last executing test programs:

1m36.436180433s ago: executing program 3 (id=396):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000410"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_debug_messages', 0x42, 0x0)
copy_file_range(r2, 0x0, r2, &(0x7f00000000c0)=0xc, 0x3, 0x0)

1m36.418844405s ago: executing program 3 (id=398):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000047b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000007b00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00', r0}, 0x10)
r1 = socket(0xa, 0x2400000001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r1, 0x29, 0x2a, &(0x7f0000000300)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)

1m36.401520536s ago: executing program 3 (id=400):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xe, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0, 0x0, 0xffffffffffffffff}, 0x18)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000080)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f0000000100)={0x1, &(0x7f0000000180)=[{0x6, 0x0, 0x2, 0xffffffff}]}, 0x10)
close(r1)

1m36.383010497s ago: executing program 3 (id=402):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000140)={0x0, 0x10, &(0x7f0000000100)=[@in={0x2, 0x4e20, @private=0xa010100}]}, &(0x7f0000000180)=0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000000)={0x1, [0x0]}, &(0x7f0000000080)=0x8)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000000)={0x1, [<r2=>0x0]}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp_SCTP_PR_SUPPORTED(r1, 0x84, 0x82, &(0x7f0000000740)={r2, 0x1006}, 0x8)

1m35.489712209s ago: executing program 3 (id=450):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b0000000700000008000000a6ad6a1a05"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r2, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r2, &(0x7f0000000000)={&(0x7f0000000040)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, &(0x7f00000006c0)=[@rdma_args={0x48, 0x114, 0x1, {{0x3, 0x3}, {0x0}, &(0x7f0000000440)=[{&(0x7f0000000a00)=""/4096, 0x1000}], 0x1, 0x60, 0x4}}], 0x48, 0x8004}, 0x0)

1m35.344828441s ago: executing program 3 (id=452):
r0 = fsopen(&(0x7f0000000280)='configfs\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x2)
fchdir(r1)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000640)='.\x00', 0x0, 0x0)
lseek(r2, 0x1000000, 0x3)

1m35.322670483s ago: executing program 32 (id=451):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000700000045000000a400020095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x60, 0x0, 0x0, 0x9, 0x0, 0x8, 0x4200, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_bp={0x0, 0x4}, 0x0, 0xfff, 0x800000, 0x0, 0x2, 0x2, 0x4, 0x0, 0x1ff, 0x0, 0xbf}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000001800010600000000000000001c140000fe000001"], 0x24}, 0x1, 0x0, 0x0, 0x880}, 0x0)

1m35.317597793s ago: executing program 33 (id=452):
r0 = fsopen(&(0x7f0000000280)='configfs\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x2)
fchdir(r1)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000640)='.\x00', 0x0, 0x0)
lseek(r2, 0x1000000, 0x3)

44.456472089s ago: executing program 0 (id=2499):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x64, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x6f)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x2}, 0x18)
ioctl$USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, &(0x7f0000000280)=@urb_type_control={0x2, {}, 0x0, 0x40, &(0x7f0000000000)={0x4b5a9da54893e123, 0x14, 0x8, 0x2}, 0x8, 0x7, 0x200, 0x0, 0x0, 0x0, 0x0})
r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000580), 0x2, 0x0)
write$selinux_load(r2, &(0x7f0000000280)=ANY=[@ANYBLOB="8cff7cf9080000005345204c696e757813"], 0x65)

44.339097059s ago: executing program 0 (id=2501):
r0 = socket$key(0xf, 0x3, 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa20000000000000702000002ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10)
sendmsg$key(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYBLOB="0213f803030000002cbd7000fddbdf25010018"], 0x18}}, 0x2000)

44.338721929s ago: executing program 0 (id=2502):
prctl$PR_SET_NAME(0xf, &(0x7f00000014c0)='w\xde\xa1\x05\xff\a\x00\x00\x00\x00\x00\x00\x8f\xc0\x9b\x86\xef\\\xc0\x89\av\x9f\xd6\xd1\x98<\xc8\x18E/\x8c\x1a\xe3\xbd\xde\xad\xf5\x1eM\x11[\xb6\x98\xda\xd2y\xbd\xad\x87P\xd8\xb2\xe5\xd2\xe7\xf6\xa1\xc8\'\x1e\xbc\xf4\xa0\xe6\xcf*(\xfb_\x9fL\xa2\x86\f\xcd\x1b\xd1\xe7\x11\xe8\xe1-\x0f\x1b:\xff\x11~')
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85eff010000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1099e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c391339878b699644c96bd6ea589765ed2a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac4741201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6d00000000000000000000008f6555f3b7d5021dfc8eb504f1e4fef716d60f0d50b03fc014fd3dff46f56750f0ba4f1b9f7de5c17e7d1f18522897edab8e9e76b667ec6b01908400f55e16f0cfbf026be5f5acc681053f697d62b3545aec4606e190216c22c1d8807b6c43f0f0a4b53619fe5c9412821c3816194a5e29cf12cc7a197b5bdafb096d2d7f6be483814c92ef29c3a21c169794c7de3b4c706f4de5f4b93c831944c7b66fa49f317aa22dbc211e19f031c4f8bee14ecd5eb061a052044adc4dd1b63a1500a9c0e09dbba23f2726a55975efb4519d864d984dcb3a1dcafa1124a6b004029a706478df3be2438d2e35e6ca674dc190143a0b6f7db3408c0c08011e5d8f54711a0bd410ab53a15b1596cb77d2b58df2d8d8"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00', r0}, 0x10)
r1 = memfd_create(&(0x7f0000000180)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xecz\xabq\x95t*T9\xa9\b X \x04\"\x17\xbf\xcb\xccF\xda\xcf\xdd^\xa0\x15\xc0\xcb^h>\x1b\xb5d\xc7\x7f0\x9a&\xb0\x12#\x9c`\xa6\xed\x05\x95g\a\xccYb\xaf\xe9\xb6G?\x9f\xf5\xfe\xc1\xc0JJ\xc8\xd9d\x80\x13\x8fX\xb4\x19\xc4\\\xcb\x89-)\x90\x01\v\xac^\xdbBQ|\xaej;\x92\\\xf8u\x19Y\xee\x99EI\xf1t\xadn<\x9b\xc9\x87\xd0\xa7\x1a\x81\xb9\xc87sq\xd7\x15\xd6\x91O\x9c\x99!9>\xff\xa8\xfa\xe6=d\xcf\xca\xa9\xc61!\xc6P\x13\xd0\x88gZ\xbe\xdfl\xfa\xff\xb0m;d07tx\xbb\xabd\xe5\x16\xc4\xae\xf0', 0x0)
write$binfmt_script(r1, &(0x7f0000000340)={'#! ', './file0'}, 0xb)
execveat(r1, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

44.277451554s ago: executing program 0 (id=2505):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000980)={&(0x7f0000000940)='tlb_flush\x00', r1}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000001c0), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
write$selinux_context(0xffffffffffffffff, &(0x7f0000000040)='system_u:object_r:cgroup_t:s0\x00', 0x1e)
syz_clone(0x2100, 0x0, 0x0, 0x0, 0x0, 0x0)

44.155431894s ago: executing program 0 (id=2515):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r0, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, &(0x7f0000000040)={0x88}, 0x1)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c)
sendto$inet6(r0, &(0x7f0000000100)="b8", 0xffe0, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)
write(r0, &(0x7f0000000180)="a1", 0x1)

43.877533016s ago: executing program 0 (id=2532):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x3, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="180000000000b800000000000000000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000ac0)={r2, r3}, 0xc)

43.868362577s ago: executing program 34 (id=2532):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x3, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="180000000000b800000000000000000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000ac0)={r2, r3}, 0xc)

39.944921533s ago: executing program 4 (id=2696):
socket$nl_xfrm(0x10, 0x3, 0x6)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0xf7d4, 0x8, 0x1, 0x8001, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20004006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r0, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000080050005000200000011000300686173683a69702c706f7274"], 0x4c}}, 0x2)

39.848781571s ago: executing program 4 (id=2700):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000070000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
syslog(0x4, &(0x7f0000000000)=""/19, 0xb12288e90d7c8384)

39.6139162s ago: executing program 4 (id=2703):
prctl$PR_SET_NAME(0xf, &(0x7f00000001c0)='w\xde\xa3\x05\xff\a\x00\x00\x00\x00\x00\x00\x8f\xc0\x9b\x86\xef\\\xc0\x89\av\x9f\xd6\xd1\x98<\xc8\x18E/\x8c\x1a\xe3\xbd')
openat$rtc(0xffffffffffffff9c, &(0x7f0000000540), 0x80000, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000e40)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000040000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10)
unshare(0x28020480)
pselect6(0x40, &(0x7f0000000100)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0x800, 0x2, 0x80000000000004, 0x6}, 0x0, &(0x7f0000000400)={0x1f, 0x0, 0x800000000000, 0x0, 0x1000000000, 0x0, 0xfffffffffffffffe}, &(0x7f0000000280)={0x0, 0x3938700}, 0x0)

39.421666975s ago: executing program 4 (id=2711):
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1008082, &(0x7f00000004c0)={[{@nodioread_nolock}, {@nolazytime}, {@dioread_lock}, {@errors_continue}, {@dioread_nolock}, {@journal_dev={'journal_dev', 0x3d, 0x7}}, {@nomblk_io_submit}, {@nobarrier}]}, 0x0, 0x5e9, &(0x7f00000005c0)="$eJzs3c1vFVUbAPBnbj9oKe/bQt68igtpYgwkSksLGGJcwNaQBj/ixo2VFkQKNLRGiyaUBDcmxo0xJq5ciP+FEtmy0pULN64MCVHD0sRr5nam9GNuPy7tncr8fsmlM3PucJ7p7dNz7uk5cwOorMH0n1rE/oiYTiL6k/nFss7ICgcXnvfgz4/Opo8k6vXXfk8iyY7lz0+yr33ZyT0R8eMPSezrWF3vzNy1i+NTU5NXs/3h2UvTwzNz1w5fuDR+fvL85OXRF0ZPHD92/MTIkZau63rBsdM3332//5OxN7/56q9k5NtfxpI4GS9nT1x6HVtlMAYb35NkdVHfia2urCQd2c/J0pc46Sx44q42BsWG5a9fV0Q8Ef3REQ9fvP74+JVSgwO2VT2JqAMVlch/qKi8H5C/t1/5PrhWSq8EaIf7pxYGAFbnf+fC2GD0NMYGdj9IYumwThIRrY3MLbcnIu7eGbt57s7YzdjMOFzRGBOwKfM3IuLJovxPGvk/ED0x0Mj/2rKUS/sFZ7Kv6fFXW6x/ZRpvxzg8UGwh/3vWzP9okv9vLcn/t1usf/Dh5ju9y/K/t9VLAgAAAAAAgMq6fSoini/6+39tcf5PFMz/6YuIk1tQ/+CK/dV//6/d24JqgAL3T0W8VDj/t5bP/h3oyLb+05gP0JWcuzA1eSQi/hsRh6JrV7o/skYdhz/d92WzssFs/l/+SOu/m80FzOK417li7ejE+Oz4o143EHH/RsRThfN/k8X2Pylo/9PfB9MbrGPfs7fONCtbP/+B7VL/OuJgYfv/8K4Vydr35xhu9AeG817Bak9/+Nl3zepvNf9N/4dHl7b/u9fO/4Fk6f16ZjZfx9G5znqzslb7/93J641bznRnxz4Yn529OhLRnZzuSI8uOz66+ZjhcZTnQ54vaf4fembt8b+i/n9vRMyv+L+TP5avKc79/+++X5vFo/8P5Unzf2JT7f/mN0ZvDXzfrP6Ntf/HGm39oeyI8T9Y8EWept3LjxekY2dRUbvjBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDHQS0i9kRSG1rcrtWGhiL6IuJ/sbs2dWVm9rlzV967PJGWNT7/v5Z/0m//wn6Sf/7/wJL90RX7RyNib0R83tHb2B86e2VqouyLBwAAAAAAAAAAAAAAAAAAgB2ir8n6/9RvHWVHB2y7zrIDAEpTkP8/lREH0H6ttf+7tjwOoP30/6G65D9Ul/yH6pL/UF3yH6pL/kN1yX8AAAAAAHis7D1w++ckIuZf7G08Ut1ZWVepkQHbrVZ2AEBp3OIHqsvUH6gu7/GBZJ3ynqYnrXfmWqbPPsLJAAAAAAAAAAAAAFA5B/db/w9VZf0/VJf1/1Bd+fr/AyXHAbSf9/hArLOSv3D9/7pnAQAAAAAAAAAAAABbaWbu2sXxqanJqzbe2BlhtHOjXq9fT38Kdko8//KNfCr8TolnxUa+1m9jZ5X3OwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFjunwAAAP//OKok1w==")
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f00000000c0)="26fe25", 0x3}], 0x1, 0x0, 0x0, 0x11000000}, 0x0)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000540))
ptrace$cont(0x20, r0, 0x0, 0x0)

39.256011879s ago: executing program 4 (id=2721):
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
wait4(r0, 0x0, 0x40000000, 0x0)
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
waitid(0x0, 0xffffffffffffffff, 0x0, 0x8, 0x0)

39.095622761s ago: executing program 4 (id=2725):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x118)
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f00000001c0)={'syzkaller1\x00', @broadcast})
write$tun(r0, &(0x7f0000001400)=ANY=[@ANYBLOB='\x00\x00\x00\f'], 0x152)

39.058630604s ago: executing program 35 (id=2725):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x118)
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f00000001c0)={'syzkaller1\x00', @broadcast})
write$tun(r0, &(0x7f0000001400)=ANY=[@ANYBLOB='\x00\x00\x00\f'], 0x152)

31.857610634s ago: executing program 6 (id=3068):
openat2$dir(0xffffffffffffff9c, 0x0, &(0x7f00000001c0)={0x62941, 0x2, 0x10}, 0x18)
madvise(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x15)
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
mmap$xdp(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xa, 0x11, r0, 0x180000000)
madvise(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x15)

31.7812447s ago: executing program 6 (id=3073):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x200, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
set_mempolicy(0x4005, &(0x7f0000000080)=0x7e, 0x9)

31.770933991s ago: executing program 6 (id=3075):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc2294133"], 0x0}, 0x94)
sendmsg(0xffffffffffffffff, &(0x7f0000001b00)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000180)="4741aa2d2693d37b2a5600", 0xb}], 0x1, 0x0, 0x0, 0x11000000}, 0x81)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000540))
ptrace$cont(0x20, r0, 0x0, 0x0)

31.698662777s ago: executing program 6 (id=3080):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x24)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b100a, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
umount2(&(0x7f0000000240)='./file0/file0\x00', 0x9)

31.692128217s ago: executing program 6 (id=3081):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)={0x2, 0x4, 0x8, 0x1, 0x80, r0, 0x0, '\x00', 0x0, 0x0}, 0x50)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0900000300000000000000000600000000000000", @ANYRES32=r1], 0x50)
r3 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0c0000000400000004"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r3}, &(0x7f0000000180), &(0x7f00000001c0)=r2}, 0x20)

31.350421545s ago: executing program 6 (id=3092):
socket$nl_xfrm(0x10, 0x3, 0x6)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r0, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
write$nci(r1, 0x0, 0xfffffeea)

31.309661738s ago: executing program 36 (id=3092):
socket$nl_xfrm(0x10, 0x3, 0x6)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r0, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
write$nci(r1, 0x0, 0xfffffeea)

22.366893349s ago: executing program 5 (id=3574):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
mq_open(&(0x7f0000000080)='$@\x00', 0x40, 0xb4, 0x0)
mq_unlink(&(0x7f0000000000)='$@\x00')

22.320774472s ago: executing program 5 (id=3576):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000181100"/20, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1c, 0x2000000000000329, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000073"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='workqueue_activate_work\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

22.320160443s ago: executing program 5 (id=3580):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x8, 0x6}, 0x0, 0x0, 0x800000, 0x0, 0x2, 0x2, 0xfffe, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r2}, &(0x7f00000006c0), &(0x7f0000000700)=r1}, 0x20)
recvmsg$unix(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000002380)=[{&(0x7f0000002480)=""/195, 0xc3}], 0x1}, 0x2000)
sendmsg$inet(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000640)='U', 0x1}], 0x1}, 0x0)

22.163878875s ago: executing program 5 (id=3587):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001240)={&(0x7f0000000200)='kfree\x00', r1, 0x0, 0xfffffffffffffffd}, 0x18)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$TIOCL_SETSEL(r2, 0x541c, &(0x7f0000001900)={0x2, {0xc, 0xa00, 0x2000, 0x80, 0x100}})

22.163511945s ago: executing program 5 (id=3589):
mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0x0, 0xffffffffffffffff, 0x0, 0x3b, &(0x7f0000000000)='/proc/sys/net/ipv4\x00\x00s/sync_\x00le\xf44.\xab%\xf8\xff\xff\xff\xff\xff\xff\xff=\x11\xc8\xdd\x15\xcc\xd2\xf1d\'%\x11c\x91l,'}, 0x30)
mount$bpf(0x200000000000, &(0x7f0000000440)='./file0/../file0\x00', 0x0, 0x989046, 0x0)
mount$bpf(0x0, &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x100000, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30)
mount$bpf(0x200000000000, &(0x7f0000000780)='./file0/../file0\x00', 0x0, 0xa06002, 0x0)

22.141261907s ago: executing program 5 (id=3590):
r0 = socket$inet6(0xa, 0x80002, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
flistxattr(r0, 0x0, 0x0)

6.638819076s ago: executing program 37 (id=3590):
r0 = socket$inet6(0xa, 0x80002, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
flistxattr(r0, 0x0, 0x0)

1.464245132s ago: executing program 9 (id=4201):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000010000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_NODES(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)={0x1c, r3, 0x1, 0x70bd27, 0x0, {{}, {0x0, 0x6}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x0)

1.439643444s ago: executing program 9 (id=4202):
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0xa, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000480)='kfree\x00', r1, 0x0, 0x7}, 0x18)
r2 = perf_event_open(&(0x7f0000000600)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x235fd, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0, 0x8}, 0x20085, 0x4, 0x0, 0xf, 0x4000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f00000000c0)='cpu\t>0&&\t')

1.36291475s ago: executing program 9 (id=4206):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000380)='sched_switch\x00', r1, 0x0, 0xfffffffffffffffe}, 0x18)
r2 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e03002a000b05d25a806c8c6f94f91124fc601100077a0a000312050282c137153e370e0c1180fc0b0c000300", 0x33fe0}], 0x1}, 0x0)

1.276417077s ago: executing program 9 (id=4208):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r0 = syz_io_uring_setup(0x5c6, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x4}, &(0x7f0000000300)=<r1=>0x0, &(0x7f0000000580)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000004c0)=@IORING_OP_TIMEOUT={0xb, 0x18, 0x0, 0x0, 0x4, &(0x7f0000000280)={0x0, 0x989680}, 0x1, 0x40, 0x1})
io_uring_enter(r0, 0x6e2, 0x3900, 0x1, 0x0, 0xe00)
rt_sigsuspend(&(0x7f00000002c0)={[0x225c17d03]}, 0x8)

477.136262ms ago: executing program 7 (id=4229):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = inotify_init()
creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
inotify_add_watch(r1, &(0x7f0000000240)='./file0\x00', 0x4000cdd)
unlink(&(0x7f0000000000)='./file0\x00')
close_range(r0, 0xffffffffffffffff, 0x0)

460.205853ms ago: executing program 7 (id=4231):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r0, 0x400, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000340)='leases_conflict\x00', r1}, 0x18)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0, 0x0)

430.558196ms ago: executing program 7 (id=4234):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r1}, 0x9)
r2 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
ioctl$SG_SET_RESERVED_SIZE(r2, 0x2275, &(0x7f0000000040)=0x7)

413.916627ms ago: executing program 7 (id=4235):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x60880, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=@newtfilter={0x3c, 0x2c, 0xd27, 0x70bd25, 0x6, {0x0, 0x0, 0x0, r2, {0x0, 0x1}, {0x0, 0xfff1}, {0x8, 0x4}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_ETH_TYPE={0x6, 0x8, 0x8035}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000}, 0x44010)

389.778329ms ago: executing program 9 (id=4238):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@updpolicy={0x13c, 0x19, 0x1, 0x4, 0x0, {{@in6=@private2, @in6=@empty, 0x0, 0x3, 0x0, 0x0, 0xa, 0x0, 0x0, 0x5e}, {0x0, 0x800, 0x0, 0x7, 0x0, 0x0, 0x3, 0x7}, {0x0, 0x0, 0x3}}, [@tmpl={0x84, 0x5, [{{@in6=@loopback, 0x0, 0x3c}, 0x2, @in=@remote, 0x4000, 0x1, 0x3}, {{@in6=@mcast2, 0x4d3, 0x3c}, 0x2, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}]}]}, 0x13c}}, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_buf(r1, 0x0, 0x8008000000010, &(0x7f0000005e40)="17000000020001000003d68c5ee17688a2003208020300ecff3f0200000300000a000000009afc5ad9485bbb6a880000d6c8db0000dba67e060180000a0000f10607bdff59100ac45761407a681f009cee4a5acb3da400001fb700674f19b44e09f9315033bf79ac2dff060115003901000000000000ea000000000000000009ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e000"/184, 0xb8)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0x3004017, &(0x7f0000000c40)={[{@nodiscard}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x5}}]}, 0x43, 0x4e0, &(0x7f0000000300)="$eJzs3UFvHFcdAPD/jL2pk7pdl3JoK1GqtsipILt2TVuLQ1skBKdKQLkbY68ty2uvZa+T2IqQIz4AEkKAxIlTLkh8ACSUj4CQIsEdQQRCkMCBA7BoZ2eNY+/GG1jvBPv3kybz3rwZ//9vpX27s/MyE8CF9VpEfBgRYxHxVkSU8+1pviy0Kwed/R4+uLXUXpJotT7+cxJJvq37t5J8/WznkJiIiK9/JeJbSa/I++uL9XptO69Vmxtb1Z29/WtrG4urtdXa5tzc7Lvz782/Mz8zeGfS/k1TEfH+l+7/4Lt3vvz+Lz5347cLf7z67XZak3n70X4MU6frpey16BqPiO2zCFaQ8ayHAAD8P3gxIj4REa9n3//LMZZ9m7tUdFoAAADAELU+mIx/JBGtAb0eg+8LAAAAPB3SbA5sklby6bOTkaaVSmcO7yfjSlpv7DQ/u9LY3VzutE9FKV1Zq9dm8rnCU1FK2vXZfI5tt/72sfpcRLwQEd8vX87qlaVGfbnoHz8AAADggnj22Pn/38qd8/87j/6Hzq3CEgQAAACGY6roBAAAAIAz5/wfAAAAzj/n/wAAAHCuffWjj9pLq/v86+Xre7vrjevXlms765WN3aXKUmN7q7LaaKxm9+zbOO3v1RuNrc/H5u7NarO206zu7O0vbDR2N5sLa488AhsAAAAYoRc+ffc3SUQcfOFytrS9XHRSwEikT7Lz788uD2D0xopOACjMeNEJAIUpFZ0AULjklPbn+zX8cvi5AAAAZ2P65ZPX/8tFJwWMxBNd/wcAzgXX/+HiKpkBCBfe86eMA31v3nHi+v8HfXZstf6LtAAAgCGazJYkreTXAicjTSuViOeyxwKUkpW1em0mn//763LpmXZ9NjsyOXXOMAAAAAAAAAAAAAAAAAAAAAAAAADQ0Wol0QIAAADOtYj0D0l2N/+I6fKbk8d/H7iU/L2crSPixo8//uHNxWZze7a9/S+H25s/yre/XcQvGAAAAHBB3B/8SXzd8/TueTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADNPDB7eWusso4/7pixEx1Sv+eExk64koRcSVvyYxfuS4JCLGhhD/4HZEvNQrftJOK6byLHrFvzzy+MnhcekQYsNFd7c9/nzY6/2XxmvZuvf7fzxf/lf9x7/0cPwb6zP+PDdgjFfu/azaN/7tiFfGe48/3fhJFu1k/DcGjP/Nb+zvH6k+c7St9ZOI6Z6fP8kjsarNja3qzt7+tbWNxdXaam1zbm723fn35t+Zn6murNVr+b8943/vUz//1+P6f6VP/KnD/vd+/d8csP//vHfzwYudYqlX/Ktv9P78falP/DT/7PtMXm63T3fLB53yUa/+9FevPq7/y336P3FK/68O2P+3vvad3w24KwAwAjt7++uL9XptW0GhgMKleCrSUDhRKHpkAgAAhu0/X/qLzgQAAAAAAAAAAAAAAAAAAAAurlHcTux4zINiugoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Fj/DgAA//83QNDI")
bind$vsock_stream(0xffffffffffffffff, 0x0, 0x0)

371.22747ms ago: executing program 8 (id=4240):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000140)={[{@grpid}, {@user_xattr}]}, 0xff, 0x48f, &(0x7f0000000b80)="$eJzs3MtvVNUfAPDvvW15/Hi0P0QUBK2gkfhoaUFl4UKNJi40MdEFLmtbEBmooTUR0mgxBpeGxL1xaeJf4M6NURfGxK0mLg0J0caE4qrmvugwnZa2tB3pfD7JdM6Ze+6c8733nplz7+mdANpWb/YnidgeEb9GRHeRvbVAb/E0Mz05fGN6cjiJ2dk3/kzyctenJ4erotV628rM4TQi/SSJ55P59Y5fuHhmqFYbPV/m+yfOvtc/fuHiU6fPDp0aPTV6bvD48WNHB559ZvDpVYkzi+v6vg/H9u995a0rrw2fuPL2D19nzdpzoFheH8dt3WgSUBO92Vb7azbXuOzRZbT9brCjLp10trAhLEtHRGS7qyvv/93REXM7rzte/riljQPWVPbdtHnhxVOzwAaWRKtbALRG9UWfnf9Wj3UaevwnXHshYlOZnpmeHJ65GX9npOXrXWtYf29EnJj654vsEcu9DgEAsAL52ObJZuO/NPbkz8Vcx85yDqUnIv4fEbsi4p6I2B0R90bkZe+LiPuLlWe7l1h/b0N+/vgnvdq0zaskG/89Vzf2m6mLv3zq6ShzO/L4u5KTp2ujR8ptcji6Nmf5gUXq+PalXz5baFn9+C97ZPVXY8GyAVc7Gy7QjQxNDK3WRrh2KWJfZ7P4k5szAdkRsDci9i3vrXdWidOPf7V/oUK3j38RqzDPNPtlxGPF/p+KhvgryeLzk/1bojZ6pL86Kub78efLry9U/x3FvwquHXygSMzt/4YS3X8nxXxtV9Rqo+fHl1/H5d8+XfCcZqXH/6bkzXzO+qd3itc+GJqYOD8QsSl5Nc9X53T564Nz61b5qnx2/B8+1Lz/7yrXyeLPtlJ2EB+IiAcj4qGy7Q9HxMGIOLRI/N+/+Mi7i8SfRBKt2/+XIkaafv7dPP57kvr5+hUkOs58981CM+ZL2//HYir/rC3kn3+3sdQG3uHmAwAAgLtCGhHbI0n7inTv9kjTvr7if/h3x//S2tj4xBMnx94/N1LcI9ATXWl1pau77nroQDJVvmORHyyvFVfLj5bXjT/v2Jrn+4bHaiMtjh3a3bZb+39U/T/zR0erWwesOfdrQftq7P9pi9oBrL+lfP87F4CN6db+vyX7s7VVbQHWl/N/aF/N+v9HDXnjf9iY5vf/35v8ZB2wERn/Q/vS/6F96f/Qlu7kvv6VJ6qbBVb+PluWfId/uySqX7xYy7q2xtwrkbY85DZKZD1mfSud+w0VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAu9m/AQAA//+kuOWe")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
rseq(&(0x7f0000000400), 0x20, 0x0, 0x0)
write$binfmt_script(r0, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x28011, r0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x9)

353.880431ms ago: executing program 7 (id=4241):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8ff20c2c10f0093d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x60, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x30046, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x400}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

353.705291ms ago: executing program 1 (id=4242):
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={<r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000118110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014002000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='sys_enter\x00', r2}, 0x10)
syncfs(r0)

296.266436ms ago: executing program 9 (id=4243):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x1c, &(0x7f0000000080)=[@in6={0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}]}, &(0x7f0000000180)=0x10)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000100)={'netdevsim0\x00', &(0x7f0000000000)=@ethtool_ringparam={0x33, 0x0, 0x802e2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401}})
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000005300)=0x8)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000000c0)={r2, @in6={{0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, &(0x7f00000001c0)=0x9c)

289.974367ms ago: executing program 1 (id=4244):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
kexec_load(0x0, 0x0, 0x0, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1)

209.945104ms ago: executing program 2 (id=4247):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
r1 = io_uring_setup(0x13bb, &(0x7f0000000100))
close(r1)
sendto$inet(r0, &(0x7f0000000000)="1742b8f81cb7a9fb3a374f534192b9c381f96c10fbda36ceaa91e09c39aaf762b6ad74916a6d1098dc48e25fafdc18d6f8518af44a2d83", 0xfffffffffffffe2b, 0x10008095, 0x0, 0x0)

183.850215ms ago: executing program 7 (id=4248):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r0 = syz_io_uring_setup(0x5c6, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x4}, &(0x7f0000000300)=<r1=>0x0, &(0x7f0000000580)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000004c0)=@IORING_OP_TIMEOUT={0xb, 0x18, 0x0, 0x0, 0x4, &(0x7f0000000280)={0x0, 0x989680}, 0x1, 0x40, 0x1})
io_uring_enter(r0, 0x6e2, 0x3900, 0x1, 0x0, 0xe00)
rt_sigsuspend(&(0x7f00000002c0)={[0x225c17d03]}, 0x8)

165.570197ms ago: executing program 8 (id=4249):
r0 = socket$igmp6(0xa, 0x3, 0x2)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r2=>0x0})
ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f00000005c0)={@dev={0xfe, 0x80, '\x00', 0x40}, @remote, @remote, 0x3, 0x2, 0x5, 0x400, 0xb7, 0xc20022, r2})
syz_emit_ethernet(0x82, &(0x7f0000000040)={@broadcast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x80}, @val={@void}, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "f53a04", 0x48, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x2, 0x0, 0x0, 0x500, {0x0, 0x6, '\x00', 0x0, 0x0, 0x0, @private1, @private2, [@hopopts={0x3a, 0x1, '\x00', [@calipso={0x7, 0x8, {0x0, 0x0, 0x0, 0x80}}]}]}}}}}}}, 0x0)
syz_emit_ethernet(0x5e, &(0x7f00000004c0)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb86dd603000bb00282b00fc020000000000000000000000000000fe8000000000000000000000000000aa"], 0x0)

140.412369ms ago: executing program 1 (id=4250):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000380)='sched_switch\x00', r1, 0x0, 0xfffffffffffffffe}, 0x18)
r2 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e03002a000b05d25a806c8c6f94f91124fc601100077a0a000312050282c137153e370e0c1180fc0b0c000300", 0x33fe0}], 0x1}, 0x0)

140.263659ms ago: executing program 2 (id=4251):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000880)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000180a0500000000000000000002000000300003802c00038014000100776732000000000000000000000000001400010076657468315f746f5f627269646765000900020073797a30000000000900010073797a300000000014000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x24040089}, 0x20008000)

120.9986ms ago: executing program 8 (id=4252):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x200000000006, 0x4, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
getgid()

119.081061ms ago: executing program 1 (id=4253):
r0 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000440)=@req={0x401, 0xfffffffe, 0x0, 0xffffffff}, 0x10)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x18)
close(r0)

112.564951ms ago: executing program 2 (id=4254):
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4600, 0x8, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x2000000000}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0xa, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000480)='kfree\x00', r1, 0x0, 0x7}, 0x18)
syz_clone(0x8d002240, 0x0, 0x0, 0x0, 0x0, 0x0)

96.402802ms ago: executing program 8 (id=4255):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x0, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000300)='kfree\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18)
r1 = socket(0x10, 0x3, 0x6)
r2 = socket(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000040)={'team0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x90, 0x24, 0xf0b, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xffff}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x2, [], 0x0, [0x4, 0x2, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c4, 0x0, 0x0, 0x0, 0x3dc], [0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0xc1, 0x0, 0x0, 0x7, 0x0, 0x1000]}}}}, @TCA_RATE={0x6}]}, 0x90}}, 0x20000000)

91.911953ms ago: executing program 1 (id=4256):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000240)='./file1\x00', 0x4000, &(0x7f0000000140), 0x2, 0xbca, &(0x7f0000000600)="$eJzs3N1rXGUaAPDnnEymaZvdSZdl2e7NZlmWFpadJl1SbBFspSKCF4LeCg3ppIRMP0giNWkuJvoPiHoteCOoRfHCXvdG0VtvtL1VvBCKxEZBRCNnPpKxmUlbO8mJ6e8Hb877nudk3uc5h+ScF2YmgIfWcPYjjTgYEWeSiFJzfxoRxXpvIKLWOG5leXHih+XFiSRWV5/9NokkIm4vL060Xitpbvc3BwMR8dnjSfzl5Y3zzs4vTI9Xq5WZ5vjI3PlLR2bnF/43dX78XOVc5cLosUfGjo4dGzk+1rNaf/zy5LXv//Xk17Wf3vn56nevvZXEyRhsxtrr6JXhGF47J+0KETHe68ly0tesp73OpNA2WO1wBtLtyAwAgE7Stme4v0Up+mL94a0UH32ea3IAAABAT6z2RawCAAAAu1xi/Q8AAAC7XOt9ALeXFydaLd93JGyvW6ciYqhR/0qzNSKFqNW3A9EfEftuJ9H+sdak8WsPbDgivrp5/P2sxRZ9DnkztaWI+Hun65/U6x+qf4p7Y/1pRIz0YP7hO8Y7vf6B5u9l9Z/swfx51w/Aw+n6qcaNbOP9L117/okO9/9Ch3vX75H3/a/1/Ley4flvvf6+Ls9/z9zjHFfefuNyt1hW/6PXnniv1bL5s+0DFXUfbi1F/KPQqf5krf6kS/1n7nGO0i+XK91iede/+mbEoehcf0uy+fcTHZmcqlZGGj87zrH06di73ebPu/7s+u/rUn/r+5+6Xf9Lm71w33r3+dOnP9gQv7ne3bz+9Jti8ly9V2zueXF8bm5mNKKYPL1x/9HN620d03qNrP7D/27U/1SXv/9O9Wfl1ZrnIVsLLDW32filO+Z87OqVD7vl01r/5Xn9z3a5/u31f1LYeP1fucc5/vPxq4e7xdrXv1nL5m+thQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgJY2IwUjS8lo/TcvliP0R8dfYl1Yvzs79d/LiCxfOZrGIoehPJ6eqlZGIKDXGSTYerffXx0fvGP8/Ig5ExOulvfVxeeJi9WzexQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALBmf0QMRpKWIyKNiJVSmpbLeWcFAAAA9NxQ3gkAAAAAW876HwAAAHY/638AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC22IF/Xr+RRETtxN56yxSbsf5cMwO2Wpp3AkBu+vJOAMhNIe8EgNzc5xrf4wLsQsld4gNdI3vu41gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/ugOHbx+I4mI2om99ZYpNmP9uWYGbLU07wSA3PRtFixsXx7A9vMnDg8va3wguUt8YP2Y2m8je7YsJwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB2nsF6S9JyRBSb+8rliD9FxFD0J5NT1cpIRPw5Ir4o9e/JxqM55wwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDvzc4vTI9Xq5WZrJNGs7O2R2e9kzTOWG2n5KPzgJ1i7Ig0dmgn7/9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADkYXZ+YXq8Wq3MzOadCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJC32fmF6fFqtTKzhZ28awQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID+/BgAA///pcwrc")
openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0xa02, 0xbc)

65.640085ms ago: executing program 2 (id=4257):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_int(r0, 0x0, 0x33, &(0x7f0000000000)=0x80000002, 0x4)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_int(r1, 0x0, 0x33, &(0x7f0000000000)=0x80000002, 0x4)
sendto$inet(r1, &(0x7f0000000040)='@', 0x1, 0x20044890, &(0x7f0000000080)={0x2, 0x4e23, @remote}, 0x10)
sendto$inet(r0, &(0x7f0000000040)='@', 0x1, 0x20044890, &(0x7f0000000080)={0x2, 0x4e23, @remote}, 0x10)

65.195595ms ago: executing program 8 (id=4267):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000040), &(0x7f0000000280)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x18, 0x7, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000e50003000000000085100000fcffffff250000001000000007000000faffffff95"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4c}, 0x94)

27.707118ms ago: executing program 2 (id=4258):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
bind$bt_hci(r0, &(0x7f0000000000)={0x27}, 0x62)
listen(r0, 0x3)
r1 = open(&(0x7f0000000000)='./file0\x00', 0x80140, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

27.574138ms ago: executing program 8 (id=4259):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4000, &(0x7f0000000a40)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@norecovery}, {@resuid}, {@quota}]}, 0x8, 0x445, &(0x7f0000001dc0)="$eJzs28tvG0UYAPBv105KX8RU5dEHECiIikfSpKX0wAEQSBxAQoJDOYYkrUrdBjVBolUFBaFyRJW4I45I/AWc4IKAExJX4IwqVSiXFk5Ga+82jmunSbDrEP9+0tYzu+POfJ4de3YnG8DAGs3+SSJ2RMRvETHSyC4vMNp4ubF4cfrvxYvTSdRqb/6V1MtdX7w4XRQt3re9yJQj0k+T2Nem3vnzF05PVauz5/L8+MKZ98bnz1945tSZqZOzJ2fPTh47duTwxHNHJ5/tSpxZXNf3fji3f8+rb195ffr4lXd++iYp4m+Jo0tG2+4tN14er9W6XF1/7WxKJ+U+NoQ1KeWn5FB9/I9EKZY6byRe+aSvjQN6qlar1e7rfPhSDdjEkuh3C4D+KH7os+vfYrtDU48N4dqLjQugLO4b+dY4Uo40LzPUcn3bTaMRcfzSP19mW7Teh9jao0oBgIH2XTb/ebrd/C+N5vtCd+drKJWIuCcidkXE0YjYHRH3RtTL3h8RD6yx/tZFklvnn+nVdQW2Stn87/l8bWv5/K+Y/UWllOd21uMfSk6cqs4eyj+TgzG0JctPrFDH9y//+nmnY83zv2zL6i/mgnk7rpa3LH/PzNTC1H+Judm1jyP2ltvFn9xcCUgiYk9EvLDOOk49+fX+Tsc6xD+8qv+4C+tMta8inmj0/6Voib+QrLw+OX5XVGcPjRdnxa1+/uXyG53qv33/91bW/9vanv9F/H9Ukub12vm113H59886XlOu9/wfTt5atu+DqYWFcxMRw8lr9Xylef9kS7nJpfJZ/AcPtB//u2Lpk9gXEdlJ/GBEPBQRD+dtfyQiHo2IAyvE/+NLj727/vh7K4t/ZsX+j5b+X0oMR+ue9onS6R++XVZpZS3xZ/1/pJ46mO9Zzfffatq1vrMZAAAA/n/SiNgRSTp2M52mY2ONv+HfHdvS6tz8wlMn5t4/O9N4RqASQ2lxp2uk6X7oRH5ZX+QnW/KH8/vGX5S21vNj03PVmX4HDwNue4fxn/mz1O/WAT3neS0YXMY/DC7jHwaX8Q+Dq8349+gZDIh2v/8f9aEdwJ3XMv5XXPYzMYDNxfU/DC7jHwaX8Q8DaX5r3P4h+c2RSCNiAzRjsyQi3RDNkOhRot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xbwAAAP//ynflmQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12)
write(r1, &(0x7f00000009c0)="3bf58d7d45d3", 0x6)
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7fffeffd)

9.809789ms ago: executing program 1 (id=4260):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000140)={[{@grpid}, {@user_xattr}]}, 0xff, 0x48f, &(0x7f0000000b80)="$eJzs3MtvVNUfAPDvvW15/Hi0P0QUBK2gkfhoaUFl4UKNJi40MdEFLmtbEBmooTUR0mgxBpeGxL1xaeJf4M6NURfGxK0mLg0J0caE4qrmvugwnZa2tB3pfD7JdM6Ze+6c8733nplz7+mdANpWb/YnidgeEb9GRHeRvbVAb/E0Mz05fGN6cjiJ2dk3/kzyctenJ4erotV628rM4TQi/SSJ55P59Y5fuHhmqFYbPV/m+yfOvtc/fuHiU6fPDp0aPTV6bvD48WNHB559ZvDpVYkzi+v6vg/H9u995a0rrw2fuPL2D19nzdpzoFheH8dt3WgSUBO92Vb7azbXuOzRZbT9brCjLp10trAhLEtHRGS7qyvv/93REXM7rzte/riljQPWVPbdtHnhxVOzwAaWRKtbALRG9UWfnf9Wj3UaevwnXHshYlOZnpmeHJ65GX9npOXrXWtYf29EnJj654vsEcu9DgEAsAL52ObJZuO/NPbkz8Vcx85yDqUnIv4fEbsi4p6I2B0R90bkZe+LiPuLlWe7l1h/b0N+/vgnvdq0zaskG/89Vzf2m6mLv3zq6ShzO/L4u5KTp2ujR8ptcji6Nmf5gUXq+PalXz5baFn9+C97ZPVXY8GyAVc7Gy7QjQxNDK3WRrh2KWJfZ7P4k5szAdkRsDci9i3vrXdWidOPf7V/oUK3j38RqzDPNPtlxGPF/p+KhvgryeLzk/1bojZ6pL86Kub78efLry9U/x3FvwquHXygSMzt/4YS3X8nxXxtV9Rqo+fHl1/H5d8+XfCcZqXH/6bkzXzO+qd3itc+GJqYOD8QsSl5Nc9X53T564Nz61b5qnx2/B8+1Lz/7yrXyeLPtlJ2EB+IiAcj4qGy7Q9HxMGIOLRI/N+/+Mi7i8SfRBKt2/+XIkaafv7dPP57kvr5+hUkOs58981CM+ZL2//HYir/rC3kn3+3sdQG3uHmAwAAgLtCGhHbI0n7inTv9kjTvr7if/h3x//S2tj4xBMnx94/N1LcI9ATXWl1pau77nroQDJVvmORHyyvFVfLj5bXjT/v2Jrn+4bHaiMtjh3a3bZb+39U/T/zR0erWwesOfdrQftq7P9pi9oBrL+lfP87F4CN6db+vyX7s7VVbQHWl/N/aF/N+v9HDXnjf9iY5vf/35v8ZB2wERn/Q/vS/6F96f/Qlu7kvv6VJ6qbBVb+PluWfId/uySqX7xYy7q2xtwrkbY85DZKZD1mfSud+w0VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAu9m/AQAA//+kuOWe")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
rseq(&(0x7f0000000400), 0x20, 0x0, 0x0)
write$binfmt_script(r0, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x28011, r0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x9)

0s ago: executing program 2 (id=4261):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x19, 0x4, 0x4, 0x20002, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x48)

kernel console output (not intermixed with test programs):

-0000-0000-0000-000000000000.
[   80.111709][ T8380] $H�: renamed from bond0
[   80.117661][ T8380] $H�: entered promiscuous mode
[   80.122815][ T8380] bond_slave_0: entered promiscuous mode
[   80.128553][ T8380] bond_slave_1: entered promiscuous mode
[   80.146963][ T8382] netlink: 'syz.6.2055': attribute type 5 has an invalid length.
[   80.158133][ T8382] batman_adv: batadv0: Adding interface: vxlan0
[   80.164410][ T8382] batman_adv: batadv0: The MTU of interface vxlan0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   80.189916][ T8382] batman_adv: batadv0: Interface activated: vxlan0
[   80.196617][ T4042] netdevsim netdevsim6 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[   80.205967][ T4042] netdevsim netdevsim6 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[   80.217362][ T8384] netlink: 36 bytes leftover after parsing attributes in process `syz.5.2056'.
[   80.226123][ T4042] netdevsim netdevsim6 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[   80.236768][ T4042] netdevsim netdevsim6 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[   80.259055][ T8390] IPv6: Can't replace route, no match found
[   80.346068][ T8404] loop6: detected capacity change from 0 to 512
[   80.356068][ T8404] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[   80.381121][ T8404] EXT4-fs (loop6): 1 truncate cleaned up
[   80.389210][ T8404] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   80.417506][ T4709] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.573203][ T8429] loop6: detected capacity change from 0 to 164
[   80.592298][ T8429] syz.6.2077: attempt to access beyond end of device
[   80.592298][ T8429] loop6: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   80.608285][ T8429] syz.6.2077: attempt to access beyond end of device
[   80.608285][ T8429] loop6: rw=0, sector=263328, nr_sectors = 4 limit=164
[   80.726453][ T8452] loop5: detected capacity change from 0 to 128
[   80.737052][ T8452] FAT-fs (loop5): error, invalid FAT chain (i_pos 548, last_block 8)
[   80.745966][ T8452] FAT-fs (loop5): Filesystem has been set read-only
[   80.753086][ T8452] FAT-fs (loop5): error, corrupted file size (i_pos 548, 522)
[   80.764094][ T8452] FAT-fs (loop5): error, corrupted file size (i_pos 548, 522)
[   80.830919][ T8456] loop4: detected capacity change from 0 to 8192
[   80.865790][ T4042] nci: nci_ntf_packet: unknown ntf opcode 0x102
[   81.131980][ T8491] batadv_slave_0: entered promiscuous mode
[   81.138737][ T8491] syz_tun: entered promiscuous mode
[   81.359564][ T8518] netlink: 'syz.0.2117': attribute type 10 has an invalid length.
[   81.370566][ T8518] team0: Port device dummy0 added
[   81.380264][ T8518] netlink: 'syz.0.2117': attribute type 10 has an invalid length.
[   81.390705][ T8518] team0: Port device dummy0 removed
[   81.397848][ T8518] bond0: (slave dummy0): Enslaving as an active interface with an up link
[   81.677355][ T8527] netlink: 96 bytes leftover after parsing attributes in process `syz.6.2121'.
[   81.752375][ T8541] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3)
[   81.758951][ T8541] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   81.766624][ T8541] vhci_hcd vhci_hcd.0: Device attached
[   81.782944][ T8541] loop4: detected capacity change from 0 to 512
[   81.830345][ T8541] EXT4-fs warning (device loop4): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   81.847010][ T8541] EXT4-fs (loop4): mount failed
[   81.857497][ T8542] vhci_hcd: connection closed
[   81.859471][ T4018] vhci_hcd: stop threads
[   81.868571][ T4018] vhci_hcd: release socket
[   81.873019][ T4018] vhci_hcd: disconnect device
[   81.889306][ T8561] netlink: 196 bytes leftover after parsing attributes in process `syz.6.2136'.
[   82.145462][ T8606] SELinux: failed to load policy
[   82.273697][ T8625] macvtap0: refused to change device tx_queue_len
[   82.347150][ T8635] loop5: detected capacity change from 0 to 2048
[   82.376966][ T8643] netlink: 'syz.4.2176': attribute type 1 has an invalid length.
[   82.400546][ T8635]  loop5: p1 < > p4
[   82.408704][ T8635] loop5: p4 size 8388608 extends beyond EOD, truncated
[   82.451894][ T8643] 8021q: adding VLAN 0 to HW filter on device bond1
[   82.548893][ T8653] lo speed is unknown, defaulting to 1000
[   82.565450][ T8655] lo speed is unknown, defaulting to 1000
[   82.588406][ T8659] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2182'.
[   82.647230][ T8663] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2183'.
[   82.656215][ T8663] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2183'.
[   83.020629][ T8703] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8703 comm=syz.1.2200
[   83.270084][ T8723] loop6: detected capacity change from 0 to 2048
[   83.351004][ T8723] Alternate GPT is invalid, using primary GPT.
[   83.357515][ T8723]  loop6: p1 p2 p3
[   83.566892][ T8726] netlink: 'syz.4.2209': attribute type 1 has an invalid length.
[   83.680902][ T8754] netlink: 'syz.5.2221': attribute type 2 has an invalid length.
[   83.781691][ T8771] loop4: detected capacity change from 0 to 164
[   83.804653][ T8774] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[   83.804837][ T8771] rock: directory entry would overflow storage
[   83.817995][ T8771] rock: sig=0x66, size=4, remaining=3
[   84.009447][   T29] kauditd_printk_skb: 203 callbacks suppressed
[   84.009462][   T29] audit: type=1326 audit(1756711593.768:2929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8801 comm="syz.6.2243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7306bebe9 code=0x7ffc0000
[   84.039322][   T29] audit: type=1326 audit(1756711593.778:2930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8801 comm="syz.6.2243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa7306bebe9 code=0x7ffc0000
[   84.062875][   T29] audit: type=1326 audit(1756711593.778:2931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8801 comm="syz.6.2243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7306bebe9 code=0x7ffc0000
[   84.086260][   T29] audit: type=1326 audit(1756711593.778:2932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8801 comm="syz.6.2243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7306bebe9 code=0x7ffc0000
[   84.109706][   T29] audit: type=1326 audit(1756711593.778:2933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8801 comm="syz.6.2243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa7306bebe9 code=0x7ffc0000
[   84.133464][   T29] audit: type=1326 audit(1756711593.778:2934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8801 comm="syz.6.2243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7306bebe9 code=0x7ffc0000
[   84.157030][   T29] audit: type=1326 audit(1756711593.778:2935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8801 comm="syz.6.2243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa7306bebe9 code=0x7ffc0000
[   84.180561][   T29] audit: type=1326 audit(1756711593.778:2936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8801 comm="syz.6.2243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7306bebe9 code=0x7ffc0000
[   84.204023][   T29] audit: type=1326 audit(1756711593.778:2937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8801 comm="syz.6.2243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa7306bebe9 code=0x7ffc0000
[   84.249905][   T29] audit: type=1326 audit(1756711593.848:2938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8801 comm="syz.6.2243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7306bebe9 code=0x7ffc0000
[   84.328812][ T8808] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   84.368622][ T8820] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2253'.
[   84.369204][ T8808] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   84.407593][ T8826] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2254'.
[   84.418044][ T8825] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2255'.
[   84.435435][ T8828] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2256'.
[   84.445072][ T8828] IPVS: Error joining to the multicast group
[   84.550357][ T8847] lo speed is unknown, defaulting to 1000
[   84.856105][ T8873] sch_tbf: burst 0 is lower than device lo mtu (14) !
[   84.972940][ T8883] Set syz1 is full, maxelem 65536 reached
[   85.054075][ T3397] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65380 sclass=netlink_route_socket pid=3397 comm=kworker/1:4
[   85.067182][ T8889] 9pnet: p9_errstr2errno: server reported unknown error 1844674
[   85.527789][ T8951] 9pnet_fd: Insufficient options for proto=fd
[   85.778175][ T8971] __nla_validate_parse: 1 callbacks suppressed
[   85.778268][ T8971] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2320'.
[   85.857758][ T8977] openvswitch: netlink: Message has 6 unknown bytes.
[   85.895505][ T8980] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[   85.895583][ T8979] IPVS: stopping master sync thread 8980 ...
[   86.213335][ T9008] loop4: detected capacity change from 0 to 1024
[   86.250188][ T9008] EXT4-fs: Ignoring removed nobh option
[   86.259668][ T9008] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   86.318272][ T9014] PID 9014 killed due to inadequate hugepage pool
[   86.319804][ T9008] EXT4-fs error (device loop4): ext4_ext_check_inode:523: inode #11: comm syz.4.2337: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[   86.346734][ T9008] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.2337: couldn't read orphan inode 11 (err -117)
[   86.361382][ T9008] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   86.423147][ T9035] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2347'.
[   86.471324][ T6187] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.538891][ T9045] loop4: detected capacity change from 0 to 512
[   86.576303][ T9045] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   86.611077][ T9045] ext4 filesystem being mounted at /192/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   86.687029][ T6187] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.774338][ T9065] loop4: detected capacity change from 0 to 164
[   86.810627][ T9069] block device autoloading is deprecated and will be removed.
[   86.844465][ T9077] netlink: 'syz.1.2368': attribute type 13 has an invalid length.
[   86.845032][ T9069] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   86.862327][ T9069] FAT-fs (loop1): unable to read boot sector
[   86.932138][ T9077] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   86.995049][ T9096] loop4: detected capacity change from 0 to 1024
[   87.004470][ T9096] EXT4-fs: Ignoring removed bh option
[   87.010421][ T9096] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   87.025151][ T9103] netlink: 'syz.6.2381': attribute type 13 has an invalid length.
[   87.028935][ T9101] lo speed is unknown, defaulting to 1000
[   87.033160][ T9103] netlink: 'syz.6.2381': attribute type 17 has an invalid length.
[   87.053445][ T9096] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   87.092579][ T9103] $H�: left promiscuous mode
[   87.097400][ T9103] bond_slave_0: left promiscuous mode
[   87.102882][ T9103] bond_slave_1: left promiscuous mode
[   87.109086][ T9103] 8021q: adding VLAN 0 to HW filter on device $H�
[   87.110909][ T6187] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.117878][ T9103] 8021q: adding VLAN 0 to HW filter on device team0
[   87.146067][ T9103] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   87.249161][ T9123] syz_tun: entered allmulticast mode
[   87.264925][ T9122] syz_tun: left allmulticast mode
[   87.358038][ T9140] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2404'.
[   87.367067][ T9140] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2404'.
[   87.408426][ T9146] loop6: detected capacity change from 0 to 512
[   87.478587][ T9159] sch_tbf: burst 6 is lower than device ip6gre0 mtu (1448) !
[   87.529108][ T9163] 9pnet: p9_errstr2errno: server reported unknown error �W~u��Z���z&4��
[   87.583417][ T9169] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2408'.
[   87.611834][ T9173] netlink: 'syz.5.2410': attribute type 3 has an invalid length.
[   87.627693][ T9173] netlink: 'syz.5.2410': attribute type 3 has an invalid length.
[   87.704786][ T9185] lo speed is unknown, defaulting to 1000
[   87.726014][ T9187] netlink: 'syz.0.2417': attribute type 13 has an invalid length.
[   87.851113][ T9187] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   87.866627][   T10] lo speed is unknown, defaulting to 1000
[   87.872551][   T10] syz0: Port: 1 Link ACTIVE
[   88.399522][ T9234] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   88.426341][ T9234] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   88.464768][ T9239] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[   88.501335][ T9242] netlink: 'syz.6.2441': attribute type 13 has an invalid length.
[   88.529108][ T9242] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   88.575095][ T9244] block device autoloading is deprecated and will be removed.
[   88.669300][ T9250] sch_tbf: burst 6 is lower than device ip6gre0 mtu (1448) !
[   88.677391][ T9248] Falling back ldisc for ttyS3.
[   88.714131][ T9252] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2446'.
[   88.727682][ T9252] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2446'.
[   88.785453][ T9258] loop6: detected capacity change from 0 to 1024
[   88.803298][ T9258] EXT4-fs: Ignoring removed nobh option
[   88.817266][ T9258] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   88.836764][ T9258] EXT4-fs error (device loop6): ext4_ext_check_inode:523: inode #11: comm syz.6.2448: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[   88.865011][ T9258] EXT4-fs error (device loop6): ext4_orphan_get:1397: comm syz.6.2448: couldn't read orphan inode 11 (err -117)
[   88.941930][ T9258] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   89.025257][ T4709] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.194533][ T9281] netlink: 'syz.6.2458': attribute type 21 has an invalid length.
[   89.230504][ T9281] netlink: 132 bytes leftover after parsing attributes in process `syz.6.2458'.
[   89.239877][ T9281] netlink: 'syz.6.2458': attribute type 1 has an invalid length.
[   89.298651][ T9291] netlink: 'syz.4.2464': attribute type 13 has an invalid length.
[   89.428379][ T9291] 8021q: adding VLAN 0 to HW filter on device bond0
[   89.444395][ T9291] 8021q: adding VLAN 0 to HW filter on device team0
[   89.456088][ T9291] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   89.581990][   T29] kauditd_printk_skb: 184 callbacks suppressed
[   89.582004][   T29] audit: type=1400 audit(1756711599.348:3123): avc:  denied  { mount } for  pid=9315 comm="syz.6.2477" name="/" dev="ramfs" ino=24873 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[   89.702500][   T29] audit: type=1326 audit(1756711599.438:3124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9321 comm="syz.6.2479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fa7306b5ba7 code=0x7ffc0000
[   89.725898][   T29] audit: type=1326 audit(1756711599.438:3125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9321 comm="syz.6.2479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fa73065adb9 code=0x7ffc0000
[   89.749311][   T29] audit: type=1326 audit(1756711599.438:3126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9321 comm="syz.6.2479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fa7306b5ba7 code=0x7ffc0000
[   89.772708][   T29] audit: type=1326 audit(1756711599.438:3127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9321 comm="syz.6.2479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fa73065adb9 code=0x7ffc0000
[   89.796704][   T29] audit: type=1326 audit(1756711599.438:3128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9321 comm="syz.6.2479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7306bebe9 code=0x7ffc0000
[   89.820147][   T29] audit: type=1326 audit(1756711599.438:3129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9321 comm="syz.6.2479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7306bebe9 code=0x7ffc0000
[   89.843549][   T29] audit: type=1326 audit(1756711599.438:3130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9321 comm="syz.6.2479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7fa7306bebe9 code=0x7ffc0000
[   89.866973][   T29] audit: type=1326 audit(1756711599.438:3131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9321 comm="syz.6.2479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7306bebe9 code=0x7ffc0000
[   89.890675][   T29] audit: type=1326 audit(1756711599.438:3132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9321 comm="syz.6.2479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=310 compat=0 ip=0x7fa7306bebe9 code=0x7ffc0000
[   89.970335][ T9337] loop4: detected capacity change from 0 to 164
[   90.028501][ T9337] rock: directory entry would overflow storage
[   90.034840][ T9337] rock: sig=0x66, size=4, remaining=3
[   90.077760][ T9337] rock: directory entry would overflow storage
[   90.084088][ T9337] rock: sig=0x66, size=4, remaining=3
[   90.108562][ T9353] lo speed is unknown, defaulting to 1000
[   90.243758][ T9365] SELinux: failed to load policy
[   90.293923][ T9364] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   90.384254][ T9373] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2504'.
[   90.413904][ T9377] loop0: detected capacity change from 0 to 1024
[   90.459418][ T9377] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   90.740310][ T9393] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.801996][ T9434] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2531'.
[   91.085095][ T9448] lo speed is unknown, defaulting to 1000
[   91.251730][ T9484] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[   91.336712][ T9491] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[   91.356084][ T9488] lo speed is unknown, defaulting to 1000
[   91.378656][ T9448] chnl_net:caif_netlink_parms(): no params data found
[   91.525426][ T9448] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.532639][ T9448] bridge0: port 1(bridge_slave_0) entered disabled state
[   91.541109][ T9448] bridge_slave_0: entered allmulticast mode
[   91.563855][ T9448] bridge_slave_0: entered promiscuous mode
[   91.622401][ T9448] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.629631][ T9448] bridge0: port 2(bridge_slave_1) entered disabled state
[   91.649874][ T9448] bridge_slave_1: entered allmulticast mode
[   91.671614][ T9448] bridge_slave_1: entered promiscuous mode
[   91.768037][ T9448] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   91.803423][ T9448] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   91.857978][ T9448] team0: Port device team_slave_0 added
[   91.872894][ T9448] team0: Port device team_slave_1 added
[   91.890577][ T9524] loop4: detected capacity change from 0 to 128
[   91.925138][ T9448] batman_adv: batadv0: Adding interface: batadv_slave_0
[   91.932129][ T9448] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   91.958040][ T9448] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   91.974568][ T9448] batman_adv: batadv0: Adding interface: batadv_slave_1
[   91.981549][ T9448] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.007459][ T9448] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   92.018364][ T9529] sg_write: data in/out 63015/8 bytes for SCSI command 0x7f-- guessing data in;
[   92.018364][ T9529]    program syz.6.2567 not setting count and/or reply_len properly
[   92.082416][ T9448] hsr_slave_0: entered promiscuous mode
[   92.102934][ T9448] hsr_slave_1: entered promiscuous mode
[   92.111438][ T9448] debugfs: 'hsr0' already exists in 'hsr'
[   92.117340][ T9448] Cannot create hsr debugfs directory
[   92.247687][ T9448] netdevsim netdevsim7 netdevsim0: renamed from eth0
[   92.258696][ T9448] netdevsim netdevsim7 netdevsim1: renamed from eth1
[   92.270863][ T9448] netdevsim netdevsim7 netdevsim2: renamed from eth2
[   92.287931][ T9448] netdevsim netdevsim7 netdevsim3: renamed from eth3
[   92.359588][ T9448] 8021q: adding VLAN 0 to HW filter on device bond0
[   92.365477][ T9590] sctp: [Deprecated]: syz.4.2595 (pid 9590) Use of struct sctp_assoc_value in delayed_ack socket option.
[   92.365477][ T9590] Use struct sctp_sack_info instead
[   92.371638][ T9448] 8021q: adding VLAN 0 to HW filter on device team0
[   92.400949][ T4052] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.408113][ T4052] bridge0: port 1(bridge_slave_0) entered forwarding state
[   92.417162][ T4052] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.424301][ T4052] bridge0: port 2(bridge_slave_1) entered forwarding state
[   92.481863][ T9596] validate_nla: 2 callbacks suppressed
[   92.481880][ T9596] netlink: 'syz.5.2596': attribute type 13 has an invalid length.
[   92.495287][ T9596] netlink: 'syz.5.2596': attribute type 17 has an invalid length.
[   92.549347][ T9596] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   92.571566][ T9448] 8021q: adding VLAN 0 to HW filter on device batadv0
[   92.667790][ T9448] veth0_vlan: entered promiscuous mode
[   92.688846][ T9448] veth1_vlan: entered promiscuous mode
[   92.690939][ T9622] loop5: detected capacity change from 0 to 128
[   92.705193][ T9622] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   92.715126][ T9448] veth0_macvtap: entered promiscuous mode
[   92.724959][ T9448] veth1_macvtap: entered promiscuous mode
[   92.731382][ T9622] ext4 filesystem being mounted at /273/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   92.736683][ T9448] batman_adv: batadv0: Interface activated: batadv_slave_0
[   92.760788][ T9448] batman_adv: batadv0: Interface activated: batadv_slave_1
[   92.770908][ T9016] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   92.789672][ T9016] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   92.805986][ T9016] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   92.830293][ T9016] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   92.856839][ T6124] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   92.949046][ T9652] loop5: detected capacity change from 0 to 256
[   92.993614][ T9650] loop6: detected capacity change from 0 to 4096
[   93.006322][ T9659] loop7: detected capacity change from 0 to 512
[   93.019026][ T9652] FAT-fs (loop5): error, corrupted file size (i_pos 196, 2097152)
[   93.026988][ T9652] FAT-fs (loop5): Filesystem has been set read-only
[   93.036286][ T9650] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   93.049190][ T9659] EXT4-fs (loop7): Cannot turn on journaled quota: type 0: error -2
[   93.058494][ T9652] FAT-fs (loop5): error, corrupted file size (i_pos 196, 2097152)
[   93.070970][ T9659] EXT4-fs (loop7): Cannot turn on journaled quota: type 1: error -2
[   93.091972][ T9659] EXT4-fs (loop7): 1 truncate cleaned up
[   93.096124][ T9652] FAT-fs (loop5): error, corrupted file size (i_pos 196, 2097152)
[   93.099843][ T9659] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   93.105733][ T9652] FAT-fs (loop5): error, corrupted file size (i_pos 196, 2097152)
[   93.208802][ T9448] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   93.218678][ T4052] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   93.239000][ T9670] loop4: detected capacity change from 0 to 2048
[   93.247633][ T4709] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   93.264452][ T9670] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   93.302597][ T6187] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[   93.303696][ T4052] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   93.349858][ T6187] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6657: Corrupt filesystem
[   93.394358][ T6187] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   93.412748][ T4052] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   93.445408][ T9696] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2632'.
[   93.454497][ T9696] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2632'.
[   93.472744][ T4052] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   93.493913][ T9700] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2633'.
[   93.672345][ T4052] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   93.687021][ T4052] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   93.701477][ T4052] bond0 (unregistering): (slave dummy0): Releasing backup interface
[   93.712043][ T4052] bond0 (unregistering): Released all slaves
[   93.775021][ T4052] hsr_slave_0: left promiscuous mode
[   93.781362][ T4052] hsr_slave_1: left promiscuous mode
[   93.787062][ T4052] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   93.794544][ T4052] batman_adv: batadv0: Removing interface: batadv_slave_0
[   93.806186][ T4052] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   93.813703][ T4052] batman_adv: batadv0: Removing interface: batadv_slave_1
[   93.823749][ T4052] veth1_macvtap: left promiscuous mode
[   93.829270][ T4052] veth0_macvtap: left promiscuous mode
[   93.838316][ T4052] veth1_vlan: left promiscuous mode
[   93.852938][ T4052] veth0_vlan: left promiscuous mode
[   93.920667][ T4052] team0 (unregistering): Port device team_slave_1 removed
[   93.929975][ T4052] team0 (unregistering): Port device team_slave_0 removed
[   93.959056][ T1038] lo speed is unknown, defaulting to 1000
[   93.965033][ T1038] infiniband syz0: ib_query_port failed (-19)
[   94.282267][ T4052] IPVS: stop unused estimator thread 0...
[   94.291879][ T9775] netlink: 60 bytes leftover after parsing attributes in process `syz.6.2667'.
[   94.468585][ T9798] netlink: 'syz.1.2675': attribute type 10 has an invalid length.
[   94.476575][ T9798] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2675'.
[   94.502505][ T9798] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[   94.529847][ T9802] wireguard0: entered promiscuous mode
[   94.535447][ T9802] wireguard0: entered allmulticast mode
[   94.596962][ T9823] netlink: 56 bytes leftover after parsing attributes in process `syz.4.2685'.
[   94.683387][ T9836] loop5: detected capacity change from 0 to 2048
[   94.690745][ T9840] netlink: 32 bytes leftover after parsing attributes in process `syz.7.2692'.
[   94.701312][ T9836] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   94.747279][ T6124] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[   94.769434][ T6124] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6657: Corrupt filesystem
[   94.783334][ T6124] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   94.803259][ T9854] loop5: detected capacity change from 0 to 512
[   94.810547][ T9854] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   94.824910][ T9854] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   94.837849][ T9854] ext4 filesystem being mounted at /285/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   94.842168][   T29] kauditd_printk_skb: 175 callbacks suppressed
[   94.842183][   T29] audit: type=1326 audit(1756711604.608:3308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9857 comm="syz.4.2700" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fb801ebe9 code=0x7ffc0000
[   94.878906][   T29] audit: type=1326 audit(1756711604.648:3309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9857 comm="syz.4.2700" exe="/root/syz-executor" sig=0 arch=c000003e syscall=103 compat=0 ip=0x7f1fb801ebe9 code=0x7ffc0000
[   94.907467][ T9854] EXT4-fs error (device loop5): ext4_xattr_block_get:593: inode #15: comm syz.5.2698: corrupted xattr block 19: overlapping e_value 
[   94.923613][ T9854] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop5 ino=15
[   94.933828][ T9854] EXT4-fs error (device loop5): ext4_xattr_block_get:593: inode #15: comm syz.5.2698: corrupted xattr block 19: overlapping e_value 
[   94.947789][ T9854] EXT4-fs error (device loop5): ext4_xattr_block_get:593: inode #15: comm syz.5.2698: corrupted xattr block 19: overlapping e_value 
[   94.962564][ T9854] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop5 ino=15
[   94.971837][   T29] audit: type=1400 audit(1756711604.738:3310): avc:  denied  { setattr } for  pid=9853 comm="syz.5.2698" name="file1" dev="loop5" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   95.009662][   T29] audit: type=1326 audit(1756711604.738:3311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9857 comm="syz.4.2700" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fb801ebe9 code=0x7ffc0000
[   95.033323][   T29] audit: type=1326 audit(1756711604.738:3312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9857 comm="syz.4.2700" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fb801ebe9 code=0x7ffc0000
[   95.059501][ T6124] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   95.069457][   T29] audit: type=1326 audit(1756711604.798:3313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9860 comm="syz.1.2702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc13975ebe9 code=0x7ffc0000
[   95.093040][   T29] audit: type=1326 audit(1756711604.798:3314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9860 comm="syz.1.2702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc13975ebe9 code=0x7ffc0000
[   95.116884][   T29] audit: type=1326 audit(1756711604.798:3315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9860 comm="syz.1.2702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc13975ebe9 code=0x7ffc0000
[   95.140310][   T29] audit: type=1326 audit(1756711604.798:3316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9860 comm="syz.1.2702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc13975ebe9 code=0x7ffc0000
[   95.163968][   T29] audit: type=1326 audit(1756711604.798:3317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9860 comm="syz.1.2702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc13975ebe9 code=0x7ffc0000
[   95.272220][ T9875] vhci_hcd: invalid port number 96
[   95.277434][ T9875] vhci_hcd: default hub control req: 0300 vfffa i0060 l0
[   95.277537][ T9879] loop4: detected capacity change from 0 to 1024
[   95.330352][ T9879] EXT4-fs: Ignoring removed nomblk_io_submit option
[   95.355951][ T9879] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   95.380710][ T9897] loop5: detected capacity change from 0 to 1024
[   95.389646][ T9894] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   95.403546][ T9897] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   95.433925][ T6187] EXT4-fs error (device loop4): ext4_iget_extra_inode:5104: inode #15: comm syz-executor: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[   95.452956][ T6187] EXT4-fs error (device loop4): ext4_iget_extra_inode:5104: inode #15: comm syz-executor: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[   95.561652][ T9901] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   95.689907][ T1038] hid_parser_main: 54 callbacks suppressed
[   95.689985][ T1038] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   95.703232][ T1038] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   95.710751][ T1038] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   95.718493][ T1038] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   95.725919][ T1038] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   95.733362][ T1038] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   95.740768][ T1038] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   95.748162][ T1038] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   95.755694][ T1038] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   95.763111][ T1038] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   95.781123][ T6124] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   95.799332][ T1038] hid-generic 0000:0000:0000.0008: hidraw0: <UNKNOWN> HID v8.00 Device [syz0] on syz0
[   95.827383][ T9938] netlink: 60 bytes leftover after parsing attributes in process `syz.6.2732'.
[   95.836612][ T9938] netlink: 60 bytes leftover after parsing attributes in process `syz.6.2732'.
[   95.872743][ T9938] netlink: 60 bytes leftover after parsing attributes in process `syz.6.2732'.
[   95.881945][ T9938] netlink: 60 bytes leftover after parsing attributes in process `syz.6.2732'.
[   95.931937][ T9938] netlink: 60 bytes leftover after parsing attributes in process `syz.6.2732'.
[   95.940956][ T9938] netlink: 60 bytes leftover after parsing attributes in process `syz.6.2732'.
[   96.006456][ T9921] chnl_net:caif_netlink_parms(): no params data found
[   96.026349][ T9960] netlink: 56 bytes leftover after parsing attributes in process `syz.1.2743'.
[   96.038713][ T9965] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2746'.
[   96.047696][ T9965] netlink: 348 bytes leftover after parsing attributes in process `syz.5.2746'.
[   96.056855][ T9965] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2746'.
[   96.110281][ T9921] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.117621][ T9921] bridge0: port 1(bridge_slave_0) entered disabled state
[   96.130151][ T9921] bridge_slave_0: entered allmulticast mode
[   96.139212][ T9921] bridge_slave_0: entered promiscuous mode
[   96.162432][ T9921] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.169592][ T9921] bridge0: port 2(bridge_slave_1) entered disabled state
[   96.176929][ T9921] bridge_slave_1: entered allmulticast mode
[   96.183643][ T9921] bridge_slave_1: entered promiscuous mode
[   96.210456][ T9921] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   96.222144][ T9921] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   96.276641][ T9921] team0: Port device team_slave_0 added
[   96.294853][ T9921] team0: Port device team_slave_1 added
[   96.323590][T10000] netlink: 'syz.1.2762': attribute type 10 has an invalid length.
[   96.342878][T10000] bond0: (slave dummy0): Enslaving as an active interface with an up link
[   96.353160][ T9921] batman_adv: batadv0: Adding interface: batadv_slave_0
[   96.360194][ T9921] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   96.386184][ T9921] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   96.398971][ T9921] batman_adv: batadv0: Adding interface: batadv_slave_1
[   96.405956][ T9921] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   96.431961][ T9921] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   96.458827][ T9921] hsr_slave_0: entered promiscuous mode
[   96.468170][ T9921] hsr_slave_1: entered promiscuous mode
[   96.477790][ T9921] debugfs: 'hsr0' already exists in 'hsr'
[   96.483581][ T9921] Cannot create hsr debugfs directory
[   96.493892][T10003] bridge0: entered promiscuous mode
[   96.501883][T10003] bridge0: port 3(macsec1) entered blocking state
[   96.508392][T10003] bridge0: port 3(macsec1) entered disabled state
[   96.515034][T10003] macsec1: entered allmulticast mode
[   96.520433][T10003] bridge0: entered allmulticast mode
[   96.526246][T10003] macsec1: left allmulticast mode
[   96.531415][T10003] bridge0: left allmulticast mode
[   96.536838][T10003] bridge0: left promiscuous mode
[   96.548882][T10009] ipvlan2: entered promiscuous mode
[   96.555550][T10009] bridge0: port 3(ipvlan2) entered blocking state
[   96.562088][T10009] bridge0: port 3(ipvlan2) entered disabled state
[   96.568782][T10009] ipvlan2: entered allmulticast mode
[   96.574109][T10009] bridge0: entered allmulticast mode
[   96.579965][T10009] ipvlan2: left allmulticast mode
[   96.584991][T10009] bridge0: left allmulticast mode
[   96.684800][ T9921] netdevsim netdevsim8 netdevsim0: renamed from eth0
[   96.690387][T10029] loop5: detected capacity change from 0 to 128
[   96.700238][T10029] vfat: Bad value for 'gid'
[   96.704764][T10029] vfat: Bad value for 'gid'
[   96.714328][ T9921] netdevsim netdevsim8 netdevsim1: renamed from eth1
[   96.725294][ T9921] netdevsim netdevsim8 netdevsim2: renamed from eth2
[   96.741870][ T9921] netdevsim netdevsim8 netdevsim3: renamed from eth3
[   96.771654][ T9921] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.778760][ T9921] bridge0: port 2(bridge_slave_1) entered forwarding state
[   96.786063][ T9921] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.793091][ T9921] bridge0: port 1(bridge_slave_0) entered forwarding state
[   96.820037][ T9921] 8021q: adding VLAN 0 to HW filter on device bond0
[   96.832470][ T9921] 8021q: adding VLAN 0 to HW filter on device team0
[   96.846640][ T4019] bridge0: port 1(bridge_slave_0) entered disabled state
[   96.864841][ T4019] bridge0: port 2(bridge_slave_1) entered disabled state
[   96.893722][ T4019] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.900974][ T4019] bridge0: port 1(bridge_slave_0) entered forwarding state
[   96.921575][ T4019] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.928643][ T4019] bridge0: port 2(bridge_slave_1) entered forwarding state
[   97.020832][T10065] ------------[ cut here ]------------
[   97.026322][T10065] verifier bug: REG INVARIANTS VIOLATION (true_reg2): range bounds violation u64=[0x0, 0x7800000000] s64=[0x0, 0xffffffffffffffff] u32=[0x80000000, 0x0] s32=[0x0, 0xffffffff] var_off=(0x0, 0x7800000000)(1)
[   97.028322][T10061] loop5: detected capacity change from 0 to 512
[   97.046711][T10065] WARNING: CPU: 0 PID: 10065 at kernel/bpf/verifier.c:2728 reg_bounds_sanity_check+0x673/0x680
[   97.063113][T10065] Modules linked in:
[   97.067027][T10065] CPU: 0 UID: 0 PID: 10065 Comm: syz.7.2788 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   97.076930][T10065] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   97.084947][ T9921] 8021q: adding VLAN 0 to HW filter on device batadv0
[   97.087040][T10065] RIP: 0010:reg_bounds_sanity_check+0x673/0x680
[   97.100037][T10065] Code: 7c 24 18 41 ff 74 24 20 55 41 56 4d 89 ee 53 48 8b 5c 24 30 ff 74 24 40 ff 74 24 50 ff 74 24 30 e8 42 80 ba ff 48 83 c4 38 90 <0f> 0b 90 90 e9 02 fb ff ff 0f 1f 40 00 90 90 90 90 90 90 90 90 90
[   97.119858][T10065] RSP: 0018:ffffc90001b8f440 EFLAGS: 00010292
[   97.126362][T10065] RAX: 75bf30b51ede5100 RBX: ffff8881122fa840 RCX: 0000000000080000
[   97.134419][T10065] RDX: ffffc90006fd8000 RSI: 000000000001cd77 RDI: 000000000001cd78
[   97.141582][T10061] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.2787: bg 0: block 248: padding at end of block bitmap is not set
[   97.142466][T10065] RBP: 0000000000000000 R08: 0001ffff86a20b9f R09: 0000000000000000
[   97.164811][T10065] R10: ffffffff88e66960 R11: ffffffff822024c0 R12: ffff8881122fa800
[   97.166412][T10061] EXT4-fs error (device loop5): ext4_acquire_dquot:6937: comm syz.5.2787: Failed to acquire dquot type 1
[   97.172824][T10065] R13: ffff888128fc8000 R14: ffff888128fc8000 R15: ffff8881122fa838
[   97.172841][T10065] FS:  00007f7a36eaf6c0(0000) GS:ffff8882aee43000(0000) knlGS:0000000000000000
[   97.172857][T10065] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   97.172870][T10065] CR2: 00002000000054c0 CR3: 0000000120702000 CR4: 00000000003506f0
[   97.172886][T10065] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   97.172939][T10065] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[   97.215391][T10061] EXT4-fs (loop5): 1 truncate cleaned up
[   97.215674][T10065] Call Trace:
[   97.228482][T10061] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   97.231623][T10065]  <TASK>
[   97.231636][T10065]  reg_set_min_max+0x1eb/0x260
[   97.242814][T10061] ext4 filesystem being mounted at /310/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   97.252967][T10065]  check_cond_jmp_op+0x1080/0x16e0
[   97.276201][T10065]  do_check+0x332a/0x7a10
[   97.280653][T10065]  do_check_common+0xc3a/0x12a0
[   97.285521][T10065]  bpf_check+0x942b/0xd9e0
[   97.290063][T10065]  ? __rcu_read_unlock+0x4f/0x70
[   97.295068][T10065]  ? __alloc_frozen_pages_noprof+0x188/0x360
[   97.301111][T10065]  ? alloc_pages_bulk_noprof+0x4b8/0x540
[   97.306893][T10065]  ? __vmap_pages_range_noflush+0xbb3/0xbd0
[   97.312888][T10065]  ? pcpu_block_refresh_hint+0x10b/0x170
[   97.315039][ T9921] veth0_vlan: entered promiscuous mode
[   97.318526][T10065]  ? pcpu_block_update_hint_alloc+0x63d/0x660
[   97.328247][ T9921] veth1_vlan: entered promiscuous mode
[   97.330121][T10065]  ? pcpu_block_update_hint_alloc+0x63d/0x660
[   97.341712][T10065]  ? css_rstat_updated+0xb7/0x240
[   97.346751][T10065]  ? __rcu_read_unlock+0x4f/0x70
[   97.349274][ T9921] veth0_macvtap: entered promiscuous mode
[   97.351705][T10065]  ? pcpu_memcg_post_alloc_hook+0xf1/0x150
[   97.361023][ T9921] veth1_macvtap: entered promiscuous mode
[   97.363221][T10065]  ? should_fail_ex+0x30/0x280
[   97.373661][T10065]  ? selinux_bpf_prog_load+0x36/0xf0
[   97.374701][ T9921] batman_adv: batadv0: Interface activated: batadv_slave_0
[   97.378956][T10065]  ? should_failslab+0x8c/0xb0
[   97.390937][T10065]  ? __kmalloc_cache_noprof+0x189/0x320
[   97.391941][ T9921] batman_adv: batadv0: Interface activated: batadv_slave_1
[   97.396496][T10065]  ? selinux_bpf_prog_load+0xbf/0xf0
[   97.408988][T10065]  ? security_bpf_prog_load+0x2c/0xa0
[   97.409291][ T9016] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   97.414384][T10065]  bpf_prog_load+0xedd/0x1070
[   97.424916][ T9016] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   97.427874][T10065]  ? security_bpf+0x2b/0x90
[   97.439544][ T9016] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   97.441073][T10065]  __sys_bpf+0x462/0x7b0
[   97.452939][ T9016] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   97.454030][T10065]  __x64_sys_bpf+0x41/0x50
[   97.467146][T10065]  x64_sys_call+0x2aea/0x2ff0
[   97.471833][T10065]  do_syscall_64+0xd2/0x200
[   97.476365][T10065]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   97.482568][T10065]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   97.488389][T10065]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.494370][T10065] RIP: 0033:0x7f7a3844ebe9
[   97.498839][T10065] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   97.518479][T10065] RSP: 002b:00007f7a36eaf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   97.526906][T10065] RAX: ffffffffffffffda RBX: 00007f7a38685fa0 RCX: 00007f7a3844ebe9
[   97.535060][T10065] RDX: 0000000000000048 RSI: 00002000000054c0 RDI: 0000000000000005
[   97.543024][T10065] RBP: 00007f7a384d1e19 R08: 0000000000000000 R09: 0000000000000000
[   97.550997][T10065] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   97.558964][T10065] R13: 00007f7a38686038 R14: 00007f7a38685fa0 R15: 00007ffc52d6b888
[   97.567048][T10065]  </TASK>
[   97.570101][T10065] ---[ end trace 0000000000000000 ]---
[   97.588085][ T6124] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.655125][T10090] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=10090 comm=syz.1.2792
[   97.667806][T10090] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=10090 comm=syz.1.2792
[   97.727253][T10096] netlink: 'syz.7.2793': attribute type 10 has an invalid length.
[   97.740911][T10096] bond0: (slave dummy0): Enslaving as an active interface with an up link
[   98.051274][T10131] 9pnet_fd: Insufficient options for proto=fd
[   98.123156][T10134] serio: Serial port ptm0
[   98.224487][T10163] netlink: 'syz.8.2820': attribute type 10 has an invalid length.
[   98.236514][T10163] bond0: (slave dummy0): Enslaving as an active interface with an up link
[   98.697498][T10251] loop8: detected capacity change from 0 to 512
[   98.722804][T10251] EXT4-fs error (device loop8): ext4_validate_block_bitmap:441: comm syz.8.2862: bg 0: block 248: padding at end of block bitmap is not set
[   98.768400][T10251] EXT4-fs error (device loop8): ext4_acquire_dquot:6937: comm syz.8.2862: Failed to acquire dquot type 1
[   98.796886][T10251] EXT4-fs (loop8): 1 truncate cleaned up
[   98.809973][T10251] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   98.829642][T10251] ext4 filesystem being mounted at /16/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   98.862790][T10251] syz.8.2862 (10251) used greatest stack depth: 9200 bytes left
[   98.871931][ T9921] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.892925][T10269] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[   99.024692][T10279] loop6: detected capacity change from 0 to 2048
[   99.060029][T10279]  loop6: p1 < > p4
[   99.073177][T10279] loop6: p4 size 8388608 extends beyond EOD, truncated
[   99.341953][T10317] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[   99.352859][T10313] IPVS: stopping master sync thread 10317 ...
[   99.393637][T10324] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub
[   99.495549][T10336] loop6: detected capacity change from 0 to 1024
[   99.598608][T10336] EXT4-fs: Ignoring removed nobh option
[   99.632046][T10336] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   99.683657][ T4709] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.872159][T10374] macvtap0: refused to change device tx_queue_len
[   99.898229][   T29] kauditd_printk_skb: 236 callbacks suppressed
[   99.898245][   T29] audit: type=1400 audit(1756711609.658:3550): avc:  denied  { mount } for  pid=10375 comm="syz.5.2915" name="/" dev="configfs" ino=2085 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[   99.932322][T10378] syzkaller1: entered promiscuous mode
[   99.937962][T10378] syzkaller1: entered allmulticast mode
[   99.954994][   T29] audit: type=1400 audit(1756711609.698:3551): avc:  denied  { ioctl } for  pid=10377 comm="syz.6.2916" path="socket:[29773]" dev="sockfs" ino=29773 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   99.980015][   T29] audit: type=1400 audit(1756711609.708:3552): avc:  denied  { search } for  pid=10375 comm="syz.5.2915" name="/" dev="configfs" ino=2085 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  100.002310][   T29] audit: type=1400 audit(1756711609.708:3553): avc:  denied  { search } for  pid=10375 comm="syz.5.2915" name="/" dev="configfs" ino=2085 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  100.024585][   T29] audit: type=1400 audit(1756711609.708:3554): avc:  denied  { read open } for  pid=10375 comm="syz.5.2915" path="/" dev="configfs" ino=2085 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  100.141664][   T29] audit: type=1400 audit(1756711609.908:3555): avc:  denied  { create } for  pid=10385 comm="syz.1.2920" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  100.165080][T10390] loop6: detected capacity change from 0 to 128
[  100.187227][   T29] audit: type=1400 audit(1756711609.908:3556): avc:  denied  { connect } for  pid=10385 comm="syz.1.2920" lport=60 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  100.207797][   T29] audit: type=1400 audit(1756711609.908:3557): avc:  denied  { write } for  pid=10385 comm="syz.1.2920" path="socket:[29801]" dev="sockfs" ino=29801 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  100.234535][   T29] audit: type=1400 audit(1756711609.948:3558): avc:  denied  { mount } for  pid=10387 comm="syz.6.2921" name="/" dev="loop6" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[  100.256561][   T29] audit: type=1400 audit(1756711609.998:3559): avc:  denied  { getopt } for  pid=10392 comm="syz.5.2923" lport=13 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  100.388496][T10404] bridge0: entered promiscuous mode
[  100.398753][T10404] bridge0: port 3(macsec1) entered blocking state
[  100.405228][T10404] bridge0: port 3(macsec1) entered disabled state
[  100.413306][T10404] macsec1: entered allmulticast mode
[  100.418634][T10404] bridge0: entered allmulticast mode
[  100.441051][T10404] macsec1: left allmulticast mode
[  100.446155][T10404] bridge0: left allmulticast mode
[  100.452867][T10404] bridge0: left promiscuous mode
[  100.558755][T10423] atomic_op ffff888100287d28 conn xmit_atomic 0000000000000000
[  100.622070][T10429] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  100.622070][T10429]    program syz.8.2940 not setting count and/or reply_len properly
[  100.725964][T10441] bridge0: port 1(macsec1) entered blocking state
[  100.732487][T10441] bridge0: port 1(macsec1) entered disabled state
[  100.742223][T10441] macsec1: entered allmulticast mode
[  100.747533][T10441] bridge0: entered allmulticast mode
[  100.754566][T10441] macsec1: left allmulticast mode
[  100.759745][T10441] bridge0: left allmulticast mode
[  100.766594][T10445] netlink: 'syz.5.2948': attribute type 10 has an invalid length.
[  100.777124][T10445] dummy0: entered promiscuous mode
[  100.782884][T10445] bridge0: port 3(dummy0) entered blocking state
[  100.789277][T10445] bridge0: port 3(dummy0) entered disabled state
[  100.796010][T10445] dummy0: entered allmulticast mode
[  100.802157][T10445] bridge0: port 3(dummy0) entered blocking state
[  100.808506][T10445] bridge0: port 3(dummy0) entered forwarding state
[  100.834816][T10447] __nla_validate_parse: 8 callbacks suppressed
[  100.834829][T10447] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2949'.
[  100.849971][T10447] netlink: 36 bytes leftover after parsing attributes in process `syz.5.2949'.
[  100.863235][T10447] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2949'.
[  100.872302][T10447] netlink: 36 bytes leftover after parsing attributes in process `syz.5.2949'.
[  100.897801][T10453] netlink: 'syz.5.2952': attribute type 1 has an invalid length.
[  100.935735][T10457] can: request_module (can-proto-0) failed.
[  101.130789][T10476] netlink: 9286 bytes leftover after parsing attributes in process `syz.8.2962'.
[  101.265409][T10498] loop9: detected capacity change from 0 to 7
[  101.272087][T10498] Buffer I/O error on dev loop9, logical block 0, async page read
[  101.280182][T10498] Buffer I/O error on dev loop9, logical block 0, async page read
[  101.287997][T10498]  loop9: unable to read partition table
[  101.293875][T10498] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  101.293875][T10498] 
) failed (rc=-5)
[  101.338833][T10506] loop8: detected capacity change from 0 to 2048
[  101.388106][T10506]  loop8: p2 p3 p7
[  101.417910][ T1038] Process accounting resumed
[  101.634342][T10538] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2992'.
[  101.665976][T10543] netlink: 'syz.8.2994': attribute type 10 has an invalid length.
[  101.674061][T10543] ipvlan0: entered allmulticast mode
[  101.679444][T10543] veth0_vlan: entered allmulticast mode
[  101.686567][T10543] team0: Device ipvlan0 failed to register rx_handler
[  101.755685][T10557] sch_tbf: burst 0 is lower than device lo mtu (14) !
[  101.775056][T10559] sctp: [Deprecated]: syz.6.3002 (pid 10559) Use of struct sctp_assoc_value in delayed_ack socket option.
[  101.775056][T10559] Use struct sctp_sack_info instead
[  101.846914][T10569] SELinux:  Context � is not valid (left unmapped).
[  101.985722][T10581] can-isotp: isotp_sendmsg: can_send_ret -ENETDOWN
[  102.113419][T10591] loop6: detected capacity change from 0 to 1024
[  102.122684][T10591] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  102.158057][T10594] netlink: 96 bytes leftover after parsing attributes in process `syz.7.3019'.
[  102.218057][T10589] loop5: detected capacity change from 0 to 32768
[  102.231323][T10597] netlink: 'syz.7.3020': attribute type 10 has an invalid length.
[  102.241683][T10597] team0: Device hsr_slave_0 failed to register rx_handler
[  102.259969][T10589]  loop5: p1 p2 p3 < >
[  102.264202][T10589] loop5: p1 size 242222080 extends beyond EOD, truncated
[  102.271677][T10599] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3021'.
[  102.273564][T10589] loop5: p2 start 4294967295 is beyond EOD, truncated
[  102.280897][T10599] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3021'.
[  102.402087][ T4709] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.449003][T10618] netlink: 'syz.5.3030': attribute type 13 has an invalid length.
[  102.456906][T10618] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3030'.
[  102.467779][T10618] netlink: 'syz.5.3030': attribute type 13 has an invalid length.
[  102.483667][T10622] loop6: detected capacity change from 0 to 128
[  102.514733][T10622] FAT-fs (loop6): error, invalid FAT chain (i_pos 548, last_block 8)
[  102.525384][T10622] FAT-fs (loop6): Filesystem has been set read-only
[  102.533974][T10622] FAT-fs (loop6): error, corrupted file size (i_pos 548, 522)
[  102.544610][T10622] FAT-fs (loop6): error, corrupted file size (i_pos 548, 522)
[  102.692158][T10662] netlink: 'syz.6.3052': attribute type 3 has an invalid length.
[  102.887633][T10692] loop8: detected capacity change from 0 to 8192
[  102.896228][T10704] loop2: detected capacity change from 0 to 7
[  102.956819][T10692]  loop8: p1 p2 p4
[  102.965356][T10692] loop8: p1 size 65536 extends beyond EOD, truncated
[  102.979930][T10692] loop8: p2 start 861536256 is beyond EOD, truncated
[  102.986757][T10692] loop8: p4 size 65536 extends beyond EOD, truncated
[  103.078192][ T4018] netdevsim netdevsim6 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  103.151391][ T4018] netdevsim netdevsim6 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  103.210828][ T4018] netdevsim netdevsim6 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  103.270918][ T4018] netdevsim netdevsim6 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  103.380970][ T4018] batman_adv: batadv0: Interface deactivated: vxlan0
[  103.460166][ T4018] batman_adv: batadv0: Removing interface: vxlan0
[  103.501079][ T4018] $H� (unregistering): (slave bond_slave_0): Releasing backup interface
[  103.528468][ T4018] $H� (unregistering): (slave bond_slave_1): Releasing backup interface
[  103.537702][ T4018] $H� (unregistering): Released all slaves
[  103.631324][ T4018] hsr_slave_0: left promiscuous mode
[  103.642170][ T4018] hsr_slave_1: left promiscuous mode
[  103.650808][ T4018] batman_adv: batadv0: Removing interface: batadv_slave_0
[  103.658580][ T4018] batman_adv: batadv0: Removing interface: batadv_slave_1
[  103.710349][ T4018] team0 (unregistering): Port device team_slave_1 removed
[  103.733432][ T4018] team0 (unregistering): Port device team_slave_0 removed
[  103.881706][T10759] chnl_net:caif_netlink_parms(): no params data found
[  103.939774][T10791] SELinux:  Context system_u:object_r:random_device_t:s0 is not valid (left unmapped).
[  103.954758][T10794] loop7: detected capacity change from 0 to 512
[  103.955172][T10759] bridge0: port 1(bridge_slave_0) entered blocking state
[  103.962277][T10794] EXT4-fs: Ignoring removed oldalloc option
[  103.968298][T10759] bridge0: port 1(bridge_slave_0) entered disabled state
[  103.981958][T10759] bridge_slave_0: entered allmulticast mode
[  103.988536][T10794] EXT4-fs error (device loop7): ext4_xattr_inode_iget:433: comm syz.7.3110: Parent and EA inode have the same ino 15
[  104.002183][T10794] EXT4-fs error (device loop7): ext4_xattr_inode_iget:433: comm syz.7.3110: Parent and EA inode have the same ino 15
[  104.006343][T10759] bridge_slave_0: entered promiscuous mode
[  104.021539][T10759] bridge0: port 2(bridge_slave_1) entered blocking state
[  104.028600][T10759] bridge0: port 2(bridge_slave_1) entered disabled state
[  104.035882][T10759] bridge_slave_1: entered allmulticast mode
[  104.042502][T10759] bridge_slave_1: entered promiscuous mode
[  104.044396][T10794] EXT4-fs (loop7): 1 orphan inode deleted
[  104.083815][T10794] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  104.100765][T10759] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  104.118464][ T4018] IPVS: stop unused estimator thread 0...
[  104.132211][T10759] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  104.153780][ T9448] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.187858][T10759] team0: Port device team_slave_0 added
[  104.203150][T10759] team0: Port device team_slave_1 added
[  104.248317][T10759] batman_adv: batadv0: Adding interface: batadv_slave_0
[  104.255379][T10759] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  104.281333][T10759] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  104.294439][T10759] batman_adv: batadv0: Adding interface: batadv_slave_1
[  104.301436][T10759] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  104.327402][T10759] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  104.357942][T10759] hsr_slave_0: entered promiscuous mode
[  104.365937][T10759] hsr_slave_1: entered promiscuous mode
[  104.389536][T10759] debugfs: 'hsr0' already exists in 'hsr'
[  104.395285][T10759] Cannot create hsr debugfs directory
[  104.479273][ T3631] Process accounting resumed
[  104.516602][T10839] netlink: 'syz.1.3128': attribute type 6 has an invalid length.
[  104.582061][T10759] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  104.667130][T10759] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  104.685218][T10852] bridge0: port 3(batadv1) entered blocking state
[  104.691795][T10852] bridge0: port 3(batadv1) entered disabled state
[  104.698841][T10852] batadv1: entered allmulticast mode
[  104.705151][T10852] batadv1: entered promiscuous mode
[  104.710877][T10759] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  104.720360][T10759] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  104.844883][T10759] 8021q: adding VLAN 0 to HW filter on device bond0
[  104.864023][T10759] 8021q: adding VLAN 0 to HW filter on device team0
[  104.909064][ T9016] bridge0: port 1(bridge_slave_0) entered blocking state
[  104.916212][ T9016] bridge0: port 1(bridge_slave_0) entered forwarding state
[  104.927403][ T4018] bridge0: port 2(bridge_slave_1) entered blocking state
[  104.934485][ T4018] bridge0: port 2(bridge_slave_1) entered forwarding state
[  104.955854][   T29] kauditd_printk_skb: 393 callbacks suppressed
[  104.955866][   T29] audit: type=1400 audit(1756711614.718:3953): avc:  denied  { shutdown } for  pid=10878 comm="syz.5.3145" lport=53488 faddr=2001::2 fport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  104.994351][T10759] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  105.004916][T10759] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  105.027574][T10885] loop8: detected capacity change from 0 to 512
[  105.027945][   T29] audit: type=1400 audit(1756711614.788:3954): avc:  denied  { mount } for  pid=10887 comm="syz.5.3148" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  105.048029][T10885] EXT4-fs: Ignoring removed mblk_io_submit option
[  105.079419][T10885] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  105.091089][   T29] audit: type=1400 audit(1756711614.828:3955): avc:  denied  { mount } for  pid=10887 comm="syz.5.3148" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  105.115348][T10885] EXT4-fs (loop8): 1 truncate cleaned up
[  105.121455][T10885] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  105.150804][   T29] audit: type=1400 audit(1756711614.918:3956): avc:  denied  { add_name } for  pid=10884 comm="syz.8.3147" name="file2" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  105.171773][   T29] audit: type=1400 audit(1756711614.918:3957): avc:  denied  { create } for  pid=10884 comm="syz.8.3147" name="file2" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  105.176431][T10759] 8021q: adding VLAN 0 to HW filter on device batadv0
[  105.192360][   T29] audit: type=1400 audit(1756711614.928:3958): avc:  denied  { unmount } for  pid=6124 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  105.201016][ T4021] batman_adv: batadv1: IGMP Querier appeared
[  105.219002][   T29] audit: type=1400 audit(1756711614.928:3959): avc:  denied  { read write } for  pid=10884 comm="syz.8.3147" name="file2" dev="loop8" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  105.224998][ T4021] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled
[  105.257406][   T29] audit: type=1400 audit(1756711614.928:3960): avc:  denied  { open } for  pid=10884 comm="syz.8.3147" path="/84/file1/file2" dev="loop8" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  105.287177][   T29] audit: type=1400 audit(1756711615.048:3961): avc:  denied  { unmount } for  pid=6124 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  105.326942][   T29] audit: type=1400 audit(1756711615.088:3962): avc:  denied  { read } for  pid=10899 comm="syz.5.3151" name="ptp0" dev="devtmpfs" ino=245 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  105.356497][T10903] ipvlan2: entered promiscuous mode
[  105.363283][T10903] bridge0: port 4(ipvlan2) entered blocking state
[  105.369745][T10903] bridge0: port 4(ipvlan2) entered disabled state
[  105.376353][T10903] ipvlan2: entered allmulticast mode
[  105.381664][T10903] bridge0: entered allmulticast mode
[  105.395417][T10903] ipvlan2: left allmulticast mode
[  105.400539][T10903] bridge0: left allmulticast mode
[  105.436181][T10909] loop7: detected capacity change from 0 to 128
[  105.508034][ T9921] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.552057][T10926] atomic_op ffff8881191c1128 conn xmit_atomic 0000000000000000
[  105.582386][T10933] random: crng reseeded on system resumption
[  105.622672][T10759] veth0_vlan: entered promiscuous mode
[  105.638044][T10759] veth1_vlan: entered promiscuous mode
[  105.658500][T10759] veth0_macvtap: entered promiscuous mode
[  105.680440][T10759] veth1_macvtap: entered promiscuous mode
[  105.693571][T10759] batman_adv: batadv0: Interface activated: batadv_slave_0
[  105.706495][T10759] batman_adv: batadv0: Interface activated: batadv_slave_1
[  105.717215][T10952] loop7: detected capacity change from 0 to 128
[  105.739578][ T4018] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  105.762509][ T4018] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  105.773721][ T4066] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  105.792155][ T4066] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  105.817530][T10962] IPv4: Oversized IP packet from 127.202.26.0
[  105.953167][T10990] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  105.972119][T10989] IPVS: stopping master sync thread 10990 ...
[  106.029281][T10995] loop5: detected capacity change from 0 to 256
[  106.038933][T10995] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  106.047683][T10995] FAT-fs (loop5): Filesystem has been set read-only
[  106.459051][T11061] bond1: entered promiscuous mode
[  106.464272][T11061] bond1: entered allmulticast mode
[  106.470045][T11061] 8021q: adding VLAN 0 to HW filter on device bond1
[  106.487192][T11061] bond1 (unregistering): Released all slaves
[  106.503342][T11064] __nla_validate_parse: 12 callbacks suppressed
[  106.503356][T11064] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3219'.
[  106.990682][T11115] netlink: 'syz.1.3239': attribute type 1 has an invalid length.
[  107.004620][T11115] 8021q: adding VLAN 0 to HW filter on device bond1
[  107.020618][T11115] bond1: (slave geneve2): making interface the new active one
[  107.021731][T11118] IPv6: Can't replace route, no match found
[  107.029179][T11115] bond1: (slave geneve2): Enslaving as an active interface with an up link
[  107.061772][T11122] netlink: 'syz.7.3242': attribute type 21 has an invalid length.
[  107.125442][T11135] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3248'.
[  107.134460][T11135] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3248'.
[  107.143637][T11135] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3248'.
[  107.164624][T11135] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3248'.
[  107.173707][T11135] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3248'.
[  107.184749][T11135] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3248'.
[  107.208926][T11135] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3248'.
[  107.218023][T11135] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3248'.
[  107.227116][T11135] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3248'.
[  107.553318][T11197] loop8: detected capacity change from 0 to 512
[  107.564198][T11197] EXT4-fs: Ignoring removed nomblk_io_submit option
[  107.573963][T11197] EXT4-fs (loop8): filesystem is read-only
[  107.582023][T11197] EXT4-fs (loop8): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  107.603408][T11197] EXT4-fs (loop8): filesystem is read-only
[  107.609396][T11197] EXT4-fs (loop8): orphan cleanup on readonly fs
[  107.618976][T11197] EXT4-fs error (device loop8): ext4_orphan_get:1392: inode #16: comm syz.8.3275: iget: bad i_size value: 648518346341360424
[  107.636885][T11197] EXT4-fs error (device loop8): ext4_orphan_get:1397: comm syz.8.3275: couldn't read orphan inode 16 (err -117)
[  107.658562][T11197] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  107.686486][ T9921] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.715318][T11220] A link change request failed with some changes committed already. Interface ip_vti0 may have been left with an inconsistent configuration, please check.
[  108.196716][T11303] serio: Serial port ptm0
[  108.380989][T11329] atomic_op ffff88810346e928 conn xmit_atomic 0000000000000000
[  108.553899][T11365] loop9: detected capacity change from 0 to 512
[  108.560329][ T4052] nci: nci_rf_discover_ntf_packet: unsupported rf_tech_and_mode 0x7d
[  108.568970][T11365] FAT-fs (loop9): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  108.584856][T11365] FAT-fs (loop9): error, fat_get_cluster: invalid start cluster (i_pos 0, start 22000003)
[  108.594850][T11365] FAT-fs (loop9): Filesystem has been set read-only
[  108.742205][T11386] loop7: detected capacity change from 0 to 2048
[  108.769984][T11386]  loop7: p1 < > p4
[  108.774668][T11386] loop7: p4 size 8388608 extends beyond EOD, truncated
[  108.844952][ T3631] Process accounting resumed
[  108.880929][T11395] I/O error, dev loop7, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  108.891082][T11395] isofs_fill_super: bread failed, dev=loop7, iso_blknum=16, block=32
[  109.074928][T11419] loop7: detected capacity change from 0 to 1764
[  109.084362][T11419] iso9660: Unknown parameter 'che-�T ��relaxed'
[  109.171120][T11427] netlink: 'syz.1.3377': attribute type 10 has an invalid length.
[  109.179238][T11427] veth0_vlan: entered allmulticast mode
[  109.357883][T11446] sctp: [Deprecated]: syz.5.3386 (pid 11446) Use of int in max_burst socket option.
[  109.357883][T11446] Use struct sctp_assoc_value instead
[  109.755471][ T3397] Process accounting resumed
[  109.769681][T11516] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  109.800154][T11522] netlink: 'syz.9.3419': attribute type 10 has an invalid length.
[  109.802041][T11521] loop7: detected capacity change from 0 to 1024
[  109.814512][T11522] ipvlan0: entered allmulticast mode
[  109.819946][T11522] veth0_vlan: entered allmulticast mode
[  109.836149][T11522] team0: Device ipvlan0 failed to register rx_handler
[  109.851753][T11521] EXT4-fs (loop7): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  109.864641][T11521] ext4 filesystem being mounted at /163/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  109.878344][T11521] EXT4-fs error (device loop7): ext4_map_blocks:814: inode #15: block 3: comm syz.7.3421: lblock 3 mapped to illegal pblock 3 (length 3)
[  109.898163][T11521] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  109.910536][T11521] EXT4-fs (loop7): This should not happen!! Data will be lost
[  109.910536][T11521] 
[  109.930200][T11521] EXT4-fs error (device loop7): ext4_map_blocks:778: inode #15: block 3: comm syz.7.3421: lblock 3 mapped to illegal pblock 3 (length 1)
[  109.946242][T11521] EXT4-fs error (device loop7): ext4_map_blocks:778: inode #15: block 3: comm syz.7.3421: lblock 3 mapped to illegal pblock 3 (length 1)
[  109.970199][T11521] EXT4-fs error (device loop7): ext4_map_blocks:778: inode #15: block 3: comm syz.7.3421: lblock 3 mapped to illegal pblock 3 (length 1)
[  109.987393][T11519] EXT4-fs error (device loop7): ext4_map_blocks:778: inode #15: block 3: comm syz.7.3421: lblock 3 mapped to illegal pblock 3 (length 1)
[  110.002074][T11521] EXT4-fs error (device loop7): ext4_map_blocks:778: inode #15: block 3: comm syz.7.3421: lblock 3 mapped to illegal pblock 3 (length 1)
[  110.010338][   T29] kauditd_printk_skb: 712 callbacks suppressed
[  110.010353][   T29] audit: type=1400 audit(1756711619.768:4675): avc:  denied  { bind } for  pid=11538 comm="syz.9.3427" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  110.018205][T11521] EXT4-fs error (device loop7): ext4_map_blocks:778: inode #15: block 3: comm syz.7.3421: lblock 3 mapped to illegal pblock 3 (length 1)
[  110.054375][   T29] audit: type=1400 audit(1756711619.808:4676): avc:  denied  { create } for  pid=11539 comm="syz.1.3428" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  110.080393][T11521] EXT4-fs error (device loop7): ext4_map_blocks:778: inode #15: block 3: comm syz.7.3421: lblock 3 mapped to illegal pblock 3 (length 1)
[  110.095119][T11521] EXT4-fs error (device loop7): ext4_map_blocks:778: inode #15: block 3: comm syz.7.3421: lblock 3 mapped to illegal pblock 3 (length 1)
[  110.111341][T11521] EXT4-fs error (device loop7): ext4_map_blocks:778: inode #15: block 3: comm syz.7.3421: lblock 3 mapped to illegal pblock 3 (length 1)
[  110.128125][   T29] audit: type=1400 audit(1756711619.888:4677): avc:  denied  { read } for  pid=11548 comm="syz.8.3432" name="usbmon0" dev="devtmpfs" ino=141 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  110.179542][   T29] audit: type=1400 audit(1756711619.888:4678): avc:  denied  { open } for  pid=11548 comm="syz.8.3432" path="/dev/usbmon0" dev="devtmpfs" ino=141 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  110.203604][   T29] audit: type=1400 audit(1756711619.888:4679): avc:  denied  { map } for  pid=11548 comm="syz.8.3432" path="/dev/usbmon0" dev="devtmpfs" ino=141 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  110.227467][   T29] audit: type=1400 audit(1756711619.888:4680): avc:  denied  { ioctl } for  pid=11548 comm="syz.8.3432" path="/dev/usbmon0" dev="devtmpfs" ino=141 ioctlcmd=0x9204 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  110.264343][   T29] audit: type=1326 audit(1756711620.028:4681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11558 comm="syz.1.3446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc13975ebe9 code=0x7ffc0000
[  110.292356][   T29] audit: type=1326 audit(1756711620.058:4682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11558 comm="syz.1.3446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc13975ebe9 code=0x7ffc0000
[  110.316077][   T29] audit: type=1326 audit(1756711620.058:4683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11558 comm="syz.1.3446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc13975ebe9 code=0x7ffc0000
[  110.339559][   T29] audit: type=1326 audit(1756711620.058:4684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11558 comm="syz.1.3446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc13975ebe9 code=0x7ffc0000
[  110.571601][T11586] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  110.639701][ T4066] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[  110.652071][ T4066] EXT4-fs (loop7): This should not happen!! Data will be lost
[  110.652071][ T4066] 
[  110.662824][ T9448] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  110.669680][T11590] netlink: 'syz.8.3451': attribute type 10 has an invalid length.
[  110.702526][T11590] team0: Device hsr_slave_0 failed to register rx_handler
[  110.872108][T11613] netlink: 'syz.7.3461': attribute type 6 has an invalid length.
[  110.923990][T11616] vhci_hcd: default hub control req: 2309 v0017 i0000 l0
[  110.996815][T11639] vxcan1: tx drop: invalid sa for name 0x0000000000000003
[  111.111677][T11637] loop9: detected capacity change from 0 to 32768
[  111.162111][T11637]  loop9: p1 p2 p3 < >
[  111.166285][T11637] loop9: p1 size 242222080 extends beyond EOD, truncated
[  111.179866][T11637] loop9: p2 start 4294967295 is beyond EOD, truncated
[  111.304223][T11683] tun0: tun_chr_ioctl cmd 1074025675
[  111.309658][T11683] tun0: persist disabled
[  111.406069][T11698] SELinux: security policydb version 17 (MLS) not backwards compatible
[  111.422218][T11698] SELinux: failed to load policy
[  111.629094][T11728] gretap1: entered promiscuous mode
[  111.914986][T11782] rdma_op ffff888121b6ed80 conn xmit_rdma 0000000000000000
[  111.949625][T11788] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  112.091347][T11817] loop8: detected capacity change from 0 to 512
[  112.111576][T11817] EXT4-fs: Ignoring removed oldalloc option
[  112.131911][T11817] EXT4-fs error (device loop8): ext4_xattr_inode_iget:433: comm syz.8.3560: Parent and EA inode have the same ino 15
[  112.146548][T11817] EXT4-fs error (device loop8): ext4_xattr_inode_iget:433: comm syz.8.3560: Parent and EA inode have the same ino 15
[  112.161616][T11817] EXT4-fs (loop8): 1 orphan inode deleted
[  112.167704][T11817] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  112.199044][ T9921] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  112.286777][T11840] loop8: detected capacity change from 0 to 164
[  112.294000][T11840] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  112.325509][T11847] __nla_validate_parse: 29 callbacks suppressed
[  112.325593][T11847] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3575'.
[  112.495780][T11875] netlink: 12 bytes leftover after parsing attributes in process `syz.8.3588'.
[  112.508110][T11875] bridge0: port 3(batadv1) entered blocking state
[  112.514668][T11875] bridge0: port 3(batadv1) entered disabled state
[  112.521349][T11875] batadv1: entered allmulticast mode
[  112.527435][T11875] batadv1: entered promiscuous mode
[  112.828943][T11903] loop9: detected capacity change from 0 to 2048
[  112.859924][T11903]  loop9: p1 < > p4
[  112.872193][T11903] loop9: p4 size 8388608 extends beyond EOD, truncated
[  113.021444][ T4018] batman_adv: batadv1: IGMP Querier appeared
[  113.027499][ T4018] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled
[  113.191601][T11922] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  113.361544][T11935] atomic_op ffff888119d19528 conn xmit_atomic 0000000000000000
[  113.403157][T11942] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  113.414443][T11939] IPVS: stopping master sync thread 11942 ...
[  113.609541][T11955] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  113.674683][T11968] vxcan1: tx drop: invalid sa for name 0x0000000000000003
[  113.727323][T11974] IPv6: Can't replace route, no match found
[  113.848487][T11989] loop8: detected capacity change from 0 to 128
[  113.872158][T11989] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  113.899827][T11989] ext4 filesystem being mounted at /191/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  113.979157][ T9921] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  114.456467][T12037] netlink: 12 bytes leftover after parsing attributes in process `gtp'.
[  114.464942][T12037] netlink: 4 bytes leftover after parsing attributes in process `gtp'.
[  114.502039][T12037] bridge0: port 4(macsec1) entered blocking state
[  114.508611][T12037] bridge0: port 4(macsec1) entered disabled state
[  114.529633][T12037] macsec1: entered allmulticast mode
[  114.543304][T12037] macsec1: left allmulticast mode
[  114.581255][T12043] netlink: 'syz.7.3662': attribute type 13 has an invalid length.
[  114.589167][T12043] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3662'.
[  114.616659][ T4018] netdevsim netdevsim7 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  114.626350][T12043] netlink: 'syz.7.3662': attribute type 13 has an invalid length.
[  114.634374][T12043] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3662'.
[  114.644958][ T4018] netdevsim netdevsim7 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  114.654361][ T4018] netdevsim netdevsim7 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  114.664852][ T4018] netdevsim netdevsim7 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  114.793040][T12062] loop9: detected capacity change from 0 to 7
[  114.802233][T12062] Buffer I/O error on dev loop9, logical block 0, async page read
[  114.818333][T12062] Buffer I/O error on dev loop9, logical block 0, async page read
[  114.826266][T12062]  loop9: unable to read partition table
[  114.841307][T12062] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  114.841307][T12062] 
) failed (rc=-5)
[  114.921228][T12071] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3677'.
[  114.930186][T12071] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3677'.
[  114.953096][T12071] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3677'.
[  114.988336][T12071] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3677'.
[  115.309646][   T29] kauditd_printk_skb: 233 callbacks suppressed
[  115.309659][   T29] audit: type=1400 audit(1756711625.068:4918): avc:  denied  { listen } for  pid=12100 comm="syz.1.3698" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  115.349173][T12104] A link change request failed with some changes committed already. Interface ip_vti0 may have been left with an inconsistent configuration, please check.
[  115.367598][T12106] netlink: 'syz.8.3690': attribute type 1 has an invalid length.
[  115.403384][T12106] 8021q: adding VLAN 0 to HW filter on device bond1
[  115.421063][   T29] audit: type=1326 audit(1756711625.188:4919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12110 comm="syz.7.3692" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f7a3844ebe9 code=0x0
[  115.449246][T12106] bond1: (slave geneve2): making interface the new active one
[  115.474593][T12106] bond1: (slave geneve2): Enslaving as an active interface with an up link
[  116.262599][   T29] audit: type=1400 audit(1756711626.028:4920): avc:  denied  { write } for  pid=12128 comm="syz.9.3701" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  116.282829][   T29] audit: type=1400 audit(1756711626.028:4921): avc:  denied  { nlmsg_write } for  pid=12128 comm="syz.9.3701" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  116.327009][   T29] audit: type=1326 audit(1756711626.068:4922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12125 comm="syz.8.3702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2601bebe9 code=0x7ffc0000
[  116.350572][   T29] audit: type=1326 audit(1756711626.068:4923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12125 comm="syz.8.3702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2601bebe9 code=0x7ffc0000
[  116.374062][   T29] audit: type=1326 audit(1756711626.088:4924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12125 comm="syz.8.3702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd2601bebe9 code=0x7ffc0000
[  116.397689][   T29] audit: type=1326 audit(1756711626.088:4925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12125 comm="syz.8.3702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2601bebe9 code=0x7ffc0000
[  116.421259][   T29] audit: type=1326 audit(1756711626.088:4926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12125 comm="syz.8.3702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2601bebe9 code=0x7ffc0000
[  116.581862][   T29] audit: type=1326 audit(1756711626.088:4927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12125 comm="syz.8.3702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd2601bebe9 code=0x7ffc0000
[  116.640342][T12148] netlink: 'syz.9.3707': attribute type 1 has an invalid length.
[  116.683628][T12148] 8021q: adding VLAN 0 to HW filter on device bond1
[  116.717856][T12152] bond1: (slave geneve2): making interface the new active one
[  116.756259][T12152] bond1: (slave geneve2): Enslaving as an active interface with an up link
[  117.308375][T12212] bridge0: entered promiscuous mode
[  117.314817][T12212] macvtap1: entered allmulticast mode
[  117.320376][T12212] bridge0: entered allmulticast mode
[  117.341551][T12212] bridge0: port 4(macvtap1) entered blocking state
[  117.348102][T12212] bridge0: port 4(macvtap1) entered disabled state
[  117.358992][T12212] bridge0: left allmulticast mode
[  117.364101][T12212] bridge0: left promiscuous mode
[  117.419612][T12222] netlink: 'syz.1.3736': attribute type 10 has an invalid length.
[  117.427585][T12222] ipvlan0: entered allmulticast mode
[  117.913262][T12246] __nla_validate_parse: 14 callbacks suppressed
[  117.913280][T12246] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3749'.
[  117.953507][T12246] veth1_to_hsr: entered promiscuous mode
[  117.959342][T12246] macsec1: entered promiscuous mode
[  117.962082][T12253] loop7: detected capacity change from 0 to 736
[  117.965222][T12246] macsec1: entered allmulticast mode
[  117.976118][T12246] veth1_to_hsr: entered allmulticast mode
[  117.985613][T12246] veth1_to_hsr: left allmulticast mode
[  117.991168][T12246] veth1_to_hsr: left promiscuous mode
[  118.001445][T12253] rock: directory entry would overflow storage
[  118.007617][T12253] rock: sig=0x4f50, size=4, remaining=3
[  118.013238][T12253] iso9660: Corrupted directory entry in block 2 of inode 1472
[  118.062579][T12258] loop8: detected capacity change from 0 to 512
[  118.069158][T12261] netlink: 'syz.7.3757': attribute type 10 has an invalid length.
[  118.077085][T12261] netlink: 40 bytes leftover after parsing attributes in process `syz.7.3757'.
[  118.099684][T12261] dummy0: entered promiscuous mode
[  118.105791][T12261] bond0: (slave dummy0): Releasing backup interface
[  118.114931][T12258] EXT4-fs warning (device loop8): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  118.133921][T12258] EXT4-fs (loop8): mount failed
[  118.193920][T12271] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  118.411385][T12289] loop9: detected capacity change from 0 to 128
[  118.471973][T12293] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  118.493446][T12296] wireguard0: entered promiscuous mode
[  118.499003][T12296] wireguard0: entered allmulticast mode
[  118.546520][T12299] loop9: detected capacity change from 0 to 128
[  119.029176][T12307] netlink: 'syz.7.3774': attribute type 1 has an invalid length.
[  119.037652][T12303] sctp: [Deprecated]: syz.9.3776 (pid 12303) Use of struct sctp_assoc_value in delayed_ack socket option.
[  119.037652][T12303] Use struct sctp_sack_info instead
[  119.057291][T12310] netlink: 60 bytes leftover after parsing attributes in process `syz.1.3778'.
[  119.077148][T12307] 8021q: adding VLAN 0 to HW filter on device bond1
[  119.103666][T12313] bond1: (slave geneve2): making interface the new active one
[  119.112677][T12313] bond1: (slave geneve2): Enslaving as an active interface with an up link
[  119.166216][T12319] loop8: detected capacity change from 0 to 1024
[  119.183808][T12319] EXT4-fs (loop8): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  119.224769][T12319] ext4 filesystem being mounted at /239/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  119.263852][T12319] EXT4-fs error (device loop8): ext4_map_blocks:814: inode #15: block 3: comm syz.8.3782: lblock 3 mapped to illegal pblock 3 (length 3)
[  119.299529][T12319] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  119.311835][T12319] EXT4-fs (loop8): This should not happen!! Data will be lost
[  119.311835][T12319] 
[  119.323315][T12337] EXT4-fs error (device loop8): ext4_map_blocks:778: inode #15: block 3: comm syz.8.3782: lblock 3 mapped to illegal pblock 3 (length 1)
[  119.372666][T12321] loop7: detected capacity change from 0 to 32768
[  119.382574][T12337] EXT4-fs error (device loop8): ext4_map_blocks:778: inode #15: block 3: comm syz.8.3782: lblock 3 mapped to illegal pblock 3 (length 1)
[  119.417518][T12318] EXT4-fs error (device loop8): ext4_map_blocks:778: inode #15: block 3: comm syz.8.3782: lblock 3 mapped to illegal pblock 3 (length 1)
[  119.436062][T12337] EXT4-fs error (device loop8): ext4_map_blocks:778: inode #15: block 3: comm syz.8.3782: lblock 3 mapped to illegal pblock 3 (length 1)
[  119.453213][T12321]  loop7: p1 p2 p3 < >
[  119.457376][T12321] loop7: p1 size 242222080 extends beyond EOD, truncated
[  119.464983][T12321] loop7: p2 start 4294967295 is beyond EOD, truncated
[  119.473107][T12318] EXT4-fs error (device loop8): ext4_map_blocks:778: inode #15: block 3: comm syz.8.3782: lblock 3 mapped to illegal pblock 3 (length 1)
[  119.488307][T12337] EXT4-fs error (device loop8): ext4_map_blocks:778: inode #15: block 3: comm syz.8.3782: lblock 3 mapped to illegal pblock 3 (length 1)
[  119.504053][T12318] EXT4-fs error (device loop8): ext4_map_blocks:778: inode #15: block 3: comm syz.8.3782: lblock 3 mapped to illegal pblock 3 (length 1)
[  119.518414][T12337] EXT4-fs error (device loop8): ext4_map_blocks:778: inode #15: block 3: comm syz.8.3782: lblock 3 mapped to illegal pblock 3 (length 1)
[  119.533900][T12337] EXT4-fs error (device loop8): ext4_map_blocks:778: inode #15: block 3: comm syz.8.3782: lblock 3 mapped to illegal pblock 3 (length 1)
[  119.722904][T12355] loop9: detected capacity change from 0 to 2048
[  119.751366][T12355] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  119.806216][T12355] EXT4-fs error (device loop9): ext4_find_extent:939: inode #2: comm +}[@: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  119.840232][T12355] EXT4-fs (loop9): Remounting filesystem read-only
[  119.878159][T10759] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  120.013149][T12379] netlink: 'syz.7.3805': attribute type 10 has an invalid length.
[  120.031386][T12380] tipc: New replicast peer: 255.255.255.83
[  120.037259][T12380] tipc: Enabled bearer <udp:�>, priority 10
[  120.127301][ T4018] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[  120.139702][ T4018] EXT4-fs (loop8): This should not happen!! Data will be lost
[  120.139702][ T4018] 
[  120.188377][ T9921] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  120.292106][T12388] serio: Serial port ttyS3
[  120.321076][   T29] kauditd_printk_skb: 208 callbacks suppressed
[  120.321091][   T29] audit: type=1400 audit(1756711630.088:5135): avc:  denied  { read write } for  pid=10759 comm="syz-executor" name="loop9" dev="devtmpfs" ino=109 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  120.447313][   T29] audit: type=1400 audit(1756711630.088:5136): avc:  denied  { open } for  pid=10759 comm="syz-executor" path="/dev/loop9" dev="devtmpfs" ino=109 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  120.471695][   T29] audit: type=1400 audit(1756711630.088:5137): avc:  denied  { ioctl } for  pid=10759 comm="syz-executor" path="/dev/loop9" dev="devtmpfs" ino=109 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  120.497478][   T29] audit: type=1400 audit(1756711630.128:5138): avc:  denied  { create } for  pid=12398 comm="syz.9.3814" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  120.517803][   T29] audit: type=1400 audit(1756711630.138:5139): avc:  denied  { setopt } for  pid=12398 comm="syz.9.3814" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  120.538124][   T29] audit: type=1400 audit(1756711630.138:5140): avc:  denied  { write } for  pid=12398 comm="syz.9.3814" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  120.558319][   T29] audit: type=1400 audit(1756711630.138:5141): avc:  denied  { nlmsg_write } for  pid=12398 comm="syz.9.3814" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  120.579240][   T29] audit: type=1400 audit(1756711630.138:5142): avc:  denied  { create } for  pid=12398 comm="syz.9.3814" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  120.598890][   T29] audit: type=1400 audit(1756711630.138:5143): avc:  denied  { getopt } for  pid=12398 comm="syz.9.3814" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  120.618844][   T29] audit: type=1400 audit(1756711630.138:5144): avc:  denied  { connect } for  pid=12398 comm="syz.9.3814" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  120.694205][T12411] netlink: 92 bytes leftover after parsing attributes in process `syz.1.3819'.
[  120.703255][T12411] netem: unknown loss type 0
[  120.927697][T12433] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3827'.
[  120.942083][T12433] bridge0: port 3(batadv1) entered blocking state
[  120.948609][T12433] bridge0: port 3(batadv1) entered disabled state
[  120.956625][T12433] batadv1: entered allmulticast mode
[  120.967622][T12433] batadv1: entered promiscuous mode
[  121.084077][T12448] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=12448 comm=syz.8.3834
[  121.096941][T12448] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=12448 comm=syz.8.3834
[  121.126476][T12452] SELinux:  policydb version 3968 does not match my version range 15-35
[  121.135219][T12452] SELinux: failed to load policy
[  121.226383][T12455] SELinux: failed to load policy
[  121.328435][T12468] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=12468 comm=syz.9.3845
[  121.341122][T12468] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=12468 comm=syz.9.3845
[  121.410497][T12474] loop9: detected capacity change from 0 to 128
[  121.440626][ T4023] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled
[  121.449913][ T4023] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled
[  121.695224][T12498] loop9: detected capacity change from 0 to 1024
[  121.732124][T12498] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  122.073654][T12523] sg_write: data in/out 63015/8 bytes for SCSI command 0x7f-- guessing data in;
[  122.073654][T12523]    program syz.7.3870 not setting count and/or reply_len properly
[  122.185933][T12529] loop8: detected capacity change from 0 to 128
[  122.299742][T12539] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3879'.
[  122.311047][T12539] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3879'.
[  122.323003][T12539] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3879'.
[  122.333978][T12539] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3879'.
[  122.344029][T12541] netlink: 'syz.1.3880': attribute type 2 has an invalid length.
[  122.351786][T12541] netlink: 'syz.1.3880': attribute type 1 has an invalid length.
[  122.359581][T12541] netlink: 199820 bytes leftover after parsing attributes in process `syz.1.3880'.
[  122.528514][T10759] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  122.605180][T12566] netlink: 'syz.1.3892': attribute type 10 has an invalid length.
[  123.307596][T12597] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  123.404665][T12603] netlink: 'syz.8.3908': attribute type 10 has an invalid length.
[  123.450035][T12605] loop9: detected capacity change from 0 to 512
[  123.471810][T12605] EXT4-fs error (device loop9): ext4_orphan_get:1392: inode #15: comm syz.9.3909: casefold flag without casefold feature
[  123.507676][T12605] EXT4-fs error (device loop9): ext4_orphan_get:1397: comm syz.9.3909: couldn't read orphan inode 15 (err -117)
[  123.550845][T12605] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  123.618229][T12612] SELinux:  policydb version -299076691 does not match my version range 15-35
[  123.647548][T12612] SELinux: failed to load policy
[  123.781544][T10759] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  124.090324][T12658] ip6gre1: entered allmulticast mode
[  124.098426][T12660] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=12660 comm=+}[@
[  124.110528][T12660] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=12660 comm=+}[@
[  124.161488][T12664] loop8: detected capacity change from 0 to 1024
[  124.171746][T12664] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  124.334686][T12673] bond2: entered promiscuous mode
[  124.339818][T12673] bond2: entered allmulticast mode
[  124.345212][T12673] 8021q: adding VLAN 0 to HW filter on device bond2
[  124.355517][T12673] bond2 (unregistering): Released all slaves
[  124.497294][ T9921] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  124.620588][T12697] __nla_validate_parse: 1 callbacks suppressed
[  124.620602][T12697] netlink: 16 bytes leftover after parsing attributes in process `syz.9.3950'.
[  124.684933][T12703] loop7: detected capacity change from 0 to 512
[  124.692016][T12703] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  124.704022][T12703] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c842e02c, mo2=0002]
[  124.713446][T12703] EXT4-fs (loop7): orphan cleanup on readonly fs
[  124.719815][T12703] EXT4-fs error (device loop7): ext4_orphan_get:1418: comm syz.7.3954: bad orphan inode 267
[  124.731585][T12703] EXT4-fs (loop7): Remounting filesystem read-only
[  124.744547][T12703] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none.
[  124.765868][T12703] EXT4-fs warning (device loop7): dx_probe:861: inode #2: comm syz.7.3954: dx entry: limit 0 != root limit 125
[  124.766271][T12707] pim6reg: entered allmulticast mode
[  124.777642][T12703] EXT4-fs warning (device loop7): dx_probe:934: inode #2: comm syz.7.3954: Corrupt directory, running e2fsck is recommended
[  124.811231][ T9448] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  124.831208][T12709] loop8: detected capacity change from 0 to 256
[  124.858806][T12716] loop7: detected capacity change from 0 to 1024
[  124.870552][T12712] pim6reg: left allmulticast mode
[  124.879401][T12716] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  125.012625][T12733] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=12733 comm=syz.8.3966
[  125.025294][T12733] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=12733 comm=syz.8.3966
[  125.053935][T12732] loop9: detected capacity change from 0 to 8192
[  125.323191][ T9448] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  125.391137][T12764] netlink: 'syz.7.3978': attribute type 12 has an invalid length.
[  125.399000][T12764] netlink: 'syz.7.3978': attribute type 29 has an invalid length.
[  125.406890][T12764] netlink: 148 bytes leftover after parsing attributes in process `syz.7.3978'.
[  125.415979][T12764] netlink: 59 bytes leftover after parsing attributes in process `syz.7.3978'.
[  125.952038][T12779] netlink: 'syz.9.3982': attribute type 10 has an invalid length.
[  125.965437][   T29] kauditd_printk_skb: 238 callbacks suppressed
[  125.965452][   T29] audit: type=1400 audit(1756711635.728:5383): avc:  denied  { read write } for  pid=12780 comm="syz.7.3984" name="event1" dev="devtmpfs" ino=243 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  125.995512][   T29] audit: type=1400 audit(1756711635.728:5384): avc:  denied  { ioctl open } for  pid=12780 comm="syz.7.3984" path="/dev/input/event1" dev="devtmpfs" ino=243 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  128.061929][T12787] netlink: 24 bytes leftover after parsing attributes in process `syz.7.3997'.
[  128.139064][   T29] audit: type=1400 audit(1756711637.898:5385): avc:  denied  { mounton } for  pid=12799 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  128.340978][ T4035] netdevsim netdevsim5 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  128.351387][ T4035] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.407236][   T29] audit: type=1400 audit(1756711638.168:5386): avc:  denied  { bind } for  pid=12831 comm="syz.8.4004" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  128.426759][   T29] audit: type=1400 audit(1756711638.168:5387): avc:  denied  { name_bind } for  pid=12831 comm="syz.8.4004" src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[  128.449043][   T29] audit: type=1400 audit(1756711638.168:5388): avc:  denied  { node_bind } for  pid=12831 comm="syz.8.4004" saddr=127.0.0.1 src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1
[  128.512593][ T4035] netdevsim netdevsim5 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  128.522947][ T4035] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.533424][   T29] audit: type=1326 audit(1756711638.188:5389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12833 comm="syz.7.4005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a3844ebe9 code=0x7ffc0000
[  128.557091][   T29] audit: type=1326 audit(1756711638.188:5390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12833 comm="syz.7.4005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a3844ebe9 code=0x7ffc0000
[  128.580810][   T29] audit: type=1326 audit(1756711638.188:5391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12833 comm="syz.7.4005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=227 compat=0 ip=0x7f7a3844ebe9 code=0x7ffc0000
[  128.604417][   T29] audit: type=1326 audit(1756711638.188:5392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12833 comm="syz.7.4005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a3844ebe9 code=0x7ffc0000
[  128.610505][T12841] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4007'.
[  128.697762][ T4035] netdevsim netdevsim5 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  128.708185][ T4035] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.742810][T12851] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4012'.
[  128.781340][T12855] SELinux: failed to load policy
[  128.781683][T12799] chnl_net:caif_netlink_parms(): no params data found
[  128.794539][T12851] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0
[  128.854823][ T4035] netdevsim netdevsim5 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  128.865184][ T4035] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.888814][T12865] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4019'.
[  128.898269][T12861] netlink: 'syz.9.4017': attribute type 9 has an invalid length.
[  128.906037][T12861] netlink: 4 bytes leftover after parsing attributes in process `syz.9.4017'.
[  128.920507][T12865] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4019'.
[  128.929000][T12861] netlink: 'syz.9.4017': attribute type 9 has an invalid length.
[  128.937104][T12861] netlink: 4 bytes leftover after parsing attributes in process `syz.9.4017'.
[  128.956208][ T4008] netdevsim netdevsim9 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  128.965126][ T4008] netdevsim netdevsim9 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  128.975471][ T4008] netdevsim netdevsim9 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  128.992477][ T4008] netdevsim netdevsim9 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  129.014568][T12799] bridge0: port 1(bridge_slave_0) entered blocking state
[  129.021886][T12799] bridge0: port 1(bridge_slave_0) entered disabled state
[  129.040332][T12799] bridge_slave_0: entered allmulticast mode
[  129.054455][T12799] bridge_slave_0: entered promiscuous mode
[  129.083667][T12799] bridge0: port 2(bridge_slave_1) entered blocking state
[  129.090851][T12799] bridge0: port 2(bridge_slave_1) entered disabled state
[  129.110600][T12799] bridge_slave_1: entered allmulticast mode
[  129.117121][T12799] bridge_slave_1: entered promiscuous mode
[  129.144534][T12895] netlink: 'syz.9.4031': attribute type 3 has an invalid length.
[  129.152567][T12799] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  129.165902][T12897] loop7: detected capacity change from 0 to 1024
[  129.167944][T12799] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  129.172693][T12897] EXT4-fs: Ignoring removed bh option
[  129.186926][T12897] EXT4-fs: inline encryption not supported
[  129.194103][T12897] EXT4-fs (loop7): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  129.216787][T12897] EXT4-fs error (device loop7): ext4_map_blocks:778: inode #3: block 2: comm syz.7.4032: lblock 2 mapped to illegal pblock 2 (length 1)
[  129.230968][T12897] EXT4-fs error (device loop7): ext4_map_blocks:778: inode #3: block 48: comm syz.7.4032: lblock 0 mapped to illegal pblock 48 (length 1)
[  129.247771][T12897] EXT4-fs error (device loop7): ext4_acquire_dquot:6937: comm syz.7.4032: Failed to acquire dquot type 0
[  129.261430][T12799] team0: Port device team_slave_0 added
[  129.267981][T12799] team0: Port device team_slave_1 added
[  129.275061][T12897] EXT4-fs error (device loop7) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  129.285210][ T4035] dummy0: left allmulticast mode
[  129.291967][T12897] EXT4-fs error (device loop7): ext4_evict_inode:254: inode #11: comm syz.7.4032: mark_inode_dirty error
[  129.303391][ T4035] bridge0: port 3(dummy0) entered disabled state
[  129.303846][T12897] EXT4-fs warning (device loop7): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  129.322247][T12897] EXT4-fs (loop7): 1 orphan inode deleted
[  129.328265][T12897] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  129.329780][ T4035] bridge_slave_1: left allmulticast mode
[  129.340953][ T4008] EXT4-fs error (device loop7): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:10: lblock 1 mapped to illegal pblock 1 (length 1)
[  129.346383][ T4035] bridge_slave_1: left promiscuous mode
[  129.366157][ T4035] bridge0: port 2(bridge_slave_1) entered disabled state
[  129.380692][ T4008] EXT4-fs error (device loop7): ext4_release_dquot:6973: comm kworker/u8:10: Failed to release dquot type 0
[  129.422602][ T4035] bridge_slave_0: left allmulticast mode
[  129.428273][ T4035] bridge_slave_0: left promiscuous mode
[  129.434033][ T4035] bridge0: port 1(bridge_slave_0) entered disabled state
[  129.581710][ T4035] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  129.591559][ T4035] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  129.601085][ T4035] bond0 (unregistering): Released all slaves
[  129.637290][T12799] batman_adv: batadv0: Adding interface: batadv_slave_0
[  129.644408][T12799] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  129.670454][T12799] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  129.681985][T12799] batman_adv: batadv0: Adding interface: batadv_slave_1
[  129.684063][ T9448] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.688919][T12799] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  129.688949][T12799] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  129.710829][ T9448] EXT4-fs error (device loop7): __ext4_get_inode_loc:4861: comm syz-executor: Invalid inode table block 1 in block_group 0
[  129.749389][ T9448] EXT4-fs error (device loop7) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  129.759495][ T9448] EXT4-fs error (device loop7): ext4_quota_off:7221: inode #3: comm syz-executor: mark_inode_dirty error
[  129.792788][T12799] hsr_slave_0: entered promiscuous mode
[  129.799003][T12799] hsr_slave_1: entered promiscuous mode
[  129.815128][T12799] debugfs: 'hsr0' already exists in 'hsr'
[  129.820895][T12799] Cannot create hsr debugfs directory
[  129.829745][ T4035] hsr_slave_0: left promiscuous mode
[  129.836616][ T4035] hsr_slave_1: left promiscuous mode
[  129.846732][ T4035] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  129.854185][ T4035] batman_adv: batadv0: Removing interface: batadv_slave_0
[  129.865468][ T4035] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  129.872916][ T4035] batman_adv: batadv0: Removing interface: batadv_slave_1
[  129.911302][ T4035] veth1_macvtap: left promiscuous mode
[  129.916924][ T4035] veth0_macvtap: left promiscuous mode
[  129.932277][ T4035] veth1_vlan: left promiscuous mode
[  129.939638][ T4035] veth0_vlan: left promiscuous mode
[  130.026486][ T4035] team0 (unregistering): Port device team_slave_1 removed
[  130.047408][ T4035] team0 (unregistering): Port device team_slave_0 removed
[  130.164965][T12950] loop7: detected capacity change from 0 to 512
[  130.191963][T12950] EXT4-fs: Ignoring removed i_version option
[  130.233880][T12950] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=e000c018, mo2=0002]
[  130.243292][T12950] System zones: 0-2, 18-18, 34-35
[  130.255336][T12950] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  130.275286][T12950] ext4 filesystem being mounted at /289/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  130.312075][ T9448] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.490002][T12799] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  130.513539][T12994] netlink: 'syz.1.4072': attribute type 29 has an invalid length.
[  130.523610][T12799] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  130.544391][T12799] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  130.555496][T12994] netlink: 'syz.1.4072': attribute type 29 has an invalid length.
[  130.565764][T13000] loop7: detected capacity change from 0 to 128
[  130.566286][T12799] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  130.579367][T12994] netlink: 500 bytes leftover after parsing attributes in process `syz.1.4072'.
[  130.623160][T13008] netlink: 100 bytes leftover after parsing attributes in process `syz.1.4076'.
[  130.637762][T12799] 8021q: adding VLAN 0 to HW filter on device bond0
[  130.655408][T12799] 8021q: adding VLAN 0 to HW filter on device team0
[  130.667413][ T4038] bridge0: port 1(bridge_slave_0) entered blocking state
[  130.674477][ T4038] bridge0: port 1(bridge_slave_0) entered forwarding state
[  130.687009][ T4035] bridge0: port 2(bridge_slave_1) entered blocking state
[  130.694122][ T4035] bridge0: port 2(bridge_slave_1) entered forwarding state
[  130.759133][T12799] 8021q: adding VLAN 0 to HW filter on device batadv0
[  130.799038][T13030] sg_write: data in/out 63015/8 bytes for SCSI command 0x7f-- guessing data in;
[  130.799038][T13030]    program syz.9.4083 not setting count and/or reply_len properly
[  130.819044][T12799] veth0_vlan: entered promiscuous mode
[  130.827474][T12799] veth1_vlan: entered promiscuous mode
[  130.844104][T12799] veth0_macvtap: entered promiscuous mode
[  130.853396][T12799] veth1_macvtap: entered promiscuous mode
[  130.865115][T12799] batman_adv: batadv0: Interface activated: batadv_slave_0
[  130.876145][T12799] batman_adv: batadv0: Interface activated: batadv_slave_1
[  130.888092][ T4020] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  130.908980][ T4020] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  130.928388][ T4020] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  130.938081][ T4020] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  130.975570][T13049] loop2: detected capacity change from 0 to 1024
[  130.984179][   T29] kauditd_printk_skb: 115 callbacks suppressed
[  130.984195][   T29] audit: type=1326 audit(1756711640.748:5505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13052 comm="syz.1.4091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc13975ebe9 code=0x7ffc0000
[  131.013905][   T29] audit: type=1326 audit(1756711640.748:5506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13052 comm="syz.1.4091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc13975ebe9 code=0x7ffc0000
[  131.037978][   T29] audit: type=1326 audit(1756711640.748:5507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13052 comm="syz.1.4091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc13975ebe9 code=0x7ffc0000
[  131.045901][T13049] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  131.061567][   T29] audit: type=1326 audit(1756711640.748:5508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13052 comm="syz.1.4091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc13975ebe9 code=0x7ffc0000
[  131.097537][   T29] audit: type=1326 audit(1756711640.748:5509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13052 comm="syz.1.4091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc13975ebe9 code=0x7ffc0000
[  131.121071][   T29] audit: type=1326 audit(1756711640.748:5510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13052 comm="syz.1.4091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc13975ebe9 code=0x7ffc0000
[  131.144628][   T29] audit: type=1326 audit(1756711640.748:5511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13052 comm="syz.1.4091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc13975ebe9 code=0x7ffc0000
[  131.168117][   T29] audit: type=1326 audit(1756711640.748:5512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13052 comm="syz.1.4091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc13975ebe9 code=0x7ffc0000
[  131.191694][   T29] audit: type=1326 audit(1756711640.748:5513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13052 comm="syz.1.4091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc13975ebe9 code=0x7ffc0000
[  131.215272][   T29] audit: type=1326 audit(1756711640.748:5514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13052 comm="syz.1.4091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc13975ebe9 code=0x7ffc0000
[  131.284366][T13058] loop7: detected capacity change from 0 to 128
[  131.297186][T13058] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a84ec018, mo2=0002]
[  131.305353][T13058] System zones: 1-3, 19-19, 35-36
[  131.312766][T13058] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  131.328363][T13058] ext4 filesystem being mounted at /301/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  131.390982][ T9448] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  131.616761][T12799] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.675982][T13100] atomic_op ffff88811d889528 conn xmit_atomic 0000000000000000
[  131.710908][T13099] loop7: detected capacity change from 0 to 8192
[  131.800991][T13119] loop8: detected capacity change from 0 to 1024
[  131.822787][T13119] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  132.059970][ T9921] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.114707][T13152] pimreg: entered allmulticast mode
[  132.132876][T13152] pimreg: left allmulticast mode
[  132.226202][ T3397] hid_parser_main: 19 callbacks suppressed
[  132.226286][ T3397] hid-generic 0000:0000:0000.0009: unknown main item tag 0x1
[  132.239573][ T3397] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  132.247178][ T3397] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  132.254633][ T3397] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  132.262062][ T3397] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  132.269575][ T3397] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  132.279085][ T3397] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  132.286581][ T3397] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  132.294232][ T3397] hid-generic 0000:0000:0000.0009: unknown main item tag 0x2
[  132.301809][ T3397] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  132.319268][ T3397] hid-generic 0000:0000:0000.0009: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  132.351185][T13186] loop2: detected capacity change from 0 to 512
[  132.359241][T13186] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  132.374868][T13190] netlink: 20 bytes leftover after parsing attributes in process `syz.7.4153'.
[  132.391861][T13186] EXT4-fs (loop2): 1 truncate cleaned up
[  132.399871][T13186] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  132.440291][T13186] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.594533][T13233] loop2: detected capacity change from 0 to 512
[  132.602771][T13233] EXT4-fs (loop2): bad geometry: block count 204800 exceeds size of device (64 blocks)
[  132.635657][T13236] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=13236 comm=syz.9.4174
[  132.661033][T13238] netlink: 'syz.9.4175': attribute type 2 has an invalid length.
[  132.668769][T13238] netlink: 16 bytes leftover after parsing attributes in process `syz.9.4175'.
[  132.742464][T13248] loop2: detected capacity change from 0 to 512
[  132.749350][T13248] journal_path: Non-blockdev passed as './bus'
[  132.755642][T13248] EXT4-fs: error: could not find journal device path
[  132.940980][T13266] loop2: detected capacity change from 0 to 2048
[  132.952674][T13266] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  132.980637][T12799] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[  132.995405][T12799] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  133.008978][T12799] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.160222][T13288] netlink: 'syz.1.4197': attribute type 21 has an invalid length.
[  133.168073][T13288] netlink: 156 bytes leftover after parsing attributes in process `syz.1.4197'.
[  133.324796][T13304] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4205'.
[  133.333843][T13304] netlink: 348 bytes leftover after parsing attributes in process `syz.7.4205'.
[  133.342987][T13304] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4205'.
[  133.351902][T13304] netlink: 348 bytes leftover after parsing attributes in process `syz.7.4205'.
[  133.356526][T13306] netlink: 197276 bytes leftover after parsing attributes in process `syz.9.4206'.
[  133.389172][T13310] futex_wake_op: syz.8.4207 tries to shift op by -1; fix this program
[  133.980532][T13331] netlink: 'syz.2.4215': attribute type 5 has an invalid length.
[  134.321859][T13377] loop8: detected capacity change from 0 to 512
[  134.329734][T13374] loop9: detected capacity change from 0 to 512
[  134.340961][T13374] EXT4-fs (loop9): blocks per group (95) and clusters per group (32768) inconsistent
[  134.352542][T13377] EXT4-fs error (device loop8): ext4_orphan_get:1392: inode #15: comm syz.8.4240: casefold flag without casefold feature
[  134.373362][T13377] EXT4-fs error (device loop8): ext4_orphan_get:1397: comm syz.8.4240: couldn't read orphan inode 15 (err -117)
[  134.400700][T13377] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  134.518168][ T9921] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.665565][T13426] loop8: detected capacity change from 0 to 512
[  134.673220][T13426] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  134.698489][T13426] EXT4-fs (loop8): 1 truncate cleaned up
[  134.705414][T13426] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  134.778415][T13434] ==================================================================
[  134.786551][T13434] BUG: KCSAN: data-race in __filemap_add_folio / filemap_write_and_wait_range
[  134.795430][T13434] 
[  134.797748][T13434] read-write to 0xffff8881198fd890 of 8 bytes by task 13426 on cpu 1:
[  134.805894][T13434]  __filemap_add_folio+0x5b9/0x7d0
[  134.811024][T13434]  filemap_add_folio+0x98/0x1b0
[  134.815888][T13434]  page_cache_ra_unbounded+0x1f3/0x380
[  134.821349][T13434]  page_cache_sync_ra+0x6ad/0x6c0
[  134.826380][T13434]  filemap_get_pages+0x2d0/0x1150
[  134.831400][T13434]  filemap_splice_read+0x3a9/0x740
[  134.836512][T13434]  ext4_file_splice_read+0x8f/0xb0
[  134.841628][T13434]  splice_direct_to_actor+0x26f/0x680
[  134.846991][T13434]  do_splice_direct+0xda/0x150
[  134.851738][T13434]  do_sendfile+0x380/0x650
[  134.856149][T13434]  __x64_sys_sendfile64+0x105/0x150
[  134.861339][T13434]  x64_sys_call+0x2bb0/0x2ff0
[  134.866002][T13434]  do_syscall_64+0xd2/0x200
[  134.870503][T13434]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  134.876381][T13434] 
[  134.878686][T13434] read to 0xffff8881198fd890 of 8 bytes by task 13434 on cpu 0:
[  134.886306][T13434]  filemap_write_and_wait_range+0x59/0x340
[  134.892111][T13434]  ext4_file_write_iter+0xe04/0xf00
[  134.897303][T13434]  iter_file_splice_write+0x663/0xa60
[  134.902658][T13434]  direct_splice_actor+0x153/0x2a0
[  134.907752][T13434]  splice_direct_to_actor+0x30f/0x680
[  134.913107][T13434]  do_splice_direct+0xda/0x150
[  134.917854][T13434]  do_sendfile+0x380/0x650
[  134.922262][T13434]  __x64_sys_sendfile64+0x105/0x150
[  134.927450][T13434]  x64_sys_call+0x2bb0/0x2ff0
[  134.932128][T13434]  do_syscall_64+0xd2/0x200
[  134.936624][T13434]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  134.942503][T13434] 
[  134.944810][T13434] value changed: 0x0000000000000000 -> 0x0000000000000001
[  134.951897][T13434] 
[  134.954203][T13434] Reported by Kernel Concurrency Sanitizer on:
[  134.960338][T13434] CPU: 0 UID: 0 PID: 13434 Comm: syz.8.4259 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  134.971710][T13434] Tainted: [W]=WARN
[  134.975492][T13434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  134.985532][T13434] ==================================================================
[  135.142977][T13434] ==================================================================
[  135.151083][T13434] BUG: KCSAN: data-race in filemap_splice_read / filemap_splice_read
[  135.159152][T13434] 
[  135.161465][T13434] write to 0xffff888103ee0228 of 8 bytes by task 13426 on cpu 0:
[  135.169174][T13434]  filemap_splice_read+0x4f4/0x740
[  135.174299][T13434]  ext4_file_splice_read+0x8f/0xb0
[  135.179419][T13434]  splice_direct_to_actor+0x26f/0x680
[  135.184788][T13434]  do_splice_direct+0xda/0x150
[  135.189554][T13434]  do_sendfile+0x380/0x650
[  135.193985][T13434]  __x64_sys_sendfile64+0x105/0x150
[  135.199189][T13434]  x64_sys_call+0x2bb0/0x2ff0
[  135.203870][T13434]  do_syscall_64+0xd2/0x200
[  135.208384][T13434]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  135.214278][T13434] 
[  135.216587][T13434] write to 0xffff888103ee0228 of 8 bytes by task 13434 on cpu 1:
[  135.224291][T13434]  filemap_splice_read+0x4f4/0x740
[  135.229409][T13434]  ext4_file_splice_read+0x8f/0xb0
[  135.234532][T13434]  splice_direct_to_actor+0x26f/0x680
[  135.239907][T13434]  do_splice_direct+0xda/0x150
[  135.244663][T13434]  do_sendfile+0x380/0x650
[  135.249086][T13434]  __x64_sys_sendfile64+0x105/0x150
[  135.254288][T13434]  x64_sys_call+0x2bb0/0x2ff0
[  135.258962][T13434]  do_syscall_64+0xd2/0x200
[  135.263471][T13434]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  135.269361][T13434] 
[  135.271676][T13434] value changed: 0x0000000000000a3e -> 0x0000000000000a44
[  135.278770][T13434] 
[  135.281085][T13434] Reported by Kernel Concurrency Sanitizer on:
[  135.287242][T13434] CPU: 1 UID: 0 PID: 13434 Comm: syz.8.4259 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  135.298621][T13434] Tainted: [W]=WARN
[  135.302406][T13434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  135.312447][T13434] ==================================================================
[  135.568085][ T9921] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.