of range
[  210.219565][T19611] netlink: zone id is out of range
[  210.318699][T19607] ------------[ cut here ]------------
[  210.324404][T19607] verifier bug: REG INVARIANTS VIOLATION (true_reg2): range bounds violation u64=[0x0, 0x7800000000] s64=[0x0, 0xffffffffffffffff] u32=[0x80000000, 0x0] s32=[0x0, 0xffffffff] var_off=(0x0, 0x7800000000)(1)
[  210.344816][T19607] WARNING: CPU: 0 PID: 19607 at kernel/bpf/verifier.c:2728 reg_bounds_sanity_check+0x673/0x680
[  210.355397][T19607] Modules linked in:
[  210.359358][T19607] CPU: 0 UID: 0 PID: 19607 Comm: syz.6.6965 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  210.369361][T19607] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  210.379574][T19607] RIP: 0010:reg_bounds_sanity_check+0x673/0x680
[  210.385922][T19607] Code: 7c 24 18 41 ff 74 24 20 55 41 56 4d 89 ee 53 48 8b 5c 24 30 ff 74 24 40 ff 74 24 50 ff 74 24 30 e8 c2 81 ba ff 48 83 c4 38 90 <0f> 0b 90 90 e9 02 fb ff ff 0f 1f 40 00 90 90 90 90 90 90 90 90 90
[  210.405812][T19607] RSP: 0018:ffffc90000f23440 EFLAGS: 00010292
[  210.411964][T19607] RAX: c925454ecb867a00 RBX: ffff88810c658040 RCX: 0000000000080000
[  210.420133][T19607] RDX: ffffc9000ba2e000 RSI: 000000000001ae95 RDI: 000000000001ae96
[  210.428155][T19607] RBP: 0000000000000000 R08: 0001c90000f2327f R09: 0000000000000000
[  210.436237][T19607] R10: 00000000ffffffff R11: 0000000000000002 R12: ffff88810c658000
[  210.444377][T19607] R13: ffff88811e0f8000 R14: ffff88811e0f8000 R15: ffff88810c658038
[  210.452380][T19607] FS:  00007f504679f6c0(0000) GS:ffff8882aee40000(0000) knlGS:0000000000000000
[  210.461383][T19607] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  210.468119][T19607] CR2: 0000001b2ec1bff8 CR3: 000000013926a000 CR4: 00000000003506f0
[  210.476182][T19607] DR0: 0000000000000002 DR1: 0000000000000000 DR2: 0000000000000000
[  210.484199][T19607] DR3: 0000000000000000 DR6: 00000000ffff0ff1 DR7: 0000000000000600
[  210.492238][T19607] Call Trace:
[  210.495628][T19607]  <TASK>
[  210.498595][T19607]  reg_set_min_max+0x1eb/0x260
[  210.503500][T19607]  check_cond_jmp_op+0x1080/0x16e0
[  210.508910][T19607]  do_check+0x332a/0x7a10
[  210.513430][T19607]  do_check_common+0xc3a/0x12a0
[  210.518328][T19607]  bpf_check+0x942b/0xd9e0
[  210.522814][T19607]  ? __rcu_read_unlock+0x4f/0x70
[  210.527821][T19607]  ? __alloc_frozen_pages_noprof+0x188/0x360
[  210.533908][T19607]  ? alloc_pages_bulk_noprof+0x4b8/0x540
[  210.539654][T19607]  ? __vmap_pages_range_noflush+0xbc4/0xcf0
[  210.545638][T19607]  ? try_charge_memcg+0x200/0x9e0
[  210.550724][T19607]  ? pcpu_block_update+0x232/0x3b0
[  210.555956][T19607]  ? _find_next_zero_bit+0x64/0xa0
[  210.561211][T19607]  ? pcpu_block_refresh_hint+0x157/0x170
[  210.566923][T19607]  ? pcpu_block_update_hint_alloc+0x63d/0x660
[  210.573096][T19607]  ? css_rstat_updated+0xb7/0x240
[  210.578227][T19607]  ? __rcu_read_unlock+0x4f/0x70
[  210.583200][T19607]  ? pcpu_memcg_post_alloc_hook+0xf1/0x150
[  210.589102][T19607]  ? selinux_bpf_prog_load+0x36/0xf0
[  210.594456][T19607]  ? __kmalloc_cache_noprof+0x299/0x320
[  210.600169][T19607]  ? selinux_bpf_prog_load+0xbf/0xf0
[  210.605499][T19607]  ? security_bpf_prog_load+0x2c/0xa0
[  210.611005][T19607]  bpf_prog_load+0xedd/0x1070
[  210.615755][T19607]  ? security_bpf+0x2b/0x90
[  210.620298][T19607]  __sys_bpf+0x462/0x7b0
[  210.624599][T19607]  __x64_sys_bpf+0x41/0x50
[  210.629083][T19607]  x64_sys_call+0x2aea/0x2ff0
[  210.633804][T19607]  do_syscall_64+0xd2/0x200
[  210.638540][T19607]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  210.644752][T19607]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  210.650520][T19607]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.656513][T19607] RIP: 0033:0x7f5047d3eec9
[  210.660961][T19607] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  210.680691][T19607] RSP: 002b:00007f504679f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  210.689273][T19607] RAX: ffffffffffffffda RBX: 00007f5047f95fa0 RCX: 00007f5047d3eec9
[  210.697312][T19607] RDX: 0000000000000048 RSI: 00002000000054c0 RDI: 0000000000000005
[  210.705349][T19607] RBP: 00007f5047dc1f91 R08: 0000000000000000 R09: 0000000000000000
[  210.713493][T19607] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  210.721521][T19607] R13: 00007f5047f96038 R14: 00007f5047f95fa0 R15: 00007ffc97825978
[  210.729549][T19607]  </TASK>
[  210.732601][T19607] ---[ end trace 0000000000000000 ]---
[  210.805544][T19628] loop8: detected capacity change from 0 to 2048
[  210.831892][ T7426] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  210.856343][T19628] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  210.918135][T19628] EXT4-fs error (device loop8): ext4_ext_precache:632: inode #2: comm syz.8.6973: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 5(5)
[  210.936378][T19628] EXT4-fs (loop8): Remounting filesystem read-only
[  210.969102][T18907] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  211.006949][T19653] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=100 sclass=netlink_audit_socket pid=19653 comm=syz.6.6985
[  211.032759][T19660] ip6tnl3: entered promiscuous mode
[  211.262463][T19686] __nla_validate_parse: 10 callbacks suppressed
[  211.262483][T19686] netlink: 52 bytes leftover after parsing attributes in process `syz.5.6999'.
[  211.419715][T19713] vlan0: entered allmulticast mode
[  211.425005][T19713] bridge_slave_0: entered allmulticast mode
[  211.642522][T19728] loop6: detected capacity change from 0 to 512
[  211.649123][T19728] EXT4-fs: Ignoring removed mblk_io_submit option
[  211.655793][T19728] EXT4-fs: Ignoring removed nomblk_io_submit option
[  211.664114][T19728] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  211.672665][T19728] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  211.693029][T19728] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4183: comm syz.6.7017: Allocating blocks 41-42 which overlap fs metadata
[  211.707113][T19728] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4183: comm syz.6.7017: Allocating blocks 41-42 which overlap fs metadata
[  211.721174][T19728] EXT4-fs error (device loop6): ext4_acquire_dquot:6937: comm syz.6.7017: Failed to acquire dquot type 1
[  211.733093][T19728] EXT4-fs error (device loop6): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  211.747774][T19728] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #12: comm syz.6.7017: corrupted inode contents
[  211.759850][T19728] EXT4-fs error (device loop6): ext4_dirty_inode:6538: inode #12: comm syz.6.7017: mark_inode_dirty error
[  211.771582][T19728] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #12: comm syz.6.7017: corrupted inode contents
[  211.783723][T19728] EXT4-fs error (device loop6): __ext4_ext_dirty:206: inode #12: comm syz.6.7017: mark_inode_dirty error
[  211.795456][T19728] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #12: comm syz.6.7017: corrupted inode contents
[  211.807656][T19728] EXT4-fs error (device loop6) in ext4_orphan_del:305: Corrupt filesystem
[  211.817243][T19728] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #12: comm syz.6.7017: corrupted inode contents
[  211.829546][T19728] EXT4-fs error (device loop6): ext4_truncate:4666: inode #12: comm syz.6.7017: mark_inode_dirty error
[  211.841746][T19728] EXT4-fs error (device loop6) in ext4_process_orphan:347: Corrupt filesystem
[  211.850954][T19728] EXT4-fs (loop6): 1 truncate cleaned up
[  211.857395][T19728] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  211.876618][T19728] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  211.886103][T19728] EXT4-fs (loop6): changing journal_checksum during remount not supported; ignoring
[  211.896569][T19728] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  211.916709][ T7426] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  212.240475][T19757] syz_tun: entered allmulticast mode
[  212.247026][T19757] syz_tun: left allmulticast mode
[  212.359792][T19768] netlink: 12 bytes leftover after parsing attributes in process `syz.1.7034'.
[  212.369439][T19770] netlink: 60 bytes leftover after parsing attributes in process `syz.3.7035'.
[  212.480878][T19783] netlink: 20 bytes leftover after parsing attributes in process `syz.1.7040'.
[  212.580081][T19791] lo speed is unknown, defaulting to 1000
[  212.620361][T19793] netlink: 12 bytes leftover after parsing attributes in process `syz.1.7045'.
[  213.300984][T19821] netlink: 300 bytes leftover after parsing attributes in process `syz.3.7055'.
[  213.359303][T19823] sch_tbf: burst 4398 is lower than device lo mtu (11337746) !
[  213.753660][T19843] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19843 comm=syz.6.7067
[  213.767595][T19843] netlink: 12 bytes leftover after parsing attributes in process `syz.6.7067'.
[  213.844747][T19850] syzkaller0: refused to change device tx_queue_len
[  213.881006][T19855] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  214.004643][   T29] kauditd_printk_skb: 108 callbacks suppressed
[  214.004657][   T29] audit: type=1326 audit(2000000587.269:8207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19862 comm="syz.5.7085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf8c64eec9 code=0x7ffc0000
[  214.034579][   T29] audit: type=1326 audit(2000000587.269:8208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19862 comm="syz.5.7085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=23 compat=0 ip=0x7fbf8c64eec9 code=0x7ffc0000
[  214.060207][   T29] audit: type=1326 audit(2000000587.290:8209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19862 comm="syz.5.7085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf8c64eec9 code=0x7ffc0000
[  214.083752][   T29] audit: type=1326 audit(2000000587.311:8210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19862 comm="syz.5.7085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf8c64eec9 code=0x7ffc0000
[  214.214213][T19872] netlink: 'syz.1.7078': attribute type 10 has an invalid length.
[  214.222151][T19872] netlink: 40 bytes leftover after parsing attributes in process `syz.1.7078'.
[  214.270048][   T29] audit: type=1326 audit(2000000587.552:8211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19879 comm="syz.1.7083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b143eeec9 code=0x7ffc0000
[  214.293710][   T29] audit: type=1326 audit(2000000587.552:8212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19879 comm="syz.1.7083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=23 compat=0 ip=0x7f6b143eeec9 code=0x7ffc0000
[  214.317387][   T29] audit: type=1326 audit(2000000587.552:8213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19879 comm="syz.1.7083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b143eeec9 code=0x7ffc0000
[  214.341190][   T29] audit: type=1326 audit(2000000587.552:8214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19879 comm="syz.1.7083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b143eeec9 code=0x7ffc0000
[  214.434173][T19891] netlink: 12 bytes leftover after parsing attributes in process `syz.5.7087'.
[  214.734195][   T29] audit: type=1400 audit(2000000588.035:8215): avc:  denied  { read } for  pid=19920 comm="syz.3.7102" name="nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  214.757418][   T29] audit: type=1400 audit(2000000588.035:8216): avc:  denied  { open } for  pid=19920 comm="syz.3.7102" path="/dev/nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  214.834548][T19928] netlink: 64 bytes leftover after parsing attributes in process `syz.6.7105'.
[  215.311016][T19943] loop6: detected capacity change from 0 to 1024
[  215.331843][T19943] EXT4-fs: Ignoring removed bh option
[  215.343083][T19943] EXT4-fs (loop6): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  215.492716][T19943] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  215.530728][ T7426] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  215.663231][T19971] loop6: detected capacity change from 0 to 8192
[  215.695682][T19971]  loop6: p1 p2[DM] p4
[  215.724505][T19971] loop6: p1 size 196608 extends beyond EOD, truncated
[  215.748361][T19971] loop6: p2 start 4292936063 is beyond EOD, truncated
[  215.755356][T19971] loop6: p4 size 50331648 extends beyond EOD, truncated
[  216.025531][T20041] loop6: detected capacity change from 0 to 164
[  216.051456][T20041] Unable to read rock-ridge attributes
[  216.068850][T20041] Unable to read rock-ridge attributes
[  216.075281][T20041] syz.6.7153: attempt to access beyond end of device
[  216.075281][T20041] loop6: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  216.105412][T20041] syz.6.7153: attempt to access beyond end of device
[  216.105412][T20041] loop6: rw=0, sector=263328, nr_sectors = 4 limit=164
[  216.122750][T20055] netlink: 28 bytes leftover after parsing attributes in process `+}[@'.
[  216.142021][T20055] netem: change failed
[  216.232470][T20074] C: renamed from team_slave_0
[  216.246136][T20074] netlink: 152 bytes leftover after parsing attributes in process `syz.6.7168'.
[  216.276952][T20079] netlink: 'syz.8.7167': attribute type 4 has an invalid length.
[  216.424964][ T4209] netdevsim netdevsim6 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[  216.433421][ T4209] netdevsim netdevsim6 eth0: unset [0, 1] type 1 family 0 port 256 - 0
[  216.441907][ T4209] netdevsim netdevsim6 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  216.461784][ T4209] netdevsim netdevsim6 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[  216.470342][ T4209] netdevsim netdevsim6 eth1: unset [0, 1] type 1 family 0 port 256 - 0
[  216.478805][ T4209] netdevsim netdevsim6 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  216.490111][ T4209] netdevsim netdevsim6 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[  216.498670][ T4209] netdevsim netdevsim6 eth2: unset [0, 1] type 1 family 0 port 256 - 0
[  216.507061][ T4209] netdevsim netdevsim6 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  216.515733][ T4209] netdevsim netdevsim6 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[  216.524290][ T4209] netdevsim netdevsim6 eth3: unset [0, 1] type 1 family 0 port 256 - 0
[  216.532763][ T4209] netdevsim netdevsim6 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  216.565003][T20094] lo speed is unknown, defaulting to 1000
[  216.602088][T20107] netlink: 'syz.1.7177': attribute type 13 has an invalid length.
[  216.610024][T20107] netlink: 'syz.1.7177': attribute type 17 has an invalid length.
[  216.626089][T20107] 0ªî{X¹¦: left allmulticast mode
[  216.645521][T20107] net_ratelimit: 341 callbacks suppressed
[  216.645536][T20107] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  216.774428][T20125] netlink: 332 bytes leftover after parsing attributes in process `syz.3.7188'.
[  217.041290][T20167] netlink: 260 bytes leftover after parsing attributes in process `syz.1.7207'.
[  217.071905][T20164] netlink: 4 bytes leftover after parsing attributes in process `syz.8.7206'.
[  217.114169][T20164] netlink: 32 bytes leftover after parsing attributes in process `syz.8.7206'.
[  217.183518][   T10] Process accounting resumed
[  217.207532][T20181] netlink: 'syz.1.7213': attribute type 4 has an invalid length.
[  217.215336][T20181] netlink: 152 bytes leftover after parsing attributes in process `syz.1.7213'.
[  217.253295][T20181] .`: renamed from bond0 (while UP)
[  217.325949][T20204] netlink: 96 bytes leftover after parsing attributes in process `syz.8.7224'.
[  217.476392][T20229] siw: device registration error -23
[  217.479432][T20230] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7235'.
[  217.644797][T20259] netlink: 'syz.5.7250': attribute type 10 has an invalid length.
[  217.652812][T20259] netlink: 40 bytes leftover after parsing attributes in process `syz.5.7250'.
[  217.680741][T20261] batadv1: entered promiscuous mode
[  218.069151][T20293] lo speed is unknown, defaulting to 1000
[  218.611252][T20341] loop6: detected capacity change from 0 to 512
[  218.648182][T20341] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  218.672716][T20341] ext4 filesystem being mounted at /1136/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  218.716169][T20353] netlink: 'syz.3.7289': attribute type 21 has an invalid length.
[  218.741871][T20353] netlink: 'syz.3.7289': attribute type 1 has an invalid length.
[  218.762085][ T7426] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  218.788643][   T29] kauditd_printk_skb: 116 callbacks suppressed
[  218.788661][   T29] audit: type=1326 audit(2000000592.297:8333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20354 comm="syz.5.7291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf8c64eec9 code=0x7ffc0000
[  218.850682][T20357] loop6: detected capacity change from 0 to 512
[  218.855602][   T29] audit: type=1326 audit(2000000592.329:8334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20354 comm="syz.5.7291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf8c64eec9 code=0x7ffc0000
[  218.880660][   T29] audit: type=1326 audit(2000000592.339:8335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20354 comm="syz.5.7291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbf8c64eec9 code=0x7ffc0000
[  218.904212][   T29] audit: type=1326 audit(2000000592.339:8336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20354 comm="syz.5.7291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf8c64eec9 code=0x7ffc0000
[  218.928015][   T29] audit: type=1326 audit(2000000592.339:8337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20354 comm="syz.5.7291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf8c64eec9 code=0x7ffc0000
[  218.951675][   T29] audit: type=1326 audit(2000000592.339:8338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20354 comm="syz.5.7291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbf8c64eec9 code=0x7ffc0000
[  218.975472][   T29] audit: type=1326 audit(2000000592.339:8339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20354 comm="syz.5.7291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf8c64eec9 code=0x7ffc0000
[  218.976654][T20357] EXT4-fs error (device loop6): ext4_orphan_get:1392: inode #15: comm syz.6.7290: iget: bad i_size value: 38620345925642
[  218.999151][   T29] audit: type=1326 audit(2000000592.339:8340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20354 comm="syz.5.7291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf8c64eec9 code=0x7ffc0000
[  219.012591][T20357] EXT4-fs error (device loop6): ext4_orphan_get:1397: comm syz.6.7290: couldn't read orphan inode 15 (err -117)
[  219.035373][   T29] audit: type=1326 audit(2000000592.339:8341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20354 comm="syz.5.7291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbf8c64eec9 code=0x7ffc0000
[  219.070904][   T29] audit: type=1326 audit(2000000592.339:8342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20354 comm="syz.5.7291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf8c64eec9 code=0x7ffc0000
[  219.095841][T20357] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  219.101951][T20364] 9pnet_fd: Insufficient options for proto=fd
[  219.175329][ T7426] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  219.184463][T20359] wg2: entered promiscuous mode
[  219.189449][T20359] wg2: entered allmulticast mode
[  219.625135][T20410] syzkaller1: entered promiscuous mode
[  219.630868][T20410] syzkaller1: entered allmulticast mode
[  220.617009][T20510] loop6: detected capacity change from 0 to 512
[  220.627315][T20510] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  220.640719][T20510] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 214 vs 220 free clusters
[  220.656625][T20510] EXT4-fs (loop6): 1 truncate cleaned up
[  220.662660][T20510] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  220.730736][ T7426] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.484785][T20550] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  221.499498][T20550] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  221.552072][T20557] netlink: 'syz.8.7379': attribute type 1 has an invalid length.
[  221.589534][T20557] 8021q: adding VLAN 0 to HW filter on device bond1
[  221.609965][T20557] 8021q: adding VLAN 0 to HW filter on device batadv1
[  221.622496][T20557] bond1: (slave batadv1): making interface the new active one
[  221.632267][T20557] bond1: (slave batadv1): Enslaving as an active interface with an up link
[  221.651439][T20557] __nla_validate_parse: 9 callbacks suppressed
[  221.651456][T20557] netlink: 4 bytes leftover after parsing attributes in process `syz.8.7379'.
[  221.687475][T20557] bond1 (unregistering): (slave batadv1): Releasing active interface
[  221.725849][T20557] bond1 (unregistering): Released all slaves
[  221.829328][T20572] syz_tun: entered allmulticast mode
[  221.856344][T20572] syz_tun: left allmulticast mode
[  221.982623][T20589] $Hÿ: renamed from .`
[  221.989850][T20589] $Hÿ: entered promiscuous mode
[  222.111615][T20604] loop6: detected capacity change from 0 to 512
[  222.125743][T20604] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  222.155282][T20604] ext4 filesystem being mounted at /1163/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  222.245407][T20615] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #18: comm syz.6.7402: corrupted inode contents
[  222.269180][T20615] EXT4-fs error (device loop6): ext4_dirty_inode:6538: inode #18: comm syz.6.7402: mark_inode_dirty error
[  222.307436][T20615] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #18: comm syz.6.7402: corrupted inode contents
[  222.341153][T20615] EXT4-fs error (device loop6): ext4_xattr_delete_inode:2991: inode #18: comm syz.6.7402: mark_inode_dirty error
[  222.377187][T20622] 9pnet_fd: Insufficient options for proto=fd
[  222.385884][T20615] EXT4-fs error (device loop6): ext4_xattr_delete_inode:2994: inode #18: comm syz.6.7402: mark inode dirty (error -117)
[  222.433761][T20615] EXT4-fs warning (device loop6): ext4_evict_inode:274: xattr delete (err -117)
[  222.471573][T20630] netlink: 51 bytes leftover after parsing attributes in process `syz.1.7413'.
[  222.514718][ T7426] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.816908][T20654] loop6: detected capacity change from 0 to 512
[  222.865848][T20654] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  222.889431][T20654] ext4 filesystem being mounted at /1167/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  223.021730][ T7426] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.462936][T20696] netlink: 32 bytes leftover after parsing attributes in process `syz.1.7439'.
[  223.499718][T20698] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7440'.
[  223.508854][T20698] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7440'.
[  223.583957][   T29] kauditd_printk_skb: 166 callbacks suppressed
[  223.583973][   T29] audit: type=1326 audit(2000000597.326:8509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20705 comm="syz.1.7444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6b143e5d67 code=0x7ffc0000
[  223.630350][   T29] audit: type=1326 audit(2000000597.368:8510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20705 comm="syz.1.7444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6b1438af79 code=0x7ffc0000
[  223.653909][   T29] audit: type=1326 audit(2000000597.368:8511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20705 comm="syz.1.7444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6b143e5d67 code=0x7ffc0000
[  223.677411][   T29] audit: type=1326 audit(2000000597.368:8512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20705 comm="syz.1.7444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6b1438af79 code=0x7ffc0000
[  223.700874][   T29] audit: type=1326 audit(2000000597.368:8513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20705 comm="syz.1.7444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b143eeec9 code=0x7ffc0000
[  223.724504][   T29] audit: type=1326 audit(2000000597.368:8514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20705 comm="syz.1.7444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=172 compat=0 ip=0x7f6b143eeec9 code=0x7ffc0000
[  223.748079][   T29] audit: type=1326 audit(2000000597.368:8515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20705 comm="syz.1.7444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b143eeec9 code=0x7ffc0000
[  223.771588][   T29] audit: type=1326 audit(2000000597.368:8516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20705 comm="syz.1.7444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=288 compat=0 ip=0x7f6b143eeec9 code=0x7ffc0000
[  223.795106][   T29] audit: type=1326 audit(2000000597.368:8517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20705 comm="syz.1.7444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b143eeec9 code=0x7ffc0000
[  223.818681][   T29] audit: type=1326 audit(2000000597.368:8518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20705 comm="syz.1.7444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=221 compat=0 ip=0x7f6b143eeec9 code=0x7ffc0000
[  223.885227][T20715] netlink: 'syz.1.7447': attribute type 2 has an invalid length.
[  224.171677][T20744] loop6: detected capacity change from 0 to 1024
[  224.218103][T20744] EXT4-fs (loop6): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  224.262063][T20744] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  224.304200][T20744] EXT4-fs (loop6): shut down requested (2)
[  224.349713][ T7426] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.428939][T20761] loop6: detected capacity change from 0 to 512
[  224.470390][T20761] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  224.518283][T20766] 9pnet_fd: Insufficient options for proto=fd
[  224.543521][T20761] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  224.579040][T20761] ext4 filesystem being mounted at /1175/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  224.654841][T20761] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  224.680868][ T3386] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65380 sclass=netlink_route_socket pid=3386 comm=kworker/1:3
[  224.708970][T20761] EXT4-fs error (device loop6): ext4_xattr_block_get:593: inode #15: comm syz.6.7466: corrupted xattr block 32: bad e_name length
[  224.747679][T20761] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop6 ino=15
[  224.749331][T20782] lo speed is unknown, defaulting to 1000
[  224.757001][T20761] EXT4-fs error (device loop6): ext4_xattr_block_get:593: inode #15: comm syz.6.7466: corrupted xattr block 32: bad e_name length
[  224.777793][T20761] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop6 ino=15
[  224.787353][T20761] EXT4-fs error (device loop6): ext4_xattr_block_list:762: inode #15: comm syz.6.7466: corrupted xattr block 32: bad e_name length
[  224.827909][ T7426] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  226.378382][T20887] netlink: 'syz.5.7520': attribute type 10 has an invalid length.
[  226.386376][T20887] netlink: 40 bytes leftover after parsing attributes in process `syz.5.7520'.
[  226.542423][T20903] netlink: 'syz.8.7536': attribute type 10 has an invalid length.
[  226.550351][T20903] netlink: 40 bytes leftover after parsing attributes in process `syz.8.7536'.
[  226.562500][T20903] batman_adv: batadv0: Adding interface: veth1_vlan
[  226.569304][T20903] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  226.596902][T20903] batman_adv: batadv0: Interface activated: veth1_vlan
[  226.926061][T20939] netlink: 532 bytes leftover after parsing attributes in process `syz.6.7542'.
[  226.974684][T20935] loop8: detected capacity change from 0 to 8192
[  227.013140][T20950] netlink: 'syz.3.7545': attribute type 10 has an invalid length.
[  227.021040][T20950] netlink: 40 bytes leftover after parsing attributes in process `syz.3.7545'.
[  227.030483][T20935]  loop8: p1 p2[DM] p4
[  227.034699][T20935] loop8: p1 size 196608 extends beyond EOD, truncated
[  227.058859][T20935] loop8: p2 start 4292936063 is beyond EOD, truncated
[  227.065847][T20935] loop8: p4 size 50331648 extends beyond EOD, truncated
[  227.198654][T20964] lo speed is unknown, defaulting to 1000
[  227.229105][T20973] netlink: 'syz.1.7565': attribute type 4 has an invalid length.
[  227.237909][T20974] netlink: 'syz.3.7553': attribute type 13 has an invalid length.
[  227.245763][T20974] netlink: 'syz.3.7553': attribute type 17 has an invalid length.
[  227.322124][T20974] 8021q: adding VLAN 0 to HW filter on device bond0
[  227.332960][T20974] 8021q: adding VLAN 0 to HW filter on device team0
[  227.390691][T20974] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  227.408503][T20978] netlink: 28 bytes leftover after parsing attributes in process `+}[@'.
[  227.417121][T20978] netem: change failed
[  227.680978][T21005] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7584'.
[  227.701002][T21005] netlink: 32 bytes leftover after parsing attributes in process `syz.5.7584'.
[  227.802935][T21016] netlink: 'syz.3.7574': attribute type 4 has an invalid length.
[  227.955275][T21022] netlink: 28 bytes leftover after parsing attributes in process `+}[@'.
[  227.984288][T21022] netem: change failed
[  227.997699][T21024] C: renamed from team_slave_0
[  228.032703][T21024] netlink: 152 bytes leftover after parsing attributes in process `syz.3.7581'.
[  228.094540][T21028] netlink: 332 bytes leftover after parsing attributes in process `syz.5.7583'.
[  228.252983][T21037] lo speed is unknown, defaulting to 1000
[  229.006307][   T29] kauditd_printk_skb: 31 callbacks suppressed
[  229.006329][   T29] audit: type=1400 audit(2000000603.016:8550): avc:  denied  { listen } for  pid=21068 comm="syz.1.7607" lport=57519 faddr=::ffff:100.1.1.0 fport=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  229.072104][    T9] Process accounting resumed
[  229.100289][   T29] audit: type=1326 audit(2000000603.121:8551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21080 comm="syz.3.7603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8bafdeec9 code=0x7ffc0000
[  229.123965][   T29] audit: type=1326 audit(2000000603.121:8552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21080 comm="syz.3.7603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8bafdeec9 code=0x7ffc0000
[  229.149486][   T29] audit: type=1326 audit(2000000603.131:8553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21080 comm="syz.3.7603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=447 compat=0 ip=0x7fa8bafdeec9 code=0x7ffc0000
[  229.173280][   T29] audit: type=1326 audit(2000000603.131:8554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21080 comm="syz.3.7603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8bafdeec9 code=0x7ffc0000
[  229.197025][   T29] audit: type=1326 audit(2000000603.131:8555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21080 comm="syz.3.7603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8bafdeec9 code=0x7ffc0000
[  229.240145][T21083] netlink: 12 bytes leftover after parsing attributes in process `syz.8.7604'.
[  229.523506][ T4156] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  229.531180][ T4156] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  229.552761][    T9] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  229.639117][ T3371] Process accounting resumed
[  229.666315][    T9] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  229.731862][T21118] C: renamed from team_slave_0
[  229.792669][T21120] netlink: 'syz.8.7623': attribute type 4 has an invalid length.
[  229.819202][    T9] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  229.826906][   T29] audit: type=1326 audit(2000000603.845:8556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21121 comm="syz.1.7625" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f6b143eeec9 code=0x0
[  229.851402][T21120] .`: renamed from bond0 (while UP)
[  229.885101][T21124] lo speed is unknown, defaulting to 1000
[  230.035062][ T3371] Process accounting resumed
[  230.072616][T21139] siw: device registration error -23
[  230.101295][T21145] loop6: detected capacity change from 0 to 128
[  230.869840][T21158] netlink: 'syz.3.7639': attribute type 4 has an invalid length.
[  230.887465][T21158] .`: renamed from bond0 (while UP)
[  231.190214][T21177] siw: device registration error -23
[  231.206792][ T3367] Process accounting resumed
[  231.257890][T21185] netlink: 'syz.3.7661': attribute type 10 has an invalid length.
[  231.267859][T21181] lo speed is unknown, defaulting to 1000
[  231.296797][T21190] netlink: 'syz.6.7648': attribute type 13 has an invalid length.
[  231.304712][T21190] netlink: 'syz.6.7648': attribute type 17 has an invalid length.
[  231.317827][   T29] audit: type=1326 audit(2000000605.451:8557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21191 comm="syz.8.7651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6f4c5eec9 code=0x7ffc0000
[  231.341565][   T29] audit: type=1326 audit(2000000605.451:8558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21191 comm="syz.8.7651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=448 compat=0 ip=0x7fd6f4c5eec9 code=0x7ffc0000
[  231.365315][   T29] audit: type=1326 audit(2000000605.451:8559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21191 comm="syz.8.7651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6f4c5eec9 code=0x7ffc0000
[  231.442687][T21190] 0ªX¹¦D: left allmulticast mode
[  231.490510][T21190] 8021q: adding VLAN 0 to HW filter on device bond0
[  231.500892][T21190] 8021q: adding VLAN 0 to HW filter on device team0
[  231.512135][T21190] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  232.049942][T21232] __nla_validate_parse: 6 callbacks suppressed
[  232.050006][T21232] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7670'.
[  232.850874][T21293] loop8: detected capacity change from 0 to 128
[  233.686039][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  233.807355][   T29] kauditd_printk_skb: 19 callbacks suppressed
[  233.807373][   T29] audit: type=1400 audit(2000000608.055:8579): avc:  denied  { write } for  pid=21306 comm="syz.8.7700" name="loop2" dev="devtmpfs" ino=630 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  233.836506][   T29] audit: type=1400 audit(2000000608.055:8580): avc:  denied  { open } for  pid=21306 comm="syz.8.7700" path="/dev/loop2" dev="devtmpfs" ino=630 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  233.864108][T21307] loop2: detected capacity change from 0 to 7
[  233.885883][T21307]  loop2:
[  233.910370][   T29] audit: type=1400 audit(2000000608.118:8581): avc:  denied  { ioctl } for  pid=21306 comm="syz.8.7700" path="/dev/loop2" dev="devtmpfs" ino=630 ioctlcmd=0x4c0a scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  234.006966][   T29] audit: type=1326 audit(2000000608.265:8582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21320 comm="syz.3.7706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8bafdeec9 code=0x7ffc0000
[  234.035106][   T29] audit: type=1326 audit(2000000608.296:8583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21320 comm="syz.3.7706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7fa8bafdeec9 code=0x7ffc0000
[  234.058959][   T29] audit: type=1326 audit(2000000608.296:8584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21323 comm="syz.3.7706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fa8bb011785 code=0x7ffc0000
[  234.120374][T21328] loop8: detected capacity change from 0 to 512
[  234.131464][   T29] audit: type=1401 audit(2000000608.401:8585): op=setxattr invalid_context=""
[  234.151888][T21328] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  234.168622][T21337] netlink: 'syz.1.7710': attribute type 21 has an invalid length.
[  234.176690][T21337] netlink: 132 bytes leftover after parsing attributes in process `syz.1.7710'.
[  234.185871][T21337] netlink: 'syz.1.7710': attribute type 1 has an invalid length.
[  234.190139][   T29] audit: type=1326 audit(2000000608.464:8586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21323 comm="syz.3.7706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7fa8bafdeec9 code=0x7ffc0000
[  234.193881][T21328] ext4 filesystem being mounted at /176/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  234.217741][   T29] audit: type=1326 audit(2000000608.464:8587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21320 comm="syz.3.7706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=96 compat=0 ip=0xffffffffff600000 code=0x7ffc0000
[  234.252045][   T29] audit: type=1326 audit(2000000608.464:8588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21320 comm="syz.3.7706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7fa8bafdeec9 code=0x7ffc0000
[  234.299751][T18907] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  234.533331][T21368] loop6: detected capacity change from 0 to 512
[  234.563746][T21368] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  234.620739][T21368] ext4 filesystem being mounted at /1212/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  234.673151][T21368] netlink: 'syz.6.7727': attribute type 21 has an invalid length.
[  234.705087][T21368] netlink: 132 bytes leftover after parsing attributes in process `syz.6.7727'.
[  234.714320][T21368] netlink: 'syz.6.7727': attribute type 1 has an invalid length.
[  234.814791][ T7426] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  234.923220][T21390] lo speed is unknown, defaulting to 1000
[  234.992308][T21392] netlink: 'syz.8.7736': attribute type 13 has an invalid length.
[  235.000196][T21392] netlink: 'syz.8.7736': attribute type 17 has an invalid length.
[  235.208634][T21392] 8021q: adding VLAN 0 to HW filter on device .`
[  235.225040][T21392] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  235.254129][T21405] netlink: 28 bytes leftover after parsing attributes in process `syz.6.7741'.
[  235.271914][T21405] netem: change failed
[  235.331018][T21412] netlink: 'syz.5.7743': attribute type 21 has an invalid length.
[  235.371142][T21412] netlink: 132 bytes leftover after parsing attributes in process `syz.5.7743'.
[  236.187597][T21452] loop8: detected capacity change from 0 to 512
[  236.253571][T21454] lo speed is unknown, defaulting to 1000
[  236.271571][T21452] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  236.385249][T21461] 9pnet_fd: Insufficient options for proto=fd
[  236.421499][T21452] ext4 filesystem being mounted at /190/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  236.437209][T21452] validate_nla: 1 callbacks suppressed
[  236.437230][T21452] netlink: 'syz.8.7759': attribute type 21 has an invalid length.
[  236.451878][T21452] netlink: 132 bytes leftover after parsing attributes in process `syz.8.7759'.
[  236.460973][T21452] netlink: 'syz.8.7759': attribute type 1 has an invalid length.
[  236.482402][T18907] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  236.663276][T21473] af_packet: tpacket_rcv: packet too big, clamped from 28 to 4294967272. macoff=96
[  236.772985][T21485] netlink: 4 bytes leftover after parsing attributes in process `syz.6.7774'.
[  236.793002][T21485] netlink: 32 bytes leftover after parsing attributes in process `syz.6.7774'.
[  236.876856][T21496] netlink: 28 bytes leftover after parsing attributes in process `syz.5.7778'.
[  236.885929][T21496] netlink: 28 bytes leftover after parsing attributes in process `syz.5.7778'.
[  236.904098][T21496] netlink: 28 bytes leftover after parsing attributes in process `syz.5.7778'.
[  236.913157][T21496] netlink: 28 bytes leftover after parsing attributes in process `syz.5.7778'.
[  237.089817][T21521] lo speed is unknown, defaulting to 1000
[  237.127172][T21523] netlink: 'syz.5.7788': attribute type 13 has an invalid length.
[  237.135156][T21523] netlink: 'syz.5.7788': attribute type 17 has an invalid length.
[  237.170242][T21523] dummy0: left promiscuous mode
[  237.178965][T21523] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  237.403569][T21531] loop6: detected capacity change from 0 to 1024
[  237.423035][T21531] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  237.441876][T21531] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4183: comm syz.6.7791: Allocating blocks 385-513 which overlap fs metadata
[  237.455914][T21531] EXT4-fs (loop6): Remounting filesystem read-only
[  237.465554][T21530] EXT4-fs (loop6): pa ffff8881071df8c0: logic 16, phys. 129, len 24
[  237.485188][ T7426] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  237.509764][T21540] netlink: 28 bytes leftover after parsing attributes in process `syz.6.7792'.
[  237.518851][T21540] netlink: 28 bytes leftover after parsing attributes in process `syz.6.7792'.
[  237.530747][T21540] netlink: 28 bytes leftover after parsing attributes in process `syz.6.7792'.
[  237.539922][T21540] netlink: 28 bytes leftover after parsing attributes in process `syz.6.7792'.
[  238.012513][T21575] netlink: 96 bytes leftover after parsing attributes in process `syz.8.7809'.
[  238.179394][T21584] netlink: 20 bytes leftover after parsing attributes in process `syz.3.7811'.
[  238.297695][T21596] batadv_slave_0: entered allmulticast mode
[  238.316439][T21596] batadv_slave_0: left allmulticast mode
[  238.388491][T21603] wg2: entered promiscuous mode
[  238.393629][T21603] wg2: entered allmulticast mode
[  238.520097][T21605] lo speed is unknown, defaulting to 1000
[  238.538369][T21610] netlink: 'syz.1.7825': attribute type 1 has an invalid length.
[  238.547526][T21610] 8021q: adding VLAN 0 to HW filter on device bond0
[  238.570766][T21610] 8021q: adding VLAN 0 to HW filter on device batadv1
[  238.579953][T21610] bond0: (slave batadv1): making interface the new active one
[  238.589093][T21610] bond0: (slave batadv1): Enslaving as an active interface with an up link
[  238.609726][T21610] bond0 (unregistering): (slave batadv1): Releasing active interface
[  238.620858][T21610] bond0 (unregistering): Released all slaves
[  239.114060][T21634] loop8: detected capacity change from 0 to 8192
[  239.128209][ T4195] nci: nci_rsp_packet: unknown rsp opcode 0x73a
[  239.163751][T21634]  loop8: p4 < >
[  239.202683][   T29] kauditd_printk_skb: 87 callbacks suppressed
[  239.202698][   T29] audit: type=1326 audit(2000000613.734:8676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21640 comm="syz.8.7835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6f4c5eec9 code=0x7ffc0000
[  239.232663][   T29] audit: type=1326 audit(2000000613.734:8677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21640 comm="syz.8.7835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd6f4c5eec9 code=0x7ffc0000
[  239.256325][   T29] audit: type=1326 audit(2000000613.734:8678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21640 comm="syz.8.7835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6f4c5eec9 code=0x7ffc0000
[  239.280050][   T29] audit: type=1326 audit(2000000613.734:8679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21640 comm="syz.8.7835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6f4c5eec9 code=0x7ffc0000
[  239.303593][   T29] audit: type=1326 audit(2000000613.734:8680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21640 comm="syz.8.7835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd6f4c5eec9 code=0x7ffc0000
[  239.327318][   T29] audit: type=1326 audit(2000000613.734:8681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21640 comm="syz.8.7835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6f4c5eec9 code=0x7ffc0000
[  239.350987][   T29] audit: type=1326 audit(2000000613.734:8682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21640 comm="syz.8.7835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6f4c5eec9 code=0x7ffc0000
[  239.374588][   T29] audit: type=1326 audit(2000000613.734:8683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21640 comm="syz.8.7835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd6f4c5eec9 code=0x7ffc0000
[  239.400098][   T29] audit: type=1326 audit(2000000613.766:8684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21640 comm="syz.8.7835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6f4c5eec9 code=0x7ffc0000
[  239.423672][   T29] audit: type=1326 audit(2000000613.766:8685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21640 comm="syz.8.7835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=209 compat=0 ip=0x7fd6f4c5eec9 code=0x7ffc0000
[  239.469407][T21644] wg2: entered promiscuous mode
[  239.474326][T21644] wg2: entered allmulticast mode
[  239.535939][T21648] lo speed is unknown, defaulting to 1000
[  239.836121][T21653] sch_fq: defrate 4294967295 ignored.
[  239.981473][T21666] loop6: detected capacity change from 0 to 8192
[  240.031240][T21666]  loop6: p4 < >
[  240.227423][T21674] loop8: detected capacity change from 0 to 512
[  240.234845][T21674] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  240.255211][T21674] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 214 vs 220 free clusters
[  240.270309][T21674] EXT4-fs (loop8): 1 truncate cleaned up
[  240.280102][T21674] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  240.384854][T18907] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  240.483596][T21700] lo speed is unknown, defaulting to 1000
[  240.630046][T21725] lo speed is unknown, defaulting to 1000
[  241.866527][T21754] __nla_validate_parse: 14 callbacks suppressed
[  241.866547][T21754] netlink: 12 bytes leftover after parsing attributes in process `syz.8.7879'.
[  241.885517][T21753] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7883'.
[  241.949295][T21757] openvswitch: netlink: Message has 6 unknown bytes.
[  242.159439][T21779] atomic_op ffff8881030c0d28 conn xmit_atomic 0000000000000000
[  242.755028][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  242.916938][T21819] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 !
[  243.003969][T21827] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7920'.
[  243.145329][T21839] geneve3: entered promiscuous mode
[  243.150641][T21839] geneve3: entered allmulticast mode
[  243.193543][T21847] loop6: detected capacity change from 0 to 128
[  243.406543][T21870] netlink: 'syz.3.7940': attribute type 29 has an invalid length.
[  243.426640][T21874] loop8: detected capacity change from 0 to 1024
[  243.434012][T21870] netlink: 'syz.3.7940': attribute type 29 has an invalid length.
[  243.436939][T21874] EXT4-fs: Ignoring removed bh option
[  243.450196][T21874] EXT4-fs (loop8): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  243.465920][T21870] netlink: 'syz.3.7940': attribute type 29 has an invalid length.
[  243.488250][T21874] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  243.501836][T21870] netlink: 'syz.3.7940': attribute type 29 has an invalid length.
[  243.522173][T21874] EXT4-fs error (device loop8): ext4_check_all_de:659: inode #12: block 7: comm syz.8.7942: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0
[  243.549210][T21874] EXT4-fs (loop8): Remounting filesystem read-only
[  243.580743][T18907] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  243.747438][T21916] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7956'.
[  243.759919][T21915] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7957'.
[  243.842750][ T4186] bond0 (unregistering): Released all slaves
[  243.852544][ T4186] bond1 (unregistering): Released all slaves
[  243.862174][ T4186] bond2 (unregistering): Released all slaves
[  243.871314][ T4186] bond3 (unregistering): Released all slaves
[  243.880780][ T4186] bond4 (unregistering): Released all slaves
[  243.895233][T21915] IPVS: Error joining to the multicast group
[  243.925400][T21887] lo speed is unknown, defaulting to 1000
[  244.005324][T21920] lo speed is unknown, defaulting to 1000
[  244.046915][T21932] netlink: 132 bytes leftover after parsing attributes in process `syz.1.7964'.
[  244.128587][T21941] netlink: 'syz.3.7968': attribute type 4 has an invalid length.
[  244.154357][   T29] kauditd_printk_skb: 55 callbacks suppressed
[  244.154374][   T29] audit: type=1400 audit(2000000618.920:8741): avc:  denied  { mounton } for  pid=21942 comm="syz.8.7969" path="/237/file0" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:devpts_t tclass=dir permissive=1
[  244.249013][   T29] audit: type=1400 audit(2000000619.015:8742): avc:  denied  { setattr } for  pid=21946 comm="syz.8.7971" name="/" dev="configfs" ino=22 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  244.354644][T21960] netlink: 'syz.8.7976': attribute type 39 has an invalid length.
[  244.368341][T21887] chnl_net:caif_netlink_parms(): no params data found
[  244.399453][   T29] audit: type=1326 audit(2000000619.172:8743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21964 comm="syz.3.7978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8bafdeec9 code=0x7ffc0000
[  244.423079][   T29] audit: type=1326 audit(2000000619.172:8744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21964 comm="syz.3.7978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8bafdeec9 code=0x7ffc0000
[  244.446612][   T29] audit: type=1326 audit(2000000619.183:8745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21964 comm="syz.3.7978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa8bafdeec9 code=0x7ffc0000
[  244.470149][   T29] audit: type=1326 audit(2000000619.183:8746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21964 comm="syz.3.7978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8bafdeec9 code=0x7ffc0000
[  244.493684][   T29] audit: type=1326 audit(2000000619.183:8747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21964 comm="syz.3.7978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa8bafdeec9 code=0x7ffc0000
[  244.517312][   T29] audit: type=1326 audit(2000000619.183:8748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21964 comm="syz.3.7978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8bafdeec9 code=0x7ffc0000
[  244.541021][   T29] audit: type=1326 audit(2000000619.183:8749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21964 comm="syz.3.7978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8bafdeec9 code=0x7ffc0000
[  244.564943][   T29] audit: type=1326 audit(2000000619.183:8750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21964 comm="syz.3.7978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa8bafdeec9 code=0x7ffc0000
[  244.755471][T21887] bridge0: port 1(bridge_slave_0) entered blocking state
[  244.762689][T21887] bridge0: port 1(bridge_slave_0) entered disabled state
[  244.774134][T21887] bridge_slave_0: entered allmulticast mode
[  244.782369][T21887] bridge_slave_0: entered promiscuous mode
[  244.800221][T21887] bridge0: port 2(bridge_slave_1) entered blocking state
[  244.807486][T21887] bridge0: port 2(bridge_slave_1) entered disabled state
[  244.815324][T21887] bridge_slave_1: entered allmulticast mode
[  244.821911][T21887] bridge_slave_1: entered promiscuous mode
[  244.855549][T21887] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  244.882385][T21994] sd 0:0:1:0: device reset
[  244.898621][T21887] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  244.960551][T21887] team0: Port device team_slave_0 added
[  244.971401][T21887] team0: Port device team_slave_1 added
[  245.000196][T21887] batman_adv: batadv0: Adding interface: batadv_slave_0
[  245.007316][T21887] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  245.033414][T21887] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  245.051793][T21887] batman_adv: batadv0: Adding interface: batadv_slave_1
[  245.058801][T21887] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  245.084924][T21887] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  245.165375][T22017] netlink: 4 bytes leftover after parsing attributes in process `syz.8.8002'.
[  245.329639][T21887] hsr_slave_0: entered promiscuous mode
[  245.335659][T21887] hsr_slave_1: entered promiscuous mode
[  245.369022][T21887] debugfs: 'hsr0' already exists in 'hsr'
[  245.375061][T21887] Cannot create hsr debugfs directory
[  245.523222][T22037] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  245.532309][T22037] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  245.556260][T21887] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  245.579501][T21887] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  245.600212][T21887] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  245.625022][T21887] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  245.722853][T21887] 8021q: adding VLAN 0 to HW filter on device bond0
[  245.760537][T21887] 8021q: adding VLAN 0 to HW filter on device team0
[  245.784029][ T4199] bridge0: port 1(bridge_slave_0) entered blocking state
[  245.791147][ T4199] bridge0: port 1(bridge_slave_0) entered forwarding state
[  245.815636][ T4167] bridge0: port 2(bridge_slave_1) entered blocking state
[  245.822757][ T4167] bridge0: port 2(bridge_slave_1) entered forwarding state
[  245.852615][T21887] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  245.863100][T21887] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  245.888139][T22073] lo speed is unknown, defaulting to 1000
[  245.966419][T21887] 8021q: adding VLAN 0 to HW filter on device batadv0
[  246.073179][T22088] hub 2-0:1.0: USB hub found
[  246.078063][T22088] hub 2-0:1.0: 8 ports detected
[  246.297327][T21887] veth0_vlan: entered promiscuous mode
[  246.304156][T22106] netlink: 8 bytes leftover after parsing attributes in process `syz.8.8028'.
[  246.347013][T21887] veth1_vlan: entered promiscuous mode
[  246.396917][T21887] veth0_macvtap: entered promiscuous mode
[  246.417701][T22111] loop8: detected capacity change from 0 to 128
[  246.425318][T21887] veth1_macvtap: entered promiscuous mode
[  246.443793][T22111] FAT-fs (loop8): error, invalid access to FAT (entry 0x00000100)
[  246.451735][T22111] FAT-fs (loop8): Filesystem has been set read-only
[  246.459609][T22111] syz.8.8032: attempt to access beyond end of device
[  246.459609][T22111] loop8: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  246.463598][T21887] batman_adv: batadv0: Interface activated: batadv_slave_0
[  246.492357][T22111] FAT-fs (loop8): error, invalid access to FAT (entry 0x00000100)
[  246.494050][T21887] batman_adv: batadv0: Interface activated: batadv_slave_1
[  246.500323][T22111] FAT-fs (loop8): error, invalid access to FAT (entry 0x00000100)
[  246.515229][ T4186] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  246.524568][ T4186] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  246.543395][T22110] syz.8.8032: attempt to access beyond end of device
[  246.543395][T22110] loop8: rw=0, sector=2065, nr_sectors = 8 limit=128
[  246.576168][ T4186] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  246.588638][ T4186] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  246.620317][T22111] syz.8.8032: attempt to access beyond end of device
[  246.620317][T22111] loop8: rw=0, sector=2065, nr_sectors = 8 limit=128
[  246.660211][T22110] syz.8.8032: attempt to access beyond end of device
[  246.660211][T22110] loop8: rw=0, sector=2065, nr_sectors = 8 limit=128
[  246.678706][T22111] syz.8.8032: attempt to access beyond end of device
[  246.678706][T22111] loop8: rw=0, sector=2065, nr_sectors = 8 limit=128
[  246.709969][T22131] hub 9-0:1.0: USB hub found
[  246.715056][T22111] syz.8.8032: attempt to access beyond end of device
[  246.715056][T22111] loop8: rw=0, sector=2065, nr_sectors = 8 limit=128
[  246.732937][T22131] hub 9-0:1.0: 8 ports detected
[  246.735469][T22111] syz.8.8032: attempt to access beyond end of device
[  246.735469][T22111] loop8: rw=0, sector=2065, nr_sectors = 8 limit=128
[  246.751309][T22110] syz.8.8032: attempt to access beyond end of device
[  246.751309][T22110] loop8: rw=0, sector=2065, nr_sectors = 8 limit=128
[  246.769910][T22111] syz.8.8032: attempt to access beyond end of device
[  246.769910][T22111] loop8: rw=0, sector=2065, nr_sectors = 8 limit=128
[  246.825753][T22110] syz.8.8032: attempt to access beyond end of device
[  246.825753][T22110] loop8: rw=0, sector=2065, nr_sectors = 8 limit=128
[  246.845720][T22148] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=22148 comm=syz.9.8045
[  246.858501][T22148] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=22148 comm=syz.9.8045
[  247.022314][T22157] SELinux: ebitmap: truncated map
[  247.027381][T22160] hub 8-0:1.0: USB hub found
[  247.043005][T22157] SELinux: failed to load policy
[  247.043104][T22160] hub 8-0:1.0: 8 ports detected
[  247.648762][T22222] lo speed is unknown, defaulting to 1000
[  247.859961][T22235] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=22235 comm=syz.1.8081
[  247.872658][T22235] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=22235 comm=syz.1.8081
[  247.875340][T22237] SELinux: ebitmap: truncated map
[  247.912806][T22237] SELinux: failed to load policy
[  247.988147][T22247] netlink: 8 bytes leftover after parsing attributes in process `syz.9.8090'.
[  247.998372][T22249] IPv6: NLM_F_CREATE should be specified when creating new route
[  248.010300][T22247] netlink: 'syz.9.8090': attribute type 5 has an invalid length.
[  248.109455][T22261] loop9: detected capacity change from 0 to 512
[  248.120048][T22260] netlink: 'syz.3.8097': attribute type 3 has an invalid length.
[  248.161635][T22261] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  248.203565][T22261] EXT4-fs (loop9): 1 truncate cleaned up
[  248.209760][T22261] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  248.254792][T22269] hub 8-0:1.0: USB hub found
[  248.263670][T22269] hub 8-0:1.0: 8 ports detected
[  248.302749][T21887] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  248.494617][T22289] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=22289 comm=syz.5.8107
[  248.507339][T22289] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=22289 comm=syz.5.8107
[  248.523637][T22278] lo speed is unknown, defaulting to 1000
[  248.700521][T22296] netlink: 'syz.8.8113': attribute type 3 has an invalid length.
[  249.011255][T22313] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8119'.
[  249.120761][T22323] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=22323 comm=syz.3.8126
[  249.133487][T22323] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=22323 comm=syz.3.8126
[  249.161579][   T29] kauditd_printk_skb: 110 callbacks suppressed
[  249.161597][   T29] audit: type=1326 audit(2000000624.180:8861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22324 comm="syz.1.8127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b143eeec9 code=0x7ffc0000
[  249.166679][T22328] loop8: detected capacity change from 0 to 512
[  249.168074][   T29] audit: type=1326 audit(2000000624.180:8862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22324 comm="syz.1.8127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b143eeec9 code=0x7ffc0000
[  249.223128][ T4163] ip6_tunnel: ip6tnl4 xmit: Local address not yet configured!
[  249.230777][ T4163] ip6_tunnel: ip6tnl4 xmit: Local address not yet configured!
[  249.250662][   T29] audit: type=1326 audit(2000000624.264:8863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22324 comm="syz.1.8127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f6b143eeec9 code=0x7ffc0000
[  249.274305][   T29] audit: type=1326 audit(2000000624.264:8864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22324 comm="syz.1.8127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f6b143eef03 code=0x7ffc0000
[  249.279931][ T3371] ip6_tunnel: ip6tnl4 xmit: Local address not yet configured!
[  249.298125][   T29] audit: type=1326 audit(2000000624.264:8865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22324 comm="syz.1.8127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f6b143ed97f code=0x7ffc0000
[  249.328501][   T29] audit: type=1326 audit(2000000624.264:8866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22324 comm="syz.1.8127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f6b143eef57 code=0x7ffc0000
[  249.352114][   T29] audit: type=1326 audit(2000000624.264:8867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22324 comm="syz.1.8127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f6b143ed710 code=0x7ffc0000
[  249.376004][   T29] audit: type=1326 audit(2000000624.264:8868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22324 comm="syz.1.8127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f6b143edb2a code=0x7ffc0000
[  249.399384][   T29] audit: type=1326 audit(2000000624.264:8869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22324 comm="syz.1.8127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b143eeec9 code=0x7ffc0000
[  249.423085][   T29] audit: type=1326 audit(2000000624.274:8870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22324 comm="syz.1.8127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=161 compat=0 ip=0x7f6b143eeec9 code=0x7ffc0000
[  249.435031][T22328] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  249.458260][T22328] EXT4-fs (loop8): 1 truncate cleaned up
[  249.464752][T22332] IPv6: NLM_F_CREATE should be specified when creating new route
[  249.471441][T22328] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  249.632323][T22349] netlink: 332 bytes leftover after parsing attributes in process `syz.1.8147'.
[  249.643690][T22350] netlink: 'syz.5.8136': attribute type 3 has an invalid length.
[  249.652481][T18907] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  249.722759][ T4167] ip6_tunnel: ip6tnl2 xmit: Local address not yet configured!
[  249.730483][ T4167] ip6_tunnel: ip6tnl2 xmit: Local address not yet configured!
[  249.747905][   T10] ip6_tunnel: ip6tnl2 xmit: Local address not yet configured!
[  249.765850][ T3371] ip6_tunnel: ip6tnl4 xmit: Local address not yet configured!
[  249.814625][ T3371] ip6_tunnel: ip6tnl4 xmit: Local address not yet configured!
[  249.911527][T22381] netlink: 332 bytes leftover after parsing attributes in process `syz.8.8150'.
[  250.068869][   T10] lo speed is unknown, defaulting to 1000
[  250.074784][   T10] syz2: Port: 1 Link DOWN
[  250.086588][T22384] syzkaller1: entered promiscuous mode
[  250.092152][T22384] syzkaller1: entered allmulticast mode
[  250.111429][ T4186] netdevsim netdevsim5 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[  250.119892][ T4186] netdevsim netdevsim5 eth0: unset [0, 1] type 1 family 0 port 256 - 0
[  250.128390][ T4186] netdevsim netdevsim5 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  250.155415][ T4186] netdevsim netdevsim5 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[  250.163991][ T4186] netdevsim netdevsim5 eth1: unset [0, 1] type 1 family 0 port 256 - 0
[  250.172406][ T4186] netdevsim netdevsim5 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  250.197562][ T4186] netdevsim netdevsim5 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[  250.206030][ T4186] netdevsim netdevsim5 eth2: unset [0, 1] type 1 family 0 port 256 - 0
[  250.214364][ T4186] netdevsim netdevsim5 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  250.242943][ T4186] netdevsim netdevsim5 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[  250.251451][ T4186] netdevsim netdevsim5 eth3: unset [0, 1] type 1 family 0 port 256 - 0
[  250.259871][ T4186] netdevsim netdevsim5 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  250.279840][T22392] ip6_tunnel: ip6tnl2 xmit: Local address not yet configured!
[  250.600846][ T4186] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  250.693252][T22430] loop8: detected capacity change from 0 to 128
[  250.770999][T22437] lo speed is unknown, defaulting to 1000
[  250.933687][T22460] loop2: detected capacity change from 0 to 7
[  250.951879][T22460]  loop2:
[  251.225921][T22473] loop9: detected capacity change from 0 to 4096
[  251.244744][T22473] EXT4-fs: Ignoring removed nomblk_io_submit option
[  251.279492][T22473] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  251.355870][T22456] lo speed is unknown, defaulting to 1000
[  251.755418][T22499] netlink: 28 bytes leftover after parsing attributes in process `syz.1.8196'.
[  251.886285][T21887] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  251.886621][T22505] debugfs: Bad value for 'uid'
[  251.900214][T22505] debugfs: Bad value for 'uid'
[  251.945416][T22509] loop9: detected capacity change from 0 to 128
[  252.113022][T22528] netlink: 28 bytes leftover after parsing attributes in process `syz.9.8210'.
[  252.126400][T22528] netem: change failed
[  252.177071][T22534] loop8: detected capacity change from 0 to 4096
[  252.183737][T22534] EXT4-fs: Ignoring removed nomblk_io_submit option
[  252.216724][T22534] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  252.464795][ T4163] netdevsim netdevsim1 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[  252.473407][ T4163] netdevsim netdevsim1 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  252.504982][ T4163] netdevsim netdevsim1 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[  252.513481][ T4163] netdevsim netdevsim1 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  252.531294][ T4163] netdevsim netdevsim1 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[  252.539820][ T4163] netdevsim netdevsim1 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  252.549873][ T4163] netdevsim netdevsim1 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[  252.558319][ T4163] netdevsim netdevsim1 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  252.577553][T18907] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  252.603753][T22549] ÿÿÿÿÿÿ: renamed from vlan1 (while UP)
[  252.891765][T22561] netlink: 7 bytes leftover after parsing attributes in process `syz.5.8221'.
[  253.006058][T22579] netlink: 28 bytes leftover after parsing attributes in process `syz.5.8230'.
[  253.258758][T22584] lo speed is unknown, defaulting to 1000
[  253.751014][T22601] ÿÿÿÿÿÿ: renamed from vlan1
[  254.037255][T22620] netlink: 28 bytes leftover after parsing attributes in process `syz.3.8245'.
[  254.046412][T22620] netem: change failed
[  254.122257][T22631] netlink: 68 bytes leftover after parsing attributes in process `syz.3.8249'.
[  254.238559][T22644] netlink: 68 bytes leftover after parsing attributes in process `syz.1.8268'.
[  254.353914][T22654] tipc: Started in network mode
[  254.359012][T22654] tipc: Node identity ac14140f, cluster identity 4711
[  254.367495][T22654] tipc: New replicast peer: 255.255.255.255
[  254.373580][T22654] tipc: Enabled bearer <udp:syz2>, priority 10
[  254.461194][T22659] netlink: 68 bytes leftover after parsing attributes in process `syz.5.8274'.
[  254.473664][T22664] netlink: 28 bytes leftover after parsing attributes in process `syz.8.8262'.
[  254.554152][T22674] netlink: 28 bytes leftover after parsing attributes in process `syz.3.8281'.
[  254.555769][T22676] loop8: detected capacity change from 0 to 512
[  254.565698][T22674] netem: change failed
[  254.569572][    C0] ip6_tnl_xmit_ctl: 6 callbacks suppressed
[  254.569595][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  254.616402][T22676] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  254.630876][T22676] ext4 filesystem being mounted at /293/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  254.647028][T22676] EXT4-fs error (device loop8): ext4_do_update_inode:5653: inode #2: comm syz.8.8269: corrupted inode contents
[  254.668088][T22688] tipc: Started in network mode
[  254.668431][T22676] EXT4-fs error (device loop8): ext4_dirty_inode:6538: inode #2: comm syz.8.8269: mark_inode_dirty error
[  254.673092][T22688] tipc: Node identity ac14140f, cluster identity 4711
[  254.675179][T22688] tipc: New replicast peer: 255.255.255.255
[  254.684764][T22676] EXT4-fs error (device loop8): ext4_do_update_inode:5653: inode #2: comm syz.8.8269: corrupted inode contents
[  254.691336][T22688] tipc: Enabled bearer <udp:syz2>, priority 10
[  254.699136][T22676] EXT4-fs error (device loop8): __ext4_ext_dirty:206: inode #2: comm syz.8.8269: mark_inode_dirty error
[  254.739933][T22676] EXT4-fs error (device loop8): ext4_do_update_inode:5653: inode #2: comm syz.8.8269: corrupted inode contents
[  254.755553][T22676] EXT4-fs error (device loop8): ext4_dirty_inode:6538: inode #2: comm syz.8.8269: mark_inode_dirty error
[  254.785626][T22676] EXT4-fs error (device loop8): ext4_do_update_inode:5653: inode #2: comm syz.8.8269: corrupted inode contents
[  254.801318][T22676] EXT4-fs error (device loop8): ext4_do_update_inode:5653: inode #2: comm syz.8.8269: corrupted inode contents
[  254.814876][T22676] EXT4-fs error (device loop8): add_dirent_to_buf:2153: inode #2: comm syz.8.8269: mark_inode_dirty error
[  254.839748][T18907] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  254.901270][T22700] ÿÿÿÿÿÿ: renamed from vlan1 (while UP)
[  255.022657][T22718] tipc: New replicast peer: 255.255.255.255
[  255.028903][T22718] tipc: Enabled bearer <udp:syz2>, priority 10
[  255.062596][T22725] loop9: detected capacity change from 0 to 512
[  255.094191][T22725] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  255.107344][T22725] ext4 filesystem being mounted at /48/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  255.122533][T22725] EXT4-fs error (device loop9): ext4_do_update_inode:5653: inode #2: comm syz.9.8291: corrupted inode contents
[  255.134693][T22725] EXT4-fs error (device loop9): ext4_dirty_inode:6538: inode #2: comm syz.9.8291: mark_inode_dirty error
[  255.146750][T22725] EXT4-fs error (device loop9): ext4_do_update_inode:5653: inode #2: comm syz.9.8291: corrupted inode contents
[  255.158735][T22725] EXT4-fs error (device loop9): __ext4_ext_dirty:206: inode #2: comm syz.9.8291: mark_inode_dirty error
[  255.172853][T22725] EXT4-fs error (device loop9): ext4_do_update_inode:5653: inode #2: comm syz.9.8291: corrupted inode contents
[  255.185677][T22725] EXT4-fs error (device loop9): ext4_dirty_inode:6538: inode #2: comm syz.9.8291: mark_inode_dirty error
[  255.197548][T22725] EXT4-fs error (device loop9): ext4_do_update_inode:5653: inode #2: comm syz.9.8291: corrupted inode contents
[  255.211275][T22725] EXT4-fs error (device loop9): ext4_do_update_inode:5653: inode #2: comm syz.9.8291: corrupted inode contents
[  255.223690][T22725] EXT4-fs error (device loop9): add_dirent_to_buf:2153: inode #2: comm syz.9.8291: mark_inode_dirty error
[  255.251014][T21887] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  255.284372][T22742] atomic_op ffff88812bc9c928 conn xmit_atomic 0000000000000000
[  255.432977][T13820] tipc: Node number set to 2886997007
[  255.682425][T22805] loop9: detected capacity change from 0 to 764
[  255.702445][T22805] rock: directory entry would overflow storage
[  255.708692][T22805] rock: sig=0x4f50, size=4, remaining=3
[  255.714424][T22805] iso9660: Corrupted directory entry in block 6 of inode 1792
[  255.727478][T22807] netlink: 36 bytes leftover after parsing attributes in process `syz.3.8326'.
[  255.756844][T22395] tipc: Node number set to 2886997007
[  255.765180][T22803] wg2: left promiscuous mode
[  255.770169][T22803] wg2: left allmulticast mode
[  255.792882][T22813] loop9: detected capacity change from 0 to 128
[  255.805747][T22813] FAT-fs (loop9): error, invalid access to FAT (entry 0x00000100)
[  255.813661][T22813] FAT-fs (loop9): Filesystem has been set read-only
[  255.821522][T22803] batman_adv: batadv0: Interface deactivated: veth1_vlan
[  255.822679][T22813] bio_check_eod: 5213 callbacks suppressed
[  255.822697][T22813] syz.9.8329: attempt to access beyond end of device
[  255.822697][T22813] loop9: rw=0, sector=2065, nr_sectors = 8 limit=128
[  255.876562][ T4199] netdevsim netdevsim8 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  255.906406][ T4199] netdevsim netdevsim8 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  255.916560][ T4199] netdevsim netdevsim8 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  255.925664][ T4199] netdevsim netdevsim8 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  255.976039][T22822] bridge0: port 2(bridge_slave_1) entered learning state
[  256.002817][   T29] kauditd_printk_skb: 67 callbacks suppressed
[  256.002835][   T29] audit: type=1400 audit(2000000631.360:8938): avc:  denied  { read } for  pid=22824 comm="syz.3.8333" laddr=::ac14:1444 lport=255 faddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  256.034914][T22830] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=22830 comm=syz.8.8334
[  256.047501][T22830] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=22830 comm=syz.8.8334
[  256.103234][T22837] netlink: 4 bytes leftover after parsing attributes in process `syz.5.8338'.
[  256.116892][T22841] atomic_op ffff88811a224128 conn xmit_atomic 0000000000000000
[  256.432437][T22853] atomic_op ffff88810406f928 conn xmit_atomic 0000000000000000
[  256.599230][   T29] audit: type=1326 audit(2000000631.990:8939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22871 comm="syz.1.8350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b143eeec9 code=0x7ffc0000
[  256.623030][   T29] audit: type=1326 audit(2000000631.990:8940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22871 comm="syz.1.8350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f6b143eeec9 code=0x7ffc0000
[  256.646761][   T29] audit: type=1326 audit(2000000631.990:8941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22871 comm="syz.1.8350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b143eeec9 code=0x7ffc0000
[  256.670496][   T29] audit: type=1326 audit(2000000631.990:8942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22871 comm="syz.1.8350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f6b143eeec9 code=0x7ffc0000
[  256.694341][   T29] audit: type=1326 audit(2000000631.990:8943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22871 comm="syz.1.8350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b143eeec9 code=0x7ffc0000
[  256.717877][   T29] audit: type=1326 audit(2000000631.990:8944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22871 comm="syz.1.8350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=233 compat=0 ip=0x7f6b143eeec9 code=0x7ffc0000
[  256.742194][   T29] audit: type=1326 audit(2000000632.011:8945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22871 comm="syz.1.8350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b143eeec9 code=0x7ffc0000
[  256.765900][   T29] audit: type=1326 audit(2000000632.011:8946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22871 comm="syz.1.8350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b143eeec9 code=0x7ffc0000
[  256.970939][T22866] lo speed is unknown, defaulting to 1000
[  256.990798][T22879] lo speed is unknown, defaulting to 1000
[  257.097144][T22896] atomic_op ffff88812bd7f528 conn xmit_atomic 0000000000000000
[  257.561439][T22918] loop8: detected capacity change from 0 to 164
[  257.581707][T22918] Unable to read rock-ridge attributes
[  257.584914][T22921] atomic_op ffff88812bd7f928 conn xmit_atomic 0000000000000000
[  257.603654][T22918] Unable to read rock-ridge attributes
[  257.609645][T22918] iso9660: Corrupted directory entry in block 4 of inode 1792
[  257.626480][T22925] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 !
[  257.733895][T22933] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 !
[  257.748779][T22936] atomic_op ffff888128f47d28 conn xmit_atomic 0000000000000000
[  257.921369][   T29] audit: type=1326 audit(2000000633.376:8947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22953 comm="syz.1.8392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b143eeec9 code=0x7ffc0000
[  257.956695][T22954] lo speed is unknown, defaulting to 1000
[  257.987229][T22961] __nla_validate_parse: 2 callbacks suppressed
[  257.987248][T22961] netlink: 8 bytes leftover after parsing attributes in process `syz.9.8394'.
[  258.210841][T22969] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 !
[  258.321090][T22980] geneve3: entered promiscuous mode
[  258.326412][T22980] geneve3: entered allmulticast mode
[  258.440200][T22995] lo speed is unknown, defaulting to 1000
[  258.706801][T23023] netlink: 'syz.5.8421': attribute type 29 has an invalid length.
[  258.717648][T23023] netlink: 'syz.5.8421': attribute type 29 has an invalid length.
[  258.735867][T23023] netlink: 'syz.5.8421': attribute type 29 has an invalid length.
[  258.749803][T23023] netlink: 'syz.5.8421': attribute type 29 has an invalid length.
[  258.940289][T23047] netlink: 8 bytes leftover after parsing attributes in process `syz.9.8443'.
[  258.951638][T23047] IPVS: Error joining to the multicast group
[  259.284760][T23073] netlink: 4 bytes leftover after parsing attributes in process `syz.9.8444'.
[  259.295539][T23073] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  259.330507][T23073] batman_adv: batadv0: Removing interface: batadv_slave_1
[  259.455086][T23087] loop9: detected capacity change from 0 to 164
[  259.472875][T23087] Unable to read rock-ridge attributes
[  259.482092][T23087] Unable to read rock-ridge attributes
[  259.490670][T23087] iso9660: Corrupted directory entry in block 4 of inode 1792
[  259.608615][T23102] geneve2: entered promiscuous mode
[  259.613871][T23102] geneve2: entered allmulticast mode
[  259.620468][T23107] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[  259.655720][T23113] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  259.671164][T23113] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  259.764996][T23125] openvswitch: netlink: Message has 6 unknown bytes.
[  259.772141][T23129] loop8: detected capacity change from 0 to 512
[  259.789759][T23129] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  259.802679][T23129] ext4 filesystem being mounted at /336/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  259.835095][T23135] lo speed is unknown, defaulting to 1000
[  259.854938][T23129] EXT4-fs (loop8): shut down requested (0)
[  259.867676][T23129] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop8 ino=15
[  259.881029][T23129] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop8 ino=15
[  259.977724][T18907] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  260.070669][T23154] loop8: detected capacity change from 0 to 1024
[  260.077650][T23154] EXT4-fs (loop8): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  260.088606][T23154] EXT4-fs (loop8): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  260.099079][T23154] JBD2: no valid journal superblock found
[  260.104969][T23154] EXT4-fs (loop8): Could not load journal inode
[  260.116701][T23154] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[  260.434098][    C0] bridge0: port 2(bridge_slave_1) entered forwarding state
[  260.765778][T23162] netlink: 4 bytes leftover after parsing attributes in process `syz.5.8491'.
[  260.827365][T23184] netlink: 'syz.8.8488': attribute type 29 has an invalid length.
[  260.854735][T23184] netlink: 'syz.8.8488': attribute type 29 has an invalid length.
[  260.867403][T23184] netlink: 'syz.8.8488': attribute type 29 has an invalid length.
[  260.903793][T23184] netlink: 'syz.8.8488': attribute type 29 has an invalid length.
[  261.057787][T23211] netlink: 'syz.1.8511': attribute type 29 has an invalid length.
[  261.078244][T23206] loop9: detected capacity change from 0 to 1024
[  261.085875][T23206] EXT4-fs: Ignoring removed bh option
[  261.093165][T23206] EXT4-fs (loop9): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  261.103983][T23211] netlink: 'syz.1.8511': attribute type 29 has an invalid length.
[  261.128475][T23206] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  261.216795][T23206] EXT4-fs error (device loop9): ext4_check_all_de:659: inode #12: block 7: comm syz.9.8500: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0
[  261.274284][T23206] EXT4-fs (loop9): Remounting filesystem read-only
[  261.306439][T21887] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  261.343486][T23236] hub 2-0:1.0: USB hub found
[  261.348356][T23236] hub 2-0:1.0: 8 ports detected
[  261.465461][T23248] loop9: detected capacity change from 0 to 4096
[  261.478150][T23248] EXT4-fs: Ignoring removed nomblk_io_submit option
[  261.489974][T23248] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  261.541470][T23261] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8523'.
[  261.569350][   T29] kauditd_printk_skb: 63 callbacks suppressed
[  261.569383][   T29] audit: type=1326 audit(2000000637.187:9011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23258 comm="syz.8.8524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6f4c5eec9 code=0x7ffc0000
[  261.599078][   T29] audit: type=1326 audit(2000000637.187:9012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23258 comm="syz.8.8524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd6f4c5eec9 code=0x7ffc0000
[  261.622700][   T29] audit: type=1326 audit(2000000637.187:9013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23258 comm="syz.8.8524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6f4c5eec9 code=0x7ffc0000
[  261.646354][   T29] audit: type=1326 audit(2000000637.187:9014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23258 comm="syz.8.8524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7fd6f4c5eec9 code=0x7ffc0000
[  261.669899][   T29] audit: type=1326 audit(2000000637.187:9015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23258 comm="syz.8.8524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6f4c5eec9 code=0x7ffc0000
[  261.693504][   T29] audit: type=1326 audit(2000000637.187:9016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23258 comm="syz.8.8524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=190 compat=0 ip=0x7fd6f4c5eec9 code=0x7ffc0000
[  261.717013][   T29] audit: type=1326 audit(2000000637.187:9017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23258 comm="syz.8.8524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6f4c5eec9 code=0x7ffc0000
[  261.774225][T23264] loop8: detected capacity change from 0 to 1024
[  261.793208][T23264] EXT4-fs: Ignoring removed bh option
[  261.849364][T23264] EXT4-fs (loop8): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  261.905651][T23277] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8530'.
[  261.916183][T23264] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  261.942028][T23264] EXT4-fs error (device loop8): ext4_check_all_de:659: inode #12: block 7: comm syz.8.8525: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0
[  261.967795][T23264] EXT4-fs (loop8): Remounting filesystem read-only
[  261.986229][T18907] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  262.067497][T21887] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  262.154244][   T29] audit: type=1326 audit(2000000637.795:9018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23297 comm="syz.1.8538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b143eeec9 code=0x7ffc0000
[  262.177848][   T29] audit: type=1326 audit(2000000637.795:9019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23297 comm="syz.1.8538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6b143eeec9 code=0x7ffc0000
[  262.201281][   T29] audit: type=1326 audit(2000000637.795:9020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23297 comm="syz.1.8538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b143eeec9 code=0x7ffc0000
[  262.272478][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  262.280083][    C0] ip6_tunnel: ip6tnl2 xmit: Local address not yet configured!
[  262.311428][T23308] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=23308 comm=syz.5.8553
[  262.324106][T23308] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=23308 comm=syz.5.8553
[  262.447784][T23319] lo speed is unknown, defaulting to 1000
[  262.463724][T23325] atomic_op ffff888112b58d28 conn xmit_atomic 0000000000000000
[  262.622288][T23341] atomic_op ffff888102372528 conn xmit_atomic 0000000000000000
[  263.595878][T23389] loop9: detected capacity change from 0 to 1024
[  263.666725][T23389] EXT4-fs: Ignoring removed orlov option
[  263.780163][T23389] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  263.881777][T23395] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8579'.
[  263.890896][T23395] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8579'.
[  264.306744][T21887] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  264.902293][T23461] loop9: detected capacity change from 0 to 4096
[  264.911322][T23461] EXT4-fs: Ignoring removed nomblk_io_submit option
[  264.959909][T23461] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  264.969728][T23453] loop8: detected capacity change from 0 to 8192
[  264.979187][T23453] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  265.028576][T21887] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.941841][T23478] ALSA: seq fatal error: cannot create timer (-22)
[  266.147026][T23509] SELinux: ebitmap: truncated map
[  266.153826][T23509] SELinux: failed to load policy
[  266.368819][   T29] kauditd_printk_skb: 89 callbacks suppressed
[  266.368868][   T29] audit: type=1326 audit(2000000642.247:9110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23529 comm="syz.1.8635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b143eeec9 code=0x7ffc0000
[  266.426329][   T29] audit: type=1326 audit(2000000642.278:9111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23529 comm="syz.1.8635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6b143eeec9 code=0x7ffc0000
[  266.449903][   T29] audit: type=1326 audit(2000000642.278:9112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23529 comm="syz.1.8635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b143eeec9 code=0x7ffc0000
[  266.473411][   T29] audit: type=1326 audit(2000000642.278:9113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23529 comm="syz.1.8635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b143eeec9 code=0x7ffc0000
[  266.496928][   T29] audit: type=1326 audit(2000000642.278:9114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23529 comm="syz.1.8635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6b143eeec9 code=0x7ffc0000
[  266.520430][   T29] audit: type=1326 audit(2000000642.278:9115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23529 comm="syz.1.8635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b143eeec9 code=0x7ffc0000
[  266.544026][   T29] audit: type=1326 audit(2000000642.278:9116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23529 comm="syz.1.8635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b143eeec9 code=0x7ffc0000
[  266.567683][   T29] audit: type=1326 audit(2000000642.278:9117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23529 comm="syz.1.8635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6b143eeec9 code=0x7ffc0000
[  266.591258][   T29] audit: type=1326 audit(2000000642.278:9118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23529 comm="syz.1.8635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b143eeec9 code=0x7ffc0000
[  266.615100][   T29] audit: type=1326 audit(2000000642.278:9119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23529 comm="syz.1.8635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b143eeec9 code=0x7ffc0000
[  267.019421][T23578] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8654'.
[  267.149026][T23589] SELinux: ebitmap: truncated map
[  267.156938][T23589] SELinux: failed to load policy
[  267.182732][T23597] sg_write: data in/out 63015/8 bytes for SCSI command 0x7f-- guessing data in;
[  267.182732][T23597]    program syz.3.8662 not setting count and/or reply_len properly
[  267.270632][T23602] ALSA: seq fatal error: cannot create timer (-22)
[  267.396249][T23624] netlink: 8 bytes leftover after parsing attributes in process `syz.9.8684'.
[  267.506212][T23632] ALSA: seq fatal error: cannot create timer (-22)
[  267.946743][T23682] sg_write: data in/out 63015/8 bytes for SCSI command 0x7f-- guessing data in;
[  267.946743][T23682]    program syz.8.8702 not setting count and/or reply_len properly
[  268.158876][T22395] kernel read not supported for file /vcsu1 (pid: 22395 comm: kworker/1:9)
[  268.450090][T23737] loop8: detected capacity change from 0 to 1024
[  268.457030][T23737] EXT4-fs: Ignoring removed orlov option
[  268.465351][T23737] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  268.590217][T23743] ==================================================================
[  268.598387][T23743] BUG: KCSAN: data-race in generic_buffers_fsync_noflush / writeback_single_inode
[  268.607617][T23743] 
[  268.610048][T23743] write to 0xffff8881073e1bb0 of 4 bytes by task 23737 on cpu 0:
[  268.617784][T23743]  writeback_single_inode+0x14a/0x3e0
[  268.623197][T23743]  sync_inode_metadata+0x5b/0x90
[  268.628167][T23743]  generic_buffers_fsync_noflush+0xd9/0x120
[  268.634095][T23743]  ext4_sync_file+0x1ab/0x690
[  268.638795][T23743]  vfs_fsync_range+0x10a/0x130
[  268.643598][T23743]  ext4_buffered_write_iter+0x34f/0x3c0
[  268.649195][T23743]  ext4_file_write_iter+0x383/0xf00
[  268.654436][T23743]  iter_file_splice_write+0x666/0xa60
[  268.659935][T23743]  direct_splice_actor+0x156/0x2a0
[  268.665078][T23743]  splice_direct_to_actor+0x312/0x680
[  268.670478][T23743]  do_splice_direct+0xda/0x150
[  268.675274][T23743]  do_sendfile+0x380/0x650
[  268.679732][T23743]  __x64_sys_sendfile64+0x105/0x150
[  268.684965][T23743]  x64_sys_call+0x2bb0/0x2ff0
[  268.689678][T23743]  do_syscall_64+0xd2/0x200
[  268.694237][T23743]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  268.700169][T23743] 
[  268.702515][T23743] read to 0xffff8881073e1bb0 of 4 bytes by task 23743 on cpu 1:
[  268.710241][T23743]  generic_buffers_fsync_noflush+0x80/0x120
[  268.716157][T23743]  ext4_sync_file+0x1ab/0x690
[  268.720866][T23743]  vfs_fsync_range+0x10a/0x130
[  268.725644][T23743]  ext4_buffered_write_iter+0x34f/0x3c0
[  268.731214][T23743]  ext4_file_write_iter+0x383/0xf00
[  268.736436][T23743]  iter_file_splice_write+0x666/0xa60
[  268.741822][T23743]  direct_splice_actor+0x156/0x2a0
[  268.746948][T23743]  splice_direct_to_actor+0x312/0x680
[  268.752337][T23743]  do_splice_direct+0xda/0x150
[  268.757109][T23743]  do_sendfile+0x380/0x650
[  268.761545][T23743]  __x64_sys_sendfile64+0x105/0x150
[  268.766762][T23743]  x64_sys_call+0x2bb0/0x2ff0
[  268.771452][T23743]  do_syscall_64+0xd2/0x200
[  268.775998][T23743]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  268.781907][T23743] 
[  268.784266][T23743] value changed: 0x00000038 -> 0x00000002
[  268.789990][T23743] 
[  268.792322][T23743] Reported by Kernel Concurrency Sanitizer on:
[  268.798492][T23743] CPU: 1 UID: 0 PID: 23743 Comm: syz.8.8727 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  268.809876][T23743] Tainted: [W]=WARN
[  268.813679][T23743] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  268.823744][T23743] ==================================================================
[  268.869469][T18907] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  278.123442][    C0] ip6_tunnel: ip6tnl2 xmit: Local address not yet configured!
[  278.130971][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!