last executing test programs:

2m43.817369304s ago: executing program 32 (id=1470):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x1e, 0x0, 0x2, 0xff}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000c80)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_FLOW_DEFAULT_RATE={0x8, 0x6, 0x6}]}}]}, 0x38}}, 0x0)

2m21.30048437s ago: executing program 1 (id=2189):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000240)='kfree\x00', r0}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000080)={'team_slave_0\x00', &(0x7f0000000140)=@ethtool_gstrings={0x1b, 0x6}})
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000080)={'wlan0\x00', 0x0})

2m21.29993971s ago: executing program 1 (id=2190):
r0 = socket(0x2, 0x2, 0x1)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', <r1=>0x0})
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f00000001c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x1}}, &(0x7f0000000040)='GPL\x00', 0x5, 0x0, 0x0, 0x40f00, 0x40, '\x00', r1, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xff}, 0x94)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000280)={'batadv_slave_1\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0xe, 0xb}}}, 0x24}}, 0x800)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001840)=@bpf_ext={0x1c, 0x2, &(0x7f0000000300)=@raw=[@map_idx_val={0x18, 0x0, 0x6, 0x0, 0x2, 0x0, 0x0, 0x0, 0x3}], &(0x7f0000000340)='GPL\x00', 0xfffffc00, 0x1000, &(0x7f0000000840)=""/4096, 0x41000, 0x20, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000380)={0x7, 0x1}, 0x8, 0x10, &(0x7f00000003c0)={0x3, 0x3, 0x9, 0xc}, 0x10, 0x2469, r2, 0x2, &(0x7f0000000480), &(0x7f00000004c0)=[{0x2, 0x5, 0xf, 0xf}, {0x0, 0x5, 0xe, 0x3}], 0x10, 0x878}, 0x94)

2m21.154677652s ago: executing program 1 (id=2197):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000000000f6000000006debff00850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000004c0)='signal_generate\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000208500000004"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x52)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r1}, 0x10)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)

2m21.101699206s ago: executing program 1 (id=2208):
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000040)='./file2\x00', 0x1000052, &(0x7f0000000240)=ANY=[], 0xf5, 0x1219, &(0x7f0000002100)="$eJzs3E9rHGUcB/Bf1o1JU/NHrdX2oA948TQ0OXgSJEgKkgWlNkIrCFOz0SVjNmRCYEWsnrz2dXj2JvgOcvE1eMvFYw/iSGYam223VMHdFfv5HDI/nuf55pln2F2YZZ49eefel7s7ZbaTH0ZrZiZa+xHpfooUrTjz+mZzvHV7c73T2biR0vX1m6tvp5SW3vj5k6/nIuLixz8u/TQXxyufnvy29uvx5eMrJ3/c/KJXpl6ZVvqHKU93+v3D/E7RTdu9cjdL6cOim5fd1NsruwdD/TtFf39/kPK97cWF/YNuWaZ8b5B27+UR/XR4MEj553lvL2VZlhYXgieaffqQrR/uV1UVUVWz8XxUVVVdiIW4GC/EYizFtxHxYrwUL8eleCUux6vxWlypR03i9AEAAAAAAAAAAAAAAAAAAODZcX7/f0QM7f9fjhX7/wEAAAAAAAAAAAAAAAAAAGACPrp1e3O909m4kdJ8RPH90dbRVnNs+td3ohdFdONaLMfvUe/+bzT19fc7G9dSbSW+K+4+yN892nquyZ/+Oc2v1j8n8CDfrvvO8qtNPg3n52Lh/PxrsRyXRs+/NjI/H2+9eS6fxXL88ln0o4jteu6H+W9WU3rvg84j+av1OAAAAPg/yNJfRt6/Z9mT+pv83/5+oB2P3F+342p7umsnohx8tZu3iu5BXRRnxfxjLWMrZiNiUnONq5gbbmmNaa7WUy7UzLgW2P6PXGfF48Xpu/jf+D8XYrhl2p9MTMLDl8G0zwQAAAAAAAAAAIB/YszPJ7ZjxJNl705nqQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ/swLEAAAAAgDB/6zQ6NgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGCoAAP//I6LAUA==")
r0 = creat(&(0x7f00000001c0)='./bus\x00', 0x40)
io_setup(0x9, &(0x7f0000000300)=<r1=>0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0xe7030003, 0x2, 0x1, 0x0, r0, &(0x7f0000000000), 0x100000}])
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r2, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x7, 0x0, 0x0, 0x1, 0x0, "ef35af413bb901527fe4d0ce5d29c3ee5e5c3676345a41499db7aac63a01000000000000004faa2ae2c084a0ea0000000000000000000c00002000", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00", [0x4]})

2m20.54830933s ago: executing program 1 (id=2203):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = syz_io_uring_setup(0xbc3, &(0x7f0000001480)={0x0, 0x1064, 0x80, 0x200003, 0x1af}, &(0x7f0000000040)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x1, 0xffffffffffffffff, 0x0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000200)=[{0x0}, {0x0}], 0x2}, 0x0, 0x3, 0x0, {0x2}})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
io_uring_enter(r0, 0x47f8, 0x0, 0x0, 0x0, 0x0)

2m20.285220001s ago: executing program 1 (id=2212):
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000540)='inet_sock_set_state\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000540)='inet_sock_set_state\x00', r2}, 0x10)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r3, 0x0)

2m20.279839531s ago: executing program 33 (id=2212):
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000540)='inet_sock_set_state\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000540)='inet_sock_set_state\x00', r2}, 0x10)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r3, 0x0)

2m17.848397315s ago: executing program 3 (id=2269):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r1, 0x0, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x9f)
sendmsg$nl_route(r0, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000280)={0x2, &(0x7f0000000180)=[{0x61}, {0x6, 0x0, 0xfc, 0x9}]})

2m17.749363633s ago: executing program 3 (id=2272):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
creat(&(0x7f00000001c0)='./file1\x00', 0x2)
acct(&(0x7f0000000080)='./file1\x00')
acct(0x0)

2m17.677705279s ago: executing program 3 (id=2275):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x400000, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9d}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x18, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5)
ioctl$SG_IO(r2, 0x2285, 0x0)
writev(r2, &(0x7f0000000400)=[{&(0x7f0000000080)="aefdda9d240300005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d76641cb010052f436dd2a", 0x2a}, {&(0x7f0000000040)="aa1d484ea0000000f7fc08fcd111fbdf23ea32db0e8f21d5bc27bd49eb067a0689fff2a41cfbf0e9d85e44", 0x2b}], 0x2)

2m17.556849058s ago: executing program 3 (id=2277):
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000040)='./file2\x00', 0x1000052, &(0x7f0000000240)=ANY=[], 0xf5, 0x1219, &(0x7f0000002100)="$eJzs3E9rHGUcB/Bf1o1JU/NHrdX2oA948TQ0OXgSJEgKkgWlNkIrCFOz0SVjNmRCYEWsnrz2dXj2JvgOcvE1eMvFYw/iSGYam223VMHdFfv5HDI/nuf55pln2F2YZZ49eefel7s7ZbaTH0ZrZiZa+xHpfooUrTjz+mZzvHV7c73T2biR0vX1m6tvp5SW3vj5k6/nIuLixz8u/TQXxyufnvy29uvx5eMrJ3/c/KJXpl6ZVvqHKU93+v3D/E7RTdu9cjdL6cOim5fd1NsruwdD/TtFf39/kPK97cWF/YNuWaZ8b5B27+UR/XR4MEj553lvL2VZlhYXgieaffqQrR/uV1UVUVWz8XxUVVVdiIW4GC/EYizFtxHxYrwUL8eleCUux6vxWlypR03i9AEAAAAAAAAAAAAAAAAAAODZcX7/f0QM7f9fjhX7/wEAAAAAAAAAAAAAAAAAAGACPrp1e3O909m4kdJ8RPH90dbRVnNs+td3ohdFdONaLMfvUe/+bzT19fc7G9dSbSW+K+4+yN892nquyZ/+Oc2v1j8n8CDfrvvO8qtNPg3n52Lh/PxrsRyXRs+/NjI/H2+9eS6fxXL88ln0o4jteu6H+W9WU3rvg84j+av1OAAAAPg/yNJfRt6/Z9mT+pv83/5+oB2P3F+342p7umsnohx8tZu3iu5BXRRnxfxjLWMrZiNiUnONq5gbbmmNaa7WUy7UzLgW2P6PXGfF48Xpu/jf+D8XYrhl2p9MTMLDl8G0zwQAAAAAAAAAAIB/YszPJ7ZjxJNl705nqQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ/swLEAAAAAgDB/6zQ6NgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGCoAAP//I6LAUA==")
r0 = creat(&(0x7f00000001c0)='./bus\x00', 0x40)
io_setup(0x9, &(0x7f0000000300)=<r1=>0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0xe7030003, 0x2, 0x1, 0x0, r0, &(0x7f0000000000), 0x100000}])
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r2, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x7, 0x0, 0x0, 0x1, 0x0, "ef35af413bb901527fe4d0ce5d29c3ee5e5c3676345a41499db7aac63a01000000000000004faa2ae2c084a0ea0000000000000000000c00002000", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00", [0x4]})

2m17.16081048s ago: executing program 3 (id=2285):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000100)='kfree\x00', r1}, 0x18)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x3, r2, {0x2, 0x0, @multicast2}, 0x2}}, 0x2e)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r3, &(0x7f00000000c0)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast1}, 0x2, 0x2}}, 0x26)
close_range(r0, 0xffffffffffffffff, 0x0)

2m16.952419767s ago: executing program 3 (id=2288):
r0 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000400), 0x20280, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500001000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r2}, 0x10)
ioctl$IMADDTIMER(r0, 0x80044940, &(0x7f0000000080)=0x14)
unshare(0x62040200)
close(r0)

2m16.952193576s ago: executing program 34 (id=2288):
r0 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000400), 0x20280, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500001000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r2}, 0x10)
ioctl$IMADDTIMER(r0, 0x80044940, &(0x7f0000000080)=0x14)
unshare(0x62040200)
close(r0)

1m29.00901607s ago: executing program 7 (id=3920):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb7030000000007f1b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
creat(&(0x7f0000000140)='./file0\x00', 0x2)
setxattr$security_capability(0x0, &(0x7f0000000280), 0x0, 0x0, 0x0)
lsetxattr$security_capability(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), &(0x7f00000006c0)=@v3={0x3000000, [{0x3, 0x2}, {0x9, 0x56}], 0xee01}, 0x18, 0x0)
lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)=ANY=[], 0x0, 0x0)

1m28.957370735s ago: executing program 7 (id=3925):
r0 = syz_io_uring_setup(0x131, &(0x7f0000000340)={0x0, 0x5cb1, 0x2, 0x3, 0xfffffffd}, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000280))
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000300)=<r2=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r2, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2, 0x5031, 0xffffffffffffffff, 0xc2dcc000)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0x200, 0x0, 0x4)
io_uring_enter(r0, 0x7ad3, 0xf728, 0x4, 0x0, 0xff84)

1m28.848478063s ago: executing program 7 (id=3926):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
writev(0xffffffffffffffff, &(0x7f0000000440), 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x0, 0x1, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f00000000c0))
socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10)
move_pages(0x0, 0x20a0, &(0x7f0000000040), &(0x7f0000001180), &(0x7f0000000000), 0x0)

1m28.848224263s ago: executing program 7 (id=3928):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b100a, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
open_tree(r0, &(0x7f0000000080)='./file0/file0\x00', 0x1000)
umount2(&(0x7f0000000340)='./file0/file0\x00', 0x1)

1m28.830154725s ago: executing program 7 (id=3929):
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000180)={0x42, 0x0, 0x2}, 0x10)
sendmsg$tipc(r2, &(0x7f0000000540)={&(0x7f00000001c0)=@name={0x1e, 0x2, 0x0, {{0x42}, 0x2}}, 0x10, 0x0}, 0x10)

1m28.583402075s ago: executing program 7 (id=3938):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a000020095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a500850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r0}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r1}, 0x18)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
syz_pidfd_open(0x0, 0x0)
connect$vsock_stream(r2, &(0x7f0000000140)={0x28, 0x0, 0x0, @host}, 0x10)

1m28.551548807s ago: executing program 35 (id=3938):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a000020095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a500850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r0}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r1}, 0x18)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
syz_pidfd_open(0x0, 0x0)
connect$vsock_stream(r2, &(0x7f0000000140)={0x28, 0x0, 0x0, @host}, 0x10)

1m8.784513264s ago: executing program 5 (id=4485):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000007000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kfree\x00', r1, 0x0, 0xffffffffffffffff}, 0x18)
r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000005c0), 0x2, 0x0)
io_submit(0x0, 0x0, 0x0)
r3 = openat$selinux_policy(0xffffff9c, &(0x7f0000000300), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r3, 0x0)
write$selinux_load(r2, &(0x7f0000000000)=ANY=[], 0xffa8)

1m8.639231616s ago: executing program 5 (id=4488):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x11, 0xf, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000400000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000040b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000010000008500000084000000b70000000000000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000180)='signal_generate\x00', r1}, 0x18)
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x0, &(0x7f0000000c00), 0x1, 0xb77, &(0x7f0000000c40)="$eJzs3c9vFFUcAPDvzG5LKWgX40GMCTUeIDFsW0BB4gE8Gg8mkqAnXPuDNCxgaE0sIbHcTLyowZMnT2qiR6+GGPXkweiJ/8CQEFP4A2pmdnZZ6W5LYcuQ8vkks/vePJb3nSbffW86bzoBPLHGs5c0Ym9EfJ5EjBX704gYzksjEcutf3dn5cp0tiWxuvrOv0kkEXF75cp0+/9Kivdd2Us1/2T89UvEM5W1/S4sXT7XaDZnLxX1icXzH04sLF0+OH++cXb27OyFQ69OHp567cixV44M7FiXjqaf/fnmG99dO/P1Hz8ee+HTJE7E7qKt+zgGZTzGOz+TbtWIeG/QnZWkUhxPr+MEAODxk3bN4fbGWFTyUstY1OdLDQ4AAAAYiE8iYhUAAADY5hLn/wAAALDNtdcB3F65Mt3eyl2RADwqt05GRK2V/+37+1st1VjO30diKCJG7yRddwa17veuDaD/8Yj44auj+7Ittug+fKC35asR8Vyv8T/J87+W/xWPtfmfRsTkAPofv6cu/+HReZj8PzGA/uU/AAAAAAAADM71k60L+Wuv/6Wd9T/R4/pfpce1uwex8fW/9OYAugF6uHUy4vWuZ/vc6cr/Qq1S1J7K1wMMJXPzzdnJiHg6Ig7E0I6sPrVOH9/+dPzvfm3d6/+yLeu/vRawiONmdcf/PzPTWGw8zDEDLbeuRjxf7ZX/SWf8T/qs/337Pvv47fTPc/3aNs5/YKusfhOxv+f4f/eJbsn6z+ebyOcDE+1ZwVqnX/z1+379y38oTzb+j66f/7Wk+3mdC5vvY3L04Nl+bQ86/x9OTuVPFR0u9n3cWFy8NBUxnLy1dv+hzccM21E7H9r5kuX/gZd6n/+vN//Pkuz94lsijYhG8Z7VP7inzx1nfv+iXzzGfyhPlv8zmxr/N1/48t2VU/36v7/x/0g+ph8o9vj9H6zvfhO07DgBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgcZJGxO5I0nqnnKb1esSuiHg2RtPmxYXFl+cufnRhJmuLqMVQOjffnJ2MiLFWPcnqU3n5bv3QPfXDEbEnIq6N7czr9emLzZmyDx4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICOXRGxO5K0HhFpXk7Ter3V9s9Y2dEBAAAAA1MrOwAAAABgyzn/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAh7dl3/UYSEcvHd+ZbZrhoGyo1MmCrpWUHAJSmUnYAQGmqZQcAlMY5PpBs0D7St8UMAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBJsn/v9RtJRCwf35lvmeGibajUyICtlpYdAFCaStkBAKWplh0AUBrn+ECyQftI3xYzCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAnycLS5XONZnP2koKCgkKnUPY3EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANvZfwEAAP//vlL7zw==")
timer_create(0x3, 0x0, &(0x7f0000001440))
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x4, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000feffffff0000000000000000850000007500000095"], &(0x7f0000000540)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000100)='signal_generate\x00', r2}, 0x18)
timer_settime(0x0, 0x1, &(0x7f0000000880)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)

1m8.505160376s ago: executing program 5 (id=4496):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0}, 0x94)
io_uring_register$IORING_REGISTER_MEM_REGION(0xffffffffffffffff, 0x22, 0x0, 0x1)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2000007d, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1, 0x0, 0x8ece}, 0x18)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x1208002, &(0x7f0000000100)={[{@grpquota}, {@delalloc}, {@resuid}, {@debug}, {@dioread_nolock}, {}, {@nomblk_io_submit}, {@noauto_da_alloc}]}, 0x1, 0x5d8, &(0x7f00000005c0)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
lchown(&(0x7f00000006c0)='./file0\x00', 0x0, 0xee01)

1m8.339868759s ago: executing program 5 (id=4500):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x1001)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x12f451, 0x0)
mount$bind(&(0x7f00000000c0)='.\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x80700a, 0x0)
umount2(&(0x7f0000000280)='./file0/file0/file0\x00', 0xa)

1m8.274062755s ago: executing program 5 (id=4501):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x18)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000140)='./control\x00', 0x5)
inotify_add_watch(0xffffffffffffffff, 0x0, 0xa4000960)
rmdir(&(0x7f0000000100)='./control\x00')

1m8.225765368s ago: executing program 5 (id=4503):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x41)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0a000000030000000800000001"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r0}, &(0x7f0000000500), &(0x7f0000000580)}, 0x20)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
utime(&(0x7f0000000100)='./file0\x00', 0x0)

1m8.191956541s ago: executing program 36 (id=4503):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x41)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0a000000030000000800000001"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r0}, &(0x7f0000000500), &(0x7f0000000580)}, 0x20)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
utime(&(0x7f0000000100)='./file0\x00', 0x0)

1m5.429836901s ago: executing program 9 (id=4593):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000440)={'vxcan1\x00', <r1=>0x0})
connect$can_bcm(r0, &(0x7f0000000300)={0x1d, r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
sendmsg$can_bcm(r0, &(0x7f0000000480)={&(0x7f0000000340), 0x10, &(0x7f00000000c0)={&(0x7f0000000580)={0x1, 0x7ab0715dca68fed7, 0x0, {}, {}, {}, 0x4, @canfd={{}, 0x0, 0x0, 0x0, 0x0, "b8ee0816756b62187804752330b2b55830d7228ef1593c0639bd084bba0bfd8db72f70e5b2e7f90e11cbc6ec61a03fc316d5d47970907af5fc4a27f6cf718909"}}, 0x20000600}}, 0x0)

1m5.399538514s ago: executing program 9 (id=4597):
r0 = socket(0x10, 0x803, 0x0)
r1 = socket(0x10, 0x803, 0x0)
ioctl$BTRFS_IOC_INO_LOOKUP_USER(r1, 0xd000943e, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=@getchain={0x24, 0x66, 0x0, 0x40000000, 0x2000, {0x0, 0x0, 0x0, 0x0, {}, {}, {0x4}}}, 0x24}}, 0x0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000900)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@newlink={0x38, 0x10, 0x401, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, r2, 0x98, 0x1114}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x8, 0x2, 0x0, 0x1, [@IFLA_IPTUN_COLLECT_METADATA={0x4}]}}}]}, 0x38}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=@newlink={0x48, 0x10, 0x401, 0xfffffffc, 0x25dfdbfe, {0x0, 0x0, 0x0, r2, 0x1493cf2c54a75087, 0xac}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_IPTUN_ENCAP_FLAGS={0x6, 0x10, 0x8}, @IFLA_IPTUN_FWMARK={0x8, 0x14, 0x73f}, @IFLA_IPTUN_COLLECT_METADATA={0x4}]}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x20040805}, 0x20004094)

1m5.383809195s ago: executing program 9 (id=4598):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0xa, 0x4, 0x8, 0x8}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000002c0)=0x1)
capset(&(0x7f0000000c00)={0x20080522}, &(0x7f0000000280)={0x0, 0x3, 0x7, 0x0, 0x10040, 0x8f})
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000100)=0x2)

1m5.260467675s ago: executing program 9 (id=4607):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x3000046, &(0x7f0000000280)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@resgid}, {@data_err_ignore}, {@jqfmt_vfsv0}, {@nobh}, {@errors_remount}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200, 0x400000]})
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x141842, 0x0)
pwritev2(r1, &(0x7f0000000940)=[{&(0x7f0000000340)="be85809842d43cbb78329613b3aa8b78f87e932d0db6f110e00ef09327f497b6c6bc81aa4e792dc9c48a1b9a75cf44ce8ce1b856b626a7e4777204471d63392de989c63d", 0x44}], 0x1, 0x9, 0x10000, 0x0)

1m4.981649467s ago: executing program 9 (id=4618):
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f0000000000)=@file={0x1, './file0\x00'}, 0x6e)
setsockopt$sock_timeval(r0, 0x1, 0x43, &(0x7f0000000080)={0x0, 0x2710}, 0x10)
listen(r1, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
connect$unix(r2, &(0x7f0000000100)=@file={0x1, './file0\x00'}, 0x6e)
connect$unix(r0, &(0x7f0000000100)=@file={0x1, './file0\x00'}, 0x6e)

1m2.648464013s ago: executing program 9 (id=4669):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000001ec0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
geteuid()
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000202300800000000025ad9835850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
syz_mount_image$iso9660(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x14806, &(0x7f00000000c0)=ANY=[@ANYRES32=0x0], 0x0, 0x70a, &(0x7f00000232c0)="$eJzs3V+P21gZBvDnJJkkk0JVAapWVbdzOmWlqRhSJ7NNFRUkjHOSMSRxZHtgRkJaFTqDRs0UaItEc9PODX+k5Qtwtzdc8CFW4oKr/RZwBdIKhIR2BUJGPraTTOJkJm3a2aXPb7Qb5/j18etjr896xj4GERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERQVgNw6gItO3uzq6czWq4Tif5ksXU/Ki2FdyMJm7OW+dKuF5AhP+gWMRbUfFbXxmFXA7/tY6r0berKIYfRQwuXL5098u5TLL8nIRfBBat8PHTwYN7/f7+ozPEZrFw9ecJmTMEtVTX9hy7Y7aUtD1H1ms149Z205NNu628Pc9XHWm5KuM7rtywbspKvb4lVXnP2em2GmZbJYV3vl41jJr8TiHa0QDKnrVtt9t2t6VjwtlhzB35/g+iAGV2pDw47O9vjeXzLK2Nw6BKSvKZ8eAwqHra5laNarVSqVYrtdv123cMIzdVYISEMYSpiKUftHSeMvHxusAiyzt5E72kjNX4j/FnAbRRRBc72IVM/bHQgAsHnRnzY0n//84tNXe94/1/0suvjGZfge7/r0Xfrs3q/2fkIiH1AmlzxIzyxX5WdEYSj/EUAzzAPfTRxz4eLaFuCbn20jXkjbgll5LPzJ8WFLqw4cGBjQ5MtPBFyLhEoo4aajDwHrbRhAeJJmy0oeBhDx58qPCIyoeZKpjw4cCFxAYs3IREBXXUsQUJhTL24GAHXbTQgIlPgiA4wKFu9604n+cpW40kqDJjIwrIJcfdPqpztnZW///DZ9HScf9vsP9/U0XHQSH6+GheDNFnQBBf/y9o7dVkQ0RERERERESvgtC/fRf6r/JvAwjQtNvKOBFTOLfsiIiIiIiIiGgZBIICrkJEd+XjbYjp638iIiIiIiIi+nwT+hk7AaCkb+oXo8elzvJLgOxrSJGIiIiIiIiIXpJ+8v9aHgj0Xf5rEAtd/xMRERERERHR58Cvx8bYz2XjMXaD5M/6GQBrfymID/9egLsijnu7XxVHZjjHPIpjpu4A8JtXxMV4oF79kQegv1nqqojXJoF/Jb99CH18kD7W//MgIoRwJxLIZ8crmJGACNdcy8Xf8D6uR4tcj8eZvz/IQM+JRhQuNe22KltO+24Fpnkx46td/+cPD38BuMPtPDjs75d/9JP+fZ3LcVh0fBRW+uxEOpn0xhjl8kSPt6CfuUgb3XgVzWSVv+l2SkKv10i2PwvzKDO+onk7oLYKRFv5S6xH+2w9iGJLg+GI+wJY04M/VMp6l53YendFjLKoTG552o6YseVFncWNKObGxo3oI2mTsJ6MKH4tC1TLk/sgTHQsi+p4Fqe3hfjHRPvPzwKiGLbFVpjFH8OKJtri+x9GC2/1dpPhMc6SxdRRQER0Xg5GvZAexHxqjP2ke0hOamfvd5AD4rPcjN59tJYg7j+S3v3J74Koh8oCufhvE+lrSfoVhGf0DaHryUcDuueupJzRjfKnQRCYF4sYP6P/NwiSDTIW6N2OgyCYPKP/YfQOpDjtqSz+HQTB3YruSX470at+EC7wwcz1eu1qFkUU8OTop/gkmb3/4/2H1epWzXjXMG5XsaL/VyH+yIJ9DxERTTn9HTs6IjMnQryL61Ed1+//7Z1o6kSP96X4lgLtFtDHfWwmrxBYS6+1hAN885/RbQib0VUrsF6KPksDefnS3fCqdhh7KHL6DS+bM6/qdGcZxerbG6rD2OS9Q5NXgKPYrVe8F4iIiF6v9Rn9MHCi/8fJ/r94ov/fxEYUsXEl9bq7NHZL4WZydTy8pB9cOE6NrZye/LeW3BhERERvCOV+LEr+r4Tr2r33KvV6xfS3lXQd67vStRstJe2ur1xr2+y2lOy5ju9YTlv2XBTsVeVJb6fXc1xfNh1X9hzP3tVvfpfxq9891TG7vm15vbYyPSUtp+ubli8btmfJ3s6327a3rVy9sNdTlt20LdO3na70nB3XUmUpPaXGAu2G6vp20w4nu7Ln2h3T3ZPfc9o7HSUbyrNcu+c7UYXJuuxu03E7utoygoVfdEhERPT/6PHTwYN7/f7+o8mJ1fDSPCo5xoyY6Yl8SoUcI4iIiOgzZtRdL7BQ8RUmREREREREREREREREREREREREREREREREU05/pG/BiZW0hwWBYcnPLsYleI7RI4ZT9Qi8bD6fun/SA/u9yOKZYYkAcIalkkciBg8+mhO8OixJmn885niRDHEJeOH2+esXgAu6BFFJbokHwPTzo0s/xtImvnEQteisGD0zdVZhuC9yy//PIZx4+PvpWSJs+SAIgvmLF062Yf7sx3MOwKP8nF2wesrx87rPRET0uv0vAAD//ySOL9Y=")
chroot(&(0x7f0000000000)='./file0/../file0\x00')

1m2.648321273s ago: executing program 37 (id=4669):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000001ec0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
geteuid()
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000202300800000000025ad9835850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
syz_mount_image$iso9660(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x14806, &(0x7f00000000c0)=ANY=[@ANYRES32=0x0], 0x0, 0x70a, &(0x7f00000232c0)="$eJzs3V+P21gZBvDnJJkkk0JVAapWVbdzOmWlqRhSJ7NNFRUkjHOSMSRxZHtgRkJaFTqDRs0UaItEc9PODX+k5Qtwtzdc8CFW4oKr/RZwBdIKhIR2BUJGPraTTOJkJm3a2aXPb7Qb5/j18etjr896xj4GERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERQVgNw6gItO3uzq6czWq4Tif5ksXU/Ki2FdyMJm7OW+dKuF5AhP+gWMRbUfFbXxmFXA7/tY6r0berKIYfRQwuXL5098u5TLL8nIRfBBat8PHTwYN7/f7+ozPEZrFw9ecJmTMEtVTX9hy7Y7aUtD1H1ms149Z205NNu628Pc9XHWm5KuM7rtywbspKvb4lVXnP2em2GmZbJYV3vl41jJr8TiHa0QDKnrVtt9t2t6VjwtlhzB35/g+iAGV2pDw47O9vjeXzLK2Nw6BKSvKZ8eAwqHra5laNarVSqVYrtdv123cMIzdVYISEMYSpiKUftHSeMvHxusAiyzt5E72kjNX4j/FnAbRRRBc72IVM/bHQgAsHnRnzY0n//84tNXe94/1/0suvjGZfge7/r0Xfrs3q/2fkIiH1AmlzxIzyxX5WdEYSj/EUAzzAPfTRxz4eLaFuCbn20jXkjbgll5LPzJ8WFLqw4cGBjQ5MtPBFyLhEoo4aajDwHrbRhAeJJmy0oeBhDx58qPCIyoeZKpjw4cCFxAYs3IREBXXUsQUJhTL24GAHXbTQgIlPgiA4wKFu9604n+cpW40kqDJjIwrIJcfdPqpztnZW///DZ9HScf9vsP9/U0XHQSH6+GheDNFnQBBf/y9o7dVkQ0RERERERESvgtC/fRf6r/JvAwjQtNvKOBFTOLfsiIiIiIiIiGgZBIICrkJEd+XjbYjp638iIiIiIiIi+nwT+hk7AaCkb+oXo8elzvJLgOxrSJGIiIiIiIiIXpJ+8v9aHgj0Xf5rEAtd/xMRERERERHR58Cvx8bYz2XjMXaD5M/6GQBrfymID/9egLsijnu7XxVHZjjHPIpjpu4A8JtXxMV4oF79kQegv1nqqojXJoF/Jb99CH18kD7W//MgIoRwJxLIZ8crmJGACNdcy8Xf8D6uR4tcj8eZvz/IQM+JRhQuNe22KltO+24Fpnkx46td/+cPD38BuMPtPDjs75d/9JP+fZ3LcVh0fBRW+uxEOpn0xhjl8kSPt6CfuUgb3XgVzWSVv+l2SkKv10i2PwvzKDO+onk7oLYKRFv5S6xH+2w9iGJLg+GI+wJY04M/VMp6l53YendFjLKoTG552o6YseVFncWNKObGxo3oI2mTsJ6MKH4tC1TLk/sgTHQsi+p4Fqe3hfjHRPvPzwKiGLbFVpjFH8OKJtri+x9GC2/1dpPhMc6SxdRRQER0Xg5GvZAexHxqjP2ke0hOamfvd5AD4rPcjN59tJYg7j+S3v3J74Koh8oCufhvE+lrSfoVhGf0DaHryUcDuueupJzRjfKnQRCYF4sYP6P/NwiSDTIW6N2OgyCYPKP/YfQOpDjtqSz+HQTB3YruSX470at+EC7wwcz1eu1qFkUU8OTop/gkmb3/4/2H1epWzXjXMG5XsaL/VyH+yIJ9DxERTTn9HTs6IjMnQryL61Ed1+//7Z1o6kSP96X4lgLtFtDHfWwmrxBYS6+1hAN885/RbQib0VUrsF6KPksDefnS3fCqdhh7KHL6DS+bM6/qdGcZxerbG6rD2OS9Q5NXgKPYrVe8F4iIiF6v9Rn9MHCi/8fJ/r94ov/fxEYUsXEl9bq7NHZL4WZydTy8pB9cOE6NrZye/LeW3BhERERvCOV+LEr+r4Tr2r33KvV6xfS3lXQd67vStRstJe2ur1xr2+y2lOy5ju9YTlv2XBTsVeVJb6fXc1xfNh1X9hzP3tVvfpfxq9891TG7vm15vbYyPSUtp+ubli8btmfJ3s6327a3rVy9sNdTlt20LdO3na70nB3XUmUpPaXGAu2G6vp20w4nu7Ln2h3T3ZPfc9o7HSUbyrNcu+c7UYXJuuxu03E7utoygoVfdEhERPT/6PHTwYN7/f7+o8mJ1fDSPCo5xoyY6Yl8SoUcI4iIiOgzZtRdL7BQ8RUmREREREREREREREREREREREREREREREREU05/pG/BiZW0hwWBYcnPLsYleI7RI4ZT9Qi8bD6fun/SA/u9yOKZYYkAcIalkkciBg8+mhO8OixJmn885niRDHEJeOH2+esXgAu6BFFJbokHwPTzo0s/xtImvnEQteisGD0zdVZhuC9yy//PIZx4+PvpWSJs+SAIgvmLF062Yf7sx3MOwKP8nF2wesrx87rPRET0uv0vAAD//ySOL9Y=")
chroot(&(0x7f0000000000)='./file0/../file0\x00')

2.495625571s ago: executing program 0 (id=6381):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'veth0\x00', <r1=>0x0})
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f00000004c0)={r1, 0x3, 0x6}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
bind$packet(r0, &(0x7f0000000040)={0x11, 0x1, r1, 0x1, 0x9}, 0x14)
r3 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_add_memb(r3, 0x107, 0x1, &(0x7f0000000100)={r1, 0x1, 0x6, @remote}, 0x10)
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000440)=@getchain={0x24, 0x11, 0x1, 0xfffffffe, 0x2000001, {0x0, 0x0, 0x0, r1, {0x7, 0xa}, {0xd, 0xc}, {0x8}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x20048054)

2.402249328s ago: executing program 2 (id=6374):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000004000), &(0x7f0000004040)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000400)='locks_get_lock_context\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000400)='locks_get_lock_context\x00', r2}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000600)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
fcntl$lock(r3, 0x26, &(0x7f0000000000))

2.357910582s ago: executing program 2 (id=6375):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000046c0)=@newqdisc={0x45c, 0x24, 0x4ee4e6a52ff56541, 0x8000000, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x2, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x40000000, 0x1000, 0x2, 0x0, 0x0, 0x8000002, 0x0, 0x7e150a0b, 0x0, 0x5, 0x0, 0x0, 0x0, 0x4, 0x0, 0x100000, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x10000, 0x5d2, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x800000, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0xfffffffd, 0x0, 0x1007, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x3, 0x0, 0x1, 0x8, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x2, 0x9, 0x0, 0x0, 0x7, 0xfbfffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x3, 0x0, 0x0, 0x4fd, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x7e98263b, 0x9, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x4, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd2d1, 0x0, 0x0, 0xb2e, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0xff, 0x1000, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x6, 0xc3f3, 0x1, 0x0, 0x800, 0x9, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0xfffffffe, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0xfffffffd, 0x0, 0x0, 0xd819ac9, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0xffffffff, 0x0, 0x0, 0x80000001, 0x0, 0x10, 0x20, 0x4, 0x400000b2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x8, 0x100, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x1, 0x4, 0xfffffffe, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, 0x0, 0x0, 0x20000040, 0xffffffff, 0x400, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0xaaf0]}, @TCA_TBF_PARMS={0x28, 0x1, {{0x0, 0x3, 0x0, 0x0, 0x0, 0xc0000001}, {0x3, 0x0, 0xb, 0x0, 0x0, 0xffffffff}, 0x7, 0x10, 0x2000000}}]}}]}, 0x45c}}, 0x0)

1.918332477s ago: executing program 0 (id=6388):
unshare(0x20000480)
syz_open_procfs(0x0, &(0x7f0000000280)='attr\x00')
socket$inet_sctp(0x2, 0x5, 0x84)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1f00000000000000000000000010"], 0x48)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000340))
syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x17ef, 0x60ee, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x9, 0x1, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x1, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0x0, 0xf}}}}}]}}]}}, 0x0)
socket$rxrpc(0x21, 0x2, 0xa)
syz_open_dev$usbmon(&(0x7f0000000280), 0x80000000000000, 0x0)
pselect6(0x40, &(0x7f0000000000)={0x6, 0x100000001, 0x3, 0xffffffff, 0x2627bc41, 0xba4, 0x3, 0xfffffffffffffff8}, 0x0, &(0x7f00000000c0)={0x7ff, 0x7, 0x0, 0x8, 0x3, 0x6, 0x1, 0x7f}, &(0x7f0000000100)={0x0, 0x3938700}, 0x0)

1.917751417s ago: executing program 2 (id=6389):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000000206030000000000008000000000000005000100070000000900020073797a30000000001400078008001240000000000500150004000000050005000000000005000400000000000d000300686173683a6d6163"], 0x5c}}, 0x0)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000740)=ANY=[@ANYBLOB="44000000090605000000000000000000010000050900020073797a30000006000500010007000000080009400000000114000880100007800a001100b4"], 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x44000)
sendmsg$IPSET_CMD_DESTROY(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)=ANY=[@ANYBLOB="28000000030605000000000000000000000000000500010007"], 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x20000010)

1.751655681s ago: executing program 2 (id=6378):
r0 = io_uring_setup(0x560d, &(0x7f0000000680)={0x0, 0xb586, 0x2, 0xfffffffe, 0x3bd})
r1 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r1, &(0x7f0000000000)=@in4={0x21, 0x4, 0x2, 0x10, {0x2, 0x0, @empty}}, 0x24)
listen(r1, 0x4)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r3}, 0x18)
close_range(r0, r1, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)

1.455453834s ago: executing program 4 (id=6382):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x654a, 0x4)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)

1.454695194s ago: executing program 2 (id=6383):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x7fff}, 0x18)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xb, 0x4, &(0x7f0000000040)=@framed={{0x66, 0xa, 0x0, 0x0, 0x1, 0x61, 0x11, 0x4c}, [@call={0x85, 0x0, 0x0, 0x11}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4e}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000200), &(0x7f0000000240)=r1}, 0x20)
r3 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000100), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$WG_CMD_SET_DEVICE(r4, &(0x7f0000000d00)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c020000", @ANYRES16=r3, @ANYBLOB="01000000000000000000010000001400020077673100000000000000000000000000f40108807000008048000980280000f8060001000a00000014000200fe8000000000000000000000000000aa05000300000000001c000080060001000200000908000200e000000105000300000000002400010000000000000000"], 0x21c}, 0x1, 0x0, 0x0, 0x20040010}, 0x4008804)

1.452468645s ago: executing program 6 (id=6396):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
close(r2)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f0000000140)={0x1, [<r4=>0x0]}, &(0x7f0000000240)=0x8)
sendmsg$inet_sctp(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000001c0)='F', 0x1}, {0x0, 0xe0}], 0x2, &(0x7f00000000c0)=[@sndinfo={0x20, 0x84, 0x2, {0xa, 0x4, 0x28, 0x200000b, r4}}], 0x20, 0x2400e044}, 0x0)

1.430548936s ago: executing program 4 (id=6384):
syz_clone(0x0, &(0x7f00000004c0)="b6d6f300577c66b486ecc6258cf3443265f0424040a5407d3e39e2a9bca94f8c55b7757afe78fb3778d73a7cf35110763d0db61f3c3cb69188dc590dd58c3cbd49d4a964e742a76c5e254f4e3bc445", 0x4f, 0x0, 0x0, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x9, 0x6, 0x8, 0x8}, 0x50)
close(0x3)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000040), &(0x7f00000004c0), 0xce, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x5, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

1.413362548s ago: executing program 2 (id=6399):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b100a, 0x0)
mount$bind(&(0x7f00000001c0)='./file0/file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
umount2(&(0x7f00000006c0)='./file0/file0\x00', 0x0)

1.056272896s ago: executing program 4 (id=6387):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0}, &(0x7f0000000380), &(0x7f00000003c0)=r1}, 0x20)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000003c0)=0x14)
ioctl$TIOCVHANGUP(r2, 0x5437, 0x2)
capset(&(0x7f0000000040)={0x20071026}, &(0x7f0000000080)={0x6, 0x6, 0x2, 0x87, 0xffffffff, 0x40})
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)

1.055820926s ago: executing program 0 (id=6390):
r0 = socket$caif_stream(0x25, 0x1, 0x5)
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0xe, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r3}, 0x10)
writev(r0, &(0x7f0000000c40)=[{&(0x7f00000007c0)="14", 0x1}], 0x1)

1.013252939s ago: executing program 0 (id=6393):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd19accc4a7fd74e8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f00000002c0)='mm_page_alloc\x00', r1}, 0x10)
r2 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pwritev2(r2, &(0x7f0000000040)=[{&(0x7f00000000c0)="82ee823b", 0x4}], 0x1, 0x1, 0x1, 0x2)
r3 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r3, 0x0)
perf_event_open(&(0x7f0000000180)={0x8, 0x80, 0x0, 0x4, 0x0, 0x7, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x7}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

992.410551ms ago: executing program 4 (id=6394):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000005000000005e002200850000006d00000095"], &(0x7f0000000140)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x18)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$tipc(r2, &(0x7f00000003c0)={&(0x7f0000000180), 0x10, &(0x7f0000000380)=[{&(0x7f0000000480)="c3e972bd85a6d84136d6dd55048d3593a74f338ce6772ab9a6f64041c2f6fbbecdc08ebcd3192b6a53662dae7c8e9c665e80a5d0925f728dcac30c29793992e588952653d414cb8ccdabc38767fee819ec5af0c5ee936880fe8549b4ed347779cab4ffd4e0b62c53a1c01db28f2b3f91c34211c9353bc1dece61511917c2245fd66cb8dffeacb4d46d627c97b498bf1ff6b313bfbc9765457c831771d5eec7997ec242e4505f01c1bb3e069b2e630f42a2be86598a61", 0x64}, {&(0x7f0000000300)='V', 0xffffff6c}, {&(0x7f0000001600)="3eed50d0125719a810f88e3f47186fe4dae74182dfd109a2587c4797410c9b8e39bd3d9aa144d5908647c30c8db69b5c17084c9b1bfbb8680737c4f88abcdbc7d294d72ab1b344270915df9ddf5635644c351c22b29d948ac4106bce7107570beed63077cfbc98ef71699eae65d37724d995b553e7a3ade619b522313ab382caf879feb48942878e605ee3ee2872794e3abe22a3f025068b628a5d92468092a5cc649bbbd978b5772e537939432a502122235ced312dafd108c9ffeb0b38cc16da9418ca01d485a6afb5827da4df6e1121ec307de14bb32b6a977608e4576a998182dd93d592ff43e55bfdbbce23ecd501e43b3e93ef8d9d01711dff54c301e299d3801a3cffe6c9883fbd0e47124dc02569f62d48b878fcb58ce99fcffcd2a5166eff3ad93cf1d137274993d86a3b3730d63ded759f6ca88fa449e5575b15321e5a58a1f888eed7466db4976ce35f6d2efb5ad05d99a66482dc607cb5acb24d326803bd337519cc98103f59c63b5962cd72e4497d1b00817d6e09de70270a09b493c2226617b1c9ef9d506be00d6e07f14633a966f04ecca90fb8d2b963ad6f3817935bd6534fa3da1c5dc468789cbf1192f3c0bff3777f1edd2ada5d35f88f12f29e952c44445ce623509d66811c80a9e0f13ad85aba37d86ff0da4dda601d9e8acb264233bc939fb056316612cff687d5c44157be05bcc88b333ff2a40041d98f1acfe6e2231a84e09bd7a54a0442cf87ce3ee8fd8da39da1862862ae40fc3cb3055c8b70e62f243850707341f51426bb3e71c7a4fffefab060db786000618b05eb087a424a2f30f6a232ff44b605f70ceec0a8f70e37907f6e0bbba21e9d5b7ecb6d287742b75c101ba79525918c3473eae38f3c177249dfa8816661c9921f0b0c858d53ab87c8407b97950c842111002edd1d1e80b801b495da28bcd5409bc971e55dab1857e188ac9728efc8f9a4543945f86ade13b445eacecbbf848a96410ac37c57e3e9e8bc8b8fadd559d225c7468639da2b5d1208558b51e94c14faa7947a7c60e81a96bb5d194cc7289adbc02ebb4b49be1f1efc429db2f9b79b5a22919dba0c35341042c5776942c52365367c4bfc95b42be383cca7107161ded7e851d0126da33d581f1e2b08d0c061e86d31e7a83f9b51c79b4034c7deda7697034e1404c6e8e459f76c2efe64350146c7437ef808e04ca14df5f6f500264fd977272bbf8fc096774e8eb61d0963430751ac1425a073f84346b0eba368cba7fa34adc420800d4f99927280eba199f9695cf88124fafc3a2b1226d2f2ab3ea27c69a127650cf5c725b54c02bd8729033cf699ce7f030f9a3442056244da3cfb61a8126dba11377624f39eb009242152fd7b8b88de7dd86057f29bfcb7b7df0e65e7e9ac9eeaa41afa62743698bff03d5b2d51fb6bca2d92294e8e177cfa3661b26f1c040e9bed983b7bc0aa154eb9c92e4ee25091318c53113a1c23ac62d2d71504cba99041f29a4f332133292cf20abec9222a2acca57cac48fa6c0668ee5eecb494741a64d33b011dcca74696d4614c5b45a5d20983b1708d365ed3ffa60f9161972a611c22642c3c259b41f943f6d7a8b60f284d325e38fe76f0645e069ff70cae38850ccf973193b6232c987df26239a574691f7f07fffa6deae1eb0324fe546573c36f2a2c31cd442517a9b036ae6a2a491e7343864693c107a5dc2585820863c146c1ba6caa4fea9b87d567716f4c8ca1a9d2848055cd750512d3b7415d090019dc8a04a1a1d28931093cd8f00e94c407ca1fa2a5ce903d9df26e008c07cd13afa783220e1bd5e6b60645f3dbb6ecb4156fedafa2dd25498c6a99d94f0b38125ea7741b75109dcac9f80635f79f5c8a0483bb9f05a3a5bf721c7541edb252449f8b13e63c370a6146332f03ca1f1b6fe0bed984f13744bb7fa0fe322e83ddf9ffb2083e94f33604a0a199220c450dad94bf154805e7f9e4350ca2d81adf2978c87dcc8a8a7d56297ec124bfef0d28f35777205e973272c87e01070f14f5b14daa3b5104d9ff6b296c4f16ed49eb42d35e7ba3bccb7a26c33a263df88aadd596e9d9de0abbd4d449df11081f2cd62e1d8962b9b9feb25a3b8e03537d61a61c11ac22b7211d12c84e60a6abcc219e558b2513d8c530b3c7a57cdc47de545aafbb2a13c0e6c75b1b92fa241c713c83a09c92b2b61d565120372a9143415583c9596f27a663d4967cd653b08cebd6cb96c1f0dc80d57267ac9a8281d7149bde880828ee27d69a6818db58320db29d1b044eaf6ab8a5108bc522de406990b5393b1f7e7bab71bf6cf8eed1cd59c7607d662e8b313f5c4fce0f59b1027371381011b63dd5b2b09739082c0d62ffad96e30153a395234937d377c32fe7af82aca3a19d0ebc4a5c5fb5ff190f14d5695c703b571fb4bf03756635cafc6cf6267eab836c347a9d07e8089fc105346934cf3364e5be370b3c42b94bc5ae3d17a817398566a2953251eb91697d67278145df9a4b917bcca1bf211780b22f4caacfcb7604c84f943d05f6fdf8edbd258d7d8dbf84f9d99e57472c5b1c2337d749a1f345e662e2536d23c7a63bbbbf00f8b5b0a2106a0342ab27b9a10b82e82668cd49e0cbb09d7be0217645f1dda3be59c8232fa290d34791cda52aa5b5cec6339ab96a2eb3f5328cc7c0e6717c2824344547a2ed518f6b2b4e4fe5b684596aa6a9d3988fc5d5ff4cb46cec99d951b8386b10949a163af974b7543df97b4882a4ed60e927a1deb67c5f814235bef65fea79a2c712815be7403c93a3707fb90d4604ec3a6a3b0928f253f6ab6bd56c958e026c8c58172c4ac2a3efe2ecd5cea70c8313f9ac2d638bc296ba99e2ca86d2fd06b5402cdcddc3f3c9845d5ae77f6f36963b91e8f6cdccd17abe8d40ed02463af4bb0e496344f350097f1cc13313fa1e172b63556ed2b8a8121c01a5fb343ff7767821626fc49b0d6bd522e1c9bf137d5a5bccb4bc8dbb64c83a82ef6c2894f3896c9f6bf0c3764011d53eeb6db9ea9dae22d3ebcca4942d5828c0bca0d9ea37701d5a06c066ac4fe318e11e9c0d6c658ac810fb5d7836cfffe4ccbb0934e5567d74695980a156d4bf1c18861c5a29ccd349999dc20562d00e1f6c1851ae563541086438d60b975c8ceb466414ff60efa0b2dee790fd0659ffa98b92414c13d5a6825368f56c4984412205041cd8e006c7127d4395ecdffb5addf80ef938ce54a367154c4fc286d5f969325c12b13655a9a956dd3b98281f537e837669fc55d8930676e807aa8cd046e0f4583d59f86cb99f3f7a7ddde1fb39111fdec7677d2fee4b8f4814a5def5ebcc67c653384ce80eaffd880405f7edf8fd3ea049f040595df4a75e2f892e7a85e0ba351fb8d263bfff7168bb85017b360fcd2ba89346682a6ea7ccc46afbdb5ab444e3f477238b2ab503bde914d3cf1789539cde9c0621152cd97bff9f235d88a1ef4ea4309db3a05d401af7fb82784b050ef529dab4f1f003eb29710a962f7538c521e617e2f0efac36182d09985e1d725cc38c3833a53742a02f76fb2854a9e45f0febacf3bda83f11183ef5b9fef02ebcdf56d4104b175bad937d8f61964f97d673577cdcbbb48d8eb62b063ee6563b9ff053719baff871bcd83822d865b2f7ef023076425ac5cd71b1f2309de0c6f14cc9c4d3e8fad945f756a7c8a084ea1bfdf5ac6e740043e7f7bdaca06774b084ae314c2636529d4fdcd965c7f8c07156572620b827d694efdc9d2bfc5aa9391220a83765f2c71fcd48d4acaed60afb53d1013fa3b15e948ec4159f7d130ef85b594018346e99034c18738285223ea53a6b1d5cf11a607de2e19608ba03ec970a915b773824261f3fc931dd6d3b934d89f07baf14776314c3eeb8cd0537ef5736f565fbd14e520d4ab2f77ed9597b76ff91f8d1f99ebd6e473efda7accb273975a06944d1037032129992b994ca791a09b4d83980a1e494b0f97098df5f6fb6bbb02722adb11dc319c565c2c363cbd19d9fb3efb4613b62d6584cd53f7bd80e3e89304f444ce9dd1835661e3bb4de02ccf568a2a5daaf0d56898d4286c3fb62e22af62d7ac318685834467f337561dde2e0c1e2827cdffcf42c17728ee64b3ff4ccc0227590badd0bd7e448b8cca0892d6a5e0130d2ac665f47c6b28daa101c1b319869bdd39fa924d6d9ba7d72feda5f21ac78641c7d4801d41c7879721b3be4dab40d9c4a78552440101f373489cc5240b0144a9ce32691a784b6dfe971a21bb5980ff67da2d1bb90b223c9e192a39c1aeadd1f5c790811079c0b51a97105c99b6f95d71bb3ea47c33d9dcb0a53c929c44499e184a3cd722c908d3b0d157e28ffdeb2ed7192e780d96a7a2f0fd5a87bdc973e049da0caf931f26f5a21813e2e602ceb2259997e0205ce48fd9424bd6d4d75dd4301f429ee30745cd839a40dbeab4c3db2f0f10bbaea071ca41d1392385681730a3678a5f60f604dbe19cb9d7dd234337e327451b8cc65394af399432ef7fc3765d055874ebdca14e5999292d6f72f31e92bacf25db5ef8f5212952c1910de06ddbe1687a0e1837922f2228289916ed3aeb7b9cc24da3ae47139e371930afa6d3573df6732c26c0c7ae06d9cedfa77160711bcb06e6553338deae4c5731cf53cc154113096d02f3036d7d9edfcdc331e4bb860c5208489212e904eab70e7f860b0379895cbdecbf7a0b7a25e5b853c7dbe08a4e296a30afec8cf5a9f6ea4aef32a508655d539a770b21e660c9ee1d7688c56abeb7cf1afccc8d59780cf26312589e0c8e1bc00ad7b1325cd9a5dd69246e0b33407c381ea09265154aec297e4ccdf9785a1042a83e77c13d4ce4360782f2428f9916b5cd123b089eb683d30c1e895b9944aa905a1a5b52301d8cc5e4741834ead6ebdb5dc05c9c49c5e883e99d40b9838037beaf876534d747856103e59caf6266fbbe760b6ef83d004634b74f14f8eb4aef93c4cc9cbbd78d83d532c70feef51ea3f170b25d81a6a9b074bfca7e9b3771bf83517e0dd9d0600f70b86b20f61fe36076f8bada334b2390fa954973bc901619a3cfd039349cb328625f495ab288dbdd6dbfd022c2a83f59e0b998619a12e35891b5ae9e83a71765507b4a571cd2241e5885c705244c1022688bef7c5065fbcf219fc01753adb611b3fbc09403dcb10a4f99d788667eff75fa27074ca8481a633530e26163ccf7dada049d23e717e067b6fa5b2f652bc50abda9e7ccdc5f2f3c35ecc2c4431c819c9691be4422e379750774e9f39dae06f26423c8a4278789c9f3111b43f6dd25b0ad47c4cc5fda3f3ed82079c9366e0adced883488f429c1d7e1b351fd0bb204dd7977ef224c4df6d7a5f7697bc6500a7d03a8a914154779fa7092bf1be6bad4092367ce5d295a5d5d0e7c469f372ca2011d612637025e89f178ae9ada0c5b73bcb7d7c034ff595263cd4216e3c76ba5f3d81932a088a90bf8043e877e299c670ef1622a098d5519d9adc4ee7d4cd00e5934a4375fa83fdb81214b892482b31bdde59a70aaf25cb7f417c3a2a91c4e54b48149f6c41d9d396ee6ff13e3028c64a7c9b1f2e7c6e67184a3d52d6f570db3d225c947423c4c6533f22df57d15c5e5a3183422bd378b06fe4732a9401dcb19840fb8fa5c50a0ff497fef362c507753e46b8881d3e767f3b1d893a3805941c94f2efa05ce34b9ea81d716984af6834230d4707a87089d40779503ee6a9bb245d7d997f14acb80e89731c042bbbbe3dcd05177b0ee0eec23455830ef5b65aca357f2b0b887e0b9821c0", 0x1000}, {&(0x7f0000000340)="b768eb20304f2fdc5a9694a4867840d93170ca1a86406f", 0xfffffec0}], 0x4, 0x0, 0x0, 0x8000}, 0x0)
dup2(r3, r2)
setsockopt$sock_attach_bpf(r2, 0x1, 0x21, &(0x7f0000000040), 0x4)
sendmmsg(r2, &(0x7f0000000640)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x6, 0x200000d1)
close_range(r1, 0xffffffffffffffff, 0x0)

988.898161ms ago: executing program 8 (id=6395):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x408e, &(0x7f0000000240)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@min_batch_time={'min_batch_time', 0x3d, 0xfff}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x40}}, {@stripe={'stripe', 0x3d, 0x4000}}, {@errors_remount}, {@minixdf}]}, 0x3, 0x43a, &(0x7f0000000340)="$eJzs28tvG0UYAPBv13FKXySU8ugDCBRExCNp0gI9cAGBxAEkJDiUY0jSqtRtUBMkWlUQECpHVIk74ojEX8AJLgg4IXGFO6pUoVxaOBmtvZs4jp0mwY5L/ftJm8zsjjPzeXbs2Z1sAH1rJPuRROyJiN8jYqieXV1gpP7r5tLl6b+XLk8nUa2+9VdSK3dj6fJ0UbR43e48M5pGpJ8lcahFvfMXL52dqlRmL+T58YVz74/PX7z07JlzU6dnT8+enzxx4vixiReen3yuI3Fmbbpx8KO5wwdee+fqG9Mnr77787dJEX9THB0yst7BJ6rVDlfXW3sb0slADxvCppQiIuuucm38D0UpVjpvKF79tKeNA7qqWq1Wd7c/vFgF7mBJbLTk2fzzArgzFF/02fVvsW3T1OO2cP2l+gVQFvfNfKsfGYg0L1Nuur7tpJGIOLn4z1fZFt25DwEAsMr32fznmVbzvzTubyh3d742NBwR90TEvoi4NyL2R8R9EbWyD0TEg5usv3mRZO38J722pcA2KJv/vZivba2e/xWzvxgu5bm9tfjLyakzldmj+XsyGuUdWX5inTp+eOW3L9oda5z/ZVtWfzEXzNtxbWDH6tfMTC1M/ZeYG13/JOLgQKv4k+WVgCQiDkTEwS3Wceapbw63O9Yu/vJG/nAH1pmqX0c8We//xWiKv5Csvz45fldUZo+OF2fFWr/8euXNdvXfuv+7K+v/XS3P/+X4h5PG9dr5zddx5Y/P217TbPX8H0zerqUH830fTi0sXJiIGExerze6cf/kymuLfFE+i3/0SOvxvy9W3olDEZGdxA9FxMMR8Uje9kcj4rGIOLJO/D+9/Ph7W4+/u7L4ZzbV/yuJwWje0zpROvvjd6sqHd5M/Fn/H6+lRvM9G/n820i7tnY2AwAAwP9PGhF7IknHltNpOjZW/3/5/bErrczNLzx9au6D8zP1ZwSGo5wWd7qGGu6HTuSX9UV+sil/LL9v/GVpZy0/Nj1Xmel18NDndrcZ/5k/S71uHdB1nteC/mX8Q/8y/qF/Gf/Qv1qM/529aAew/Vp9/3/cg3YA269p/Fv2gz7i+h/6l/EP/cv4h740vzNu/ZC8hMSaRKS3RTMkupTo9ScTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZ/wbAAD//9E940M=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000100), 0xffffff6a)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r1 = perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x8, 0x0, @perf_config_ext={0x1, 0xa}, 0x1184c, 0x9, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000040)={0xa0000004})
epoll_wait(r2, &(0x7f0000004140)=[{}], 0x1, 0x200000)

866.085301ms ago: executing program 0 (id=6397):
r0 = gettid()
r1 = socket(0x40000000015, 0x5, 0x0)
recvmmsg(r1, &(0x7f0000003c40)=[{{0x0, 0x0, 0x0}, 0x80000000}], 0x1, 0x60010002, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000000300))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x18)

746.702841ms ago: executing program 8 (id=6398):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x654a, 0x4)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)

746.469211ms ago: executing program 4 (id=6400):
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000000c0)='\x9eXpB\xaa\x14\xe4\xe9Xu\x8f\v<\x8e\xfem,\xcf\xc7\x11\x9f\x1cNM_\x1eB\x1e^\xaa\xa9\x16`q\xb2\x81XtK\xff\x8fx\xe0\xce\x89R\x9b\xa7\xfc\xea\':\x8f\xb3\xbcN\xfd\x8c\x1f\x9a:\x7f\x19\b\x8a(\xa0Y\x05\xadfA_?E\fO-\x13\xec\xa0\x97\xd6\x91<\x87\xc2^\xf8\x9c\x13\xa3\x9d\x81\xa0:\x1b\x0ey\xd6\xf6R\x87s\xa4\xa09\r\xcf\x0f/\xd5Y?\xf3\x7f\x7f\xca\xb6r\x87 \'\x8a\fC~\xf6\x0e\xae\n\xaaz\f\x87\x1c\xb0\xabi\x8b\xcc\x8b\xdf\x1f', 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4)
bind$inet(r0, &(0x7f0000000240)={0x2, 0x0, @local}, 0x6f)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x300)
setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, &(0x7f0000000080)={'filter\x00', 0x7, 0x4, 0x438, 0x130, 0x240, 0x0, 0x240, 0x370, 0x350, 0x4, 0x0, {[{{@arp={@private, @local, 0x0, 0x0, 0x0, 0x0, {@mac=@broadcast}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth1_to_batadv\x00', 'batadv0\x00'}, 0xc0, 0x130}, @unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "bc2e329885ea3654891fbae8c6c66e07212432bde429bcda7deb48d85c6f5e269c2021c8f8dc09af0b3f2e10e8ac79cc67e264613c4be6838ee2daacf7926a6e"}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @rand_addr, @broadcast}}}, {{@arp={@private, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, {@mac=@link_local}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0\x00', 'veth0_to_bond\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @initdev={0xac, 0x1e, 0x0, 0x0}, @empty}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x488)
setsockopt$inet_int(r0, 0x0, 0x14, &(0x7f0000000000)=0x40, 0x4)
recvmmsg(r0, &(0x7f0000000040), 0x291962b, 0x45833af92e4b39ff, 0x0)

634.61281ms ago: executing program 4 (id=6401):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c40)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000001c0)='sched_switch\x00', r1}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
pipe(&(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
syz_usb_connect$cdc_ncm(0x5, 0x72, 0x0, 0x0)
rseq(&(0x7f0000000080)={0x0, 0x0, 0x0, 0x5}, 0x20, 0x0, 0x0)
io_setup(0x3ff, &(0x7f0000000500)=<r4=>0x0)
io_submit(r4, 0x2000000000000326, &(0x7f0000000300)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x5, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x0, r3}, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, r3, &(0x7f00000001c0)='m', 0xfffffdfc}])

511.880849ms ago: executing program 8 (id=6402):
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0xa, 0x1fffffffffffffcd, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x2000000, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffff92, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0xc, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c25000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r1}, 0x10)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'dummy0\x00'})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8922, &(0x7f0000000080))

511.160029ms ago: executing program 6 (id=6403):
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000073"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r2}, 0x10)
r3 = dup(r1)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[], [], 0x6b}})

452.818214ms ago: executing program 6 (id=6404):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = gettid()
r3 = signalfd4(0xffffffffffffffff, &(0x7f0000000140)={[0xfffffffffffffff5]}, 0x8, 0x80000)
readv(r3, &(0x7f0000002940)=[{&(0x7f00000000c0)=""/121, 0x80}, {0x0}], 0x20000000000000d6)
tkill(r2, 0x7)

381.59742ms ago: executing program 6 (id=6405):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b100a, 0x0)
mount$bind(&(0x7f00000001c0)='./file0/file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
umount2(&(0x7f00000006c0)='./file0/file0\x00', 0x0)

356.633532ms ago: executing program 6 (id=6406):
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000000)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x41000, 0x68, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000000c0)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x10, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000200007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000001900)="2e00000011008188040900000000000000a1810031000000000f000000028002002d1f00000000000000e2000000", 0x2e}], 0x1}, 0x0)

311.670615ms ago: executing program 8 (id=6407):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = io_uring_setup(0x60f8, &(0x7f0000000400)={0x0, 0x10b6, 0x1000, 0x0, 0x203c0})
r3 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r3, &(0x7f00000005c0)=@in4={0x21, 0x8, 0x2, 0x10, {0x2, 0x1, @empty}}, 0x24)
listen(r3, 0x4)
close_range(r2, r3, 0x0)

282.026618ms ago: executing program 8 (id=6408):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r2, &(0x7f0000000380)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
bind$packet(r0, &(0x7f0000000040)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @remote}, 0x14)
sendto$inet6(r0, &(0x7f0000000800)="4103082c1116480401020200c52cf7c25975e005b02f803506892f000300897c6b118777faffffff3066090cb600c5471d130a66321a54e7df305fbe258161b6fd8f2428652265d94c6fdbaefc57376a57c2feffff188be9427c323ef024a37016d2a7f9ab6e7941a6fc4f95aa73c1dfff4941f6503b5bd8c91db22cd33795481c94085fa12cdc679ac2a5d7b5d99b93fb07acb0da680e78b74c74aae8d7690d5986a9af81622a0ac210bc7b5ca5fed11cb54d046642670041e846bb184ff5d39fe8516d2d2a8d84e6e7dfcb2b8a8023444db513a3d7a124b59f0a5cd36489dbbb75cce3145d0ea3c3aa21af7cbcbc7a7575db782e757ca543109f5ddcec4930aa91f4119ea3d1f56140cb86cfe0724b23904ef5d05c725ee23918a502b1afe09fb0757d", 0xfc13, 0x880, 0x0, 0xfffffffffffffef0)

226.743552ms ago: executing program 6 (id=6409):
r0 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r0, &(0x7f0000000040), 0x10)
listen(r0, 0x0)
r1 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r1, &(0x7f0000000080), 0x10)
sendmmsg(r1, &(0x7f0000000100)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)="1b", 0x40000}], 0x1}}], 0x1, 0x24008094)
r2 = accept4$unix(r0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0)
recvfrom$unix(r2, &(0x7f0000000140)=""/263, 0x40000, 0x0, 0x0, 0x0)

226.616702ms ago: executing program 38 (id=6409):
r0 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r0, &(0x7f0000000040), 0x10)
listen(r0, 0x0)
r1 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r1, &(0x7f0000000080), 0x10)
sendmmsg(r1, &(0x7f0000000100)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)="1b", 0x40000}], 0x1}}], 0x1, 0x24008094)
r2 = accept4$unix(r0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0)
recvfrom$unix(r2, &(0x7f0000000140)=""/263, 0x40000, 0x0, 0x0, 0x0)

566.141µs ago: executing program 0 (id=6411):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
close(r2)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f0000000140)={0x1, [<r4=>0x0]}, &(0x7f0000000240)=0x8)
sendmsg$inet_sctp(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000001c0)='F', 0x1}, {0x0, 0xe0}], 0x2, &(0x7f00000000c0)=[@sndinfo={0x20, 0x84, 0x2, {0xa, 0x4, 0x28, 0x200000b, r4}}], 0x20, 0x2400e044}, 0x0)

0s ago: executing program 8 (id=6419):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000c80)={0x11, 0xf, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff3e, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
futex(0x0, 0xd, 0x0, 0x0, 0x0, 0x2)
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000)=0x2000000, 0x300)
futex(&(0x7f000000cffc), 0xc, 0x1, 0x0, &(0x7f0000048000)=0x1, 0x0)

kernel console output (not intermixed with test programs):

rlov option
[  177.628710][T21157] chnl_net:caif_netlink_parms(): no params data found
[  177.651647][T21374] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  177.719895][T21157] bridge0: port 1(bridge_slave_0) entered blocking state
[  177.726984][T21157] bridge0: port 1(bridge_slave_0) entered disabled state
[  177.734652][T21157] bridge_slave_0: entered allmulticast mode
[  177.742739][T21157] bridge_slave_0: entered promiscuous mode
[  177.749743][T21157] bridge0: port 2(bridge_slave_1) entered blocking state
[  177.756793][T21157] bridge0: port 2(bridge_slave_1) entered disabled state
[  177.764088][T21157] bridge_slave_1: entered allmulticast mode
[  177.770634][T21157] bridge_slave_1: entered promiscuous mode
[  177.798008][T21449] netlink: 'syz.0.4556': attribute type 3 has an invalid length.
[  177.813871][T18703] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  177.824663][T21157] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  177.856594][T21157] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  177.877574][T21481] netlink: 28 bytes leftover after parsing attributes in process `syz.8.4547'.
[  177.911557][T21157] team0: Port device team_slave_0 added
[  177.935930][T21157] team0: Port device team_slave_1 added
[  177.936017][T21500] SELinux: failed to load policy
[  177.959958][T21157] batman_adv: batadv0: Adding interface: batadv_slave_0
[  177.966948][T21157] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  177.993058][T21157] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  178.004268][T21541] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4549'.
[  178.013202][T21541] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4549'.
[  178.022127][T21544] loop6: detected capacity change from 0 to 1024
[  178.024966][T21157] batman_adv: batadv0: Adding interface: batadv_slave_1
[  178.035591][T21157] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  178.061620][T21157] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  178.092395][T21552] hsr_slave_1 (unregistering): left promiscuous mode
[  178.121376][T21157] hsr_slave_0: entered promiscuous mode
[  178.127389][T21157] hsr_slave_1: entered promiscuous mode
[  178.205779][T21157] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  178.214211][T21157] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  178.223182][T21157] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  178.230041][T21647] Falling back ldisc for ttyS3.
[  178.236848][T21157] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  178.255249][T21157] bridge0: port 2(bridge_slave_1) entered blocking state
[  178.262538][T21157] bridge0: port 2(bridge_slave_1) entered forwarding state
[  178.269909][T21157] bridge0: port 1(bridge_slave_0) entered blocking state
[  178.277026][T21157] bridge0: port 1(bridge_slave_0) entered forwarding state
[  178.306271][T21157] 8021q: adding VLAN 0 to HW filter on device bond0
[  178.317414][T12529] bridge0: port 1(bridge_slave_0) entered disabled state
[  178.330479][T12529] bridge0: port 2(bridge_slave_1) entered disabled state
[  178.349135][T21157] 8021q: adding VLAN 0 to HW filter on device team0
[  178.364916][T12526] bridge0: port 1(bridge_slave_0) entered blocking state
[  178.372044][T12526] bridge0: port 1(bridge_slave_0) entered forwarding state
[  178.383778][T21677] smc: net device bond0 applied user defined pnetid SYZ0
[  178.392427][T21677] smc: net device bond0 erased user defined pnetid SYZ0
[  178.392931][T12526] bridge0: port 2(bridge_slave_1) entered blocking state
[  178.406581][T12526] bridge0: port 2(bridge_slave_1) entered forwarding state
[  178.430481][T21157] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  178.441099][T21157] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  178.501455][T21157] 8021q: adding VLAN 0 to HW filter on device batadv0
[  178.642806][T21157] veth0_vlan: entered promiscuous mode
[  178.650898][T21157] veth1_vlan: entered promiscuous mode
[  178.665657][T21157] veth0_macvtap: entered promiscuous mode
[  178.673359][T21157] veth1_macvtap: entered promiscuous mode
[  178.683822][T21157] batman_adv: batadv0: Interface activated: batadv_slave_0
[  178.694074][T21157] batman_adv: batadv0: Interface activated: batadv_slave_1
[  178.704588][T12608] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  178.714571][T12608] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  178.730205][T12608] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  178.750984][T12608] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  178.767621][T21713] loop6: detected capacity change from 0 to 1024
[  178.781153][T21713] EXT4-fs: Ignoring removed orlov option
[  178.786843][T21713] EXT4-fs: Ignoring removed nomblk_io_submit option
[  178.814899][T21713] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  178.849565][   T29] kauditd_printk_skb: 195 callbacks suppressed
[  178.849631][   T29] audit: type=1326 audit(1755422917.055:7180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21728 comm="syz.0.4584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e7354ebe9 code=0x7ffc0000
[  178.879480][   T29] audit: type=1326 audit(1755422917.065:7181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21728 comm="syz.0.4584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e7354ebe9 code=0x7ffc0000
[  178.929948][T11846] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  178.939152][   T29] audit: type=1326 audit(1755422917.075:7182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21728 comm="syz.0.4584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3e7354ebe9 code=0x7ffc0000
[  178.939188][   T29] audit: type=1326 audit(1755422917.075:7183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21728 comm="syz.0.4584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e7354ebe9 code=0x7ffc0000
[  178.986164][   T29] audit: type=1326 audit(1755422917.075:7184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21728 comm="syz.0.4584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e7354ebe9 code=0x7ffc0000
[  179.009812][   T29] audit: type=1326 audit(1755422917.075:7185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21728 comm="syz.0.4584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3e7354ebe9 code=0x7ffc0000
[  179.033324][   T29] audit: type=1326 audit(1755422917.075:7186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21728 comm="syz.0.4584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e7354ebe9 code=0x7ffc0000
[  179.056909][   T29] audit: type=1326 audit(1755422917.075:7187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21728 comm="syz.0.4584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3e7354ebe9 code=0x7ffc0000
[  179.080742][   T29] audit: type=1326 audit(1755422917.075:7188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21728 comm="syz.0.4584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e7354ebe9 code=0x7ffc0000
[  179.104414][   T29] audit: type=1326 audit(1755422917.075:7189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21728 comm="syz.0.4584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3e7354ebe9 code=0x7ffc0000
[  179.206370][T21750] loop9: detected capacity change from 0 to 1024
[  179.224948][T21750] EXT4-fs: Ignoring removed orlov option
[  179.232544][T21750] EXT4-fs: Ignoring removed nomblk_io_submit option
[  179.274394][T21750] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  179.313574][T21773] netlink: 'syz.6.4596': attribute type 30 has an invalid length.
[  179.335352][T21157] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  179.381600][T21783] loop9: detected capacity change from 0 to 1024
[  179.577938][T21806] Falling back ldisc for ttyS3.
[  179.624754][T21830] loop9: detected capacity change from 0 to 1024
[  179.640323][T21830] EXT4-fs: Ignoring removed nobh option
[  179.657800][T21830] EXT4-fs: Ignoring removed bh option
[  179.693526][T21840] sctp: [Deprecated]: syz.8.4611 (pid 21840) Use of int in maxseg socket option.
[  179.693526][T21840] Use struct sctp_assoc_value instead
[  179.723624][T21830] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  179.746258][T21848] lo speed is unknown, defaulting to 1000
[  179.778633][T21830] loop9: detected capacity change from 1024 to 64
[  179.787334][T21830] EXT4-fs warning (device loop9): ext4_end_bio:372: I/O error 10 writing to inode 19 starting block 113)
[  179.798666][T21830] EXT4-fs (loop9): failed to convert unwritten extents to written extents -- potential data loss!  (inode 19, error -5)
[  179.811537][T21830] Buffer I/O error on device loop9, logical block 113
[  179.832241][T21157] EXT4-fs warning (device loop9): ext4_empty_dir:3084: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[  179.848018][T21157] EXT4-fs warning (device loop9): ext4_empty_dir:3084: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[  179.863318][T21157] EXT4-fs warning (device loop9): ext4_empty_dir:3084: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[  179.877287][T21157] EXT4-fs warning (device loop9): ext4_empty_dir:3084: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[  179.892562][T21157] EXT4-fs warning (device loop9): ext4_empty_dir:3084: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[  179.906320][T21157] EXT4-fs warning (device loop9): ext4_empty_dir:3084: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[  179.920143][T21157] EXT4-fs warning (device loop9): ext4_empty_dir:3084: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[  179.933768][T21157] EXT4-fs warning (device loop9): ext4_empty_dir:3084: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[  179.947547][T21157] EXT4-fs warning (device loop9): ext4_empty_dir:3084: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[  180.003114][T21885] bridge0: port 3(batadv1) entered blocking state
[  180.009879][T21885] bridge0: port 3(batadv1) entered disabled state
[  180.020225][T21885] batadv1: entered allmulticast mode
[  180.026179][T21885] batadv1: entered promiscuous mode
[  180.131949][T21915] sctp: [Deprecated]: syz.4.4626 (pid 21915) Use of int in maxseg socket option.
[  180.131949][T21915] Use struct sctp_assoc_value instead
[  180.508456][T12563] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled
[  180.517808][T12563] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled
[  180.538498][T21934] loop8: detected capacity change from 0 to 1024
[  180.545507][T21934] EXT4-fs: Ignoring removed orlov option
[  180.551242][T21934] EXT4-fs: Ignoring removed nomblk_io_submit option
[  180.584574][T21934] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  180.612522][T18703] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  180.920401][T21968] sd 0:0:1:0: device reset
[  182.015637][T22016] 9pnet: p9_errstr2errno: server reported unknown error �@00000000000000000000007
[  182.025203][T22014] sctp: [Deprecated]: syz.6.4662 (pid 22014) Use of int in maxseg socket option.
[  182.025203][T22014] Use struct sctp_assoc_value instead
[  182.048747][T21157] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  182.079047][T22018] __nla_validate_parse: 12 callbacks suppressed
[  182.079065][T22018] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4668'.
[  182.094349][T22018] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4668'.
[  182.108929][T21845] bio_check_eod: 12292 callbacks suppressed
[  182.108944][T21845] kmmpd-loop9: attempt to access beyond end of device
[  182.108944][T21845] loop9: rw=14337, sector=128, nr_sectors = 2 limit=64
[  182.128386][T21845] Buffer I/O error on dev loop9, logical block 64, lost sync page write
[  182.170545][T12608] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  182.183302][T22018] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4668'.
[  182.192208][T22018] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4668'.
[  182.368427][T22026] lo speed is unknown, defaulting to 1000
[  182.375740][T22039] loop8: detected capacity change from 0 to 512
[  182.389009][T22039] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  182.413664][T22039] EXT4-fs (loop8): 1 truncate cleaned up
[  182.422352][T22039] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  182.537495][T22026] chnl_net:caif_netlink_parms(): no params data found
[  182.554982][T22145] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4676'.
[  182.625189][T18703] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  182.658918][T22026] bridge0: port 1(bridge_slave_0) entered blocking state
[  182.666006][T22026] bridge0: port 1(bridge_slave_0) entered disabled state
[  182.683453][T22026] bridge_slave_0: entered allmulticast mode
[  182.693026][T22026] bridge_slave_0: entered promiscuous mode
[  182.700092][T22026] bridge0: port 2(bridge_slave_1) entered blocking state
[  182.707230][T22026] bridge0: port 2(bridge_slave_1) entered disabled state
[  182.714514][T22026] bridge_slave_1: entered allmulticast mode
[  182.721023][T22026] bridge_slave_1: entered promiscuous mode
[  182.739420][T22026] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  182.750378][T22026] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  182.781844][T22026] team0: Port device team_slave_0 added
[  182.788652][T22026] team0: Port device team_slave_1 added
[  182.806530][T22026] batman_adv: batadv0: Adding interface: batadv_slave_0
[  182.813546][T22026] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  182.839475][T22026] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  182.842275][T22234] ref_ctr increment failed for inode: 0x1486 offset: 0x0 ref_ctr_offset: 0x82 of mm: 0xffff88811b5e2e00
[  182.875065][T22224] uprobe: syz.4.4681:22224 failed to unregister, leaking uprobe
[  182.888710][T12608] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  182.903884][T22026] batman_adv: batadv0: Adding interface: batadv_slave_1
[  182.910959][T22026] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  182.936884][T22026] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  182.973869][T22026] hsr_slave_0: entered promiscuous mode
[  182.980790][T22026] hsr_slave_1: entered promiscuous mode
[  182.986693][T22026] debugfs: 'hsr0' already exists in 'hsr'
[  182.992486][T22026] Cannot create hsr debugfs directory
[  183.008339][T12608] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  183.084271][T12608] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  183.203870][T12608] bridge_slave_1: left allmulticast mode
[  183.209742][T12608] bridge_slave_1: left promiscuous mode
[  183.215484][T12608] bridge0: port 2(bridge_slave_1) entered disabled state
[  183.244858][T12608] bridge_slave_0: left allmulticast mode
[  183.250685][T12608] bridge_slave_0: left promiscuous mode
[  183.256457][T12608] bridge0: port 1(bridge_slave_0) entered disabled state
[  183.400601][T12608] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  183.416187][T12608] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  183.434838][T12608] bond0 (unregistering): Released all slaves
[  183.523144][T12608] hsr_slave_0: left promiscuous mode
[  183.531054][T12608] hsr_slave_1: left promiscuous mode
[  183.536780][T12608] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  183.544253][T12608] batman_adv: batadv0: Removing interface: batadv_slave_0
[  183.561793][T12608] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  183.569416][T12608] batman_adv: batadv0: Removing interface: batadv_slave_1
[  183.591299][T12608] veth1_macvtap: left promiscuous mode
[  183.596940][T12608] veth0_macvtap: left promiscuous mode
[  183.608305][T12608] veth1_vlan: left promiscuous mode
[  183.615768][T12608] veth0_vlan: left promiscuous mode
[  183.737676][T12608] team0 (unregistering): Port device team_slave_1 removed
[  183.749973][T12608] team0 (unregistering): Port device team_slave_0 removed
[  183.979172][T22026] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  183.991568][T22026] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  184.003003][T22026] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  184.013862][T22026] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  184.090178][T22026] 8021q: adding VLAN 0 to HW filter on device bond0
[  184.102335][T22026] 8021q: adding VLAN 0 to HW filter on device team0
[  184.121823][T12608] bridge0: port 1(bridge_slave_0) entered blocking state
[  184.128979][T12608] bridge0: port 1(bridge_slave_0) entered forwarding state
[  184.148556][T12608] bridge0: port 2(bridge_slave_1) entered blocking state
[  184.155643][T12608] bridge0: port 2(bridge_slave_1) entered forwarding state
[  184.208932][T22026] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  184.243455][T22559] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  184.266329][T22559] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  184.290770][T22559] 9pnet: p9_errstr2errno: server reported unknown error �@00000000000000000000010
[  184.328631][T22026] 8021q: adding VLAN 0 to HW filter on device batadv0
[  184.425860][T22026] veth0_vlan: entered promiscuous mode
[  184.433602][T22026] veth1_vlan: entered promiscuous mode
[  184.448107][T22026] veth0_macvtap: entered promiscuous mode
[  184.454827][T22026] veth1_macvtap: entered promiscuous mode
[  184.464896][T22026] batman_adv: batadv0: Interface activated: batadv_slave_0
[  184.475712][T22026] batman_adv: batadv0: Interface activated: batadv_slave_1
[  184.487125][T12552] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  184.498239][T12552] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  184.506948][T12552] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  184.517957][T12552] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  184.564119][T22595] vlan2: entered allmulticast mode
[  184.569512][T22595] dummy0: entered allmulticast mode
[  184.694505][T22615] netlink: 14593 bytes leftover after parsing attributes in process `syz.2.4699'.
[  184.735903][T22617] lo speed is unknown, defaulting to 1000
[  184.791503][T22623] lo speed is unknown, defaulting to 1000
[  184.939704][   T29] kauditd_printk_skb: 50 callbacks suppressed
[  184.939721][   T29] audit: type=1400 audit(1755422923.155:7240): avc:  denied  { create } for  pid=22633 comm="syz.6.4706" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  185.001683][T22608] Set syz1 is full, maxelem 65536 reached
[  185.007876][   T29] audit: type=1400 audit(1755422923.185:7241): avc:  denied  { getopt } for  pid=22633 comm="syz.6.4706" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  185.027499][   T29] audit: type=1400 audit(1755422923.185:7242): avc:  denied  { connect } for  pid=22633 comm="syz.6.4706" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  185.047212][   T29] audit: type=1400 audit(1755422923.185:7243): avc:  denied  { name_connect } for  pid=22633 comm="syz.6.4706" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1
[  185.067611][   T29] audit: type=1400 audit(1755422923.245:7244): avc:  denied  { setopt } for  pid=22633 comm="syz.6.4706" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  185.087209][   T29] audit: type=1400 audit(1755422923.265:7245): avc:  denied  { map_create } for  pid=22654 comm="syz.4.4708" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  185.106570][   T29] audit: type=1400 audit(1755422923.265:7246): avc:  denied  { perfmon } for  pid=22654 comm="syz.4.4708" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  185.113217][T22640] loop2: detected capacity change from 0 to 8192
[  185.127581][   T29] audit: type=1400 audit(1755422923.265:7247): avc:  denied  { map_read map_write } for  pid=22654 comm="syz.4.4708" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  185.127612][   T29] audit: type=1400 audit(1755422923.265:7248): avc:  denied  { prog_load } for  pid=22654 comm="syz.4.4708" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  185.173243][   T29] audit: type=1400 audit(1755422923.265:7249): avc:  denied  { bpf } for  pid=22654 comm="syz.4.4708" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  185.354088][T22693] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4716'.
[  185.445628][T22722] macvlan2: entered promiscuous mode
[  185.453261][T22722] bond0: (slave macvlan2): Enslaving as an active interface with an up link
[  185.474572][T22722] macvlan3: entered promiscuous mode
[  185.480343][T22722] bond0: (slave macvlan3): Error -98 calling set_mac_address
[  185.759857][T22757] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4732'.
[  186.242583][T22747] Set syz1 is full, maxelem 65536 reached
[  186.535688][T22813] loop2: detected capacity change from 0 to 512
[  186.554708][T22813] EXT4-fs error (device loop2): ext4_xattr_inode_iget:442: comm syz.2.4754: error while reading EA inode 32 err=-116
[  186.569657][T22813] EXT4-fs (loop2): Remounting filesystem read-only
[  186.576215][T22813] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  186.586742][T22813] EXT4-fs (loop2): 1 orphan inode deleted
[  186.594366][T22813] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  186.607414][T22813] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  186.696859][T22832] loop6: detected capacity change from 0 to 8192
[  186.708953][T22832] syz.6.4760: attempt to access beyond end of device
[  186.708953][T22832] loop6: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  186.720635][T22836] netlink: 14593 bytes leftover after parsing attributes in process `syz.4.4762'.
[  186.722502][T22832] Buffer I/O error on dev loop6, logical block 57847, async page read
[  186.742647][T22832] syz.6.4760: attempt to access beyond end of device
[  186.742647][T22832] loop6: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  186.756122][T22832] Buffer I/O error on dev loop6, logical block 57847, async page read
[  186.766341][T22832] syz.6.4760: attempt to access beyond end of device
[  186.766341][T22832] loop6: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  186.779839][T22832] Buffer I/O error on dev loop6, logical block 57847, async page read
[  186.796476][T22832] syz.6.4760: attempt to access beyond end of device
[  186.796476][T22832] loop6: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  186.810120][T22832] Buffer I/O error on dev loop6, logical block 57847, async page read
[  186.819571][T22832] syz.6.4760: attempt to access beyond end of device
[  186.819571][T22832] loop6: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  186.833027][T22832] Buffer I/O error on dev loop6, logical block 57847, async page read
[  186.842118][T22832] syz.6.4760: attempt to access beyond end of device
[  186.842118][T22832] loop6: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  186.855676][T22832] Buffer I/O error on dev loop6, logical block 57847, async page read
[  186.863907][T22832] syz.6.4760: attempt to access beyond end of device
[  186.863907][T22832] loop6: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  186.877363][T22832] Buffer I/O error on dev loop6, logical block 57847, async page read
[  186.907271][T22832] syz.6.4760: attempt to access beyond end of device
[  186.907271][T22832] loop6: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  186.920820][T22832] Buffer I/O error on dev loop6, logical block 57847, async page read
[  186.952792][T22832] syz.6.4760: attempt to access beyond end of device
[  186.952792][T22832] loop6: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  186.966442][T22832] Buffer I/O error on dev loop6, logical block 57847, async page read
[  187.117253][T22832] bio_check_eod: 3114 callbacks suppressed
[  187.117275][T22832] syz.6.4760: attempt to access beyond end of device
[  187.117275][T22832] loop6: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  187.136794][T22832] syz.6.4760: attempt to access beyond end of device
[  187.136794][T22832] loop6: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  187.150329][T22832] buffer_io_error: 3115 callbacks suppressed
[  187.150343][T22832] Buffer I/O error on dev loop6, logical block 57847, async page read
[  187.167509][T22832] syz.6.4760: attempt to access beyond end of device
[  187.167509][T22832] loop6: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  187.181058][T22832] Buffer I/O error on dev loop6, logical block 57847, async page read
[  187.192056][T22832] syz.6.4760: attempt to access beyond end of device
[  187.192056][T22832] loop6: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  187.205659][T22832] Buffer I/O error on dev loop6, logical block 57847, async page read
[  187.229160][T22832] syz.6.4760: attempt to access beyond end of device
[  187.229160][T22832] loop6: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  187.242682][T22832] Buffer I/O error on dev loop6, logical block 57847, async page read
[  187.268513][T22832] syz.6.4760: attempt to access beyond end of device
[  187.268513][T22832] loop6: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  187.281988][T22832] Buffer I/O error on dev loop6, logical block 57847, async page read
[  187.310299][T22832] syz.6.4760: attempt to access beyond end of device
[  187.310299][T22832] loop6: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  187.323841][T22832] Buffer I/O error on dev loop6, logical block 57847, async page read
[  187.334316][T22832] syz.6.4760: attempt to access beyond end of device
[  187.334316][T22832] loop6: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  187.347508][T22863] loop8: detected capacity change from 0 to 2048
[  187.347792][T22832] Buffer I/O error on dev loop6, logical block 57847, async page read
[  187.364350][T22832] syz.6.4760: attempt to access beyond end of device
[  187.364350][T22832] loop6: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  187.377888][T22832] Buffer I/O error on dev loop6, logical block 57847, async page read
[  187.387756][T22832] syz.6.4760: attempt to access beyond end of device
[  187.387756][T22832] loop6: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  187.401209][T22832] Buffer I/O error on dev loop6, logical block 57847, async page read
[  187.411064][T22832] Buffer I/O error on dev loop6, logical block 57847, async page read
[  187.539012][T22863] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  187.738678][T22873] macvlan2: entered promiscuous mode
[  187.770809][T22873] bond0: (slave macvlan2): Enslaving as an active interface with an up link
[  187.818296][T22881] macvlan3: entered promiscuous mode
[  187.835320][T22881] bond0: (slave macvlan3): Error -98 calling set_mac_address
[  187.956461][T22887] loop6: detected capacity change from 0 to 8192
[  187.971250][T18703] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  188.016690][T22907] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4781'.
[  188.026274][T22907] netlink: 12 bytes leftover after parsing attributes in process `syz.8.4781'.
[  188.136216][T22929] netlink: 'syz.0.4794': attribute type 27 has an invalid length.
[  188.144316][T22925] loop2: detected capacity change from 0 to 2048
[  188.158569][T22925] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  188.181177][T22929] team1: left promiscuous mode
[  188.186017][T22929] team1: left allmulticast mode
[  188.215724][T22929] macvlan2: left promiscuous mode
[  188.223369][ T3404] lo speed is unknown, defaulting to 1000
[  188.229196][ T3404] syz2: Port: 1 Link DOWN
[  188.235738][T22938] ref_ctr_offset mismatch. inode: 0x3a6 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x200000000200
[  188.306245][T22026] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  188.434259][T22962] macvlan2: entered promiscuous mode
[  188.443924][T22962] bond0: (slave macvlan2): Enslaving as an active interface with an up link
[  188.462377][T22962] macvlan3: entered promiscuous mode
[  188.469765][T22962] bond0: (slave macvlan3): Error -98 calling set_mac_address
[  188.720887][T22982] pimreg: entered allmulticast mode
[  188.731169][T22982] pimreg: left allmulticast mode
[  188.775995][T22986] loop2: detected capacity change from 0 to 8192
[  188.844577][T23000] tipc: Started in network mode
[  188.849653][T23000] tipc: Node identity 1ad3d7308fca, cluster identity 4711
[  188.856915][T23000] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  188.867514][T23000] tipc: Disabling bearer <eth:syzkaller0>
[  188.881115][T23004] lo speed is unknown, defaulting to 1000
[  188.937703][T23022] lo speed is unknown, defaulting to 1000
[  188.983322][T23036] loop2: detected capacity change from 0 to 1024
[  188.997791][T23036] EXT4-fs: Ignoring removed nobh option
[  189.003382][T23036] EXT4-fs: Ignoring removed bh option
[  189.042371][T23036] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  189.064305][T23068] loop8: detected capacity change from 0 to 1764
[  189.112070][T23036] EXT4-fs error (device loop2): mb_free_blocks:2017: group 0, inode 18: block 241:freeing already freed block (bit 15); block bitmap corrupt.
[  189.143863][T22026] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  189.266261][T23096] pimreg: entered allmulticast mode
[  189.273298][T23094] loop2: detected capacity change from 0 to 4096
[  189.273639][T23096] pimreg: left allmulticast mode
[  189.298642][T23087] loop6: detected capacity change from 0 to 8192
[  189.675688][T23126] lo speed is unknown, defaulting to 1000
[  189.730930][T23134] lo speed is unknown, defaulting to 1000
[  190.224201][T23182] loop6: detected capacity change from 0 to 1024
[  190.250604][   T29] kauditd_printk_skb: 195 callbacks suppressed
[  190.250651][   T29] audit: type=1400 audit(1755422928.465:7445): avc:  denied  { write } for  pid=23181 comm="syz.6.4834" name="memory.events" dev="loop6" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  190.343879][   T29] audit: type=1400 audit(1755422928.555:7446): avc:  denied  { create } for  pid=23197 comm="syz.8.4841" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1
[  190.368740][   T29] audit: type=1400 audit(1755422928.585:7447): avc:  denied  { sys_admin } for  pid=23197 comm="syz.8.4841" capability=21  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1
[  190.408996][T23199] lo speed is unknown, defaulting to 1000
[  190.420711][T23210] macvlan2: entered promiscuous mode
[  190.432274][T23210] bond0: (slave macvlan2): Enslaving as an active interface with an up link
[  190.451244][   T29] audit: type=1326 audit(1755422928.665:7448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23213 comm="syz.0.4843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e7354ebe9 code=0x7ffc0000
[  190.474913][   T29] audit: type=1326 audit(1755422928.665:7449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23213 comm="syz.0.4843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e7354ebe9 code=0x7ffc0000
[  190.503684][   T29] audit: type=1326 audit(1755422928.665:7450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23213 comm="syz.0.4843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3e73550b07 code=0x7ffc0000
[  190.516506][T23210] macvlan3: entered promiscuous mode
[  190.527130][   T29] audit: type=1326 audit(1755422928.665:7451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23213 comm="syz.0.4843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e7354ebe9 code=0x7ffc0000
[  190.527165][   T29] audit: type=1326 audit(1755422928.665:7452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23213 comm="syz.0.4843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e7354ebe9 code=0x7ffc0000
[  190.527267][   T29] audit: type=1326 audit(1755422928.665:7453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23213 comm="syz.0.4843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3e7354d550 code=0x7ffc0000
[  190.546964][T23222] loop2: detected capacity change from 0 to 2048
[  190.556084][   T29] audit: type=1326 audit(1755422928.665:7454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23213 comm="syz.0.4843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e7354ebe9 code=0x7ffc0000
[  190.634917][T23210] bond0: (slave macvlan3): Error -98 calling set_mac_address
[  190.644156][T23222] EXT4-fs (loop2): ext4_check_descriptors: Inode table for group 0 overlaps block group descriptors
[  190.655077][T23222] EXT4-fs (loop2): group descriptors corrupted!
[  190.729328][T23222] loop2: detected capacity change from 0 to 1024
[  190.737152][T23222] EXT4-fs (loop2): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  190.869095][T23264] netlink: 'syz.8.4850': attribute type 298 has an invalid length.
[  191.097866][T23288] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  191.448448][T23295] lo speed is unknown, defaulting to 1000
[  191.515392][T23314] netlink: 'syz.2.4863': attribute type 10 has an invalid length.
[  191.523306][T23314] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4863'.
[  191.533005][T23314] dummy0: entered promiscuous mode
[  191.596349][T23337] loop2: detected capacity change from 0 to 2048
[  191.603844][T23339] netdevsim netdevsim8 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  191.634744][T23346] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4871'.
[  191.659276][T23339] netdevsim netdevsim8 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  191.710376][T23339] netdevsim netdevsim8 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  191.768770][T23339] netdevsim netdevsim8 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  191.840863][ T1434] netdevsim netdevsim8 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  191.856562][ T1434] netdevsim netdevsim8 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  191.884763][T12608] netdevsim netdevsim8 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  191.905839][T12608] netdevsim netdevsim8 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  191.965950][T23401] loop8: detected capacity change from 0 to 1024
[  191.980690][T23401] EXT4-fs: Ignoring removed nobh option
[  191.983173][T23408] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4885'.
[  191.986296][T23401] EXT4-fs: Ignoring removed bh option
[  192.029606][T23412] loop6: detected capacity change from 0 to 128
[  192.049382][T23412] EXT4-fs mount: 8 callbacks suppressed
[  192.049400][T23412] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  192.049668][T23401] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  192.066389][T23412] ext4 filesystem being mounted at /520/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  192.135703][T23401] EXT4-fs error (device loop8): mb_free_blocks:2017: group 0, inode 18: block 241:freeing already freed block (bit 15); block bitmap corrupt.
[  192.189034][T11846] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  192.205652][T18703] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.219096][T23444] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4890'.
[  192.228201][T23444] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4890'.
[  192.237575][T23444] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4890'.
[  192.256474][T23444] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4890'.
[  192.265508][T23444] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4890'.
[  192.312113][T23460] loop8: detected capacity change from 0 to 512
[  192.337194][T23461] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  192.349619][T23460] EXT4-fs error (device loop8): ext4_ext_check_inode:523: inode #3: comm syz.8.4902: pblk 24 bad header/extent: invalid extent entries - magic f30a, entries 3, max 4(4), depth 0(0)
[  192.369963][T23460] EXT4-fs error (device loop8): ext4_quota_enable:7127: comm syz.8.4902: Bad quota inode: 3, type: 0
[  192.382146][T23460] EXT4-fs warning (device loop8): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  192.398455][T23460] EXT4-fs (loop8): mount failed
[  192.401429][T23465] lo speed is unknown, defaulting to 1000
[  192.418830][T23461] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  192.480545][T23461] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  192.536823][T23461] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  192.557179][T23517] netlink: 'syz.4.4904': attribute type 298 has an invalid length.
[  192.610349][T12529] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  192.648225][T12529] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  192.677403][T12529] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  192.716325][T12529] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  193.541786][T23554] macvlan2: entered promiscuous mode
[  193.548019][T23554] macvlan2: entered allmulticast mode
[  193.553401][T23554] veth1_vlan: entered allmulticast mode
[  193.559532][T23554] bond0: (slave macvlan2): Enslaving as an active interface with an up link
[  193.573897][T23554] macvlan3: entered promiscuous mode
[  193.579653][T23554] bond0: (slave macvlan3): Error -98 calling set_mac_address
[  193.635982][T23574] loop8: detected capacity change from 0 to 128
[  193.642441][T23566] loop2: detected capacity change from 0 to 512
[  193.650368][T23571] __nla_validate_parse: 8 callbacks suppressed
[  193.650383][T23571] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4924'.
[  193.665752][T23571] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4924'.
[  193.682755][T23566] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  193.693110][T23571] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4924'.
[  193.705143][T23574] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  193.717552][T23572] loop6: detected capacity change from 0 to 512
[  193.727328][T23566] EXT4-fs (loop2): 1 truncate cleaned up
[  193.733249][T23574] ext4 filesystem being mounted at /202/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  193.739782][T23571] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4924'.
[  193.745338][T23566] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  193.752489][T23571] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4924'.
[  193.771287][T23572] EXT4-fs error (device loop6): ext4_ext_check_inode:523: inode #3: comm syz.6.4912: pblk 24 bad header/extent: invalid extent entries - magic f30a, entries 3, max 4(4), depth 0(0)
[  193.776438][T23571] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4924'.
[  193.810344][T23572] EXT4-fs error (device loop6): ext4_quota_enable:7127: comm syz.6.4912: Bad quota inode: 3, type: 0
[  193.810814][T18703] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  193.832727][T23572] EXT4-fs warning (device loop6): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  193.842402][T23571] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4924'.
[  193.856377][T23571] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4924'.
[  193.870995][T23572] EXT4-fs (loop6): mount failed
[  193.875953][T23571] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4924'.
[  193.934121][T23593] loop6: detected capacity change from 0 to 2048
[  193.995920][T23593] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  194.035688][T23594] loop8: detected capacity change from 0 to 8192
[  194.139961][T22026] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.253629][T23613] lo speed is unknown, defaulting to 1000
[  194.269532][T11846] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.299480][T23623] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4923'.
[  194.348373][T23623] veth1_vlan (unregistering): left allmulticast mode
[  194.364403][T23623] bond0: (slave macvlan2): Releasing backup interface
[  194.379667][T23623] macvlan2 (unregistering): left allmulticast mode
[  194.404450][T23621] lo speed is unknown, defaulting to 1000
[  195.020329][T23739] bond0: (slave macvlan2): Releasing backup interface
[  195.061984][T23756] IPv4: Oversized IP packet from 127.202.26.0
[  195.373304][T23798] IPv4: Oversized IP packet from 127.202.26.0
[  195.630289][   T29] kauditd_printk_skb: 40 callbacks suppressed
[  195.630304][   T29] audit: type=1326 audit(1755422933.845:7495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23823 comm="syz.4.4976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9321bebe9 code=0x7ffc0000
[  195.678355][   T29] audit: type=1326 audit(1755422933.875:7496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23823 comm="syz.4.4976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9321bebe9 code=0x7ffc0000
[  195.702036][   T29] audit: type=1326 audit(1755422933.875:7497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23823 comm="syz.4.4976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc9321bebe9 code=0x7ffc0000
[  195.725589][   T29] audit: type=1326 audit(1755422933.875:7498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23823 comm="syz.4.4976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9321bebe9 code=0x7ffc0000
[  195.749314][   T29] audit: type=1326 audit(1755422933.875:7499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23823 comm="syz.4.4976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9321bebe9 code=0x7ffc0000
[  195.773087][   T29] audit: type=1326 audit(1755422933.875:7500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23823 comm="syz.4.4976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7fc9321bebe9 code=0x7ffc0000
[  195.796584][   T29] audit: type=1326 audit(1755422933.875:7501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23823 comm="syz.4.4976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9321bebe9 code=0x7ffc0000
[  195.820227][   T29] audit: type=1326 audit(1755422933.875:7502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23823 comm="syz.4.4976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc9321bebe9 code=0x7ffc0000
[  195.843817][   T29] audit: type=1326 audit(1755422933.875:7503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23823 comm="syz.4.4976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9321bebe9 code=0x7ffc0000
[  195.867296][   T29] audit: type=1326 audit(1755422933.875:7504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23823 comm="syz.4.4976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc9321bebe9 code=0x7ffc0000
[  196.333820][T23896] bond0: (slave macvlan2): Releasing backup interface
[  197.200118][T23936] pim6reg1: entered promiscuous mode
[  197.205530][T23936] pim6reg1: entered allmulticast mode
[  197.232404][T23934] lo speed is unknown, defaulting to 1000
[  197.283230][T23955] lo speed is unknown, defaulting to 1000
[  197.417832][T23994] loop2: detected capacity change from 0 to 1024
[  197.440078][T23994] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  197.463649][T24007] ip6gre3: entered allmulticast mode
[  197.468286][T23994] EXT4-fs error (device loop2): ext4_map_blocks:814: inode #3: block 1: comm syz.2.5013: lblock 1 mapped to illegal pblock 1 (length 1)
[  197.497318][T23994] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.5013: Failed to acquire dquot type 0
[  197.522338][T23994] EXT4-fs error (device loop2): ext4_free_blocks:6696: comm syz.2.5013: Freeing blocks not in datazone - block = 0, count = 4096
[  197.552831][T23994] EXT4-fs error (device loop2): ext4_read_inode_bitmap:139: comm syz.2.5013: Invalid inode bitmap blk 0 in block_group 0
[  197.577790][T12526] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:15: lblock 1 mapped to illegal pblock 1 (length 1)
[  197.603251][T23994] EXT4-fs error (device loop2) in ext4_free_inode:361: Corrupt filesystem
[  197.626870][T12526] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:15: Failed to release dquot type 0
[  197.666153][T23994] EXT4-fs (loop2): 1 orphan inode deleted
[  197.673305][T24034] netlink: 'syz.8.5022': attribute type 1 has an invalid length.
[  197.723212][T23994] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  197.744970][T24034] 8021q: adding VLAN 0 to HW filter on device bond1
[  197.759062][T24033] syz_tun: entered promiscuous mode
[  197.764567][T24033] macvtap1: entered promiscuous mode
[  197.773335][T24033] syz_tun: left promiscuous mode
[  197.781757][T23994] EXT4-fs error (device loop2): ext4_search_dir:1474: inode #2: block 16: comm syz.2.5013: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0
[  197.808886][T24071] bond1 (unregistering): Released all slaves
[  197.880309][T22026] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.988561][T24127] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  198.088801][T24127] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  198.121142][T24139] 8021q: adding VLAN 0 to HW filter on device bond4
[  198.159631][T24127] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  198.200581][T24141] lo speed is unknown, defaulting to 1000
[  198.238563][T24178] lo speed is unknown, defaulting to 1000
[  198.258309][T24127] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  198.327954][T24199] macvtap0: entered promiscuous mode
[  198.333308][T24199] syz_tun: entered promiscuous mode
[  198.367984][T24199] syz_tun: left promiscuous mode
[  198.477970][T12595] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  198.506518][T12595] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  198.514784][T12595] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  198.517229][T24244] netlink: 'syz.0.5039': attribute type 1 has an invalid length.
[  198.569798][T24260] netlink: 'syz.2.5040': attribute type 10 has an invalid length.
[  198.582918][T24244] 8021q: adding VLAN 0 to HW filter on device bond4
[  198.618860][T12552] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  198.629643][T24260] batman_adv: batadv0: Adding interface: macvlan0
[  198.636134][T24260] batman_adv: batadv0: The MTU of interface macvlan0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  198.671102][T24260] batman_adv: batadv0: Interface activated: macvlan0
[  198.684274][T24244] bond4 (unregistering): Released all slaves
[  199.084567][T24378] syz_tun: entered promiscuous mode
[  199.097131][T24380] netlink: 'syz.4.5057': attribute type 10 has an invalid length.
[  199.105002][T24380] __nla_validate_parse: 14 callbacks suppressed
[  199.105016][T24380] netlink: 40 bytes leftover after parsing attributes in process `syz.4.5057'.
[  199.105302][T24378] macvtap1: entered promiscuous mode
[  199.129520][T24378] syz_tun: left promiscuous mode
[  199.228972][T24396] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=24396 comm=syz.4.5059
[  199.284686][T24400] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5060'.
[  199.577372][T24430] macvtap1: entered promiscuous mode
[  199.582780][T24430] syz_tun: entered promiscuous mode
[  199.598632][T24430] syz_tun: left promiscuous mode
[  199.989014][T24473] netlink: 4 bytes leftover after parsing attributes in process `syz.8.5084'.
[  200.060121][T24473] bond0: (slave macvlan2): Releasing backup interface
[  200.377790][T24514] netlink: 'syz.4.5096': attribute type 2 has an invalid length.
[  200.385580][T24514] netlink: 'syz.4.5096': attribute type 1 has an invalid length.
[  200.393337][T24514] netlink: 199820 bytes leftover after parsing attributes in process `syz.4.5096'.
[  200.429524][T24517] loop6: detected capacity change from 0 to 1024
[  200.440869][T24517] EXT4-fs: Ignoring removed bh option
[  200.451362][T24517] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  200.495993][T24528] netlink: 96 bytes leftover after parsing attributes in process `syz.4.5100'.
[  200.515469][T24517] EXT4-fs error (device loop6): ext4_quota_enable:7124: comm syz.6.5092: inode #2304: comm syz.6.5092: iget: illegal inode #
[  200.548185][T24517] EXT4-fs (loop6): Remounting filesystem read-only
[  200.554755][T24517] EXT4-fs warning (device loop6): ext4_enable_quotas:7168: Failed to enable quota tracking (type=2, err=-117, ino=2304). Please run e2fsck to fix.
[  200.571638][T24517] EXT4-fs (loop6): mount failed
[  200.640827][T24540] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5105'.
[  200.711004][T24544] loop6: detected capacity change from 0 to 1024
[  200.724314][T24544] EXT4-fs: Ignoring removed orlov option
[  200.732472][T24544] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  200.972479][   T29] kauditd_printk_skb: 151 callbacks suppressed
[  200.972499][   T29] audit: type=1326 audit(1755422939.186:7653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24566 comm="syz.8.5112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f847eb7ebe9 code=0x7ffc0000
[  201.013012][T24567] loop8: detected capacity change from 0 to 1024
[  201.020533][T24567] EXT4-fs (loop8): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  201.031460][   T29] audit: type=1326 audit(1755422939.216:7654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24566 comm="syz.8.5112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f847eb7ebe9 code=0x7ffc0000
[  201.055020][   T29] audit: type=1326 audit(1755422939.216:7655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24566 comm="syz.8.5112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f847eb7ebe9 code=0x7ffc0000
[  201.078592][   T29] audit: type=1326 audit(1755422939.216:7656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24566 comm="syz.8.5112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f847eb7ebe9 code=0x7ffc0000
[  201.102283][   T29] audit: type=1326 audit(1755422939.216:7657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24566 comm="syz.8.5112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f847eb7ebe9 code=0x7ffc0000
[  201.125800][   T29] audit: type=1326 audit(1755422939.216:7658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24566 comm="syz.8.5112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f847eb7ebe9 code=0x7ffc0000
[  201.149345][   T29] audit: type=1326 audit(1755422939.216:7659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24566 comm="syz.8.5112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f847eb7ebe9 code=0x7ffc0000
[  201.172952][   T29] audit: type=1326 audit(1755422939.216:7660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24566 comm="syz.8.5112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f847eb7ebe9 code=0x7ffc0000
[  201.196473][   T29] audit: type=1326 audit(1755422939.216:7661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24566 comm="syz.8.5112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f847eb7ebe9 code=0x7ffc0000
[  201.220007][   T29] audit: type=1326 audit(1755422939.216:7662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24566 comm="syz.8.5112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f847eb7ebe9 code=0x7ffc0000
[  201.249159][T24567] EXT4-fs error (device loop8): ext4_map_blocks:814: inode #3: block 1: comm syz.8.5112: lblock 1 mapped to illegal pblock 1 (length 1)
[  201.271563][T24574] netlink: 'syz.0.5113': attribute type 4 has an invalid length.
[  201.297970][T24567] EXT4-fs error (device loop8): ext4_acquire_dquot:6933: comm syz.8.5112: Failed to acquire dquot type 0
[  201.311625][T11846] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  201.322008][T24567] EXT4-fs error (device loop8): ext4_free_blocks:6696: comm syz.8.5112: Freeing blocks not in datazone - block = 0, count = 4096
[  201.335858][T24567] EXT4-fs error (device loop8): ext4_read_inode_bitmap:139: comm syz.8.5112: Invalid inode bitmap blk 0 in block_group 0
[  201.348934][T12552] EXT4-fs error (device loop8): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:41: lblock 1 mapped to illegal pblock 1 (length 1)
[  201.349936][T24567] EXT4-fs error (device loop8) in ext4_free_inode:361: Corrupt filesystem
[  201.365574][T12552] EXT4-fs error (device loop8): ext4_release_dquot:6969: comm kworker/u8:41: Failed to release dquot type 0
[  201.386335][T24567] EXT4-fs (loop8): 1 orphan inode deleted
[  201.392838][T24567] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  201.452315][T24586] loop2: detected capacity change from 0 to 128
[  201.484026][T24567] EXT4-fs error (device loop8): ext4_search_dir:1474: inode #2: block 16: comm syz.8.5112: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0
[  201.516701][T18703] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  201.560410][T24597] loop6: detected capacity change from 0 to 1024
[  201.567234][T24597] EXT4-fs: inline encryption not supported
[  201.573083][T24597] EXT4-fs: Ignoring removed bh option
[  201.589319][T24597] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  201.611928][T11846] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  201.692405][T24614] netlink: 'syz.6.5128': attribute type 12 has an invalid length.
[  201.886756][T24633] loop2: detected capacity change from 0 to 1024
[  201.893661][T24633] EXT4-fs: Ignoring removed bh option
[  201.900989][T24633] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  201.933399][T24633] EXT4-fs error (device loop2): ext4_quota_enable:7124: comm syz.2.5136: inode #2304: comm syz.2.5136: iget: illegal inode #
[  201.957074][T24639] lo speed is unknown, defaulting to 1000
[  201.967699][T24633] EXT4-fs (loop2): Remounting filesystem read-only
[  201.974236][T24633] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=2, err=-117, ino=2304). Please run e2fsck to fix.
[  202.002359][T24633] EXT4-fs (loop2): mount failed
[  202.007104][T24641] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5139'.
[  202.027838][T24645] lo speed is unknown, defaulting to 1000
[  202.062681][T24668] loop8: detected capacity change from 0 to 128
[  202.079517][T24668] FAT-fs (loop8): Directory bread(block 32) failed
[  202.090959][T24668] FAT-fs (loop8): Directory bread(block 33) failed
[  202.099174][T24668] FAT-fs (loop8): Directory bread(block 34) failed
[  202.106005][T24668] FAT-fs (loop8): Directory bread(block 35) failed
[  202.112934][T24668] FAT-fs (loop8): Directory bread(block 36) failed
[  202.130589][T24677] loop6: detected capacity change from 0 to 512
[  202.135962][T24668] FAT-fs (loop8): Directory bread(block 37) failed
[  202.158028][T24668] FAT-fs (loop8): Directory bread(block 38) failed
[  202.165563][T24677] EXT4-fs warning (device loop6): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  202.180307][T24668] FAT-fs (loop8): Directory bread(block 39) failed
[  202.180351][T24668] FAT-fs (loop8): Directory bread(block 40) failed
[  202.180372][T24668] FAT-fs (loop8): Directory bread(block 41) failed
[  202.237574][T24677] EXT4-fs (loop6): mount failed
[  202.259612][T24701] SELinux: ebitmap: truncated map
[  202.265416][T24701] SELinux: failed to load policy
[  202.403023][T24724] loop6: detected capacity change from 0 to 1024
[  202.415964][T24726] netlink: 'syz.2.5153': attribute type 2 has an invalid length.
[  202.423813][T24726] netlink: 'syz.2.5153': attribute type 1 has an invalid length.
[  202.431616][T24726] netlink: 199820 bytes leftover after parsing attributes in process `syz.2.5153'.
[  202.444682][T24724] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  202.504877][T24735] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5165'.
[  202.610995][T24748] loop2: detected capacity change from 0 to 128
[  202.638675][T24748] FAT-fs (loop2): Directory bread(block 32) failed
[  202.664170][T24748] FAT-fs (loop2): Directory bread(block 33) failed
[  202.675247][T24748] FAT-fs (loop2): Directory bread(block 34) failed
[  202.683930][T24748] FAT-fs (loop2): Directory bread(block 35) failed
[  202.690879][T24756] netlink: 'syz.8.5164': attribute type 12 has an invalid length.
[  202.700689][T24748] FAT-fs (loop2): Directory bread(block 36) failed
[  202.707686][T24748] FAT-fs (loop2): Directory bread(block 37) failed
[  202.714431][T24748] FAT-fs (loop2): Directory bread(block 38) failed
[  202.723179][T24748] FAT-fs (loop2): Directory bread(block 39) failed
[  202.729984][T24748] FAT-fs (loop2): Directory bread(block 40) failed
[  202.732251][T24758] block device autoloading is deprecated and will be removed.
[  202.737172][T24748] FAT-fs (loop2): Directory bread(block 41) failed
[  202.776544][T24762] netlink: 'syz.8.5167': attribute type 4 has an invalid length.
[  202.969960][T24784] loop2: detected capacity change from 0 to 1024
[  203.017555][T24784] EXT4-fs: Ignoring removed orlov option
[  203.050455][T24784] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  203.138319][T22026] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  203.153845][T24792] syzkaller1: entered promiscuous mode
[  203.159485][T24792] syzkaller1: entered allmulticast mode
[  203.241422][T11846] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  203.324197][T24817] lo speed is unknown, defaulting to 1000
[  203.394023][T24836] netlink: 'syz.8.5192': attribute type 39 has an invalid length.
[  203.489945][T24864] netlink: 'syz.4.5195': attribute type 13 has an invalid length.
[  203.498114][T24864] netlink: 'syz.4.5195': attribute type 17 has an invalid length.
[  203.531333][T24864] 8021q: adding VLAN 0 to HW filter on device bond0
[  203.543511][T24864] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  203.724531][T24884] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  203.749333][T24888] netlink: 96 bytes leftover after parsing attributes in process `syz.0.5204'.
[  203.813102][T24898] netlink: 'syz.0.5209': attribute type 39 has an invalid length.
[  203.824790][T24900] netlink: 'syz.6.5210': attribute type 3 has an invalid length.
[  203.833030][T24900] netlink: 'syz.6.5210': attribute type 3 has an invalid length.
[  203.958288][T24914] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=24914 comm=syz.8.5217
[  204.325967][T24956] lo speed is unknown, defaulting to 1000
[  204.332511][T24969] syzkaller1: entered promiscuous mode
[  204.338482][T24969] syzkaller1: entered allmulticast mode
[  204.964663][T25025] netlink: 'syz.2.5245': attribute type 13 has an invalid length.
[  204.972673][T25025] netlink: 'syz.2.5245': attribute type 17 has an invalid length.
[  205.076527][T25025] dummy0: left promiscuous mode
[  205.083630][T25025] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  205.211051][T25038] syzkaller1: entered promiscuous mode
[  205.216643][T25038] syzkaller1: entered allmulticast mode
[  205.657064][T25083] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  205.695246][T25085] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  205.851551][T25115] siw: device registration error -23
[  205.928669][T25123] lo speed is unknown, defaulting to 1000
[  206.032142][   T29] kauditd_printk_skb: 494 callbacks suppressed
[  206.032160][   T29] audit: type=1326 audit(1755422944.246:8153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25128 comm="syz.8.5284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f847eb7ebe9 code=0x7ffc0000
[  206.062074][   T29] audit: type=1326 audit(1755422944.246:8154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25128 comm="syz.8.5284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f847eb7ebe9 code=0x7ffc0000
[  206.105793][T25127] loop2: detected capacity change from 0 to 8192
[  206.133768][T25127] msdos: Unknown parameter 'A'
[  206.138839][T25120] netlink: 4104 bytes leftover after parsing attributes in process `syz.4.5282'.
[  206.156890][T25120] netlink: zone id is out of range
[  206.162056][T25120] netlink: set zone limit has 4 unknown bytes
[  206.180383][   T29] audit: type=1326 audit(1755422944.316:8155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25128 comm="syz.8.5284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7f847eb7ebe9 code=0x7ffc0000
[  206.203929][   T29] audit: type=1326 audit(1755422944.316:8156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25128 comm="syz.8.5284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f847eb7ebe9 code=0x7ffc0000
[  206.227533][   T29] audit: type=1326 audit(1755422944.316:8157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25128 comm="syz.8.5284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f847eb7ebe9 code=0x7ffc0000
[  206.392986][   T29] audit: type=1326 audit(1755422944.596:8158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25167 comm="syz.2.5293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffacb71ebe9 code=0x7ffc0000
[  206.416559][   T29] audit: type=1326 audit(1755422944.596:8159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25167 comm="syz.2.5293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffacb71ebe9 code=0x7ffc0000
[  206.440345][   T29] audit: type=1326 audit(1755422944.596:8160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25167 comm="syz.2.5293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffacb71ebe9 code=0x7ffc0000
[  206.463917][   T29] audit: type=1326 audit(1755422944.596:8161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25167 comm="syz.2.5293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffacb71ebe9 code=0x7ffc0000
[  206.542307][T25173] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5289'.
[  206.554237][T25173] team0 (unregistering): Port device C removed
[  206.562018][   T29] audit: type=1326 audit(1755422944.606:8162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25167 comm="syz.2.5293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffacb71ebe9 code=0x7ffc0000
[  206.600085][T25173] team0 (unregistering): Port device team_slave_1 removed
[  206.717388][T25226] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5310'.
[  206.733527][T25226] team0 (unregistering): Port device team_slave_0 removed
[  206.743180][T25226] team0 (unregistering): Port device team_slave_1 removed
[  207.196853][T25294] lo speed is unknown, defaulting to 1000
[  207.262693][T25307] netlink: 20 bytes leftover after parsing attributes in process `syz.4.5319'.
[  207.467622][T25353] siw: device registration error -23
[  207.518593][T25357] lo speed is unknown, defaulting to 1000
[  207.661848][T25395] netlink: 4104 bytes leftover after parsing attributes in process `syz.6.5335'.
[  207.673693][T25395] netlink: zone id is out of range
[  207.678899][T25395] netlink: set zone limit has 4 unknown bytes
[  207.798071][T25407] IPv4: Oversized IP packet from 127.202.26.0
[  207.842128][T25419] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5347'.
[  207.853317][T25419] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5347'.
[  207.929556][T25423] loop6: detected capacity change from 0 to 8192
[  208.320137][T25477] loop2: detected capacity change from 0 to 8192
[  208.363378][T25491] loop2: detected capacity change from 0 to 512
[  208.405294][T25491] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  208.417936][T25491] ext4 filesystem being mounted at /141/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  208.490122][T22026] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  208.618961][T25532] lo speed is unknown, defaulting to 1000
[  208.689120][T25550] loop6: detected capacity change from 0 to 8192
[  208.695798][T25550] msdos: Unknown parameter 'A'
[  208.873949][T25562] loop6: detected capacity change from 0 to 32768
[  208.916411][T25562]  loop6: p1 p2 p3 < p5 p6 >
[  208.921562][T25562] loop6: p2 size 16775168 extends beyond EOD, truncated
[  208.929523][T25562] loop6: p5 start 4294970168 is beyond EOD, truncated
[  209.034873][T25581] lo speed is unknown, defaulting to 1000
[  209.199782][T25614] loop6: detected capacity change from 0 to 128
[  209.382814][T25631] netlink: 536 bytes leftover after parsing attributes in process `syz.6.5409'.
[  209.391965][T25631] netlink: 104 bytes leftover after parsing attributes in process `syz.6.5409'.
[  209.474886][T25641] loop2: detected capacity change from 0 to 512
[  209.489101][T25641] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  209.501901][T25641] ext4 filesystem being mounted at /144/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  209.563519][T22026] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  209.563699][T25652] sg_write: data in/out 220/14 bytes for SCSI command 0x0-- guessing data in;
[  209.563699][T25652]    program syz.6.5405 not setting count and/or reply_len properly
[  209.896811][T25693] loop6: detected capacity change from 0 to 1024
[  209.912299][T25693] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  209.972234][T11846] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  210.133030][T25713] SELinux: failed to load policy
[  210.298460][T25745] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=25745 comm=syz.0.5442
[  210.319222][T25727] loop8: detected capacity change from 0 to 32768
[  210.343700][T25750] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5445'.
[  210.353051][T25750] batman_adv: batadv0: Removing interface: batadv_slave_1
[  210.360508][T25747] loop2: detected capacity change from 0 to 512
[  210.362142][T25727]  loop8: p1 p2 p3 < p5 p6 >
[  210.385413][T25727] loop8: p2 size 16775168 extends beyond EOD, truncated
[  210.407917][T25727] loop8: p5 start 4294970168 is beyond EOD, truncated
[  210.828041][T25795] syzkaller1: entered promiscuous mode
[  210.833550][T25795] syzkaller1: entered allmulticast mode
[  211.260559][   T29] kauditd_printk_skb: 397 callbacks suppressed
[  211.260610][   T29] audit: type=1326 audit(1755422949.476:8560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25817 comm="syz.2.5463" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffacb71ebe9 code=0x7ffc0000
[  211.293226][   T29] audit: type=1326 audit(1755422949.506:8561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25817 comm="syz.2.5463" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ffacb71ebe9 code=0x7ffc0000
[  211.316852][   T29] audit: type=1326 audit(1755422949.506:8562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25817 comm="syz.2.5463" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffacb71ebe9 code=0x7ffc0000
[  211.340685][   T29] audit: type=1326 audit(1755422949.506:8563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25817 comm="syz.2.5463" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffacb71ebe9 code=0x7ffc0000
[  211.364179][   T29] audit: type=1326 audit(1755422949.506:8564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25817 comm="syz.2.5463" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7ffacb71ebe9 code=0x7ffc0000
[  211.388356][   T29] audit: type=1326 audit(1755422949.506:8565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25817 comm="syz.2.5463" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffacb71ebe9 code=0x7ffc0000
[  211.412010][   T29] audit: type=1326 audit(1755422949.506:8566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25817 comm="syz.2.5463" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffacb71ebe9 code=0x7ffc0000
[  211.435522][   T29] audit: type=1400 audit(1755422949.506:8567): avc:  denied  { bind } for  pid=25814 comm="syz.6.5473" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  211.597955][T25844] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5471'.
[  211.632559][T25818] loop2: detected capacity change from 0 to 32768
[  211.648043][   T29] audit: type=1400 audit(1755422949.556:8568): avc:  denied  { listen } for  pid=25814 comm="syz.6.5473" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  211.667784][   T29] audit: type=1326 audit(1755422949.676:8569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25817 comm="syz.2.5463" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7ffacb71ebe9 code=0x7ffc0000
[  211.733212][T25818]  loop2: p1 p2 p3 < p5 p6 >
[  211.740033][T25818] loop2: p2 size 16775168 extends beyond EOD, truncated
[  211.749498][T25818] loop2: p5 start 4294970168 is beyond EOD, truncated
[  212.065848][T25911] syzkaller1: entered promiscuous mode
[  212.071345][T25911] syzkaller1: entered allmulticast mode
[  212.213019][T25926] wg2: entered promiscuous mode
[  212.217934][T25926] wg2: entered allmulticast mode
[  212.472861][T25944] netlink: 20 bytes leftover after parsing attributes in process `syz.4.5502'.
[  212.560617][T25952] validate_nla: 2 callbacks suppressed
[  212.560632][T25952] netlink: 'syz.4.5506': attribute type 10 has an invalid length.
[  212.579360][T25952] bond0: (slave dummy0): Releasing backup interface
[  212.588535][T25952] netlink: 'syz.4.5506': attribute type 10 has an invalid length.
[  212.599667][T25952] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  212.726321][T25968] netlink: 1272 bytes leftover after parsing attributes in process `syz.4.5511'.
[  212.855399][T25967] lo speed is unknown, defaulting to 1000
[  213.979046][T26092] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  214.067298][T26103] lo speed is unknown, defaulting to 1000
[  214.073545][T26103] lo speed is unknown, defaulting to 1000
[  214.080419][T26103] lo speed is unknown, defaulting to 1000
[  214.087395][T26103] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  214.109218][T26103] lo speed is unknown, defaulting to 1000
[  214.119968][T26103] lo speed is unknown, defaulting to 1000
[  214.130635][T26103] lo speed is unknown, defaulting to 1000
[  214.141386][T26103] lo speed is unknown, defaulting to 1000
[  214.152276][T26103] lo speed is unknown, defaulting to 1000
[  214.240114][T26118] loop6: detected capacity change from 0 to 512
[  214.248685][T26118] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  214.262694][T26118] EXT4-fs (loop6): 1 truncate cleaned up
[  214.270344][T26118] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  214.303022][T11846] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  214.872368][T26163] syzkaller1: entered promiscuous mode
[  214.877985][T26163] syzkaller1: entered allmulticast mode
[  214.952842][T26175] netlink: 4 bytes leftover after parsing attributes in process `syz.8.5570'.
[  214.969933][T26175] team1: entered promiscuous mode
[  214.975118][T26175] team1: entered allmulticast mode
[  215.002023][T26209] loop8: detected capacity change from 0 to 512
[  215.009485][T26209] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  215.028480][T26209] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  215.041353][T26209] ext4 filesystem being mounted at /312/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  215.053523][T26209] netlink: 'syz.8.5571': attribute type 27 has an invalid length.
[  215.076941][T26220] 9pnet_fd: Insufficient options for proto=fd
[  215.088149][T26209] bridge0: port 2(bridge_slave_1) entered disabled state
[  215.095356][T26209] bridge0: port 1(bridge_slave_0) entered disabled state
[  215.139265][T26209] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  215.151371][T26209] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  215.178082][T26209] team1: left promiscuous mode
[  215.182926][T26209] team1: left allmulticast mode
[  215.206617][T26223] 8021q: adding VLAN 0 to HW filter on device bond0
[  215.214740][T26223] 8021q: adding VLAN 0 to HW filter on device team0
[  215.235058][T26223] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  215.251577][T12526] netdevsim netdevsim8 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  215.260234][T16093] lo speed is unknown, defaulting to 1000
[  215.266115][T16093] syz0: Port: 1 Link ACTIVE
[  215.272936][T12526] netdevsim netdevsim8 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  215.281867][T12526] netdevsim netdevsim8 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  215.293236][T12526] netdevsim netdevsim8 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  215.305497][T18703] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  215.623917][T26268] SELinux: ebitmap start bit (1633759333) is not a multiple of the map unit size (64)
[  215.638188][T26268] SELinux: failed to load policy
[  216.586949][T26357] pim6reg1: entered promiscuous mode
[  216.592385][T26357] pim6reg1: entered allmulticast mode
[  216.924866][   T29] kauditd_printk_skb: 481 callbacks suppressed
[  216.924883][   T29] audit: type=1326 audit(1755422955.137:9051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26385 comm="syz.6.5637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f267698ebe9 code=0x7ffc0000
[  217.005856][   T29] audit: type=1326 audit(1755422955.177:9052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26385 comm="syz.6.5637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f267698ebe9 code=0x7ffc0000
[  217.029433][   T29] audit: type=1326 audit(1755422955.177:9053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26385 comm="syz.6.5637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f267698ebe9 code=0x7ffc0000
[  217.052994][   T29] audit: type=1326 audit(1755422955.177:9054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26385 comm="syz.6.5637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f267698ebe9 code=0x7ffc0000
[  217.076669][   T29] audit: type=1326 audit(1755422955.177:9055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26385 comm="syz.6.5637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f267698ebe9 code=0x7ffc0000
[  217.100458][   T29] audit: type=1326 audit(1755422955.177:9056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26385 comm="syz.6.5637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f267698ebe9 code=0x7ffc0000
[  217.123966][   T29] audit: type=1326 audit(1755422955.177:9057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26385 comm="syz.6.5637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f267698ebe9 code=0x7ffc0000
[  217.147476][   T29] audit: type=1326 audit(1755422955.177:9058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26385 comm="syz.6.5637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f267698ebe9 code=0x7ffc0000
[  217.171080][   T29] audit: type=1326 audit(1755422955.177:9059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26385 comm="syz.6.5637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f267698ebe9 code=0x7ffc0000
[  217.194632][   T29] audit: type=1326 audit(1755422955.177:9060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26385 comm="syz.6.5637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f267698ebe9 code=0x7ffc0000
[  217.741979][T26436] can0: slcan on ttyS3.
[  217.795759][T26436] can0 (unregistered): slcan off ttyS3.
[  217.894495][T26463] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  218.001958][T26467] SELinux: failed to load policy
[  218.064949][T26478] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  218.086291][T26481] 9pnet: p9_errstr2errno: server reported unknown error 
[  218.094649][T26478] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  218.264926][T26493] syz_tun: entered allmulticast mode
[  218.274769][T26492] syz_tun: left allmulticast mode
[  218.382547][T26496] loop8: detected capacity change from 0 to 512
[  218.416045][T26496] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  218.470639][T26496] ext4 filesystem being mounted at /346/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  218.637108][T18703] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  218.769466][T26527] netlink: 44 bytes leftover after parsing attributes in process `syz.0.5682'.
[  218.785625][T26527] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5682'.
[  218.794516][T26527] netlink: 32 bytes leftover after parsing attributes in process `syz.0.5682'.
[  219.072932][T26546] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5692'.
[  219.089719][T26546] netlink: 'syz.0.5692': attribute type 1 has an invalid length.
[  219.423640][T26572] netlink: 96 bytes leftover after parsing attributes in process `syz.2.5702'.
[  219.661588][T26594] serio: Serial port ptm0
[  219.748308][T26611] netlink: 'syz.4.5717': attribute type 1 has an invalid length.
[  219.781360][T26611] 8021q: adding VLAN 0 to HW filter on device bond5
[  219.798527][T26611] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5717'.
[  219.820601][T26611] bond5 (unregistering): Released all slaves
[  219.846658][T26668] veth0: entered promiscuous mode
[  219.856926][T26668] netlink: 4 bytes leftover after parsing attributes in process `syz.8.5720'.
[  219.869080][T26668] veth0 (unregistering): left promiscuous mode
[  219.899858][T26694] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5723'.
[  220.030893][T26717] netlink: 16 bytes leftover after parsing attributes in process `syz.8.5730'.
[  220.090227][T26728] wireguard0: entered promiscuous mode
[  220.095797][T26728] wireguard0: entered allmulticast mode
[  220.981396][T26770] netlink: 'syz.2.5750': attribute type 4 has an invalid length.
[  221.175885][T26788] netlink: 256 bytes leftover after parsing attributes in process `syz.8.5756'.
[  221.478785][T26831] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  221.537420][T26839] can0: slcan on ttyS3.
[  221.857155][   T10] hid_parser_main: 18 callbacks suppressed
[  221.857176][   T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  221.878854][   T10] hid-generic 0000:0000:0000.0004: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  222.354716][   T29] kauditd_printk_skb: 497 callbacks suppressed
[  222.354735][   T29] audit: type=1400 audit(1755422960.567:9558): avc:  denied  { read } for  pid=26896 comm="syz.4.5786" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  222.524800][   T29] audit: type=1400 audit(1755422960.737:9559): avc:  denied  { mounton } for  pid=26904 comm="syz.8.5789" path="/369/file0" dev="tmpfs" ino=1942 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  222.796403][   T29] audit: type=1400 audit(1755422960.927:9560): avc:  denied  { write } for  pid=26912 comm="syz.8.5792" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  222.895297][T26924] can0 (unregistered): slcan off ttyS3.
[  222.973783][   T29] audit: type=1326 audit(1755422961.187:9561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26938 comm="syz.0.5799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e7354ebe9 code=0x7ffc0000
[  223.032939][T26941] hub 6-0:1.0: USB hub found
[  223.047324][T26941] hub 6-0:1.0: 8 ports detected
[  223.066835][   T29] audit: type=1400 audit(1755422961.217:9562): avc:  denied  { write } for  pid=26940 comm="syz.8.5800" name="001" dev="devtmpfs" ino=162 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  223.090015][   T29] audit: type=1326 audit(1755422961.227:9563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26938 comm="syz.0.5799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e7354ebe9 code=0x7ffc0000
[  223.113595][   T29] audit: type=1326 audit(1755422961.227:9564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26938 comm="syz.0.5799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f3e7354ebe9 code=0x7ffc0000
[  223.137216][   T29] audit: type=1326 audit(1755422961.227:9565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26938 comm="syz.0.5799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e7354ebe9 code=0x7ffc0000
[  223.160800][   T29] audit: type=1326 audit(1755422961.227:9566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26938 comm="syz.0.5799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e7354ebe9 code=0x7ffc0000
[  223.184316][   T29] audit: type=1326 audit(1755422961.227:9567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26938 comm="syz.0.5799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3e7354ebe9 code=0x7ffc0000
[  223.248777][T26952] netlink: 'syz.4.5804': attribute type 39 has an invalid length.
[  223.593950][T26991] loop8: detected capacity change from 0 to 1024
[  223.602499][T26991] EXT4-fs: Ignoring removed bh option
[  223.726588][T26991] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  223.817283][T18703] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.831572][T27010] __nla_validate_parse: 5 callbacks suppressed
[  223.831590][T27010] netlink: 96 bytes leftover after parsing attributes in process `syz.4.5822'.
[  223.983859][T27027] netlink: 8 bytes leftover after parsing attributes in process `syz.8.5827'.
[  223.992925][T27027] netlink: 8 bytes leftover after parsing attributes in process `syz.8.5827'.
[  224.500039][T27051] netlink: 32 bytes leftover after parsing attributes in process `syz.6.5838'.
[  224.733227][T27060] loop2: detected capacity change from 0 to 1024
[  224.753004][T27060] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  224.785932][T27060] EXT4-fs error (device loop2): mb_free_blocks:2017: group 0, inode 18: block 241:freeing already freed block (bit 15); block bitmap corrupt.
[  224.818352][T22026] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.877891][T27085] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  224.900279][T27085] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  225.469934][T27127] netlink: 12 bytes leftover after parsing attributes in process `syz.8.5865'.
[  225.481778][T16093] Process accounting resumed
[  225.537746][T27136] netlink: 14 bytes leftover after parsing attributes in process `syz.2.5869'.
[  225.568814][T27136] hsr_slave_0: left promiscuous mode
[  225.579666][T27136] hsr_slave_1: left promiscuous mode
[  225.782313][T27179] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5881'.
[  225.813059][T27179] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5881'.
[  225.852590][T27185] pim6reg1: entered promiscuous mode
[  225.858069][T27185] pim6reg1: entered allmulticast mode
[  225.906193][T27201] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  225.914675][T27201] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  225.941942][T27201] loop2: detected capacity change from 0 to 1024
[  225.955236][T27201] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  225.974397][T27201] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  226.014436][T27201] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  226.022480][T27201] EXT4-fs (loop2): orphan cleanup on readonly fs
[  226.045414][T27201] EXT4-fs error (device loop2): ext4_free_blocks:6696: comm syz.2.5885: Freeing blocks not in datazone - block = 0, count = 4096
[  226.067873][T27218] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5891'.
[  226.087356][T27201] EXT4-fs (loop2): 1 orphan inode deleted
[  226.093558][T27201] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  226.332431][T27256] SELinux:  Context system_u:object_r:hwdata_t:s0 is not valid (left unmapped).
[  226.348183][T27256] siw: device registration error -23
[  226.359270][T27258] IPv4: Oversized IP packet from 127.202.26.0
[  226.433395][T27270] lo speed is unknown, defaulting to 1000
[  226.439923][T27272] netlink: 40 bytes leftover after parsing attributes in process `syz.4.5911'.
[  226.478882][T27270] lo speed is unknown, defaulting to 1000
[  226.549562][T27310] netlink: 'syz.6.5919': attribute type 3 has an invalid length.
[  226.599496][T27319] loop8: detected capacity change from 0 to 512
[  226.610444][T27319] EXT4-fs warning (device loop8): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  226.615806][T27323] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  226.622051][T27319] EXT4-fs warning (device loop8): dx_probe:849: Enable large directory feature to access it
[  226.639342][T27319] EXT4-fs warning (device loop8): dx_probe:934: inode #2: comm syz.8.5923: Corrupt directory, running e2fsck is recommended
[  226.652355][T27319] EXT4-fs (loop8): Cannot turn on journaled quota: type 1: error -117
[  226.660964][T27319] EXT4-fs error (device loop8): ext4_iget_extra_inode:5104: inode #15: comm syz.8.5923: corrupted in-inode xattr: invalid ea_ino
[  226.675724][T27319] EXT4-fs (loop8): Remounting filesystem read-only
[  226.682752][T27319] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  226.701506][T27319] EXT4-fs warning (device loop8): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  226.713115][T27319] EXT4-fs warning (device loop8): dx_probe:849: Enable large directory feature to access it
[  226.723242][T27319] EXT4-fs warning (device loop8): dx_probe:934: inode #2: comm syz.8.5923: Corrupt directory, running e2fsck is recommended
[  226.736498][T27319] EXT4-fs warning (device loop8): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  226.736532][T22026] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  226.747979][T27319] EXT4-fs warning (device loop8): dx_probe:849: Enable large directory feature to access it
[  226.748002][T27319] EXT4-fs warning (device loop8): dx_probe:934: inode #2: comm syz.8.5923: Corrupt directory, running e2fsck is recommended
[  226.783005][T27319] EXT4-fs warning (device loop8): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  226.794536][T27319] EXT4-fs warning (device loop8): dx_probe:849: Enable large directory feature to access it
[  226.804689][T27319] EXT4-fs warning (device loop8): dx_probe:934: inode #2: comm syz.8.5923: Corrupt directory, running e2fsck is recommended
[  226.819316][T27319] EXT4-fs warning (device loop8): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  226.873096][T18703] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  227.067341][T27365] loop6: detected capacity change from 0 to 512
[  227.112195][T27365] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  227.130046][T27365] ext4 filesystem being mounted at /709/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  227.205591][T27365] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #2: comm syz.6.5936: corrupted inode contents
[  227.219471][T27365] EXT4-fs error (device loop6): ext4_dirty_inode:6538: inode #2: comm syz.6.5936: mark_inode_dirty error
[  227.231505][T27365] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #2: comm syz.6.5936: corrupted inode contents
[  227.246145][T27387] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #2: comm syz.6.5936: corrupted inode contents
[  227.259897][T27387] EXT4-fs error (device loop6): ext4_dirty_inode:6538: inode #2: comm syz.6.5936: mark_inode_dirty error
[  227.272891][T27387] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #2: comm syz.6.5936: corrupted inode contents
[  227.293752][T27387] EXT4-fs error (device loop6): __ext4_ext_dirty:206: inode #2: comm syz.6.5936: mark_inode_dirty error
[  227.306662][T27387] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #2: comm syz.6.5936: corrupted inode contents
[  227.320986][T27387] EXT4-fs error (device loop6): ext4_dirty_inode:6538: inode #2: comm syz.6.5936: mark_inode_dirty error
[  227.333050][T27365] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #2: comm syz.6.5936: corrupted inode contents
[  227.363412][T11846] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  227.437145][T27417] siw: device registration error -23
[  227.760100][   T29] kauditd_printk_skb: 219 callbacks suppressed
[  227.760118][   T29] audit: type=1400 audit(1755422965.977:9787): avc:  denied  { relabelto } for  pid=27485 comm="syz.6.5945" name="file0" dev="tmpfs" ino=3727 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0"
[  227.792918][   T29] audit: type=1400 audit(1755422965.977:9788): avc:  denied  { associate } for  pid=27485 comm="syz.6.5945" name="file0" dev="tmpfs" ino=3727 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:fsadm_exec_t:s0"
[  227.839754][   T29] audit: type=1400 audit(1755422966.047:9789): avc:  denied  { rmdir } for  pid=11846 comm="syz-executor" name="file0" dev="tmpfs" ino=3727 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0"
[  227.866505][   T29] audit: type=1326 audit(1755422966.047:9790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27490 comm="syz.2.5947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffacb71ebe9 code=0x7ffc0000
[  227.890076][   T29] audit: type=1326 audit(1755422966.047:9791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27490 comm="syz.2.5947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffacb71ebe9 code=0x7ffc0000
[  227.913814][   T29] audit: type=1326 audit(1755422966.047:9792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27490 comm="syz.2.5947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=254 compat=0 ip=0x7ffacb71ebe9 code=0x7ffc0000
[  227.937345][   T29] audit: type=1326 audit(1755422966.047:9793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27490 comm="syz.2.5947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffacb71ebe9 code=0x7ffc0000
[  227.956353][T27494] loop6: detected capacity change from 0 to 8192
[  227.960958][   T29] audit: type=1326 audit(1755422966.047:9794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27490 comm="syz.2.5947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffacb71ebe9 code=0x7ffc0000
[  227.990914][   T29] audit: type=1326 audit(1755422966.047:9795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27490 comm="syz.2.5947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffacb71ebe9 code=0x7ffc0000
[  228.014445][   T29] audit: type=1326 audit(1755422966.047:9796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27490 comm="syz.2.5947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffacb71ebe9 code=0x7ffc0000
[  228.065911][T27500] netlink: 'syz.2.5951': attribute type 3 has an invalid length.
[  228.098671][T27503] loop8: detected capacity change from 0 to 128
[  228.191324][T27523] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  228.237095][T27523] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  228.265478][T27536] loop8: detected capacity change from 0 to 512
[  228.274057][T27536] EXT4-fs (loop8): mounting ext3 file system using the ext4 subsystem
[  228.287153][T27523] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  228.311004][T27536] EXT4-fs (loop8): 1 truncate cleaned up
[  228.318991][T27536] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  228.375002][T27523] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  228.387050][T18703] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  228.494091][T12563] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  228.514571][T12563] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  228.540571][T12563] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  228.563847][T12563] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  228.827761][T27592] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  228.835364][T27592] batman_adv: batadv0: Removing interface: batadv_slave_0
[  228.844361][T27596] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=27596 comm=syz.8.5981
[  228.867492][T27592] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  228.875063][T27592] batman_adv: batadv0: Removing interface: batadv_slave_1
[  228.883326][T27592] batman_adv: batadv0: Interface deactivated: macvlan0
[  228.890379][T27592] batman_adv: batadv0: Removing interface: macvlan0
[  228.957297][T27610] loop6: detected capacity change from 0 to 512
[  228.965287][T27610] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem
[  228.980175][T27610] EXT4-fs (loop6): 1 truncate cleaned up
[  228.988375][T27610] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  229.007271][T27616] loop8: detected capacity change from 0 to 512
[  229.041005][T11846] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  229.163639][T27631] SELinux: failed to load policy
[  229.224844][T27636] loop8: detected capacity change from 0 to 1024
[  229.239000][T27636] EXT4-fs: inline encryption not supported
[  229.257284][T27636] EXT4-fs: Ignoring removed bh option
[  229.290400][T27636] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  229.317133][T16088] Process accounting resumed
[  229.323829][T27636] EXT4-fs (loop8): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  229.357405][T18703] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  229.720441][T27685] IPv4: Oversized IP packet from 127.202.26.0
[  229.816062][T27690] syzkaller1: entered promiscuous mode
[  229.821670][T27690] syzkaller1: entered allmulticast mode
[  229.973908][T27704] loop6: detected capacity change from 0 to 1024
[  229.986114][T27704] EXT4-fs: inline encryption not supported
[  229.993643][T27704] EXT4-fs: Ignoring removed bh option
[  230.014947][T27704] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  230.042740][ T3404] Process accounting resumed
[  230.051778][T27704] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  230.127120][T11846] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  230.205414][T27727] IPv4: Oversized IP packet from 127.202.26.0
[  230.237393][T27732] __nla_validate_parse: 3 callbacks suppressed
[  230.237474][T27732] netlink: 8 bytes leftover after parsing attributes in process `syz.8.6029'.
[  230.435947][T27755] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6035'.
[  230.447098][T27755] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6035'.
[  230.462679][T27759] loop8: detected capacity change from 0 to 512
[  230.472518][T27759] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  230.485222][T27759] ext4 filesystem being mounted at /438/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  230.533625][T18703] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  231.514525][T27795] netlink: 20 bytes leftover after parsing attributes in process `syz.8.6047'.
[  231.865253][T27846] tipc: Started in network mode
[  231.870220][T27846] tipc: Node identity ac14140f, cluster identity 4711
[  231.884364][T27846] tipc: New replicast peer: 255.255.255.255
[  231.890628][T27846] tipc: Enabled bearer <udp:syz2>, priority 10
[  231.998644][T27863] netlink: 'syz.6.6071': attribute type 3 has an invalid length.
[  232.087154][T27877] loop8: detected capacity change from 0 to 1024
[  232.094044][T27877] EXT4-fs: Ignoring removed nobh option
[  232.099726][T27877] EXT4-fs: Ignoring removed bh option
[  232.121814][T27877] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  232.175007][T18703] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  232.209594][T27890] netlink: 'syz.0.6077': attribute type 10 has an invalid length.
[  232.218225][T27890] bond2: (slave dummy0): Releasing active interface
[  232.230261][T27890] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  232.530349][T27941] netlink: 16 bytes leftover after parsing attributes in process `syz.0.6094'.
[  232.746214][T27958] netlink: 2 bytes leftover after parsing attributes in process `syz.0.6103'.
[  232.807979][T27966] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6106'.
[  232.822461][T27966] team0: entered promiscuous mode
[  232.827589][T27966] team0: entered allmulticast mode
[  232.836180][T27968] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6107'.
[  232.861710][T28003] 9pnet_fd: Insufficient options for proto=fd
[  232.919137][   T29] kauditd_printk_skb: 726 callbacks suppressed
[  232.919154][   T29] audit: type=1400 audit(1755422971.138:10523): avc:  denied  { lock } for  pid=28013 comm="syz.4.6114" path=2F7365637265746D656D202864656C6574656429 dev="secretmem" ino=56546 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  232.980437][T28017] siw: device registration error -23
[  233.024926][   T10] tipc: Node number set to 2886997007
[  233.068254][   T29] audit: type=1326 audit(1755422971.288:10524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28030 comm="syz.2.6121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffacb71ebe9 code=0x7ffc0000
[  233.092162][   T29] audit: type=1326 audit(1755422971.288:10525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28030 comm="syz.2.6121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffacb71ebe9 code=0x7ffc0000
[  233.118501][   T29] audit: type=1326 audit(1755422971.338:10526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28030 comm="syz.2.6121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffacb71ebe9 code=0x7ffc0000
[  233.153868][   T29] audit: type=1326 audit(1755422971.368:10527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28030 comm="syz.2.6121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffacb71ebe9 code=0x7ffc0000
[  233.177595][   T29] audit: type=1326 audit(1755422971.368:10528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28030 comm="syz.2.6121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffacb71ebe9 code=0x7ffc0000
[  233.230026][   T29] audit: type=1326 audit(1755422971.368:10529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28030 comm="syz.2.6121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffacb71ebe9 code=0x7ffc0000
[  233.253681][   T29] audit: type=1326 audit(1755422971.378:10530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28030 comm="syz.2.6121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffacb71ebe9 code=0x7ffc0000
[  233.277275][   T29] audit: type=1326 audit(1755422971.378:10531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28030 comm="syz.2.6121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffacb71ebe9 code=0x7ffc0000
[  233.300911][   T29] audit: type=1326 audit(1755422971.418:10532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28030 comm="syz.2.6121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffacb71ebe9 code=0x7ffc0000
[  233.415904][T28039] netlink: 'syz.4.6125': attribute type 27 has an invalid length.
[  233.583832][T28057] serio: Serial port ptm0
[  233.695955][T28039] ip6gre3: left allmulticast mode
[  233.725570][T28064] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=28064 comm=syz.2.6145
[  233.768886][T28048] 8021q: adding VLAN 0 to HW filter on device bond0
[  233.816956][T28048] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  233.893101][T28085] netlink: 16 bytes leftover after parsing attributes in process `syz.2.6143'.
[  233.918340][T28090] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6141'.
[  234.305130][T28138] loop2: detected capacity change from 0 to 128
[  234.430730][T12526] bio_check_eod: 5596 callbacks suppressed
[  234.430740][T12526] kworker/u8:15: attempt to access beyond end of device
[  234.430740][T12526] loop2: rw=1, sector=145, nr_sectors = 16 limit=128
[  234.450379][T12526] kworker/u8:15: attempt to access beyond end of device
[  234.450379][T12526] loop2: rw=1, sector=169, nr_sectors = 8 limit=128
[  234.464187][T12526] kworker/u8:15: attempt to access beyond end of device
[  234.464187][T12526] loop2: rw=1, sector=185, nr_sectors = 8 limit=128
[  234.477948][T12526] kworker/u8:15: attempt to access beyond end of device
[  234.477948][T12526] loop2: rw=1, sector=201, nr_sectors = 8 limit=128
[  234.491442][T12526] kworker/u8:15: attempt to access beyond end of device
[  234.491442][T12526] loop2: rw=1, sector=217, nr_sectors = 8 limit=128
[  234.504893][T12526] kworker/u8:15: attempt to access beyond end of device
[  234.504893][T12526] loop2: rw=1, sector=233, nr_sectors = 8 limit=128
[  234.518765][T12526] kworker/u8:15: attempt to access beyond end of device
[  234.518765][T12526] loop2: rw=1, sector=249, nr_sectors = 8 limit=128
[  234.532378][T12526] kworker/u8:15: attempt to access beyond end of device
[  234.532378][T12526] loop2: rw=1, sector=265, nr_sectors = 8 limit=128
[  234.546146][T12526] kworker/u8:15: attempt to access beyond end of device
[  234.546146][T12526] loop2: rw=1, sector=281, nr_sectors = 8 limit=128
[  234.559781][T12526] kworker/u8:15: attempt to access beyond end of device
[  234.559781][T12526] loop2: rw=1, sector=297, nr_sectors = 8 limit=128
[  234.586654][ T3389] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65380 sclass=netlink_route_socket pid=3389 comm=kworker/0:3
[  234.678616][T28167] SELinux: ebitmap: truncated map
[  234.686594][T28167] SELinux: failed to load policy
[  234.763231][T28196] IPv6: Can't replace route, no match found
[  234.823697][T28203] siw: device registration error -23
[  234.895327][T28215] 9pnet: p9_errstr2errno: server reported unknown error 
[  234.940902][T28225] syz_tun: entered allmulticast mode
[  234.951048][T28224] syz_tun: left allmulticast mode
[  235.068486][T28236] geneve2: entered promiscuous mode
[  235.075679][T28242] loop6: detected capacity change from 0 to 256
[  235.094991][T12543] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  235.122130][T12543] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  235.139282][T28251] loop6: detected capacity change from 0 to 128
[  235.156686][T12543] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  235.166873][T28251] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000100)
[  235.172711][T12543] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  235.174775][T28251] FAT-fs (loop6): Filesystem has been set read-only
[  235.184556][T28251] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000100)
[  235.197515][T28251] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000100)
[  235.211438][T28255] loop2: detected capacity change from 0 to 512
[  235.229996][T28255] EXT4-fs: Ignoring removed nomblk_io_submit option
[  235.242911][T28262] buffer_io_error: 5595 callbacks suppressed
[  235.242931][T28262] Buffer I/O error on dev loop6, logical block 2065, async page read
[  235.247621][T28255] EXT4-fs: Ignoring removed nomblk_io_submit option
[  235.249206][T28262] Buffer I/O error on dev loop6, logical block 2066, async page read
[  235.281027][T28255] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  235.285498][T28262] Buffer I/O error on dev loop6, logical block 2067, async page read
[  235.307698][T28255] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[  235.314725][T28262] Buffer I/O error on dev loop6, logical block 2068, async page read
[  235.323911][T28262] Buffer I/O error on dev loop6, logical block 2069, async page read
[  235.327301][T28255] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2
[  235.344573][T28262] Buffer I/O error on dev loop6, logical block 2070, async page read
[  235.368570][T28262] Buffer I/O error on dev loop6, logical block 2071, async page read
[  235.384387][T28255] EXT4-fs (loop2): 1 truncate cleaned up
[  235.399595][T28255] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  235.406721][T28262] Buffer I/O error on dev loop6, logical block 2072, async page read
[  235.420393][T28262] Buffer I/O error on dev loop6, logical block 2065, async page read
[  235.428537][T28262] Buffer I/O error on dev loop6, logical block 2066, async page read
[  235.464938][T28255] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  235.501362][T22026] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  236.012810][T28306] __nla_validate_parse: 3 callbacks suppressed
[  236.012827][T28306] netlink: 44 bytes leftover after parsing attributes in process `syz.4.6222'.
[  236.149588][T28306] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6222'.
[  236.158581][T28306] netlink: 32 bytes leftover after parsing attributes in process `syz.4.6222'.
[  236.210659][T28325] netlink: 96 bytes leftover after parsing attributes in process `syz.6.6229'.
[  236.346125][T28348] loop2: detected capacity change from 0 to 256
[  236.442793][T28354] serio: Serial port ptm0
[  236.693570][T28384] loop8: detected capacity change from 0 to 2048
[  236.703023][T28382] siw: device registration error -23
[  236.715632][T28384] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  236.786192][T28396] EXT4-fs (loop8): shut down requested (1)
[  236.867452][T18703] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  237.110086][T28432] siw: device registration error -23
[  237.331505][T28441] netlink: 'syz.8.6273': attribute type 4 has an invalid length.
[  237.387947][T28457] loop2: detected capacity change from 0 to 1024
[  237.395550][T28457] EXT4-fs: Ignoring removed orlov option
[  237.401294][T28457] EXT4-fs: Ignoring removed nomblk_io_submit option
[  237.414918][ T1434] nci: nci_ntf_packet: unknown ntf opcode 0x406
[  237.422449][T28457] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  237.445661][T22026] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  237.536182][T28470] @: renamed from vlan0 (while UP)
[  238.336774][T28506] netlink: 44 bytes leftover after parsing attributes in process `syz.8.6289'.
[  238.353627][T28506] netlink: 8 bytes leftover after parsing attributes in process `syz.8.6289'.
[  238.362562][T28506] netlink: 32 bytes leftover after parsing attributes in process `syz.8.6289'.
[  238.405040][T28509] loop6: detected capacity change from 0 to 128
[  238.635991][T28519] netlink: 'syz.0.6308': attribute type 39 has an invalid length.
[  239.110820][T28529] loop2: detected capacity change from 0 to 512
[  239.129954][T28529] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  239.143202][T28529] ext4 filesystem being mounted at /305/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  239.188576][T22026] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  239.224061][   T29] kauditd_printk_skb: 427 callbacks suppressed
[  239.224077][   T29] audit: type=1326 audit(1755422977.438:10960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28547 comm="syz.2.6303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffacb71ebe9 code=0x7ffc0000
[  239.256726][   T29] audit: type=1326 audit(1755422977.478:10961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28547 comm="syz.2.6303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7ffacb71ebe9 code=0x7ffc0000
[  239.280535][   T29] audit: type=1326 audit(1755422977.478:10962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28547 comm="syz.2.6303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffacb71ebe9 code=0x7ffc0000
[  239.304158][   T29] audit: type=1326 audit(1755422977.478:10963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28547 comm="syz.2.6303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffacb71ebe9 code=0x7ffc0000
[  239.331295][   T29] audit: type=1326 audit(1755422977.478:10964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28547 comm="syz.2.6303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffacb71ebe9 code=0x7ffc0000
[  239.355128][   T29] audit: type=1326 audit(1755422977.478:10965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28547 comm="syz.2.6303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffacb71ebe9 code=0x7ffc0000
[  239.378748][   T29] audit: type=1326 audit(1755422977.478:10966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28547 comm="syz.2.6303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffacb71ebe9 code=0x7ffc0000
[  239.402423][   T29] audit: type=1326 audit(1755422977.478:10967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28547 comm="syz.2.6303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffacb71ebe9 code=0x7ffc0000
[  239.426153][   T29] audit: type=1326 audit(1755422977.478:10968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28547 comm="syz.2.6303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffacb71ebe9 code=0x7ffc0000
[  239.449864][   T29] audit: type=1326 audit(1755422977.498:10969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28547 comm="syz.2.6303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffacb71ebe9 code=0x7ffc0000
[  239.543665][T28552] hub 6-0:1.0: USB hub found
[  239.552748][T28552] hub 6-0:1.0: 8 ports detected
[  239.576109][T28566] netlink: 'syz.6.6312': attribute type 1 has an invalid length.
[  239.600599][T28566] 8021q: adding VLAN 0 to HW filter on device bond2
[  239.620112][T28566] netlink: 4 bytes leftover after parsing attributes in process `syz.6.6312'.
[  239.631170][T28566] bond2 (unregistering): Released all slaves
[  239.846758][T28649] loop6: detected capacity change from 0 to 1024
[  239.866938][T28649] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  239.881238][T28649] ext4 filesystem being mounted at /771/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  239.902989][T28649] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  239.952584][T11846] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  240.337793][T28661] netlink: 32 bytes leftover after parsing attributes in process `syz.2.6333'.
[  240.357188][T28664] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6321'.
[  240.381013][T28668] loop2: detected capacity change from 0 to 1024
[  240.390536][T28668] EXT4-fs: Ignoring removed bh option
[  240.416784][T28668] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  240.484454][T22026] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  241.355993][T28719] __nla_validate_parse: 1 callbacks suppressed
[  241.356012][T28719] netlink: 14 bytes leftover after parsing attributes in process `syz.0.6344'.
[  241.398304][T28723] netlink: 12 bytes leftover after parsing attributes in process `syz.6.6347'.
[  241.495769][T28733] loop8: detected capacity change from 0 to 1024
[  241.528231][T28733] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  241.627703][T18703] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  241.815634][T28758] loop2: detected capacity change from 0 to 128
[  242.012174][T28771] loop2: detected capacity change from 0 to 512
[  242.023172][T28771] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  242.033551][T28775] netlink: 'syz.0.6360': attribute type 1 has an invalid length.
[  242.045124][T28771] EXT4-fs (loop2): 1 truncate cleaned up
[  242.050176][T28775] 8021q: adding VLAN 0 to HW filter on device bond4
[  242.051269][T28771] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  242.074964][T28775] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6360'.
[  242.102894][T28775] bond4 (unregistering): Released all slaves
[  242.195857][T22026] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  242.220044][T28857] veth0: entered promiscuous mode
[  242.226262][T28857] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6364'.
[  242.272417][T28864] syz_tun: entered allmulticast mode
[  242.278774][T28862] syz_tun: left allmulticast mode
[  242.476321][T28881] loop6: detected capacity change from 0 to 128
[  242.491422][T28877] veth0: entered promiscuous mode
[  242.507153][T28877] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6381'.
[  242.557203][T28889] sch_tbf: burst 3298 is lower than device lo mtu (11337746) !
[  242.610752][T28877] veth0 (unregistering): left promiscuous mode
[  242.955805][T28898] loop6: detected capacity change from 0 to 512
[  242.968338][T28897] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6389'.
[  243.000397][T28898] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  243.044432][T28898] EXT4-fs (loop6): 1 truncate cleaned up
[  243.050670][T28898] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  243.196471][T28913] netlink: 'syz.8.6380': attribute type 1 has an invalid length.
[  243.235988][T28913] 8021q: adding VLAN 0 to HW filter on device bond1
[  243.282707][T28913] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6380'.
[  243.308352][T11846] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  243.330488][T28913] bond1 (unregistering): Released all slaves
[  243.629397][T12596] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  243.705918][T12596] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  243.755635][T12596] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  243.806277][T12596] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  243.887057][T29017] loop8: detected capacity change from 0 to 512
[  243.899472][T29017] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  243.909487][T12596] bridge_slave_1: left allmulticast mode
[  243.915360][T12596] bridge_slave_1: left promiscuous mode
[  243.921113][T12596] bridge0: port 2(bridge_slave_1) entered disabled state
[  243.929518][T12596] bridge_slave_0: left allmulticast mode
[  243.930183][T29017] EXT4-fs (loop8): 1 truncate cleaned up
[  243.935197][T12596] bridge_slave_0: left promiscuous mode
[  243.935366][T12596] bridge0: port 1(bridge_slave_0) entered disabled state
[  243.954762][T29017] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  244.111574][T18703] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  244.187419][T12596] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  244.201703][T12596] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  244.215436][T12596] bond0 (unregistering): (slave macvlan2): Releasing backup interface
[  244.231181][T12596] bond0 (unregistering): Released all slaves
[  244.296286][T12596] tipc: Left network mode
[  244.366031][T12596] veth1_macvtap: left promiscuous mode
[  244.373822][T12596] veth0_macvtap: left promiscuous mode
[  244.382909][T12596] veth1_vlan: left promiscuous mode
[  244.400121][T12596] veth0_vlan: left promiscuous mode
[  244.538903][T29011] lo speed is unknown, defaulting to 1000
[  244.595781][T29079] netlink: 12 bytes leftover after parsing attributes in process `syz.8.6408'.
[  244.625746][T29011] lo speed is unknown, defaulting to 1000
[  244.753012][T29011] chnl_net:caif_netlink_parms(): no params data found
[  244.820259][T29011] bridge0: port 1(bridge_slave_0) entered blocking state
[  244.827466][T29011] bridge0: port 1(bridge_slave_0) entered disabled state
[  244.839040][T29011] bridge_slave_0: entered allmulticast mode
[  244.845992][T29011] bridge_slave_0: entered promiscuous mode
[  244.853726][T29011] bridge0: port 2(bridge_slave_1) entered blocking state
[  244.861547][T29011] bridge0: port 2(bridge_slave_1) entered disabled state
[  244.870164][T29011] bridge_slave_1: entered allmulticast mode
[  244.876885][T29011] bridge_slave_1: entered promiscuous mode
[  244.907217][T29011] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  244.917883][T29011] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  244.946561][T29011] team0: Port device team_slave_0 added
[  244.952313][T29109] lo speed is unknown, defaulting to 1000
[  244.953134][T29011] team0: Port device team_slave_1 added
[  244.977004][T29011] batman_adv: batadv0: Adding interface: batadv_slave_0
[  244.984219][T29011] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  245.010411][T29011] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  245.023255][T29109] lo speed is unknown, defaulting to 1000
[  245.023622][T29011] batman_adv: batadv0: Adding interface: batadv_slave_1
[  245.036008][T29011] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  245.061965][T29011] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  245.105649][T29011] hsr_slave_0: entered promiscuous mode
[  245.111738][T29011] hsr_slave_1: entered promiscuous mode
[  245.153375][T12563] ==================================================================
[  245.161463][T12563] BUG: KCSAN: data-race in copy_process / free_pid
[  245.167970][T12563] 
[  245.170297][T12563] read-write to 0xffffffff8685fc48 of 4 bytes by task 29431 on cpu 0:
[  245.178448][T12563]  free_pid+0x77/0x180
[  245.182512][T12563]  free_pids+0x7a/0xb0
[  245.186575][T12563]  release_task+0x9a9/0xb60
[  245.191135][T12563]  do_exit+0xd81/0x15c0
[  245.195311][T12563]  call_usermodehelper_exec_async+0x247/0x250
[  245.201407][T12563]  ret_from_fork+0xda/0x150
[  245.205931][T12563]  ret_from_fork_asm+0x1a/0x30
[  245.210700][T12563] 
[  245.213020][T12563] read to 0xffffffff8685fc48 of 4 bytes by task 12563 on cpu 1:
[  245.220651][T12563]  copy_process+0x14a6/0x2000
[  245.225333][T12563]  kernel_clone+0x16c/0x5c0
[  245.229842][T12563]  user_mode_thread+0x7d/0xb0
[  245.234532][T12563]  call_usermodehelper_exec_work+0x41/0x160
[  245.240441][T12563]  process_scheduled_works+0x4cb/0x9d0
[  245.245907][T12563]  worker_thread+0x582/0x770
[  245.250506][T12563]  kthread+0x489/0x510
[  245.254583][T12563]  ret_from_fork+0xda/0x150
[  245.259095][T12563]  ret_from_fork_asm+0x1a/0x30
[  245.263883][T12563] 
[  245.266208][T12563] value changed: 0x80000110 -> 0x8000010f
[  245.271918][T12563] 
[  245.274237][T12563] Reported by Kernel Concurrency Sanitizer on:
[  245.280387][T12563] CPU: 1 UID: 0 PID: 12563 Comm: kworker/u8:50 Tainted: G        W           6.17.0-rc1-syzkaller-00214-g99bade344cfa #0 PREEMPT(voluntary) 
[  245.294714][T12563] Tainted: [W]=WARN
[  245.298513][T12563] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  245.308653][T12563] Workqueue: events_unbound call_usermodehelper_exec_work
[  245.315781][T12563] ==================================================================
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  245.353299][   T29] kauditd_printk_skb: 40 callbacks suppressed
[  245.353314][   T29] audit: type=1400 audit(1755422983.548:11010): avc:  denied  { write } for  pid=3291 comm="syz-executor" path="pipe:[2583]" dev="pipefs" ino=2583 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
[  245.420152][T29109] chnl_net:caif_netlink_parms(): no params data found
[  245.579451][T12596] batadv1: left allmulticast mode
[  245.584551][T12596] batadv1: left promiscuous mode
[  245.589693][T12596] bridge0: port 3(batadv1) entered disabled state
[  245.603352][T12596] bridge_slave_1: left allmulticast mode
[  245.609146][T12596] bridge_slave_1: left promiscuous mode
[  245.614888][T12596] bridge0: port 2(bridge_slave_1) entered disabled state
[  245.639066][T12596] bridge_slave_0: left allmulticast mode
[  245.644823][T12596] bridge_slave_0: left promiscuous mode
[  245.650533][T12596] bridge0: port 1(bridge_slave_0) entered disabled state
[  245.835424][T12596] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  245.844587][T12596] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  245.853805][T12596] bond0 (unregistering): (slave dummy0): Releasing backup interface
[  245.862359][T12596] bond0 (unregistering): Released all slaves
[  245.870301][T12596] bond1 (unregistering): Released all slaves
[  245.943939][T12596] tipc: Disabling bearer <udp:£>
[  245.948924][T12596] tipc: Disabling bearer <udp:syz2>
[  245.955674][T12596] tipc: Left network mode
[  246.003405][T12596] batman_adv: batadv0: Removing interface: batadv_slave_0
[  246.022629][T12596] pimreg (unregistering): left allmulticast mode
[  246.043636][T12596] team0 (unregistering): Port device team_slave_1 removed
[  246.055100][T12596] team0 (unregistering): Port device team_slave_0 removed
[  246.062584][T12543] smc: removing ib device syz!
[  246.605851][T12596] bridge_slave_1: left allmulticast mode
[  246.611497][T12596] bridge_slave_1: left promiscuous mode
[  246.617118][T12596] bridge0: port 2(bridge_slave_1) entered disabled state
[  246.624885][T12596] bridge_slave_0: left allmulticast mode
[  246.630525][T12596] bridge_slave_0: left promiscuous mode
[  246.636134][T12596] bridge0: port 1(bridge_slave_0) entered disabled state
[  246.644105][T12596] bridge_slave_1: left allmulticast mode
[  246.649745][T12596] bridge_slave_1: left promiscuous mode
[  246.655353][T12596] bridge0: port 2(bridge_slave_1) entered disabled state
[  246.662855][T12596] bridge_slave_0: left promiscuous mode
[  246.668487][T12596] bridge0: port 1(bridge_slave_0) entered disabled state
[  246.715499][T12596] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  246.725115][T12596] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  246.734132][T12596] bond0 (unregistering): Released all slaves
[  247.115560][T12596] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  247.124688][T12596] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  247.133750][T12596] bond0 (unregistering): (slave dummy0): Releasing backup interface
[  247.142117][T12596] bond0 (unregistering): Released all slaves
[  247.149558][T12596] bond1 (unregistering): Released all slaves
[  247.157429][T12596] bond2 (unregistering): (slave veth9): Releasing active interface
[  247.165767][T12596] bond2 (unregistering): Released all slaves
[  247.173527][T12596] bond3 (unregistering): (slave veth19): Releasing active interface
[  247.182060][T12596] bond3 (unregistering): Released all slaves
[  247.244992][T12596] bond0 (unregistering): Released all slaves
[  247.287930][T12596] tipc: Disabling bearer <udp:syz2>
[  247.293190][T12596] tipc: Left network mode
[  247.299863][T12596] IPVS: stopping backup sync thread 3667 ...
[  247.308707][T12596] hsr_slave_0: left promiscuous mode
[  247.314682][T12596] hsr_slave_1: left promiscuous mode
[  247.320156][T12596] batman_adv: batadv0: Removing interface: batadv_slave_0
[  247.327474][T12596] batman_adv: batadv0: Removing interface: batadv_slave_1
[  247.353879][T12596] team0 (unregistering): Port device team_slave_1 removed
[  247.362732][T12596] team0 (unregistering): Port device team_slave_0 removed
[  249.105258][T12596] batadv1: left allmulticast mode
[  249.110282][T12596] batadv1: left promiscuous mode
[  249.115318][T12596] bridge0: port 3(batadv1) entered disabled state
[  249.122259][T12596] bridge_slave_1: left allmulticast mode
[  249.128005][T12596] bridge_slave_1: left promiscuous mode
[  249.133620][T12596] bridge0: port 2(bridge_slave_1) entered disabled state
[  249.141257][T12596] bridge_slave_0: left allmulticast mode
[  249.146894][T12596] bridge_slave_0: left promiscuous mode
[  249.152484][T12596] bridge0: port 1(bridge_slave_0) entered disabled state
[  249.365063][T12596] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  249.374285][T12596] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  249.383181][T12596] bond0 (unregistering): Released all slaves
[  249.424961][T12596] tipc: Disabling bearer <udp:syz2>
[  249.430233][T12596] tipc: Left network mode
[  249.436166][T12596] hsr_slave_0: left promiscuous mode
[  249.441722][T12596] hsr_slave_1: left promiscuous mode
[  249.447336][T12596] batman_adv: batadv0: Removing interface: batadv_slave_0
[  249.454608][T12596] batman_adv: batadv0: Removing interface: batadv_slave_1
[  249.479958][T12596] team0 (unregistering): Port device team_slave_1 removed
[  249.489222][T12596] team0 (unregistering): Port device team_slave_0 removed
[  249.512772][T28066] lo speed is unknown, defaulting to 1000
[  249.518552][T28066] infiniband syz0: ib_query_port failed (-19)