last executing test programs:

3m48.847295355s ago: executing program 1 (id=764):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000040)={0x0, r0}, 0x8)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000002c0)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x7, [@enum={0x5}]}, {0x0, [0x0, 0x0, 0x0, 0x0, 0x61]}}, 0x0, 0x2b, 0x0, 0x1}, 0x28)
bpf$MAP_CREATE(0x0, &(0x7f0000001400)=@base={0xb, 0x6, 0x4, 0x3a7, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, r1, 0x0, 0x1}, 0x48)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x6, 0x5, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x100}, [@ldst={0x1, 0x0, 0x3, 0x0, 0x1, 0x8}, @ldst={0x3, 0x3, 0x3, 0xa, 0x0, 0xffffffffffffffe0}]}, &(0x7f0000000580)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x4e}, 0x94)
sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWRULE={0x34, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_ID={0x8, 0x9, 0x1, 0x0, 0x2}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x5c}}, 0x0)

3m48.832674676s ago: executing program 1 (id=755):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
close(0x3)
r2 = socket$inet6(0xa, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="12000000050000000800000008"], 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000300)={r3, &(0x7f0000000240), &(0x7f00000000c0)=@udp6=r2}, 0x20)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

3m48.804151687s ago: executing program 1 (id=757):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4000050, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='kfree\x00', r2, 0x0, 0x115}, 0x18)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), r0)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010040000000000000001c00000018000180140002006d6163766c616e3100"], 0x2c}, 0x1, 0x0, 0x0, 0x1}, 0x4000080)

3m48.73636735s ago: executing program 1 (id=761):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000280)={[{@nogrpid}, {@jqfmt_vfsv0}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@debug}, {@nombcache}, {@quota}, {@nolazytime}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
creat(&(0x7f0000000040)='./bus\x00', 0x122dfb579e447c7a)
mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000200)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7ffffffffffffffb, 0x3, 0x0, 0x0, 0x17, 0x0, "ef35af413bb901527fe4d0ce5d29c3ee5e5c3676345a41499db7aac63a01000000000000004faa2ae2c084a0ea0000000000007700000c00002000", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220fffff2ff00000000000000000e00", [0x4]})
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x20)
getdents64(r1, 0x0, 0x0)

3m48.320357569s ago: executing program 1 (id=774):
r0 = socket(0x2a, 0x2, 0x0)
sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x20040845}, 0x0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000003c0)=@newtfilter={0x90, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0xfffa}, {}, {0x1c, 0xfff9}}, [@filter_kind_options=@f_flower={{0xb}, {0x60, 0x2, [@TCA_FLOWER_ACT={0x54, 0x3, [@m_connmark={0x50, 0x1, 0x0, 0x0, {{0xd}, {0x20, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0xfffffff8, 0xfff, 0x0, 0x200, 0xa}, 0x3}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x3}}}}]}, @TCA_FLOWER_FLAGS={0x8, 0x16, 0x12}]}}]}, 0x90}, 0x1, 0x0, 0x0, 0x20000004}, 0x24000000)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x3580)

3m48.038338031s ago: executing program 1 (id=784):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000440)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f0000000380)}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x18, 0x19, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000008000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYRESDEC, @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000010000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

3m48.012481142s ago: executing program 32 (id=784):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000440)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f0000000380)}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x18, 0x19, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000008000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYRESDEC, @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000010000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

1.938366744s ago: executing program 4 (id=8994):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x0, 0x5, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000040), &(0x7f00000001c0)=r0}, 0x1f)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
syz_read_part_table(0x5ff, &(0x7f0000000000)="$eJzs27FrJFUcB/DfTHZnd6MQ/AsMZ3HxGg8Wq3AHEuIqB7cHIl5xHFZyzVYprEIWjMgVuVhEAmliERBjMI1lLAIhJlEIxEYQrKJIsBAsxIgZmd3ZJKjYuCmEz6d47zfv/Wa/O+zbcoL/tTQ+fjdGiiqv/WNDpTfmc1EvF8o5K4bX16dffnX83ksRyaD/9Lf3I+LzfKR/mdf6RaNMizKluVXpLKzX4sWI+Gz89y/T8kO7g+Jg5WERlWZX8NAMzcTMje2ke/RMvTgCjZgc7dx/VI3n043D02L7rP9zV/5623i8Npz8zVu7Y4OT+U1r9rj1Y/rLz627y1lkixHJyc30b7eMDg5rMoT8zh9vZJ+s7UzNP2g09+6020uffvvBc7PT1XL78Rf9uR6X/l1P96e5IcQDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBkEzM3tp9Njs7yRny4f3t/crRz/9HG9am5jcN71Yj4KCn7Xrii/M1bu2PvzOd5jBVXs8etn6Jdad1dXr2dLTbi+snNsu/N3riQvfV2RFx7qneVDSG/04iItZ2p+e8bzb077fZSNV4pn/kgT7LH1UFjUsSlWXyd53lEbQjRAAAAAAAAAAAAAAAAAAAAcG66FpVB/SAiJlfPt54UQ+9F9yziWrn4XbGQRzS3Kp2F9dZ7TybKjfKN+G4a0Y2IHw5WHl6K2av35yLrq4syfs3zPL3UN3JRzqT/8rWTfgr/1Z8BAAD//5cJbDU=")

1.839865639s ago: executing program 4 (id=8998):
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
unshare(0x2a020400)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xffffffffffffff27}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0xe9, 0x400)
syz_usb_disconnect(r0)

1.180505298s ago: executing program 0 (id=9023):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xf, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000280)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$kcm(0x2b, 0x1, 0x0)
close(r2)
r3 = socket$kcm(0xa, 0x2, 0x73)
sendmsg$inet(r3, &(0x7f0000001180)={&(0x7f0000000000)={0xa, 0x0, @empty}, 0xffac, &(0x7f0000001080)=[{&(0x7f0000000040)="a72d11a15c048c0a7d63aebc5cea1f81510ff6091475aeec600831aa9d3944e60bc2ad06a619c560aa0118b28f68f1eb14549d633b4b23f179fb680716faa43414787559be90843c35ab30acad8a6740140e00721abc2eb362f7bde53b3c992d3e28ccc20ec84fdc569947047f6c09a647ee8c0a747b951e66c068ccf1af93ee9e6f9528ff79e2f989383b05a690a6bec4634b867c9446c1c644b3010e8a3514c6328323b4bbdd602b8f0dace6aea70902c4ddd2a2f2810f1348b0d0df3c1e6a5938fcfdc87e7580c6be0c6a06eca62d6f787dd16add086a21391c4c707d8b61929d1252681b84c245e0efafe2e6e73ad86a3cf59235ab0eacbb414af92ec3cdac420a064a98e8cc18bdf63f8997f96436e0fe6f06fdbf47fff353b01a861babd4a38d126bfe3e29049e6cc883e6efae6e70ef9ed124b1b09887a58c991e223b6420dca5ae238027e91b17b1707dc5c0d5f59f0ca95614f1ea1d263c1ee54dfe31ae35eb3c8e3b931dff7920c57fbba89adf2e392c1ad719b90c7ade0d38ff9792934ef1fb12f51d8e2fad12486d5883d5b1a46696fad128c6805cfb25bc6487e1e407d6b266971b09d0d864a7a550284e24b6cdc9f4ae1081a638175dffef002c76ac5558d23e41edbe68f4b4950a13aa000326dae5a857603dc5a40d6c6618a98c7b6e1eebd325ea2c14601a25658965f40864fd015d9b2fff83ee5ed3212ebd9fa429f0140f633556ac07c0c08e67a1848c9942ecc47dd4ffede9a429e9e0472be7cdbcd117e621ddf745c00a814ffff0224634472577dc0b35a9c153409f1a2bddc193b20b4d244d9cbbd59816c46000c596865f58b4e640ed4a9ab6086cede697fb113560925498da83273e679e0e28b84961eb7b9c9b4fa916590965c76b48e5d453f27a821bd2bf0946ff2413ec30f7893d1f046e18f736c40ceda26dfc4a0a62f71a3606d3f72c0a858dfd7895e2572292e11af913c6b513a141d28e501ae7c49618d104aac9abb78466a636efb88120d0eef0a501558a5aa34784a9823f2802a0bcdf318f9b436b34b42a2a7cf513f80364ad9a699d2e23eb4f3a2bbce818bd20da61882b3dac699d05dc24f29b72471b712423ace6278c43df2be7a09e815517b86d8b3ce16af3d64a575958c5fd52aac53b391f3d2a67c24c6c13ec11428b61b80a6a58cbba1790a98d190a572070f63fc0b809669895ea9865c3066b06102f6f2c7171dc7f76e1931b3e4deb569ef9d07d5f86a848f50942e93c419c3a23489f14803b08182dfd48b8d4375be6b7f805a21209c05e5927693a8834c8d5a5acbd47ed8a30a8a741d1ad77639b56b3b90c0b2023fa334befd28b2e27cbcd94b0ce7437f88ce67a925cea6d6d7e5313de6d328b1124a8b9ef83fe39ca3da97d33c60b7fd4af67d3c8fccb595a27a5bffc71e5a5b2ec966828993b0c0f83cbc55f9a7fb66a4101d5c83b77885072b6e2b2ceebe32f635509698c05089b9ff1cb1959b211e114dadb224ef2d5e7a3c55b3ac00fcdc9018577603c6301e5d4341b3d7eeb2665349d448d28d5d108f576408cbe533a6adbba18ebb2d84bb9af81108506a2f50fb56d595579000747930449fdf4ed01715ec624a0cb73636a35b9136f10b79e3d7ded09008b92e92c64e26e6b6d17f18b70b1d9813de8d2ff151c7a6a0452c660a57c33f13e2d9b88fa5f5c0505722d2e787a425e4a3e9b5efa9668e9199f5fb9fe7d5b8a57719a57df152e7f2c6a1087a2a24084f82455b65353a70559f04d5ed12defb81497ea69c1c7e69c373524770b7473c16a69c7a3648a9dd93377b89cdff61cf62512d1ee67a55ea67993937c1f55a2179bc9c8a337364cfb84d295adda1ad9700fc2f5c11cbfc1b90affb4666c6e7e23a6f7751410a5651819f29f690c6dba2b8a67e0f7f8cc377feb1854c393578994c85391ba21b3961aed477f771645571dc7d6cae72bf79c82a92a4edc3742b1398060a0a5c9e81c016b7f2ae3db529c6ff824cc28678764d8ab49d7dc68e5b0556c9e7ffb6fef442776d86fbd458741830e57f22a1f8513b92abd5b2df93a67cc560134078f0b8ecc3276e40aadef5cd579888b86b4988f396679250701f3869e7493b33692035ecd94aca5189fd0a0893ccc5bb19c0b4caca86cf90ebc2a5558f39cccb33f6773a4e425bf551fb3b6456ee1cc62fa1843a9e5539bb2d02ae6ef82533a9dbcfb562c1ab18c1f639ae7ff02083746f74a15ba2d10e4b955940a5d6f488d326a99f287c48ad463ce40367aeeff519cbad0a2d7fdbfa48bff75955467977764c2be2bd2ffa18396c46920c40c50a4037003666406d177e2cd20aee423d07169d8f611f635ba0b62b61265ff2c5548446a2423dd1038482b6852b2d9d2f90aa05d82c5e2c3d1af0c7aad72d82b3da67471af7b037bb0424a785e73f35b5a10a2ab300a195c20cd119a5390e0cd5d49c70bd80883b933e843d0d2902749dcf3c140c708a0f004b7a2f50bf311305dc01719016fcce5863815ca7951de710fcb71cd177551ff6fcd9f8bf01b93868f24c6129b6d7917125338cf62110083093fc7f862015d48450d992f2bb43e601cab19b2ea7b83962a382fc2a31fdf2358bf8a9a9e506eaa7b6eb5e7444d1ef459b24ffa51362abce902dfd84201a0e4b5a3b62757aad54fb65b83821c6bba663886de092065a565921ea3eb6781bb8ed4f4db3abcfeeb379b7e52fca790bea719918e299ab01bf5e92177d134360bf7a16a59e9d03d3dcfb0a25599237e3d41b3f0026c9402b1fb1894426303413a2cbcf7c72807ca694afa285990d07c3bca26413c9947b3b344aafc04544b8c11416e0312b028da7302e316c3966d41884b15055a49a4a0b3eac8e11f88a5615fb0af582f065d28e5a454447e9d0cfc60356439ebf7e1d0a00f5b9cc6daf2bd7195ba96b4d1a0679ff0fb1c01282c378a880f90f460889b67d76d4d0e8db6c928d113533d1d10b810303c43d8ff622c5bab7f095b96e64bf9daa48a2bdf3d9d40bac00cf1b66df61a4f7c3e21938e876f81b1179dce6a008f28eb682cae690ced0ea0d542da604d8056f2b1813ed36683c4c51aeb2650772cfb1c55d4e60604ff06344cfc271b2175a6c94defb807af240b483e24298ca73bfc743ca2ca2e77e6d5b817b3c1986601537faf59ac84c74d8bd0c068cb8e6bd03ac2dcf5793fb4a00b3c901a33aa3ee86e4f0db317b94bb8678ab26e36d305ebac4b0f7f164947148255b562dd0f87648499d45bccfb7d8c9d5624cadf8160a396e79fbcdc100058ba4606e41c02fb2cc0dc6c36196bd28acfde82a18cda2321d2d83fecd3b85380667cd1d0bc68298c6c8f10421a80c8fa86912b6c3e8ddd9d9668520d5151409e6b77f0d7730b374a68a744151bfbd123cfdf871e8c24e70d2ca3b50e84a48e0b78c1781000cfc848d43584985763a76c0ab9ba882c55e3e4aa8f2174255db38adb8350b48a77be22a869d13d183325f859b883464e5e46de5ea8a92532b9a794daaeff657cd361f7f158f8bebe36e9de1f5b9721d4263dcc9472229bc02d3f552180abfb25ca7aa36cb914d99c09fd5bb99dcab9b4e3c634d18fc7dfe84dc4425ad1e39c3e7410d49b4ea0a8a2958688c7725822f6dfc0827d19dc385e0e35a949941e4dd1aaeaab9ebe402f8c584bca7efc829f2ccfb63fd7bde1c182a67c14f9d3f033ca674e2604e89cd55a15419f956cd61a755c1b13554dae98e77be078aadfc131c9677381f1dbe6ef194eb17603a463e8b844ab46a6046e1f07d96d66de669359bff4c3d80948a4de3abb2f171a09b5d8999c379fb62244114e218c79805df7d899e5661320ee6721d652b95f09e4dfe69bd67099c73294b17ab574e0b966aa3ab44478965b9dca3cb3b9282945f24ccdd07c638ae25a84a728ca24f87ff49d718121a694be46f3616e27b1041b3c6cd24b9cf775bfc28dfbe0a009048f0599f2d5d6586cfd1e7f7fe69872d08b98f60d28e6af0d49d7f06ad71a7b5c41df261aba5de114022c7288bc265cc17909fdeadc3d7b256d7ab3b96e40f857060f16b54a6bb7248ee571f87ace5ee39eab412706cf52fa711468b21ea129c3f44bceb429fcc1a0ac2aa87b9365077dcfcfa9a1b32a0a09699197c20019a66cbd0a897feab3706c23123b888ada643d4560082033e31596b0483578968e3c9593ebd97141c228a42fc7645f92171c120aabca36657683fd7c72fcb87217f124d6fabc52f1d221d8410b47b0ad4bd944bf4085365e9b52a53911ab4ee142c5a1ebbe034c9d98c538c066f2dc0acf372eb2397dcac765055123e0ba19be22b18c886bf0f7490abe9fde91ffa62e059962bd134be8501cb5b715a744b1398e2c4c7e8afe72e189dda0654296afa1c1f99ab7d800fa40f72a758625c833b6fc7b7d42250522b456e1e7de815350c36c9cb2f4d1c9cb99109f89b456c559463f11b8b58247809b17a4ed4912bd0a47a529f1364d6dc593ea7f3eb98962078ac90e5012ee1c7b4b9ed5a8c7a9c0231b4ce425693faab64fa0f3482a04d4be2e06ee5d103694d288810a1a7f4d1e908dd82dd2016a064ece5cd67ef1dd5f4cda728fc6f1ccdd949dd8f775d862621507248ef4c83ae274969d19c7ddb02a4e8a1ab2b7aa539a442b22735ceedeefe60a1059dfaaa0979ce8d5387b5a047841fd9749b88ca91216b02d7926408a01916b7781bb7167528ccdb9a486d173437a5ba3e552c8674dff2cc9b21054e0e4f86b61b8723fca58ceef4413bffae9e9be79c5b9788f5449811ce78be9bc7a86375a670197baaef751beabcba0aa6c7c33f1cd702cb78ec39fa1f17d9da733d6abf2b80f9c51ac8f6f664b24edc53a7c9525c3016bd05c67272375fe816b2b121f2de68b885a0fd8f8b8c6c342237b632f6414a3eb3480f5f42106c5812e9bfd4e8c8dea8d08525d9aa1da7c7c2ee7ff3d31b79b211dd01e304a8ffc83a89a59f3b1e2ef5e969b6d90bea7e161066f25622fad914bff52bacd2807093dda1838b529ee57f718b374ce2841b924a42457867547a6edcb8412d85f11796742bf640b5819a9546357df778c332af5983c4373a95d9c58b52dba445eee92e6911824f0c534e7a5934d9eac9b7f6fec22002fc53a3003a3304217f567b47cd326edc5f48eb1f46bb20d1e10e72239afc9769344590cf48902aba5405b7d4baa31a912ab398a2f2d3f037614bb56a89244ece50f3a1e058d274f1e70f944eb8a305be91e561e5eb843d057a81f4deb84a6335ec81ca964cdae5f318d4e9aaea2c477cc279c00c698bcfe4b8e04c09079d8f3f5438d9d45a00f50d2f9b245c8c68eebf247e25ba8d26f8b95b21ac9ceb50c0aa2e4bdc032024db216b92f9350a90ac79341af14d3fa8ba908096e1b503341aed667bb184c672dac85fc4f335b3871c3b4e55ea219a857d2d2e135358f6b45a20b3e7de8e09b2041eb7c5084a80258fb524a983752659298a251e178b56f96bc67ae0a78ec92f92d92c9cf0edb5dcb11e739d69410ad44c8df00caa030d7d89f2ec38bd7698115c423cf3e6048793aca08ffbcdac766f1553773fa00031c1d75246e4e1eddf8948d02a3de6d67fd7329e45070f29044587f1e0db50d04e673191a63e30f96ee0d8d52738fab36a7fe2c6ab9301d401e7ca5b1f039193a580e40abbdf40c2d7e27809dec80815d37adae9fe7fb9d3a974c9fc03944d7338d000b81170be4c6792ed6b3b827194b3ae11e2acfca48498d1126aacf80f3d574256ef7f75552ff087a819e", 0x1000}, {&(0x7f0000001040)="9d7fcf3efc63f4a6a555ba8b4726d7ccaf8a207100e69cfac4377876021d7131b838059f96bd206d4776368ed2a92432e5af71", 0x33}], 0x8, &(0x7f0000001d00)=ANY=[@ANYBLOB="1400000000000000010000002500000002010000000000004800000000000000080000000797dbc64107b42c556567f2219787566400007300000000000000000000000008000000ef3820f3439cb150a3651e799ef4dca1e3c32158996e4b2abde5f2ba8b679121ac0b0ad62ade31fb2c47f0bbf781eb8bd1e3064141e90e9eac25b189c0da98b676571bbeefba392c3e15a10e03dee4ae1dfe99793e51ec0c6bb5fa6d7b357d249502f5919ef251e5d0e5bed378265b8bd55fde4689cb509b14fa754813a27e72d175e8d677420e10d65108006e2ab8168b1d633b1bb9a7d4d59ebdc7083d93d35cd469deb0d81d7adee2ef7c2f058c2c262b97ecbfb32fe3e3ffcdf7b5c24d0ab0a7ae9e6be6c115c5663dd864d655a7babdcf8315dc29b6f18539abf1422502d7d53ce861d8a07dbb00c5a94e0186689f988628a0986d8f0419924348a32be8950099b4718e6109b9eed9e5b3e8ff86d22cf39479b26cc3e977df19f757432bf055090461", @ANYRES32=0x0, @ANYBLOB="e1212f0409000000e70bcf35ac837225dd355ad309a5ec6096633ba38e1ef5baf006020e5f45c993cb5680017c6720bea9b7c451516a8cff7f00000000000019f20b784b2336d43c8a0f7347801a596dfb0b078a967980ccec1d115c7a0000000000000000000000fed6260fdf140498f1274bc569d0d87656d0d18d903580f0ec0915e89bd286b2c25165043f6a001d53f84eaabf01cc310ff28c7c76867ce1a2c9c91b1db7295614e2a4f8711ec37ae999180cb5bbb9c5382120076e117539d423a2ec0f468db35960831f5f883472327697495b8e8ba8e2f3defbe93e1fc733b06dfc74890a3f63b154e9681d69cdd9894c914ee45c286462888ff84e401a6d8895ffda88a171b7359f815d7b6f7562fba1bbff4cba08f7a3f582d7c604013317281c5e9a8e88b66a4717b3c318f85aecbe8b5f3485f8d31bf5a57b9dd53b382ec017a33d1fabe09daf76b3b0"], 0x6b}, 0x0)
close(r2)

1.150995639s ago: executing program 0 (id=9026):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000007c0)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x4)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7dc470d00281f324, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x7fff}, 0x18)
sendmsg$NFT_BATCH(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000180a0500000000000000000002000000300003802c00038014000100776732000000000000000000000000001400010076657468315f746f5f627269646765000900020073797a30000000000900010073797a30"], 0x84}, 0x1, 0x0, 0x0, 0x24040089}, 0x20008000)

1.119965481s ago: executing program 0 (id=9028):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x7, 0x8001, 0x0, 0x1}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, 0x0, &(0x7f0000000040)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
timer_create(0x8, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='scsi_dispatch_cmd_start\x00', r1}, 0x18)
ioctl$USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)

1.104206461s ago: executing program 0 (id=9031):
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x1000)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
recvmmsg(0xffffffffffffffff, &(0x7f0000006940)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000003c0)=""/6, 0x6}], 0x1}, 0x3}], 0x1, 0x40, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$sock(r1, &(0x7f00000044c0), 0x4000000000001c0, 0x0)
recvfrom(r2, &(0x7f0000000040)=""/60, 0x3c, 0x40, 0x0, 0x0)

1.069508203s ago: executing program 0 (id=9032):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000500)='ext4\x00', &(0x7f0000000940)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000580), 0x1, 0x4ee, &(0x7f0000000d40)="$eJzs3U9oFN8dAPDvbP5YY2LSUrHVFgItVrHdmESjQinmVBAtbS300D8Sk5iISTaYDagUahCLFCo99GDx1Is99BJ6K9IiFAo99eChPYhCT63USqUePKXMZlbXuCZNsmZ+v/XzgXFn3pp939kvM/Pe8OZtAB+s3og4EREtEVGMiO6svJAtcW15Sf/fucHFyXRJYmnpzLMkkog4Obg4Wf2sJHvdkX3AZ9KXGxEHW9+ud+7K1YsjU1Pjl7LtvvL0bN/clatfuTA9MjE+MT4zdPTo8WNHho4cb9y+bt99++5nf3nqwa0/LXx+147R6TTezuy92v1olN7ozb6TtuiqfSOJONfoynL2ibwDYN3+Vdh7L+8YAICtV8ja/q2V9n93tMRyY/3xw+8/744fd+QdHwAAALB5S0st2SsAAADQvBJ9fwAAAGhy1XEAJwcXJ6vLVo09ePL1raqJd3k6HBE9y/mvPt+9/E7rq2d6297T870/ehnRG10v/vG1T/0xXeI9PYfNR9Pi3/OOgDy1H847AhqhZYN/t+dbDQ6Ej5W/3Mw7Aq4tRMT9E3Xa/8km2nzbK/92rihNVmyfHk7bfz+bqy3T/vtwfPtM3hGQp28M5R0BebrzLO8IuD8cEYfq3f8rVObvq0qv6B3Vuf0a5Fhnev3/7ePasrev/4UnDaySFZ4OR3y1Zm7HczX5z/S0ZFtdlVuFbcn5C1PjhyJiZ0Tsj7Zt6Xb/KnX0D935eb3yz71I8//rpHr/L13S+qv3ArM4nrRue/PvxkbKI5vdb5Y9XYjY01ov/6/b/0mW6436fenWT+uVDx2ozCu6b/X88z4t/SpiX93j/3VvLVl1fta+yumgr3pSqOM3f/vPjXrlX/xhmv+LB+Q/P+nx37F6/ivn/1fz9c6tv47rf7j7ol75y3tp/n9xbSPn//bkO5UA27OyyyPl8qX+iPbk1NvlA+uPuVlVv4/q95Xmf/8X6l//q+2/JJsXuiciPrmBOhcezT6oV367kOb/zg8c//lJ8z+2xvGfvHH8r39l8a9f/lK9uvfeTPPf8921j//DlWD2ZyXaf2v7fxOUd5wAAAAAAAAANEah8pxOUii+Wi8UisXlcb6fjo7CVGmufPB8aX5mbPl5np5oK1SHenXXjAftz8aHVLcHVmwPZmNHbnZvr2wXR0tTY3nvPAAAADS5zohH37v+u9073tH/Tz3szjtKAAAAYDPS/n/Xo47KdF7/1c8HAACAppT2/5//5N9/Dv1/AAAAaFq1/X8AAACguX3z9Ol0War+7t9MaeLCxcnZ4wOHitPzo8XR0qXZ4kSpNFGZsW967c+bKpVm+wdi/nJfeXyu3Dd35erZ6dL8TPls5Xdjz463bcE+AWsr7vznrrxjAAAAts5mftffihUrzbqS95kJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDN+F8AAAD//4bu/XI=")
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.stat\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
getrandom(&(0x7f0000000280)=""/288, 0xfffffffffffffdfa, 0x1)

1.039790624s ago: executing program 4 (id=9034):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000002, 0x4008032, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0}, &(0x7f0000000040), &(0x7f0000000080)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1, 0x0, 0x6}, 0x18)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000037c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xd0}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee6, 0x8031, 0xffffffffffffffff, 0x9a167000)

927.911929ms ago: executing program 5 (id=9040):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket(0x1e, 0x805, 0x0)
connect$tipc(r2, &(0x7f00000003c0)=@id={0x1e, 0x3, 0x0, {0x4e21, 0x3}}, 0x10)
connect$tipc(r2, &(0x7f0000000000)=@id, 0x10)
close(r2)

895.11964ms ago: executing program 5 (id=9041):
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x30120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, @perf_bp={0x0}, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x494, &(0x7f0000000400)={0x0, 0x2003f73, 0x100, 0x4, 0x1a}, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000600)=<r2=>0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r0, 0x16, &(0x7f0000000040)={&(0x7f0000001000)={[{0x0, 0xffffffffffffff3a, 0x3, 0xf4}]}, 0x1, 0x1}, 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x20, 0x10, r3, 0x0, 0x0, 0x0, 0x2000, 0x1, {0x1}})
io_uring_enter(r0, 0x3516, 0xf4f5, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000640)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd020f4c0c8c56147d66527da307bf731fef97861750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3665f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447c2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0000000000000003629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d7b90dfae158b94f50adab988dd8e12b1b56073d0d10f7067c881434af5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf77bfc95769a9294df517d90bdc01e73835efd98ad5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b31592479ecf2392548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbe1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5646ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4766e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec859c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f250057931d828ec78e116ae46c4897e2795b6ff92e9a1f63a6ed8fb4f8f3a6ec4e76f8621e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403f02734137ff47257f164391c673b6071b6ad0f05eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb79f5589829b6b0679b5d65a81826fc9b38f791c8f1892b51ad65a89bc84646ebf78f5d5d4804d9abb071fd711b5e7cc163b42a6510b8f5ee6747df0b560eabe0499bf1fef7c18bb9f55effa018679845c6598fb78bf1b8d9d9f04a5f6062c2bbb91952755b3f7c948268cb647d0a0bb1286480615941154a01d23734bcafe3b164474e2f2efa77850686ee4541f3e79efa63545a7ae53d5f0c40cc86473f7eb093980bd0d97bb4750128d9c519984c5f731ea259e71b2f12d67ce12e52c283e74594dfc933e625737ed231d61263721d46daf093f770357cd78fe1431aef52b4a0a933f1a5334ad03f3876fc8a8e187f80318427b4c922075cf829e3cc49d71d52137"], 0x0}, 0x94)

652.284392ms ago: executing program 5 (id=9044):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a5df"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$inet6(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00', r2}, 0x10)
sendto$inet6(r0, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0)

593.369604ms ago: executing program 0 (id=9046):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty, 0xfffe0000}, 0x1c)
recvmmsg(r0, &(0x7f0000000400)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}, {&(0x7f0000000000)=""/40, 0x28}], 0x2}, 0x80000001}], 0x1, 0x832b, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r1, &(0x7f0000000440)={@val={0xa}, @void, @eth={@multicast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x29}, @void, {@ipv6={0x86dd, @udp={0xd, 0x6, '\x00 \b', 0x30, 0x11, 0xff, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @mcast2, {[], {0x4f19, 0x4e20, 0x30, 0x0, @gue={{0x1, 0x0, 0x2, 0x8, 0x100, @void}, "16ba1c33be9e3dd3131be124c53e53318de1d162ab4fbabe06a1e9f68c1783e3d351cbb0"}}}}}}}}, 0x6a)

592.411174ms ago: executing program 5 (id=9047):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$key(0xf, 0x3, 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r1}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=@ipv4_delrule={0x24, 0x21, 0x1, 0x0, 0x0, {}, [@FRA_FLOW={0x8, 0x18, 0x8b}]}, 0x24}}, 0x0)

571.312725ms ago: executing program 3 (id=9048):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_BIND_MAP(0xa, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x6, 0x0, &(0x7f0000000000), 0x0, 0x7f, 0x0, &(0x7f0000000180), 0x41000, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f00000003c0)={0x2, 0x3}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffa}, 0x94)
bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="18020000000000000000000000000000850000009b000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000009b00000095000000000000002f81c461b3fea834ceb0e17d9838c2830ca7ce46e581a192326a3698c79205e02f1561b0a3c595448e9f7024b45fb2006c9917fe2a42fcd2ce278009682dc8f7c867b177ec5bd50b92aedef35b6cd87b56690b4c96f63ab021ee1cf616d8af74911d5e51b76d2c31b8bece7b0f"], &(0x7f0000000080)='GPL\x00'}, 0x65)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000000)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

566.989225ms ago: executing program 5 (id=9049):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x80000, 0x0, 0x0, 0x41100}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
symlink(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
readlink(&(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000001200)=""/4096, 0x1000)

521.043668ms ago: executing program 5 (id=9050):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x12)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
write(r1, &(0x7f0000000a00)="c7885a8f24f4", 0x6)
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7ffff000)

493.697249ms ago: executing program 3 (id=9051):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000280)={0x1, &(0x7f0000000780)=[{0x200000000006, 0xf, 0x6, 0x7ffc1ffb}]})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x8042, 0x0)
fcntl$setlease(r2, 0x400, 0x1)
unlink(&(0x7f00000000c0)='./file1\x00')

452.22449ms ago: executing program 3 (id=9052):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x0)
r0 = socket$rds(0x15, 0x5, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
bind$rds(r0, &(0x7f0000000040)={0x2, 0x4e22, @loopback}, 0x10)
sendmsg$rds(r0, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000780)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0, 0x2c}, &(0x7f00000006c0)=[{&(0x7f0000000100)=""/44, 0x410200}], 0x1}}], 0x48}, 0x0)

363.116635ms ago: executing program 4 (id=9053):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0xfffffffe}, 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000000850000008600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = syz_io_uring_setup(0x5ef9, &(0x7f0000000280)={0x0, 0x3b4f, 0x1, 0x3, 0x14}, &(0x7f0000000240)=<r4=>0x0, &(0x7f0000000600))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r3, 0x7dd6, 0x8029, 0x1, 0x0, 0x0)
io_uring_enter(r3, 0x0, 0xe875, 0x9, 0x0, 0x0)

344.305665ms ago: executing program 2 (id=9055):
r0 = socket(0x23, 0x2, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r1, &(0x7f0000000340)={0xa, 0x5, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0xfffffffe}, 0x1c)
syz_genetlink_get_family_id$ethtool(0x0, r0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0}, 0x18)
close_range(r0, r1, 0x0)

327.490146ms ago: executing program 2 (id=9056):
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x12200, 0x0)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
io_setup(0x3ff, &(0x7f0000000500)=<r1=>0x0)
io_getevents(r1, 0x4, 0x4, &(0x7f00000019c0)=[{}, {}, {}, {}], 0x0)
io_submit(r1, 0x1, &(0x7f0000000300)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0}])
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
io_destroy(r1)

142.487014ms ago: executing program 2 (id=9057):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r0, 0x0, 0x1000}, 0x18)
creat(&(0x7f0000000080)='./bus\x00', 0x0)
mount(&(0x7f0000000100), &(0x7f0000000280)='./bus\x00', 0x0, 0x8c, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'veth0_macvtap\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x200, {0x0, 0x0, 0x0, r2, {0xfff2, 0x9}, {0x10}, {0x9, 0xd}}}, 0x24}, 0x1, 0x0, 0x0, 0xc0}, 0x0)

140.394134ms ago: executing program 3 (id=9058):
r0 = io_uring_setup(0x2e86, &(0x7f0000000100)={0x0, 0x3e0, 0x800, 0xfffffffc, 0x8a})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000000c0)='sched_switch\x00', r1}, 0x10)
r2 = eventfd2(0x0, 0x0)
io_uring_register$IORING_REGISTER_EVENTFD(r0, 0x4, &(0x7f0000000000)=r2, 0x1)
io_uring_register$IORING_REGISTER_BUFFERS2(r0, 0xf, &(0x7f0000001580)={0x3, 0x0, 0x0, &(0x7f00000014c0)=[{0x0}, {0x0}, {&(0x7f0000000280)=""/4094, 0xffe}], &(0x7f0000001540)=[0x0, 0x0, 0x4]}, 0x20)
read$eventfd(r2, &(0x7f0000000040), 0x8)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, &(0x7f0000001b00)={0x0, 0x0, &(0x7f0000001a80)=[{0x0}, {0x0}, {0x0}], 0x0, 0x3}, 0x20)

92.383726ms ago: executing program 4 (id=9059):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r0}, &(0x7f00000002c0), &(0x7f0000000300)=r1}, 0x20)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, 0x0, 0x0)
r2 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r2, 0x0, 0xc8, &(0x7f0000000000), 0x4)
setsockopt$inet_int(r2, 0x0, 0x5, &(0x7f0000000080)=0x6, 0x4)

74.342437ms ago: executing program 4 (id=9060):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
ioctl$TUNSETVNETLE(0xffffffffffffffff, 0x400454dc, &(0x7f00000003c0))
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000040)={0x90000005})
epoll_pwait(r2, &(0x7f0000000100)=[{}], 0x1, 0xfffeffff, 0x0, 0x443c000000000000)
epoll_pwait(r2, &(0x7f00000000c0)=[{}], 0x1, 0x101, 0x0, 0x0)
connect$unix(r0, &(0x7f0000000140)=@abs={0x0, 0x0, 0x4e20}, 0x6e)

53.272058ms ago: executing program 2 (id=9061):
r0 = socket(0x2, 0x80805, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
close(r0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={<r2=>0x0, 0x1c, &(0x7f0000000240)=[@in6={0xa, 0x4e21, 0x383, @dev={0xfe, 0x80, '\x00', 0x3c}, 0x4}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x7a, &(0x7f0000000340)={r2, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84)
sendmmsg$inet_sctp(r0, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="30000000000000008400000001000000000000017c"], 0x30}], 0x1, 0x0)
setsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000180)=@assoc_value={r2, 0x2}, 0x8)

35.353159ms ago: executing program 2 (id=9062):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
syz_genetlink_get_family_id$team(0x0, 0xffffffffffffffff)
timerfd_settime(0xffffffffffffffff, 0x2, 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x800)
ioctl$SG_GET_VERSION_NUM(r2, 0x2284, &(0x7f0000000080))

21.458099ms ago: executing program 3 (id=9063):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, &(0x7f0000000180), &(0x7f0000000380)}, 0x20)
ioctl$SNAPSHOT_S2RAM(0xffffffffffffffff, 0x330b)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f00000002c0)='rxrpc_peer\x00', r1}, 0x18)
r2 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r2, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x2, 0x2, 0x10, {0x2, 0x0, @broadcast}}, 0x80, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18}, 0x0)

1.16127ms ago: executing program 2 (id=9064):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000013000000850000008600000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
syz_read_part_table(0x1059, &(0x7f0000000000)="$eJzsz8FNw0AUBNDxYmRbogNa4Ewn7scHCuFMT0hUwDmX6EdeR0oHSQ7v3Uazs9IPD/WRlpxqfG+ZkyXJuWpK8nb0VdVakr+ehtuwP+q2ek3ycoRx2f/JsF3LVv+fa9/VsC++l6/5aH4zZf25150AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8MwuAQAA//9ZkRMF")
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x33}, 0x94)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000700)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb79100a6c52d922ba2a05dd42"], 0xfdef)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

0s ago: executing program 3 (id=9065):
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x600, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0xffffffffffffffa0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x33fabe53b73c3a5a, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1, 0x0, 0x40000000000000}, 0x18)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

or  pid=5541 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  210.001263][   T29] audit: type=1400 audit(2000000038.289:9884): avc:  denied  { ioctl } for  pid=5541 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=105 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  210.026974][   T29] audit: type=1400 audit(2000000038.299:9885): avc:  denied  { mounton } for  pid=21901 comm="syz.5.6665" path="/1111/file0" dev="tmpfs" ino=5779 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  210.049779][   T29] audit: type=1400 audit(2000000038.299:9886): avc:  denied  { mount } for  pid=21901 comm="syz.5.6665" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  210.072051][   T29] audit: type=1400 audit(2000000038.299:9887): avc:  denied  { watch watch_reads } for  pid=21901 comm="syz.5.6665" path="/1111/file0" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0"
[  210.099983][   T29] audit: type=1400 audit(2000000038.299:9888): avc:  denied  { prog_load } for  pid=21901 comm="syz.5.6665" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  210.146052][T21913] netdevsim netdevsim3 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  210.155935][T21913] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  210.182509][T21919] netlink: 'syz.5.6673': attribute type 1 has an invalid length.
[  210.196818][T21919] 8021q: adding VLAN 0 to HW filter on device bond5
[  210.212823][T21919] 8021q: adding VLAN 0 to HW filter on device batadv2
[  210.221677][T21919] bond5: (slave batadv2): making interface the new active one
[  210.231164][T21919] bond5: (slave batadv2): Enslaving as an active interface with an up link
[  210.249033][T21919] netlink: 'syz.5.6673': attribute type 13 has an invalid length.
[  210.249477][T21913] netdevsim netdevsim3 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  210.266714][T21913] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  210.336234][T21913] netdevsim netdevsim3 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  210.346241][T21913] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  210.401676][T21913] netdevsim netdevsim3 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  210.411647][T21913] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  210.433706][T21932] bond0: entered promiscuous mode
[  210.438766][T21932] gretap1: entered promiscuous mode
[  210.445274][T21932] batadv0: entered promiscuous mode
[  210.450652][T21932] batadv0: left promiscuous mode
[  210.470518][T21932] bond0: left promiscuous mode
[  210.475374][T21932] gretap1: left promiscuous mode
[  210.497964][T21935] 8021q: adding VLAN 0 to HW filter on device batadv0
[  210.525048][   T71] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  210.533371][   T71] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 20000 - 0
[  210.548578][   T71] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  210.556866][   T71] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 20000 - 0
[  210.569574][   T71] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  210.577806][   T71] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 20000 - 0
[  210.620729][   T71] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  210.629007][   T71] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 20000 - 0
[  211.034206][T21985] loop2: detected capacity change from 0 to 128
[  211.169266][T22001] loop4: detected capacity change from 0 to 512
[  211.204936][T22001] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  211.232356][ T3328] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  211.397640][T22024] netlink: 24 bytes leftover after parsing attributes in process `syz.2.6712'.
[  211.493159][T22043] vcan0 speed is unknown, defaulting to 1000
[  211.505720][T22047] bridge: RTM_NEWNEIGH with invalid ether address
[  211.528747][T22043] lo speed is unknown, defaulting to 1000
[  211.663848][T22066] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6732'.
[  211.683892][T22070] netlink: 14 bytes leftover after parsing attributes in process `syz.3.6730'.
[  211.718963][T22075] pim6reg: entered allmulticast mode
[  211.734953][T22075] pim6reg: left allmulticast mode
[  211.790859][T22088] netlink: 24 bytes leftover after parsing attributes in process `syz.5.6738'.
[  211.806021][T22088] IPVS: Error connecting to the multicast addr
[  211.818281][T22095] netlink: 'syz.2.6740': attribute type 1 has an invalid length.
[  211.838596][T22095] 8021q: adding VLAN 0 to HW filter on device bond6
[  211.873263][T22095] 8021q: adding VLAN 0 to HW filter on device batadv3
[  211.885971][T22095] bond6: (slave batadv3): making interface the new active one
[  211.905286][T22095] bond6: (slave batadv3): Enslaving as an active interface with an up link
[  211.924972][T22102] netlink: 'syz.2.6740': attribute type 13 has an invalid length.
[  211.987593][ T3564] netdevsim netdevsim2 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[  211.996123][ T3564] netdevsim netdevsim2 eth0: unset [1, 0] type 2 family 0 port 20000 - 0
[  212.009940][T22106] siw: device registration error -23
[  212.018934][ T3564] netdevsim netdevsim2 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[  212.027358][ T3564] netdevsim netdevsim2 eth1: unset [1, 0] type 2 family 0 port 20000 - 0
[  212.049389][ T3564] netdevsim netdevsim2 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[  212.057988][ T3564] netdevsim netdevsim2 eth2: unset [1, 0] type 2 family 0 port 20000 - 0
[  212.066895][ T3564] netdevsim netdevsim2 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[  212.075438][ T3564] netdevsim netdevsim2 eth3: unset [1, 0] type 2 family 0 port 20000 - 0
[  212.182095][T22127] loop2: detected capacity change from 0 to 512
[  212.188937][T22127] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  212.200512][T22127] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c028, mo2=0002]
[  212.208414][T22127] System zones: 1-12
[  212.213230][T22127] EXT4-fs (loop2): 1 truncate cleaned up
[  212.219194][T22127] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  212.254147][ T3327] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  212.911220][T22176] pim6reg: entered allmulticast mode
[  212.924052][T22178] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6776'.
[  212.939826][T22178] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6776'.
[  212.939883][T22176] pim6reg: left allmulticast mode
[  213.005329][T22181] loop5: detected capacity change from 0 to 512
[  213.024302][T22181] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  213.079739][T22190] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=22190 comm=syz.0.6780
[  213.098891][T22189] loop4: detected capacity change from 0 to 512
[  213.124661][ T5541] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  213.140285][T22189] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  213.177726][T22189] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c028, mo2=0002]
[  213.188411][T22197] netlink: 12 bytes leftover after parsing attributes in process `syz.5.6781'.
[  213.198008][T22189] System zones: 1-12
[  213.218376][T22189] EXT4-fs (loop4): 1 truncate cleaned up
[  213.228404][T22189] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  213.248979][T22197] netlink: 92 bytes leftover after parsing attributes in process `syz.5.6781'.
[  213.344350][ T3328] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  213.459798][T22214] bond0: entered promiscuous mode
[  213.472270][T22214] batadv0: entered promiscuous mode
[  213.485498][T22214] hsr1: Slave A (bond0) is not up; please bring it up to get a fully working HSR network
[  213.495468][T22214] hsr1: Slave B (batadv0) is not up; please bring it up to get a fully working HSR network
[  213.606685][T22214] 8021q: adding VLAN 0 to HW filter on device hsr1
[  213.637541][T22216] 8021q: adding VLAN 0 to HW filter on device batadv0
[  213.663889][T22218] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6792'.
[  213.686520][T22218] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6792'.
[  213.787700][T22237] .` (unregistering): (slave bond_slave_0): Releasing backup interface
[  213.798766][T22237] .` (unregistering): (slave bond_slave_1): Releasing backup interface
[  213.810932][T22237] .` (unregistering): (slave batadv0): Releasing backup interface
[  213.820976][T22237] .` (unregistering): Released all slaves
[  214.173210][T22272] loop5: detected capacity change from 0 to 256
[  214.184123][T22272] vfat: Unknown parameter 'ÿÿÿÿŽ)µÆÕ�š�©ñ"'
[  214.261142][T22286] loop5: detected capacity change from 0 to 1024
[  214.267906][T22286] EXT4-fs: inline encryption not supported
[  214.273999][T22286] EXT4-fs: Ignoring removed nobh option
[  214.279701][T22286] EXT4-fs: Ignoring removed bh option
[  214.286066][   T23] Process accounting resumed
[  214.316029][T22286] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  214.364874][T22299] veth0: entered promiscuous mode
[  214.373227][ T5541] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  214.379105][T22299] veth0: left promiscuous mode
[  214.398303][T22301] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=22301 comm=syz.5.6826
[  214.499053][T22311] bond0: entered promiscuous mode
[  214.504147][T22311] gretap1: entered promiscuous mode
[  214.510231][T22311] batadv0: entered promiscuous mode
[  214.515884][T22311] debugfs: 'hsr1' already exists in 'hsr'
[  214.521796][T22311] Cannot create hsr debugfs directory
[  214.527688][T22311] hsr1: Slave A (bond0) is not up; please bring it up to get a fully working HSR network
[  214.538048][T22311] hsr1: Slave B (batadv0) is not up; please bring it up to get a fully working HSR network
[  214.548719][T22311] 8021q: adding VLAN 0 to HW filter on device hsr1
[  214.614857][T22324] ip6gre2: entered promiscuous mode
[  214.620154][T22324] ip6gre2: entered allmulticast mode
[  214.626368][ T2516] ip6_tunnel: ip6gre2 xmit: Local address not yet configured!
[  214.633973][ T2516] ip6_tunnel: ip6gre2 xmit: Local address not yet configured!
[  214.642847][T22324] ip6_tunnel: ip6gre2 xmit: Local address not yet configured!
[  214.650882][ T3377] ip6_tunnel: ip6gre2 xmit: Local address not yet configured!
[  214.709762][T22334] loop5: detected capacity change from 0 to 128
[  214.731744][T22330] infiniband syz!: set down
[  214.736385][T22330] infiniband syz!: added team_slave_0
[  214.770473][T22330] RDS/IB: syz!: added
[  214.785467][T22345] batadv0: entered promiscuous mode
[  214.793495][T22345] debugfs: 'hsr1' already exists in 'hsr'
[  214.799248][T22345] Cannot create hsr debugfs directory
[  214.799306][T22330] smc: adding ib device syz! with port count 1
[  214.811451][T22330] smc:    ib device syz! port 1 has no pnetid
[  214.817857][T22345] hsr1: Slave A (bond0) is not up; please bring it up to get a fully working HSR network
[  214.827770][T22345] hsr1: Slave B (batadv0) is not up; please bring it up to get a fully working HSR network
[  214.838505][T22345] 8021q: adding VLAN 0 to HW filter on device hsr1
[  214.848851][T22346] ip6gre1: entered allmulticast mode
[  214.856007][T22349] 8021q: adding VLAN 0 to HW filter on device batadv0
[  214.889682][   T29] kauditd_printk_skb: 520 callbacks suppressed
[  214.889773][   T29] audit: type=1400 audit(2000000043.249:10409): avc:  denied  { create } for  pid=22352 comm="syz.4.6850" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  214.915800][   T29] audit: type=1400 audit(2000000043.249:10410): avc:  denied  { bind } for  pid=22352 comm="syz.4.6850" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  214.935482][   T29] audit: type=1400 audit(2000000043.249:10411): avc:  denied  { listen } for  pid=22352 comm="syz.4.6850" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  214.955333][   T29] audit: type=1400 audit(2000000043.249:10412): avc:  denied  { connect } for  pid=22352 comm="syz.4.6850" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  214.975286][   T29] audit: type=1400 audit(2000000043.249:10413): avc:  denied  { write } for  pid=22352 comm="syz.4.6850" path="socket:[57053]" dev="sockfs" ino=57053 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  215.040301][   T29] audit: type=1400 audit(2000000043.369:10414): avc:  denied  { create } for  pid=22351 comm="syz.2.6849" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  215.060193][   T29] audit: type=1400 audit(2000000043.379:10415): avc:  denied  { cmd } for  pid=22351 comm="syz.2.6849" path="socket:[57054]" dev="sockfs" ino=57054 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  215.083396][   T29] audit: type=1400 audit(2000000043.379:10416): avc:  denied  { setopt } for  pid=22351 comm="syz.2.6849" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  215.124945][   T29] audit: type=1400 audit(2000000043.489:10417): avc:  denied  { create } for  pid=22364 comm="syz.2.6855" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  215.184454][   T29] audit: type=1400 audit(2000000043.549:10418): avc:  denied  { write } for  pid=22364 comm="syz.2.6855" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  215.269698][   T23] ip6_tunnel: ip6gre2 xmit: Local address not yet configured!
[  215.319739][T22390] netlink: 'syz.0.6867': attribute type 1 has an invalid length.
[  215.336832][T22390] 8021q: adding VLAN 0 to HW filter on device bond5
[  215.354882][T22390] 8021q: adding VLAN 0 to HW filter on device batadv1
[  215.356510][T22390] bond5: (slave batadv1): making interface the new active one
[  215.357725][T22390] bond5: (slave batadv1): Enslaving as an active interface with an up link
[  215.393225][T22390] netlink: 'syz.0.6867': attribute type 13 has an invalid length.
[  215.740098][T22436] loop2: detected capacity change from 0 to 256
[  215.762080][T22436] vfat: Unknown parameter 'ÿÿÿÿŽ)µÆÕ�š�©ñ"'
[  216.227868][T22475] vcan0 speed is unknown, defaulting to 1000
[  216.263763][T22475] lo speed is unknown, defaulting to 1000
[  216.736270][T22499] __nla_validate_parse: 14 callbacks suppressed
[  216.736324][T22499] netlink: 24 bytes leftover after parsing attributes in process `syz.0.6910'.
[  216.983748][T22540] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6928'.
[  216.998812][T22540] netlink: 32 bytes leftover after parsing attributes in process `syz.4.6928'.
[  217.042687][T22545] netlink: 16 bytes leftover after parsing attributes in process `syz.5.6930'.
[  217.069219][T22551] netlink: 'syz.5.6933': attribute type 3 has an invalid length.
[  217.102602][T22556] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6935'.
[  217.232897][T22572] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6944'.
[  217.263469][T22572] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6944'.
[  217.293629][T22572] netlink: 3 bytes leftover after parsing attributes in process `syz.4.6944'.
[  217.358625][T22589] loop5: detected capacity change from 0 to 256
[  217.374198][T22587] netlink: 96 bytes leftover after parsing attributes in process `syz.4.6952'.
[  217.384291][T22589] FAT-fs (loop5): bogus number of FAT sectors
[  217.390445][T22589] FAT-fs (loop5): Can't find a valid FAT filesystem
[  217.416914][T22594] netlink: 20 bytes leftover after parsing attributes in process `syz.2.6953'.
[  217.491304][T22598] loop4: detected capacity change from 0 to 1024
[  217.562848][T22598] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  217.641289][T22618] netlink: 'syz.5.6963': attribute type 6 has an invalid length.
[  217.683326][ T3328] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  217.752995][T22627] 8021q: adding VLAN 0 to HW filter on device bond5
[  217.803440][T22627] vlan2: entered allmulticast mode
[  217.808634][T22627] bond5: entered allmulticast mode
[  217.869219][T22636] blktrace: Concurrent blktraces are not allowed on loop5
[  218.078957][T22655] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=4 sclass=netlink_route_socket pid=22655 comm=syz.3.6977
[  219.374444][T22715] netlink: 'syz.5.7001': attribute type 5 has an invalid length.
[  219.438501][T22715] netlink: 'syz.5.7001': attribute type 5 has an invalid length.
[  219.619314][T22742] random: crng reseeded on system resumption
[  219.630758][T22735] vhci_hcd: invalid port number 96
[  219.635886][T22735] vhci_hcd: default hub control req: 2000 vfffc i0060 l7
[  219.669173][T22739] vcan0 speed is unknown, defaulting to 1000
[  219.783436][T22739] lo speed is unknown, defaulting to 1000
[  219.913164][   T29] kauditd_printk_skb: 182 callbacks suppressed
[  219.913177][   T29] audit: type=1400 audit(2000000048.279:10601): avc:  denied  { read write } for  pid=22766 comm="syz.4.7023" name="loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  219.944263][   T29] audit: type=1400 audit(2000000048.279:10602): avc:  denied  { open } for  pid=22766 comm="syz.4.7023" path="/dev/loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  220.067402][   T29] audit: type=1400 audit(2000000048.419:10603): avc:  denied  { read } for  pid=22778 comm="syz.5.7027" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  220.090434][   T29] audit: type=1400 audit(2000000048.459:10604): avc:  denied  { mount } for  pid=22780 comm="syz.5.7029" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  220.152468][   T29] audit: type=1326 audit(2000000048.509:10605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22783 comm="syz.2.7031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f440775f749 code=0x7ffc0000
[  220.176624][   T29] audit: type=1326 audit(2000000048.509:10606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22783 comm="syz.2.7031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f440775f749 code=0x7ffc0000
[  220.200262][   T29] audit: type=1326 audit(2000000048.509:10607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22783 comm="syz.2.7031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f440775f749 code=0x7ffc0000
[  220.223874][   T29] audit: type=1326 audit(2000000048.509:10608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22783 comm="syz.2.7031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f440775f749 code=0x7ffc0000
[  220.247575][   T29] audit: type=1326 audit(2000000048.509:10609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22783 comm="syz.2.7031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f440775f749 code=0x7ffc0000
[  220.271286][   T29] audit: type=1326 audit(2000000048.509:10610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22783 comm="syz.2.7031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f440775f749 code=0x7ffc0000
[  220.405725][T22804] V*¤0£: renamed from dummy0
[  220.546836][T22818] loop4: detected capacity change from 0 to 2048
[  220.571341][T22818] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  220.756338][T22845] loop2: detected capacity change from 0 to 128
[  220.763227][T22845] vfat: Unknown parameter 'ÿÿÿÿÿÿÿÿ'
[  220.769624][ T3328] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.252557][T22908] loop5: detected capacity change from 0 to 512
[  221.259698][T22908] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  221.268576][T22908] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  221.293190][T22908] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4193: comm syz.5.7083: Allocating blocks 41-42 which overlap fs metadata
[  221.310871][T22908] EXT4-fs error (device loop5): ext4_acquire_dquot:6945: comm syz.5.7083: Failed to acquire dquot type 1
[  221.349837][T22908] EXT4-fs error (device loop5): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  221.371358][T22908] EXT4-fs error (device loop5): ext4_do_update_inode:5628: inode #12: comm syz.5.7083: corrupted inode contents
[  221.398119][T22908] EXT4-fs error (device loop5): ext4_dirty_inode:6513: inode #12: comm syz.5.7083: mark_inode_dirty error
[  221.409939][T22908] EXT4-fs error (device loop5): ext4_do_update_inode:5628: inode #12: comm syz.5.7083: corrupted inode contents
[  221.422316][T22908] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #12: comm syz.5.7083: mark_inode_dirty error
[  221.434501][T22908] EXT4-fs error (device loop5): ext4_do_update_inode:5628: inode #12: comm syz.5.7083: corrupted inode contents
[  221.447137][T22908] EXT4-fs error (device loop5) in ext4_orphan_del:301: Corrupt filesystem
[  221.455896][T22908] EXT4-fs error (device loop5): ext4_do_update_inode:5628: inode #12: comm syz.5.7083: corrupted inode contents
[  221.468018][T22908] EXT4-fs error (device loop5): ext4_truncate:4633: inode #12: comm syz.5.7083: mark_inode_dirty error
[  221.479411][T22908] EXT4-fs error (device loop5) in ext4_process_orphan:343: Corrupt filesystem
[  221.488606][T22908] EXT4-fs (loop5): 1 truncate cleaned up
[  221.494930][T22908] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  221.523164][T22908] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  221.563710][ T5541] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.729012][T22956] loop4: detected capacity change from 0 to 512
[  221.746704][T22957] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=22957 comm=syz.0.7106
[  221.759846][T22956] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  221.791613][T22956] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  221.820856][T22956] ext4 filesystem being mounted at /1351/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  221.873695][T22976] loop5: detected capacity change from 0 to 1024
[  221.892337][T22976] EXT4-fs: Ignoring removed orlov option
[  221.911170][ T3328] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  221.931482][T22976] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  221.964578][T22990] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=22990 comm=syz.4.7113
[  221.988411][ T5541] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.125466][T23021] __nla_validate_parse: 15 callbacks suppressed
[  222.125542][T23021] netlink: 60 bytes leftover after parsing attributes in process `syz.2.7126'.
[  222.140976][T23021] IPVS: Unknown mcast interface: 
[  222.515431][T23056] netlink: 12 bytes leftover after parsing attributes in process `syz.5.7142'.
[  222.528383][T23062] netlink: 8 bytes leftover after parsing attributes in process `wÞ£ÿ'.
[  222.618149][T23069] loop5: detected capacity change from 0 to 512
[  222.631398][T23069] EXT4-fs: Ignoring removed oldalloc option
[  222.641652][T23069] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  222.694041][ T5541] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.741904][T23080] netlink: 20 bytes leftover after parsing attributes in process `syz.5.7151'.
[  222.806509][T23087] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7155'.
[  222.817847][T23087] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7155'.
[  223.091348][T23123] netlink: 20 bytes leftover after parsing attributes in process `syz.0.7168'.
[  223.197373][T23139] vcan0 speed is unknown, defaulting to 1000
[  223.216639][T23142] loop5: detected capacity change from 0 to 512
[  223.252569][T23139] lo speed is unknown, defaulting to 1000
[  223.348194][T23151] loop5: detected capacity change from 0 to 1024
[  223.359031][T23151] EXT4-fs: Ignoring removed orlov option
[  223.382760][T23153] tmpfs: Turning off swap in unprivileged tmpfs mounts unsupported
[  223.392989][T23151] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  223.422979][ T5541] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.648596][T23172] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7189'.
[  223.856506][T23184] loop4: detected capacity change from 0 to 512
[  223.874196][T23184] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[  223.941848][T23184] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2
[  223.968486][T23184] EXT4-fs (loop4): 1 truncate cleaned up
[  223.981185][T23184] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  224.012007][ T3328] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.070731][T23207] netlink: 12 bytes leftover after parsing attributes in process `syz.4.7203'.
[  224.086888][T23207] 8021q: adding VLAN 0 to HW filter on device bond5
[  224.107938][T23207] vlan2: entered allmulticast mode
[  224.113215][T23207] bond5: entered allmulticast mode
[  224.258132][T23212] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7204'.
[  224.532099][T23227] unsupported nlmsg_type 40
[  225.226147][T23274] usb usb1: usbfs: interface 0 claimed by hub while 'syz.2.7230' sets config #1
[  225.251945][T23276] loop2: detected capacity change from 0 to 512
[  225.258911][T23276] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  225.271226][T23276] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 214 vs 220 free clusters
[  225.285954][T23276] EXT4-fs (loop2): 1 truncate cleaned up
[  225.292266][T23276] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  225.311921][   T29] kauditd_printk_skb: 290 callbacks suppressed
[  225.311934][   T29] audit: type=1400 audit(2000000053.679:10898): avc:  denied  { getopt } for  pid=23279 comm="syz.3.7232" lport=50164 faddr=fe80::27 fport=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  225.355246][ T3327] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  225.372903][   T29] audit: type=1400 audit(2000000053.739:10899): avc:  denied  { map } for  pid=23281 comm="syz.5.7233" path="socket:[61391]" dev="sockfs" ino=61391 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  225.396992][   T29] audit: type=1400 audit(2000000053.739:10900): avc:  denied  { read } for  pid=23281 comm="syz.5.7233" path="socket:[61391]" dev="sockfs" ino=61391 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  225.425287][T23286] netdevsim netdevsim3 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  225.435143][T23286] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  225.478375][   T29] audit: type=1326 audit(2000000053.839:10901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23293 comm="syz.5.7239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3667bf749 code=0x7ffc0000
[  225.518728][   T29] audit: type=1326 audit(2000000053.839:10902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23293 comm="syz.5.7239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3667bf749 code=0x7ffc0000
[  225.542426][   T29] audit: type=1326 audit(2000000053.839:10904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23293 comm="syz.5.7239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe3667bf749 code=0x7ffc0000
[  225.566290][   T29] audit: type=1326 audit(2000000053.839:10905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23293 comm="syz.5.7239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3667bf749 code=0x7ffc0000
[  225.589963][   T29] audit: type=1326 audit(2000000053.839:10906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23293 comm="syz.5.7239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3667bf749 code=0x7ffc0000
[  225.613630][   T29] audit: type=1326 audit(2000000053.839:10903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23293 comm="syz.5.7239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3667bf749 code=0x7ffc0000
[  225.637245][   T29] audit: type=1326 audit(2000000053.839:10907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23293 comm="syz.5.7239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3667bf749 code=0x7ffc0000
[  225.663955][T23286] netdevsim netdevsim3 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  225.673790][T23286] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  225.705971][T23305] tipc: Bearer <udp:syz0>: already 2 bearers with priority 10
[  225.713988][T23305] tipc: Bearer <udp:syz0>: trying with adjusted priority
[  225.721712][T23305] tipc: New replicast peer: 0.0.0.0
[  225.727237][T23305] tipc: Enabled bearer <udp:syz0>, priority 9
[  225.755017][T23286] netdevsim netdevsim3 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  225.764982][T23286] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  225.821868][T23286] netdevsim netdevsim3 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  225.831780][T23286] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  225.894468][   T12] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  225.902819][   T12] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 20000 - 0
[  225.918931][   T12] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  225.927367][   T12] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 20000 - 0
[  225.943994][   T12] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  225.952542][   T12] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 20000 - 0
[  225.972241][   T12] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  225.980477][   T12] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 20000 - 0
[  226.021393][T23321] vcan0 speed is unknown, defaulting to 1000
[  226.067856][T23321] lo speed is unknown, defaulting to 1000
[  226.538041][T23344] netlink: 'syz.4.7256': attribute type 1 has an invalid length.
[  226.569042][T23344] 8021q: adding VLAN 0 to HW filter on device bond6
[  226.595357][T23344] 8021q: adding VLAN 0 to HW filter on device batadv2
[  226.605164][T23344] bond6: (slave batadv2): making interface the new active one
[  226.614662][T23344] bond6: (slave batadv2): Enslaving as an active interface with an up link
[  226.643284][T23344] netlink: 'syz.4.7256': attribute type 13 has an invalid length.
[  226.779241][T23358] vlan2: entered allmulticast mode
[  227.048210][T23381] 8021q: adding VLAN 0 to HW filter on device bond7
[  227.065035][T23381] vlan3: entered allmulticast mode
[  227.070367][T23381] bond7: entered allmulticast mode
[  227.483882][T23394] netlink: 'syz.3.7279': attribute type 1 has an invalid length.
[  227.497555][T23394] 8021q: adding VLAN 0 to HW filter on device bond6
[  227.499135][T23399] __nla_validate_parse: 12 callbacks suppressed
[  227.499151][T23399] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7281'.
[  227.514800][T23394] 8021q: adding VLAN 0 to HW filter on device batadv3
[  227.528009][T23394] bond6: (slave batadv3): making interface the new active one
[  227.536644][T23394] bond6: (slave batadv3): Enslaving as an active interface with an up link
[  227.557738][T23394] netlink: 'syz.3.7279': attribute type 13 has an invalid length.
[  227.566912][T23399] netlink: 12 bytes leftover after parsing attributes in process `syz.5.7281'.
[  227.585132][T23404] netlink: 16 bytes leftover after parsing attributes in process `+}[@'.
[  227.636453][ T3584] netdevsim netdevsim3 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[  227.645020][ T3584] netdevsim netdevsim3 eth0: unset [1, 0] type 2 family 0 port 20000 - 0
[  227.678497][ T3584] netdevsim netdevsim3 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[  227.686914][ T3584] netdevsim netdevsim3 eth1: unset [1, 0] type 2 family 0 port 20000 - 0
[  227.696469][ T3584] netdevsim netdevsim3 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[  227.704926][ T3584] netdevsim netdevsim3 eth2: unset [1, 0] type 2 family 0 port 20000 - 0
[  227.715580][ T3584] netdevsim netdevsim3 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[  227.724199][ T3584] netdevsim netdevsim3 eth3: unset [1, 0] type 2 family 0 port 20000 - 0
[  227.780684][T23430] loop2: detected capacity change from 0 to 128
[  227.874236][T23446] bridge0: port 1(vlan2) entered blocking state
[  227.880570][T23446] bridge0: port 1(vlan2) entered disabled state
[  227.915581][T23446] vlan2: entered allmulticast mode
[  227.920849][T23446] bridge0: entered allmulticast mode
[  227.971836][T23446] vlan2: left allmulticast mode
[  227.976741][T23446] bridge0: left allmulticast mode
[  228.277415][T23474] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7314'.
[  228.294501][T23476] netlink: 64 bytes leftover after parsing attributes in process `syz.5.7315'.
[  228.308027][T23474] bond3: (slave macvlan1): Releasing backup interface
[  228.474643][T23504] netlink: 12 bytes leftover after parsing attributes in process `syz.5.7324'.
[  228.491476][T23506] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7326'.
[  228.500437][T23506] netlink: 'syz.0.7326': attribute type 30 has an invalid length.
[  228.512690][ T4155] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  228.521780][ T4155] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  228.530184][ T4155] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  228.538531][ T4155] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  228.782052][T23544] rdma_op ffff88811b0ef980 conn xmit_rdma 0000000000000000
[  228.913213][T23558] netlink: 'syz.0.7349': attribute type 1 has an invalid length.
[  228.926818][T23558] 8021q: adding VLAN 0 to HW filter on device bond6
[  228.945029][T23558] 8021q: adding VLAN 0 to HW filter on device batadv2
[  228.954159][T23558] bond6: (slave batadv2): making interface the new active one
[  228.962769][T23558] bond6: (slave batadv2): Enslaving as an active interface with an up link
[  228.979341][T23558] netlink: 'syz.0.7349': attribute type 13 has an invalid length.
[  228.999314][T23562] loop4: detected capacity change from 0 to 1024
[  229.006312][T23562] EXT4-fs: Ignoring removed nobh option
[  229.011972][T23562] EXT4-fs: Ignoring removed bh option
[  229.029104][T23562] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  229.029174][   T12] netdevsim netdevsim0 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[  229.029206][   T12] netdevsim netdevsim0 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[  229.079677][   T12] netdevsim netdevsim0 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[  229.092179][   T12] netdevsim netdevsim0 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[  229.108828][T23562] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4193: comm syz.4.7350: Allocating blocks 385-513 which overlap fs metadata
[  229.160313][T23562] EXT4-fs (loop4): pa ffff8881072419a0: logic 16, phys. 129, len 24
[  229.168438][T23562] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 8
[  229.249695][ T3328] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  229.268651][T23581] netlink: 12 bytes leftover after parsing attributes in process `syz.2.7357'.
[  229.277677][T23581] netlink: 12 bytes leftover after parsing attributes in process `syz.2.7357'.
[  229.337504][T23583] vcan0 speed is unknown, defaulting to 1000
[  229.377159][T23583] lo speed is unknown, defaulting to 1000
[  229.663546][T23619] netlink: 'syz.3.7375': attribute type 13 has an invalid length.
[  229.680510][T23619] gretap0: refused to change device tx_queue_len
[  229.701412][T23619] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  229.761363][T23627] loop5: detected capacity change from 0 to 512
[  229.767897][T23627] EXT4-fs: Ignoring removed i_version option
[  229.773932][T23627] EXT4-fs: Ignoring removed bh option
[  229.842707][T23627] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  229.859207][T23639] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=23639 comm=syz.3.7383
[  229.872118][T23627] ext4 filesystem being mounted at /1258/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  229.920917][ T5541] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  230.066341][T23661] pim6reg: entered allmulticast mode
[  230.078335][T23661] pim6reg: left allmulticast mode
[  230.088646][T23664] netlink: 204 bytes leftover after parsing attributes in process `syz.3.7393'.
[  230.170305][T23679] bond3: (slave macvlan1): Releasing backup interface
[  230.287690][T23699] loop2: detected capacity change from 0 to 256
[  230.325325][T23699] FAT-fs (loop2): bogus number of FAT sectors
[  230.331463][T23699] FAT-fs (loop2): Can't find a valid FAT filesystem
[  230.872106][T23741] sch_tbf: peakrate 7 is lower than or equals to rate 19 !
[  230.897346][T23743] netlink: 'syz.4.7420': attribute type 10 has an invalid length.
[  230.905351][T23743] netlink: 'syz.4.7420': attribute type 11 has an invalid length.
[  231.235214][   T29] kauditd_printk_skb: 198 callbacks suppressed
[  231.235227][   T29] audit: type=1400 audit(2000000059.599:11106): avc:  denied  { create } for  pid=23776 comm="syz.0.7432" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  231.261614][   T29] audit: type=1400 audit(2000000059.599:11107): avc:  denied  { ioctl } for  pid=23776 comm="syz.0.7432" path="socket:[63509]" dev="sockfs" ino=63509 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  231.286708][   T29] audit: type=1326 audit(2000000059.639:11108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23780 comm="syz.0.7434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58c1c8f749 code=0x7ffc0000
[  231.310417][   T29] audit: type=1326 audit(2000000059.639:11109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23780 comm="syz.0.7434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58c1c8f749 code=0x7ffc0000
[  231.334211][   T29] audit: type=1326 audit(2000000059.639:11110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23780 comm="syz.0.7434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f58c1c8f749 code=0x7ffc0000
[  231.357799][   T29] audit: type=1326 audit(2000000059.639:11111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23780 comm="syz.0.7434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58c1c8f749 code=0x7ffc0000
[  231.381508][   T29] audit: type=1326 audit(2000000059.639:11112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23780 comm="syz.0.7434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58c1c8f749 code=0x7ffc0000
[  231.405099][   T29] audit: type=1326 audit(2000000059.639:11113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23780 comm="syz.0.7434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f58c1c8f749 code=0x7ffc0000
[  231.428891][   T29] audit: type=1326 audit(2000000059.649:11114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23780 comm="syz.0.7434" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f58c1c8f749 code=0x0
[  231.477004][T23785] loop2: detected capacity change from 0 to 128
[  231.484107][   T29] audit: type=1326 audit(2000000059.659:11115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23766 comm="syz.3.7429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa16b27f749 code=0x7fc00000
[  231.663750][T23797] openvswitch: netlink: Key 0 has unexpected len 2 expected 0
[  232.502528][T23844] validate_nla: 1 callbacks suppressed
[  232.502542][T23844] netlink: 'syz.5.7460': attribute type 1 has an invalid length.
[  232.654717][T23844] 8021q: adding VLAN 0 to HW filter on device bond6
[  232.698829][T23846] bond6 (unregistering): Released all slaves
[  232.928116][T23860] __nla_validate_parse: 4 callbacks suppressed
[  232.928132][T23860] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7466'.
[  232.975599][T23860] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7466'.
[  233.010134][T23860] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7466'.
[  233.026378][T23860] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7466'.
[  233.042642][T23860] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7466'.
[  233.116896][T23874] loop5: detected capacity change from 0 to 512
[  233.131331][T23874] EXT4-fs: Ignoring removed nomblk_io_submit option
[  233.147305][T23874] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  233.162685][T23876] netlink: 14 bytes leftover after parsing attributes in process `syz.3.7471'.
[  233.174862][T23874] EXT4-fs (loop5): 1 truncate cleaned up
[  233.200327][T23876] hsr_slave_0: left promiscuous mode
[  233.202257][T23874] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  233.223366][T23876] hsr_slave_1: left promiscuous mode
[  233.288064][T23808] syz.2.7445 (23808) used greatest stack depth: 6072 bytes left
[  233.483693][ T5541] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  233.872945][T23928] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7491'.
[  233.882053][T23928] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7491'.
[  233.898699][T23928] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7491'.
[  233.907800][T23928] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7491'.
[  234.195566][T23955] loop4: detected capacity change from 0 to 512
[  234.340140][T23955] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.7503: inode has both inline data and extents flags
[  234.393292][T23955] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.7503: couldn't read orphan inode 15 (err -117)
[  234.416378][T23955] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  234.983810][ T3328] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  235.196231][T24019] loop2: detected capacity change from 0 to 8192
[  235.237301][T24028] vcan0 speed is unknown, defaulting to 1000
[  235.328353][T24028] lo speed is unknown, defaulting to 1000
[  236.271188][   T29] kauditd_printk_skb: 108 callbacks suppressed
[  236.271202][   T29] audit: type=1326 audit(2000000064.639:11224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24126 comm="syz.3.7570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa16b27f749 code=0x7ffc0000
[  236.304533][   T29] audit: type=1326 audit(2000000064.669:11225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24126 comm="syz.3.7570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa16b27f749 code=0x7ffc0000
[  236.328295][   T29] audit: type=1326 audit(2000000064.669:11226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24126 comm="syz.3.7570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa16b27f749 code=0x7ffc0000
[  236.352549][   T29] audit: type=1326 audit(2000000064.669:11227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24126 comm="syz.3.7570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa16b27f749 code=0x7ffc0000
[  236.378806][   T29] audit: type=1326 audit(2000000064.739:11228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24126 comm="syz.3.7570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa16b27f749 code=0x7ffc0000
[  236.402376][   T29] audit: type=1326 audit(2000000064.739:11229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24126 comm="syz.3.7570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa16b27f749 code=0x7ffc0000
[  236.426098][   T29] audit: type=1326 audit(2000000064.739:11230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24126 comm="syz.3.7570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa16b27f749 code=0x7ffc0000
[  236.470869][T24138] netlink: 'syz.4.7574': attribute type 8 has an invalid length.
[  236.504123][   T29] audit: type=1400 audit(2000000064.869:11231): avc:  denied  { create } for  pid=24139 comm="syz.3.7575" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  236.533326][   T29] audit: type=1400 audit(2000000064.899:11232): avc:  denied  { mounton } for  pid=24139 comm="syz.3.7575" path="/1603/file0" dev="tmpfs" ino=8268 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  236.594707][T24148] netlink: 'syz.5.7579': attribute type 83 has an invalid length.
[  236.604685][T24152] ref_ctr_offset mismatch. inode: 0x1dbe offset: 0x0 ref_ctr_offset(old): 0x200000000440 ref_ctr_offset(new): 0x200000000180
[  236.689794][   T29] audit: type=1400 audit(2000000065.059:11233): avc:  denied  { unlink } for  pid=3323 comm="syz-executor" name="file0" dev="tmpfs" ino=8268 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  236.835961][T24182] loop4: detected capacity change from 0 to 2048
[  236.852982][T24182] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  236.880122][T24193] netlink: 'syz.3.7597': attribute type 1 has an invalid length.
[  236.895541][T24193] 8021q: adding VLAN 0 to HW filter on device bond7
[  237.090565][ T3328] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  237.290336][T24223] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=24223 comm=syz.4.7608
[  237.302972][T24223] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=24223 comm=syz.4.7608
[  237.543195][T24257] macvtap0: entered promiscuous mode
[  237.549185][T24257] macvtap0: left promiscuous mode
[  237.591036][T24261] loop4: detected capacity change from 0 to 128
[  237.608546][T24264] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=24264 comm=syz.3.7628
[  237.620267][T24261] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  237.628851][T24261] FAT-fs (loop4): Filesystem has been set read-only
[  237.647127][T24261] bio_check_eod: 214 callbacks suppressed
[  237.647143][T24261] syz.4.7627: attempt to access beyond end of device
[  237.647143][T24261] loop4: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  237.676575][T24261] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  237.684454][T24261] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  237.696457][T24261] syz.4.7627: attempt to access beyond end of device
[  237.696457][T24261] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  237.725946][T24261] syz.4.7627: attempt to access beyond end of device
[  237.725946][T24261] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  238.131410][T24323] __nla_validate_parse: 2 callbacks suppressed
[  238.131425][T24323] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7650'.
[  238.150422][T24323] ip6gre2: entered allmulticast mode
[  238.464189][T24337] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  238.473722][T24337] vhci_hcd: invalid port number 96
[  238.478855][T24337] vhci_hcd: default hub control req: 0300 vfffa i0060 l0
[  238.653216][T24357] netlink: 24 bytes leftover after parsing attributes in process `syz.2.7666'.
[  238.684706][T24357] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7666'.
[  239.075705][T24392] netlink: 20 bytes leftover after parsing attributes in process `syz.4.7680'.
[  239.641735][T24427] netlink: 'syz.3.7696': attribute type 22 has an invalid length.
[  239.649673][T24427] netlink: 16 bytes leftover after parsing attributes in process `syz.3.7696'.
[  239.876407][T24461] loop2: detected capacity change from 0 to 512
[  239.910454][T24461] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  239.949719][T24461] ext4 filesystem being mounted at /1490/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  240.000429][T24470] netlink: 12 bytes leftover after parsing attributes in process `syz.5.7713'.
[  240.011834][ T3327] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  240.091625][T24484] netlink: 12 bytes leftover after parsing attributes in process `syz.0.7720'.
[  240.355476][T24516] netlink: 24 bytes leftover after parsing attributes in process `syz.0.7732'.
[  240.632413][T24532] pim6reg: entered allmulticast mode
[  240.639533][T24532] pim6reg: left allmulticast mode
[  241.100958][T24528] Set syz1 is full, maxelem 65536 reached
[  241.212784][T24556] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=24556 comm=syz.2.7749
[  241.392393][T24575] netlink: 48 bytes leftover after parsing attributes in process `syz.2.7756'.
[  241.453913][T24580] netlink: 'syz.2.7758': attribute type 3 has an invalid length.
[  241.617424][T24617] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7773'.
[  241.631702][T24617] ip6gre1: entered allmulticast mode
[  241.783759][T24648] ip6gre2: entered allmulticast mode
[  241.803760][   T29] kauditd_printk_skb: 114 callbacks suppressed
[  241.803775][   T29] audit: type=1326 audit(2000000070.169:11348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24653 comm="syz.2.7790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f440775f749 code=0x7ffc0000
[  241.835858][   T29] audit: type=1326 audit(2000000070.199:11349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24653 comm="syz.2.7790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f440775f749 code=0x7ffc0000
[  241.859492][   T29] audit: type=1326 audit(2000000070.199:11350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24653 comm="syz.2.7790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f440775f749 code=0x7ffc0000
[  241.883512][   T29] audit: type=1326 audit(2000000070.199:11351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24653 comm="syz.2.7790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f440775f749 code=0x7ffc0000
[  241.908926][   T29] audit: type=1326 audit(2000000070.279:11352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24653 comm="syz.2.7790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f440775f749 code=0x7ffc0000
[  241.932665][   T29] audit: type=1326 audit(2000000070.279:11353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24653 comm="syz.2.7790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f440775f749 code=0x7ffc0000
[  241.956180][   T29] audit: type=1326 audit(2000000070.279:11354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24653 comm="syz.2.7790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f440775f749 code=0x7ffc0000
[  241.980270][   T29] audit: type=1326 audit(2000000070.279:11355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24653 comm="syz.2.7790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f440775df90 code=0x7ffc0000
[  242.003944][   T29] audit: type=1326 audit(2000000070.279:11356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24653 comm="syz.2.7790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f440775f749 code=0x7ffc0000
[  242.027547][   T29] audit: type=1326 audit(2000000070.279:11357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24653 comm="syz.2.7790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f440775f749 code=0x7ffc0000
[  242.039578][T24661] 9pnet_fd: Insufficient options for proto=fd
[  242.429051][T24706] block device autoloading is deprecated and will be removed.
[  242.886811][T24741] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=24741 comm=syz.4.7825
[  242.899400][T24741] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=24741 comm=syz.4.7825
[  242.973345][T24753] netem: change failed
[  243.155515][T24771] __nla_validate_parse: 4 callbacks suppressed
[  243.155531][T24771] netlink: 24 bytes leftover after parsing attributes in process `syz.5.7838'.
[  243.422287][T24810] netlink: 24 bytes leftover after parsing attributes in process `syz.4.7852'.
[  243.741655][T24828] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7859'.
[  243.751261][T24828] netlink: 12 bytes leftover after parsing attributes in process `syz.3.7859'.
[  244.349711][T15629] Bluetooth: hci0: command 0x1003 tx timeout
[  244.357038][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  244.805638][T24953] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7889'.
[  244.840447][T24961] tipc: Failed to remove unknown binding: 66,1,1/2886997007:1070186418/1070186420
[  244.850306][T24961] tipc: Failed to remove unknown binding: 66,1,1/2886997007:1070186418/1070186420
[  244.897763][T24973] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7894'.
[  244.914384][T24973] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7894'.
[  244.930851][T24977] netlink: 96 bytes leftover after parsing attributes in process `syz.0.7895'.
[  245.145083][T25001] loop2: detected capacity change from 0 to 8192
[  245.202695][T25001]  loop2: p1 p2 p3 p4
[  245.206733][T25001] loop2: p1 size 196608 extends beyond EOD, truncated
[  245.225325][T25001] loop2: p2 start 164919041 is beyond EOD, truncated
[  245.232160][T25001] loop2: p3 size 66846464 extends beyond EOD, truncated
[  245.242981][T25001] loop2: p4 size 37048832 extends beyond EOD, truncated
[  245.812115][T25111] netlink: 96 bytes leftover after parsing attributes in process `syz.5.7924'.
[  245.904062][T25131] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7928'.
[  246.001702][T25148] loop2: detected capacity change from 0 to 512
[  246.026596][T25148] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 1, start 00000101)
[  246.271752][T25198] serio: Serial port ttyS3
[  246.371747][T25209] loop4: detected capacity change from 0 to 128
[  246.383058][T25209] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  246.399996][T25209] ext4 filesystem being mounted at /1500/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  246.497609][ T3328] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  246.506839][T25219] netlink: 'syz.3.7946': attribute type 10 has an invalid length.
[  246.525684][T25225] loop4: detected capacity change from 0 to 512
[  246.532894][T25219] ipvlan2: entered promiscuous mode
[  246.538785][T25219] bridge0: port 1(ipvlan2) entered blocking state
[  246.545263][T25219] bridge0: port 1(ipvlan2) entered disabled state
[  246.552178][T25219] ipvlan2: entered allmulticast mode
[  246.557487][T25219] bridge0: entered allmulticast mode
[  246.563519][T25219] ipvlan2: left allmulticast mode
[  246.568665][T25219] bridge0: left allmulticast mode
[  246.581268][T25225] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  246.594022][T25225] ext4 filesystem being mounted at /1501/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  246.610706][T25225] EXT4-fs error (device loop4): ext4_do_update_inode:5628: inode #2: comm syz.4.7944: corrupted inode contents
[  246.622978][T25225] EXT4-fs error (device loop4): ext4_dirty_inode:6513: inode #2: comm syz.4.7944: mark_inode_dirty error
[  246.634635][T25225] EXT4-fs error (device loop4): ext4_do_update_inode:5628: inode #2: comm syz.4.7944: corrupted inode contents
[  246.646763][T25225] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #2: comm syz.4.7944: mark_inode_dirty error
[  246.691675][T25233] veth0_vlan: left promiscuous mode
[  246.696902][T25233] veth0_vlan: entered allmulticast mode
[  246.704448][ T3328] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  246.715351][T25233] veth0_vlan: entered promiscuous mode
[  246.888783][   T29] kauditd_printk_skb: 166 callbacks suppressed
[  246.888797][   T29] audit: type=1400 audit(2000000075.249:11524): avc:  denied  { relabelfrom } for  pid=25269 comm="syz.4.7966" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  246.915066][   T29] audit: type=1400 audit(2000000075.249:11525): avc:  denied  { relabelto } for  pid=25269 comm="syz.4.7966" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  247.027411][T25286] loop5: detected capacity change from 0 to 128
[  247.035935][T25286] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  247.049872][T25286] ext4 filesystem being mounted at /1372/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  247.077181][ T5541] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  247.361130][   T29] audit: type=1326 audit(2000000075.729:11526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25307 comm="syz.3.7982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa16b27f749 code=0x7ffc0000
[  247.421030][   T29] audit: type=1326 audit(2000000075.729:11527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25307 comm="syz.3.7982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa16b27f749 code=0x7ffc0000
[  247.444637][   T29] audit: type=1326 audit(2000000075.729:11528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25307 comm="syz.3.7982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa16b27f749 code=0x7ffc0000
[  247.468285][   T29] audit: type=1326 audit(2000000075.729:11529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25307 comm="syz.3.7982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa16b27f749 code=0x7ffc0000
[  247.491935][   T29] audit: type=1326 audit(2000000075.729:11530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25307 comm="syz.3.7982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=277 compat=0 ip=0x7fa16b27f749 code=0x7ffc0000
[  247.515834][   T29] audit: type=1326 audit(2000000075.729:11531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25307 comm="syz.3.7982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa16b27f749 code=0x7ffc0000
[  247.539485][   T29] audit: type=1326 audit(2000000075.729:11532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25307 comm="syz.3.7982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=251 compat=0 ip=0x7fa16b27f749 code=0x7ffc0000
[  247.563163][   T29] audit: type=1326 audit(2000000075.729:11533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25307 comm="syz.3.7982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa16b27f749 code=0x7ffc0000
[  247.955114][T25337] loop5: detected capacity change from 0 to 512
[  247.990363][T25337] EXT4-fs error (device loop5): ext4_orphan_get:1418: comm syz.5.7995: bad orphan inode 11862016
[  248.010350][T25337] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  248.023393][T25337] ext4 filesystem being mounted at /1378/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  248.035985][T25370] loop2: detected capacity change from 0 to 512
[  248.067107][T25370] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 548)
[  248.076032][T25370] FAT-fs (loop2): Filesystem has been set read-only
[  248.083031][T25370] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 548)
[  248.230153][ T5541] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  248.270087][T25370] FAT-fs (loop2): error, fat_get_cluster: detected the cluster chain loop (i_pos 548)
[  248.454706][T25370] FAT-fs (loop2): error, fat_get_cluster: detected the cluster chain loop (i_pos 548)
[  248.616677][T25403] __nla_validate_parse: 8 callbacks suppressed
[  248.616692][T25403] netlink: 24 bytes leftover after parsing attributes in process `syz.0.8018'.
[  248.654522][T25370] FAT-fs (loop2): error, fat_get_cluster: detected the cluster chain loop (i_pos 548)
[  248.872547][T25370] FAT-fs (loop2): error, fat_get_cluster: detected the cluster chain loop (i_pos 548)
[  249.062421][T25370] FAT-fs (loop2): error, fat_get_cluster: detected the cluster chain loop (i_pos 548)
[  249.112160][T25413] loop2: detected capacity change from 0 to 128
[  249.139569][T25413] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  249.184224][T25413] ext4 filesystem being mounted at /1542/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  249.302932][ T3327] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  249.645122][T25426] loop2: detected capacity change from 0 to 8192
[  249.787563][T25433] IPVS: Scheduler module ip_vs_ not found
[  249.883136][T25446] netlink: 664 bytes leftover after parsing attributes in process `syz.4.8036'.
[  250.309096][T25463] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8043'.
[  250.323702][T25463] batman_adv: batadv0: Removing interface: batadv_slave_0
[  250.340019][T25441] Set syz1 is full, maxelem 65536 reached
[  250.349515][T25463] batman_adv: batadv0: Removing interface: batadv_slave_1
[  250.430347][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  250.543077][T25484] netlink: 28 bytes leftover after parsing attributes in process `syz.4.8052'.
[  250.582255][T25491] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8056'.
[  250.808962][T25494] netlink: 'syz.3.8059': attribute type 3 has an invalid length.
[  250.924344][T25511] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8065'.
[  251.096934][T25524] ALSA: seq fatal error: cannot create timer (-22)
[  251.147894][T25497] Set syz1 is full, maxelem 65536 reached
[  251.162400][T25528] netlink: 8 bytes leftover after parsing attributes in process `syz.5.8072'.
[  251.201171][T25528] netlink: 8 bytes leftover after parsing attributes in process `syz.5.8072'.
[  251.249350][T25540] loop2: detected capacity change from 0 to 512
[  251.274135][T25540] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  251.320379][T25540] EXT4-fs (loop2): 1 truncate cleaned up
[  251.326551][T25540] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  251.390627][ T4550] Bluetooth: hci0: Frame reassembly failed (-84)
[  251.414788][ T3327] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  251.472190][T25553] loop2: detected capacity change from 0 to 128
[  251.505986][T25553] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  251.555447][T25553] ext4 filesystem being mounted at /1558/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  251.566329][T25560] netlink: 24 bytes leftover after parsing attributes in process `syz.3.8084'.
[  251.646518][ T3327] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  251.680296][T25565] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8087'.
[  251.744969][T25571] loop2: detected capacity change from 0 to 164
[  251.754848][T25571] syz.2.8089: attempt to access beyond end of device
[  251.754848][T25571] loop2: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  251.768389][T25565] bond8: (slave ip6tnl2): The slave device specified does not support setting the MAC address
[  251.790863][T25565] bond8: (slave ip6tnl2): Error -95 calling set_mac_address
[  251.809761][T25571] syz.2.8089: attempt to access beyond end of device
[  251.809761][T25571] loop2: rw=0, sector=263328, nr_sectors = 4 limit=164
[  251.988298][T25585] netlink: 'syz.3.8096': attribute type 83 has an invalid length.
[  252.112993][   T29] kauditd_printk_skb: 70 callbacks suppressed
[  252.113042][   T29] audit: type=1326 audit(2000000080.479:11604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25596 comm="syz.5.8103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3667bf749 code=0x7ffc0000
[  252.164173][   T29] audit: type=1326 audit(2000000080.479:11605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25596 comm="syz.5.8103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3667bf749 code=0x7ffc0000
[  252.187908][   T29] audit: type=1326 audit(2000000080.509:11606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25596 comm="syz.5.8103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7fe3667bf749 code=0x7ffc0000
[  252.234309][   T29] audit: type=1326 audit(2000000080.599:11608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25605 comm="syz.5.8103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fe3667f2005 code=0x7ffc0000
[  252.258424][   T29] audit: type=1326 audit(2000000080.599:11607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25596 comm="syz.5.8103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3667bf749 code=0x7ffc0000
[  252.282016][   T29] audit: type=1326 audit(2000000080.629:11609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25596 comm="syz.5.8103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3667bf749 code=0x7ffc0000
[  252.340273][   T29] audit: type=1326 audit(2000000080.699:11610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25596 comm="syz.5.8103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe3667bf749 code=0x7ffc0000
[  252.364152][   T29] audit: type=1326 audit(2000000080.699:11611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25596 comm="syz.5.8103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3667bf749 code=0x7ffc0000
[  252.387710][   T29] audit: type=1326 audit(2000000080.699:11612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25596 comm="syz.5.8103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe3667bf749 code=0x7ffc0000
[  252.411342][   T29] audit: type=1326 audit(2000000080.699:11613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25596 comm="syz.5.8103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3667bf749 code=0x7ffc0000
[  252.526934][T25626] SELinux:  Context ? is not valid (left unmapped).
[  252.579121][T25607] loop2: detected capacity change from 0 to 512
[  252.614095][T25607] EXT4-fs error (device loop2): ext4_orphan_get:1418: comm syz.2.8107: bad orphan inode 11862016
[  252.625939][T25634] netlink: 'syz.3.8112': attribute type 13 has an invalid length.
[  252.633815][T25634] netlink: 'syz.3.8112': attribute type 27 has an invalid length.
[  252.642362][T25607] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  252.683254][T25607] ext4 filesystem being mounted at /1570/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  252.839219][ T3327] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  253.471517][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  253.916052][T25744] ip6t_rpfilter: unknown options
[  253.931937][T25749] __nla_validate_parse: 7 callbacks suppressed
[  253.931992][T25749] netlink: 55631 bytes leftover after parsing attributes in process `syz.3.8159'.
[  254.023272][T25761] vcan0 speed is unknown, defaulting to 1000
[  254.065148][   T23] hid_parser_main: 19 callbacks suppressed
[  254.065174][   T23] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  254.078458][   T23] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  254.085906][   T23] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  254.112243][   T23] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  254.119715][   T23] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  254.127141][   T23] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  254.134581][   T23] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  254.141982][   T23] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  254.149486][   T23] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  254.152584][T25761] lo speed is unknown, defaulting to 1000
[  254.156968][   T23] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  254.171182][   T23] hid-generic 0000:0000:0000.0008: hidraw0: <UNKNOWN> HID v8.00 Device [syz0] on syz0
[  254.202490][T25778] netlink: 'syz.2.8178': attribute type 3 has an invalid length.
[  254.285939][T25787] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8182'.
[  254.331958][T25791] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8184'.
[  254.362947][ T3608] smc: removing ib device syz1
[  254.472673][T25801] lo speed is unknown, defaulting to 1000
[  255.156162][T25881] macvlan1: entered promiscuous mode
[  255.175828][T25881] ipvlan0: entered promiscuous mode
[  255.201419][T25881] ipvlan0: left promiscuous mode
[  255.221968][T25881] macvlan1: left promiscuous mode
[  255.455372][T25919] loop4: detected capacity change from 0 to 1024
[  255.467895][T25919] EXT4-fs: Ignoring removed mblk_io_submit option
[  255.548176][T25919] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  255.566283][T25929] netlink: 24 bytes leftover after parsing attributes in process `syz.2.8244'.
[  255.601489][T25932] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=25932 comm=syz.0.8245
[  255.614992][ T3328] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  255.740619][T25945] netlink: 96 bytes leftover after parsing attributes in process `syz.3.8249'.
[  255.896118][T25955] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 !
[  256.345145][T25983] loop5: detected capacity change from 0 to 256
[  256.463289][T26000] serio: Serial port ptm0
[  256.627239][T26024] netlink: 20 bytes leftover after parsing attributes in process `syz.3.8284'.
[  256.708215][T26036] netlink: 4 bytes leftover after parsing attributes in process `syz.5.8289'.
[  257.075762][T26060] netlink: 64 bytes leftover after parsing attributes in process `syz.5.8299'.
[  257.136116][T26064] netlink: 87 bytes leftover after parsing attributes in process `syz.5.8301'.
[  257.179513][   T29] kauditd_printk_skb: 124 callbacks suppressed
[  257.179527][   T29] audit: type=1326 audit(2000000085.539:11738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26067 comm="syz.5.8303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3667bf749 code=0x7ffc0000
[  257.209999][   T29] audit: type=1326 audit(2000000085.579:11739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26067 comm="syz.5.8303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe3667bf749 code=0x7ffc0000
[  257.233781][   T29] audit: type=1326 audit(2000000085.579:11740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26067 comm="syz.5.8303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3667bf749 code=0x7ffc0000
[  257.257511][   T29] audit: type=1326 audit(2000000085.579:11741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26067 comm="syz.5.8303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=221 compat=0 ip=0x7fe3667bf749 code=0x7ffc0000
[  257.281205][   T29] audit: type=1326 audit(2000000085.579:11742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26067 comm="syz.5.8303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3667bf749 code=0x7ffc0000
[  257.305480][   T29] audit: type=1326 audit(2000000085.669:11743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26067 comm="syz.5.8303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3667bf749 code=0x7ffc0000
[  257.386230][   T29] audit: type=1326 audit(2000000085.749:11744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26010 comm="syz.2.8278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f440775f749 code=0x7ffc0000
[  257.477206][T26039] syz.0.8290 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=0
[  257.491107][T26039] CPU: 0 UID: 0 PID: 26039 Comm: syz.0.8290 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  257.491197][T26039] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  257.491213][T26039] Call Trace:
[  257.491219][T26039]  <TASK>
[  257.491225][T26039]  __dump_stack+0x1d/0x30
[  257.491240][T26039]  dump_stack_lvl+0xe8/0x140
[  257.491250][T26039]  dump_stack+0x15/0x1b
[  257.491260][T26039]  dump_header+0x81/0x220
[  257.491270][T26039]  oom_kill_process+0x342/0x400
[  257.491287][T26039]  out_of_memory+0x979/0xb80
[  257.491300][T26039]  try_charge_memcg+0x610/0xa10
[  257.491320][T26039]  obj_cgroup_charge_pages+0xa6/0x150
[  257.491337][T26039]  __memcg_kmem_charge_page+0x9f/0x170
[  257.491352][T26039]  __alloc_frozen_pages_noprof+0x188/0x360
[  257.491367][T26039]  alloc_pages_mpol+0xb3/0x260
[  257.491399][T26039]  alloc_pages_noprof+0x90/0x130
[  257.491413][T26039]  __vmalloc_node_range_noprof+0x7a5/0xed0
[  257.491462][T26039]  __kvmalloc_node_noprof+0x483/0x670
[  257.491475][T26039]  ? ip_set_alloc+0x24/0x30
[  257.491607][T26039]  ? ip_set_alloc+0x24/0x30
[  257.491621][T26039]  ? __kmalloc_cache_noprof+0x249/0x4a0
[  257.491633][T26039]  ip_set_alloc+0x24/0x30
[  257.491688][T26039]  hash_netiface_create+0x282/0x740
[  257.491704][T26039]  ? __pfx_hash_netiface_create+0x10/0x10
[  257.491790][T26039]  ip_set_create+0x3cc/0x970
[  257.491807][T26039]  ? __nla_parse+0x40/0x60
[  257.491824][T26039]  nfnetlink_rcv_msg+0x4c6/0x590
[  257.491852][T26039]  netlink_rcv_skb+0x123/0x220
[  257.491867][T26039]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  257.491894][T26039]  nfnetlink_rcv+0x167/0x16c0
[  257.491933][T26039]  ? mas_wr_walk_descend+0x36e/0x470
[  257.491949][T26039]  ? mas_wr_store_type+0xa75/0xcd0
[  257.491978][T26039]  ? mls_context_isvalid+0x85/0x1f0
[  257.491995][T26039]  ? mas_prealloc_calc+0x253/0x2a0
[  257.492023][T26039]  ? mas_wr_preallocate+0x2aa/0x370
[  257.492065][T26039]  ? mas_insert+0x1ea/0x330
[  257.492077][T26039]  ? _raw_spin_lock_bh+0x56/0xb0
[  257.492135][T26039]  ? should_fail_ex+0x30/0x280
[  257.492149][T26039]  ? selinux_nlmsg_lookup+0x99/0x890
[  257.492233][T26039]  ? __rcu_read_unlock+0x34/0x70
[  257.492249][T26039]  ? __netlink_lookup+0x266/0x2a0
[  257.492330][T26039]  netlink_unicast+0x5c0/0x690
[  257.492345][T26039]  netlink_sendmsg+0x58b/0x6b0
[  257.492362][T26039]  ? __pfx_netlink_sendmsg+0x10/0x10
[  257.492398][T26039]  __sock_sendmsg+0x145/0x180
[  257.492411][T26039]  ____sys_sendmsg+0x31e/0x4a0
[  257.492428][T26039]  ___sys_sendmsg+0x17b/0x1d0
[  257.492532][T26039]  __x64_sys_sendmsg+0xd4/0x160
[  257.492579][T26039]  x64_sys_call+0x17ba/0x3000
[  257.492591][T26039]  do_syscall_64+0xd8/0x2a0
[  257.492606][T26039]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  257.492662][T26039] RIP: 0033:0x7f58c1c8f749
[  257.492671][T26039] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  257.492681][T26039] RSP: 002b:00007f58c06f7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  257.492753][T26039] RAX: ffffffffffffffda RBX: 00007f58c1ee5fa0 RCX: 00007f58c1c8f749
[  257.492764][T26039] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000005
[  257.492776][T26039] RBP: 00007f58c1d13f91 R08: 0000000000000000 R09: 0000000000000000
[  257.492787][T26039] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  257.492794][T26039] R13: 00007f58c1ee6038 R14: 00007f58c1ee5fa0 R15: 00007ffe228c3e08
[  257.492805][T26039]  </TASK>
[  257.492813][T26039] memory: usage 307200kB, limit 307200kB, failcnt 3793
[  257.834615][T26039] memory+swap: usage 324516kB, limit 9007199254740988kB, failcnt 0
[  257.842567][T26039] kmem: usage 239444kB, limit 9007199254740988kB, failcnt 0
[  257.849867][T26039] Memory cgroup stats for /syz0:
[  257.850467][T26077] netlink: 'syz.2.8307': attribute type 3 has an invalid length.
[  257.855990][T26039] cache 69259264
[  257.866732][T26039] rss 36864
[  257.869891][T26039] shmem 0
[  257.870112][T26077] netlink: 'syz.2.8307': attribute type 3 has an invalid length.
[  257.872863][T26039] mapped_file 4096
[  257.872872][T26039] dirty 0
[  257.887280][T26039] writeback 65536
[  257.890967][T26039] workingset_refault_anon 1611
[  257.895731][T26039] workingset_refault_file 2560
[  257.900512][T26039] swap 17747968
[  257.903963][T26039] swapcached 69632
[  257.907667][T26039] pgpgin 495905
[  257.911147][T26039] pgpgout 478970
[  257.914684][T26039] pgfault 500136
[  257.918246][T26039] pgmajfault 250
[  257.921807][T26039] inactive_anon 40960
[  257.925811][T26039] active_anon 0
[  257.929284][T26039] inactive_file 0
[  257.932986][T26039] active_file 4096
[  257.936697][T26039] unevictable 69255168
[  257.940800][T26039] hierarchical_memory_limit 314572800
[  257.946223][T26039] hierarchical_memsw_limit 9223372036854771712
[  257.952418][T26039] total_cache 69259264
[  257.956479][T26039] total_rss 36864
[  257.960162][T26039] total_shmem 0
[  257.963687][T26039] total_mapped_file 4096
[  257.967914][T26039] total_dirty 0
[  257.971412][T26039] total_writeback 65536
[  257.975627][T26039] total_workingset_refault_anon 1611
[  257.980917][T26039] total_workingset_refault_file 2560
[  257.986177][T26039] total_swap 17747968
[  257.990170][T26039] total_swapcached 69632
[  257.994435][T26039] total_pgpgin 495905
[  257.998422][T26039] total_pgpgout 478970
[  258.002515][T26039] total_pgfault 500136
[  258.006597][T26039] total_pgmajfault 250
[  258.010694][T26039] total_inactive_anon 40960
[  258.015199][T26039] total_active_anon 0
[  258.019164][T26039] total_inactive_file 0
[  258.023370][T26039] total_active_file 4096
[  258.027609][T26039] total_unevictable 69255168
[  258.032391][T26039] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.8290,pid=26038,uid=0
[  258.047095][T26039] Memory cgroup out of memory: Killed process 26039 (syz.0.8290) total-vm:93968kB, anon-rss:1116kB, file-rss:22420kB, shmem-rss:0kB, UID:0 pgtables:156kB oom_score_adj:0
[  258.295391][T26098] loop4: detected capacity change from 0 to 512
[  258.309015][T26098] EXT4-fs warning (device loop4): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  258.320562][T26098] EXT4-fs warning (device loop4): dx_probe:849: Enable large directory feature to access it
[  258.330660][T26098] EXT4-fs warning (device loop4): dx_probe:934: inode #2: comm syz.4.8318: Corrupt directory, running e2fsck is recommended
[  258.351435][T26098] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117
[  258.360240][T26098] EXT4-fs error (device loop4): ext4_iget_extra_inode:5071: inode #15: comm syz.4.8318: corrupted in-inode xattr: invalid ea_ino
[  258.374609][T26098] EXT4-fs (loop4): Remounting filesystem read-only
[  258.382760][T26098] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  258.408581][ T3328] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  258.435145][T26109] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8321'.
[  258.826251][T26145] loop2: detected capacity change from 0 to 512
[  258.833228][   T29] audit: type=1400 audit(2000000087.199:11745): avc:  denied  { mounton } for  pid=26144 comm="syz.2.8336" path="/1621/file0" dev="tmpfs" ino=8438 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  258.836424][T26145] ------------[ cut here ]------------
[  258.862377][T26145] EA inode 11 i_nlink=2
[  258.862407][T26145] WARNING: fs/ext4/xattr.c:1058 at 0x0, CPU#1: syz.2.8336/26145
[  258.874249][T26145] Modules linked in:
[  258.878135][T26145] CPU: 1 UID: 0 PID: 26145 Comm: syz.2.8336 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  258.888047][T26145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  258.898114][T26145] RIP: 0010:ext4_xattr_inode_update_ref+0x305/0x320
[  258.904723][T26145] Code: 21 67 9d ff 4c 8d 2d 4a 5d 21 05 49 8d 7e 40 e8 f1 a8 b8 ff 49 8b 6e 40 4c 89 e7 e8 05 a4 b8 ff 41 8b 56 48 4c 89 ef 48 89 ee <67> 48 0f b9 3a e9 2b ff ff ff e8 cc 4f b5 03 66 66 66 2e 0f 1f 84
[  258.924346][T26145] RSP: 0018:ffffc900082ab590 EFLAGS: 00010246
[  258.930456][T26145] RAX: ffff888131da4ca0 RBX: ffff8881072941a8 RCX: ffffffff81ba659b
[  258.938428][T26145] RDX: 0000000000000002 RSI: 000000000000000b RDI: ffffffff86dbc2d0
[  258.946484][T26145] RBP: 000000000000000b R08: 000188810729415b R09: 0000000000000000
[  258.954469][T26145] R10: ffffc900082ab4c0 R11: 0001c900082ab4c0 R12: ffff888107294158
[  258.962435][T26145] R13: ffffffff86dbc2d0 R14: ffff888107294110 R15: 0000000000000001
[  258.970421][T26145] FS:  00007f44061bf6c0(0000) GS:ffff8882aeef4000(0000) knlGS:0000000000000000
[  258.979418][T26145] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  258.986049][T26145] CR2: 0000000000000000 CR3: 000000014bfee000 CR4: 00000000003506f0
[  258.994074][T26145] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  259.002598][T26145] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  259.010673][T26145] Call Trace:
[  259.013954][T26145]  <TASK>
[  259.016888][T26145]  ext4_xattr_set_entry+0x77f/0x1020
[  259.022193][T26145]  ext4_xattr_ibody_set+0x184/0x3c0
[  259.027495][T26145]  ext4_expand_extra_isize_ea+0xcbb/0x11f0
[  259.033559][T26145]  __ext4_expand_extra_isize+0x246/0x280
[  259.039274][T26145]  __ext4_mark_inode_dirty+0x29d/0x3f0
[  259.044852][T26145]  ext4_evict_inode+0x7c4/0xd40
[  259.049814][T26145]  ? __pfx_ext4_evict_inode+0x10/0x10
[  259.055206][T26145]  evict+0x2af/0x510
[  259.059106][T26145]  ? __dquot_initialize+0x146/0x7c0
[  259.064379][T26145]  iput+0x4bd/0x650
[  259.068180][T26145]  ext4_process_orphan+0x1a9/0x1c0
[  259.073371][T26145]  ext4_orphan_cleanup+0x6a8/0xa00
[  259.078565][T26145]  ext4_fill_super+0x3475/0x3800
[  259.083972][T26145]  ? snprintf+0x86/0xb0
[  259.088241][T26145]  ? set_blocksize+0x1a8/0x310
[  259.093193][T26145]  ? sb_set_blocksize+0xfc/0x170
[  259.098132][T26145]  ? setup_bdev_super+0x30e/0x370
[  259.103214][T26145]  ? __pfx_ext4_fill_super+0x10/0x10
[  259.108577][T26145]  get_tree_bdev_flags+0x291/0x300
[  259.113759][T26145]  ? __pfx_ext4_fill_super+0x10/0x10
[  259.119068][T26145]  get_tree_bdev+0x1f/0x30
[  259.123525][T26145]  ext4_get_tree+0x1c/0x30
[  259.128099][T26145]  vfs_get_tree+0x57/0x1d0
[  259.132615][T26145]  do_new_mount+0x24d/0x6a0
[  259.137381][T26145]  path_mount+0x4ab/0xb80
[  259.141897][T26145]  ? user_path_at+0xbf/0x130
[  259.146498][T26145]  __se_sys_mount+0x28c/0x2e0
[  259.151364][T26145]  __x64_sys_mount+0x67/0x80
[  259.156181][T26145]  x64_sys_call+0x2cca/0x3000
[  259.161694][T26145]  do_syscall_64+0xd8/0x2a0
[  259.166277][T26145]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  259.172364][T26145] RIP: 0033:0x7f4407760eea
[  259.176813][T26145] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  259.196462][T26145] RSP: 002b:00007f44061bee68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  259.204925][T26145] RAX: ffffffffffffffda RBX: 00007f44061beef0 RCX: 00007f4407760eea
[  259.212993][T26145] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007f44061beeb0
[  259.220970][T26145] RBP: 0000200000000180 R08: 00007f44061beef0 R09: 0000000000800700
[  259.229007][T26145] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0
[  259.237137][T26145] R13: 00007f44061beeb0 R14: 000000000000046f R15: 000000000000002c
[  259.245175][T26145]  </TASK>
[  259.248177][T26145] ---[ end trace 0000000000000000 ]---
[  259.253773][T26145] EXT4-fs error (device loop2): ext4_xattr_inode_iget:441: inode #18: comm syz.2.8336: iget: bad extra_isize 90 (inode size 256)
[  259.267830][T26145] EXT4-fs (loop2): Remounting filesystem read-only
[  259.274604][T26145] EXT4-fs warning (device loop2): ext4_evict_inode:273: xattr delete (err -30)
[  259.283916][T26145] EXT4-fs (loop2): 1 orphan inode deleted
[  259.290198][T26145] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  259.303404][T26145] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  259.381766][T26162] __nla_validate_parse: 1 callbacks suppressed
[  259.381782][T26162] netlink: 64 bytes leftover after parsing attributes in process `syz.3.8343'.
[  259.584790][T26183] netlink: 96 bytes leftover after parsing attributes in process `syz.3.8352'.
[  259.617164][T26187] sch_fq: defrate 4294967295 ignored.
[  259.626495][T26190] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8355'.
[  259.721465][   T29] audit: type=1400 audit(2000000088.089:11746): avc:  denied  { connect } for  pid=26197 comm="syz.3.8359" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  259.742181][   T29] audit: type=1400 audit(2000000088.089:11747): avc:  denied  { bind } for  pid=26197 comm="syz.3.8359" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  259.803030][T26202] netlink: 8 bytes leftover after parsing attributes in process `syz.5.8370'.
[  259.841265][T26206] loop5: detected capacity change from 0 to 512
[  259.848062][T26206] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  259.900393][T26206] EXT4-fs (loop5): 1 truncate cleaned up
[  259.906423][T26206] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  259.978331][T26219] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  260.103685][T26227] netlink: 'syz.4.8373': attribute type 1 has an invalid length.
[  260.111904][T26227] netlink: 'syz.4.8373': attribute type 4 has an invalid length.
[  260.119734][T26227] netlink: 9462 bytes leftover after parsing attributes in process `syz.4.8373'.
[  260.134913][ T5541] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  260.150536][T26227] netlink: 'syz.4.8373': attribute type 1 has an invalid length.
[  260.158296][T26227] netlink: 'syz.4.8373': attribute type 4 has an invalid length.
[  260.166099][T26227] netlink: 9462 bytes leftover after parsing attributes in process `syz.4.8373'.
[  260.254714][T26242] netlink: 'syz.0.8372': attribute type 13 has an invalid length.
[  260.262603][T26242] netlink: 'syz.0.8372': attribute type 27 has an invalid length.
[  260.673194][T26268] veth0: entered promiscuous mode
[  260.689727][T26268] netlink: 4 bytes leftover after parsing attributes in process `syz.5.8390'.
[  260.710541][T26268] veth0 (unregistering): left promiscuous mode
[  260.973581][T26276] netlink: 8 bytes leftover after parsing attributes in process `syz.5.8401'.
[  261.006855][T26276] netlink: 8 bytes leftover after parsing attributes in process `syz.5.8401'.
[  261.102438][T26281] loop5: detected capacity change from 0 to 512
[  261.109172][T26281] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  261.125950][T26281] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #16: comm gtp: invalid indirect mapped block 4294967295 (level 0)
[  261.143704][T26281] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #16: comm gtp: invalid indirect mapped block 4294967295 (level 1)
[  261.157753][T26281] EXT4-fs (loop5): 1 orphan inode deleted
[  261.163658][T26281] EXT4-fs (loop5): 1 truncate cleaned up
[  261.170468][T26281] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  261.185080][T26281] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  261.211833][ T5541] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  261.240189][T26287] loop5: detected capacity change from 0 to 1024
[  261.247457][T26287] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[  261.262496][T26287] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  261.273131][T26287] EXT4-fs error (device loop5): ext4_get_journal_inode:5808: inode #32: comm syz.5.8396: iget: special inode unallocated
[  261.286158][T26287] EXT4-fs (loop5): Remounting filesystem read-only
[  261.293002][T26287] EXT4-fs (loop5): no journal found
[  261.298358][T26287] EXT4-fs (loop5): can't get journal size
[  261.313136][T26287] EXT4-fs (loop5): filesystem is read-only
[  261.327266][T26287] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  261.405675][T26304] sch_fq: defrate 4294967295 ignored.
[  261.487191][ T5541] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  261.548484][T26316] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(3)
[  261.555032][T26316] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  261.562640][T26316] vhci_hcd vhci_hcd.0: Device attached
[  261.571299][T26316] vhci_hcd vhci_hcd.0: pdev(5) rhport(1) sockfd(5)
[  261.577885][T26316] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  261.585563][T26316] vhci_hcd vhci_hcd.0: Device attached
[  261.595300][T26316] vhci_hcd vhci_hcd.0: pdev(5) rhport(2) sockfd(7)
[  261.601856][T26316] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  261.609485][T26316] vhci_hcd vhci_hcd.0: Device attached
[  261.619657][T26316] vhci_hcd vhci_hcd.0: pdev(5) rhport(3) sockfd(9)
[  261.626328][T26316] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  261.633863][T26316] vhci_hcd vhci_hcd.0: Device attached
[  261.640687][T26316] vhci_hcd vhci_hcd.0: pdev(5) rhport(4) sockfd(11)
[  261.647342][T26316] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  261.654854][T26316] vhci_hcd vhci_hcd.0: Device attached
[  261.662725][T26316] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  261.673221][T26316] vhci_hcd vhci_hcd.0: pdev(5) rhport(6) sockfd(15)
[  261.679836][T26316] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  261.687392][T26316] vhci_hcd vhci_hcd.0: Device attached
[  261.697017][T26316] vhci_hcd vhci_hcd.0: pdev(5) rhport(7) sockfd(17)
[  261.703627][T26316] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  261.711384][T26316] vhci_hcd vhci_hcd.0: Device attached
[  261.729023][T26331] vhci_hcd: connection closed
[  261.729057][T26327] vhci_hcd: connection closed
[  261.729126][T26325] vhci_hcd: connection closed
[  261.738973][T26323] vhci_hcd: connection closed
[  261.739053][T26321] vhci_hcd: connection closed
[  261.748666][T26319] vhci_hcd: connection closed
[  261.753633][T26317] vhci_hcd: connection closed
[  261.762005][ T3588] vhci_hcd: stop threads
[  261.770984][ T3588] vhci_hcd: release socket
[  261.775573][ T3588] vhci_hcd: disconnect device
[  261.780600][ T3588] vhci_hcd: stop threads
[  261.784840][ T3588] vhci_hcd: release socket
[  261.789763][ T3588] vhci_hcd: disconnect device
[  261.814781][ T3588] vhci_hcd: stop threads
[  261.819317][ T3588] vhci_hcd: release socket
[  261.823804][ T3588] vhci_hcd: disconnect device
[  261.829752][   T23] usb 11-1: new low-speed USB device number 2 using vhci_hcd
[  261.830254][ T3588] vhci_hcd: stop threads
[  261.841444][ T3588] vhci_hcd: release socket
[  261.845987][ T3588] vhci_hcd: disconnect device
[  261.851638][T26318] vhci_hcd: sendmsg failed!, ret=-32 for 48
[  261.857932][ T3588] vhci_hcd: stop threads
[  261.862248][ T3588] vhci_hcd: release socket
[  261.866671][ T3588] vhci_hcd: disconnect device
[  261.877046][ T3588] vhci_hcd: stop threads
[  261.881356][ T3588] vhci_hcd: release socket
[  261.885802][ T3588] vhci_hcd: disconnect device
[  261.904343][ T3588] vhci_hcd: stop threads
[  261.908611][ T3588] vhci_hcd: release socket
[  261.913102][ T3588] vhci_hcd: disconnect device
[  261.981725][T26354] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=26354 comm=syz.0.8421
[  262.026750][T26358] netlink: 7 bytes leftover after parsing attributes in process `syz.3.8423'.
[  262.449438][T26420] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3)
[  262.456057][T26420] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  262.463599][T26420] vhci_hcd vhci_hcd.0: Device attached
[  262.487406][T26420] vhci_hcd vhci_hcd.0: pdev(4) rhport(1) sockfd(5)
[  262.490012][   T29] kauditd_printk_skb: 96 callbacks suppressed
[  262.490075][   T29] audit: type=1400 audit(2000000090.859:11844): avc:  denied  { ioctl } for  pid=26415 comm="syz.3.8449" path="socket:[71948]" dev="sockfs" ino=71948 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  262.493934][T26420] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  262.494093][T26420] vhci_hcd vhci_hcd.0: Device attached
[  262.503460][   T29] audit: type=1400 audit(2000000090.869:11845): avc:  denied  { write } for  pid=26415 comm="syz.3.8449" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  262.570074][   T29] audit: type=1400 audit(2000000090.939:11846): avc:  denied  { read } for  pid=26415 comm="syz.3.8449" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  262.649816][T26430] vhci_hcd vhci_hcd.0: pdev(4) rhport(2) sockfd(8)
[  262.656748][T26430] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  262.664410][T26430] vhci_hcd vhci_hcd.0: Device attached
[  262.719951][T26420] vhci_hcd vhci_hcd.0: pdev(4) rhport(3) sockfd(7)
[  262.726535][T26420] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  262.733995][T26430] vhci_hcd vhci_hcd.0: pdev(4) rhport(4) sockfd(10)
[  262.740673][T26430] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  262.748270][T26430] vhci_hcd vhci_hcd.0: Device attached
[  262.748292][T26420] vhci_hcd vhci_hcd.0: Device attached
[  262.759291][   T36] usb 9-1: new low-speed USB device number 2 using vhci_hcd
[  262.763381][T26456] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  262.776201][T26455] tipc: New replicast peer: 172.30.1.1
[  262.842149][T26420] vhci_hcd vhci_hcd.0: pdev(4) rhport(6) sockfd(12)
[  262.843761][   T29] audit: type=1400 audit(2000000091.209:11847): avc:  denied  { create } for  pid=26467 comm="syz.5.8464" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  262.848756][T26420] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  262.848849][T26420] vhci_hcd vhci_hcd.0: Device attached
[  262.881864][T26469] loop5: detected capacity change from 0 to 512
[  262.890428][T26469] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  262.903659][T26469] EXT4-fs (loop5): 1 truncate cleaned up
[  262.915969][T26469] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  262.940501][   T29] audit: type=1326 audit(2000000091.309:11848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26475 comm="syz.0.8466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58c1c8f749 code=0x7ffc0000
[  262.970088][T26420] vhci_hcd vhci_hcd.0: pdev(4) rhport(7) sockfd(17)
[  262.976781][T26420] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  262.977167][   T29] audit: type=1326 audit(2000000091.319:11849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26475 comm="syz.0.8466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f58c1c8f749 code=0x7ffc0000
[  262.984423][T26420] vhci_hcd vhci_hcd.0: Device attached
[  263.007961][   T29] audit: type=1326 audit(2000000091.319:11850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26475 comm="syz.0.8466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58c1c8f749 code=0x7ffc0000
[  263.007990][   T29] audit: type=1326 audit(2000000091.319:11851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26475 comm="syz.0.8466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58c1c8f749 code=0x7ffc0000
[  263.060599][   T29] audit: type=1326 audit(2000000091.319:11852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26475 comm="syz.0.8466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f58c1c8f749 code=0x7ffc0000
[  263.072221][T26477] vhci_hcd: connection closed
[  263.084246][   T29] audit: type=1326 audit(2000000091.319:11853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26475 comm="syz.0.8466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58c1c8f749 code=0x7ffc0000
[  263.090302][T26468] vhci_hcd: connection closed
[  263.114161][T26449] vhci_hcd: connection closed
[  263.118889][T26447] vhci_hcd: connection closed
[  263.125261][T26432] vhci_hcd: connection closed
[  263.130126][T26425] vhci_hcd: connection closed
[  263.134983][T26421] vhci_hcd: connection reset by peer
[  263.138883][ T4550] vhci_hcd: stop threads
[  263.149265][ T4550] vhci_hcd: release socket
[  263.153796][ T4550] vhci_hcd: disconnect device
[  263.168970][ T4550] vhci_hcd: stop threads
[  263.173292][ T4550] vhci_hcd: release socket
[  263.177704][ T4550] vhci_hcd: disconnect device
[  263.191313][ T4550] vhci_hcd: stop threads
[  263.195764][ T4550] vhci_hcd: release socket
[  263.200295][ T4550] vhci_hcd: disconnect device
[  263.205226][ T4550] vhci_hcd: stop threads
[  263.209460][ T4550] vhci_hcd: release socket
[  263.213899][ T4550] vhci_hcd: disconnect device
[  263.218852][ T4550] vhci_hcd: stop threads
[  263.223211][ T4550] vhci_hcd: release socket
[  263.227606][ T4550] vhci_hcd: disconnect device
[  263.232392][ T4550] vhci_hcd: stop threads
[  263.236623][ T4550] vhci_hcd: release socket
[  263.241136][ T4550] vhci_hcd: disconnect device
[  263.245968][ T4550] vhci_hcd: stop threads
[  263.250251][ T4550] vhci_hcd: release socket
[  263.254658][ T4550] vhci_hcd: disconnect device
[  263.392092][T26500] team0 (unregistering): Port device team_slave_0 removed
[  263.401256][T26500] team0 (unregistering): Port device team_slave_1 removed
[  263.686260][ T5541] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  263.821355][T26555] lo speed is unknown, defaulting to 1000
[  263.915153][T26564] loop5: detected capacity change from 0 to 512
[  263.921900][T26564] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  264.133947][T26587] 9pnet_fd: Insufficient options for proto=fd
[  264.428533][T26621] 9pnet_fd: Insufficient options for proto=fd
[  264.683902][T26659] loop4: detected capacity change from 0 to 1024
[  264.732172][T26659] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  264.808483][ T3328] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  264.820433][T26672] blktrace: Concurrent blktraces are not allowed on loop1
[  264.895918][T26682] loop4: detected capacity change from 0 to 1024
[  264.907850][T26682] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  264.920331][T26682] ext4 filesystem being mounted at /1593/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  264.935418][T26682] EXT4-fs error (device loop4): ext4_map_blocks:813: inode #15: comm syz.4.8557: lblock 0 mapped to illegal pblock 0 (length 1)
[  264.949417][T26682] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117
[  264.961938][T26682] EXT4-fs (loop4): This should not happen!! Data will be lost
[  264.961938][T26682] 
[  265.055612][ T3328] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  265.200236][T26710] __nla_validate_parse: 11 callbacks suppressed
[  265.200251][T26710] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8568'.
[  265.228751][T26710] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8568'.
[  265.258838][T26710] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8568'.
[  265.274124][T26710] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8568'.
[  265.288305][T26710] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8568'.
[  265.411477][T26727] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8575'.
[  265.420550][T26727] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8575'.
[  265.434648][T26729] loop4: detected capacity change from 0 to 1024
[  265.462259][T26729] EXT4-fs: Ignoring removed bh option
[  265.468266][T26729] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  265.553273][T26729] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  265.608689][T26729] EXT4-fs (loop4): can't enable nombcache during remount
[  265.690465][ T3328] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.831579][T26756] loop5: detected capacity change from 0 to 2048
[  265.880161][T26756]  loop5: p1 < > p4
[  265.902884][T26756] loop5: p4 size 8388608 extends beyond EOD, truncated
[  265.918215][T26762] loop4: detected capacity change from 0 to 512
[  265.952521][T26762] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.8588: inode has both inline data and extents flags
[  266.000701][T26762] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.8588: couldn't read orphan inode 15 (err -117)
[  266.051350][T26762] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  266.144182][T26774] loop5: detected capacity change from 0 to 128
[  266.153122][ T3328] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  266.216033][T26785] netlink: 'syz.4.8597': attribute type 27 has an invalid length.
[  266.241151][T26785] wg2: left promiscuous mode
[  266.245804][T26785] wg2: left allmulticast mode
[  266.264361][T26785] bridge2: left promiscuous mode
[  266.269428][T26785] bridge3: left promiscuous mode
[  266.274504][T26785] bridge3: left allmulticast mode
[  266.280454][T26785] ip6gre1: left allmulticast mode
[  266.358723][T26796] erspan0: left promiscuous mode
[  266.371895][T26796] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  266.426432][T26774] syz.5.8593: attempt to access beyond end of device
[  266.426432][T26774] loop5: rw=2049, sector=169, nr_sectors = 8 limit=128
[  266.442627][T26774] syz.5.8593: attempt to access beyond end of device
[  266.442627][T26774] loop5: rw=2049, sector=185, nr_sectors = 16 limit=128
[  266.457711][T26774] syz.5.8593: attempt to access beyond end of device
[  266.457711][T26774] loop5: rw=2049, sector=209, nr_sectors = 8 limit=128
[  266.480184][T26774] syz.5.8593: attempt to access beyond end of device
[  266.480184][T26774] loop5: rw=2049, sector=225, nr_sectors = 8 limit=128
[  266.494703][T26803] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  266.495651][T26774] syz.5.8593: attempt to access beyond end of device
[  266.495651][T26774] loop5: rw=2049, sector=241, nr_sectors = 8 limit=128
[  266.550251][T26774] syz.5.8593: attempt to access beyond end of device
[  266.550251][T26774] loop5: rw=2049, sector=257, nr_sectors = 8 limit=128
[  266.605835][T26774] syz.5.8593: attempt to access beyond end of device
[  266.605835][T26774] loop5: rw=2049, sector=273, nr_sectors = 8 limit=128
[  266.691770][T26831] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8617'.
[  266.700249][T26774] syz.5.8593: attempt to access beyond end of device
[  266.700249][T26774] loop5: rw=2049, sector=289, nr_sectors = 8 limit=128
[  266.719393][T26831] netlink: 32 bytes leftover after parsing attributes in process `syz.2.8617'.
[  266.740163][T26774] syz.5.8593: attempt to access beyond end of device
[  266.740163][T26774] loop5: rw=2049, sector=305, nr_sectors = 8 limit=128
[  266.762760][T26774] syz.5.8593: attempt to access beyond end of device
[  266.762760][T26774] loop5: rw=2049, sector=321, nr_sectors = 8 limit=128
[  266.884942][T26846] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8623'.
[  266.909940][   T23] usb 11-1: enqueue for inactive port 0
[  266.916123][   T23] usb 11-1: enqueue for inactive port 0
[  266.999964][   T23] vhci_hcd: vhci_device speed not set
[  267.021225][T26866] macvlan2: entered promiscuous mode
[  267.026583][T26866] bridge0: entered promiscuous mode
[  267.295095][T26908] siw: device registration error -23
[  267.679362][   T29] kauditd_printk_skb: 77 callbacks suppressed
[  267.679376][   T29] audit: type=1326 audit(2000000096.039:11931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26954 comm="syz.2.8666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f440775f749 code=0x7ffc0000
[  267.713469][   T29] audit: type=1326 audit(2000000096.049:11932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26954 comm="syz.2.8666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f440775f749 code=0x7ffc0000
[  267.737115][   T29] audit: type=1326 audit(2000000096.049:11933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26954 comm="syz.2.8666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f440775f783 code=0x7ffc0000
[  267.760633][   T29] audit: type=1326 audit(2000000096.049:11934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26954 comm="syz.2.8666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f440775e1ff code=0x7ffc0000
[  267.784208][   T29] audit: type=1326 audit(2000000096.049:11935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26954 comm="syz.2.8666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f440775f7d7 code=0x7ffc0000
[  267.807768][   T29] audit: type=1326 audit(2000000096.079:11936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26954 comm="syz.2.8666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f440775df90 code=0x7ffc0000
[  267.810244][   T36] usb 9-1: enqueue for inactive port 0
[  267.831367][   T29] audit: type=1326 audit(2000000096.079:11937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26954 comm="syz.2.8666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f440775e3aa code=0x7ffc0000
[  267.860098][   T29] audit: type=1326 audit(2000000096.079:11938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26954 comm="syz.2.8666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f440775f749 code=0x7ffc0000
[  267.861121][   T36] usb 9-1: enqueue for inactive port 0
[  267.883747][   T29] audit: type=1326 audit(2000000096.079:11939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26954 comm="syz.2.8666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f440775f749 code=0x7ffc0000
[  267.913730][   T29] audit: type=1326 audit(2000000096.079:11940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26954 comm="syz.2.8666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f440775f749 code=0x7ffc0000
[  268.009929][   T36] vhci_hcd: vhci_device speed not set
[  268.048381][T26977] loop4: detected capacity change from 0 to 512
[  268.056044][T26977] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  268.070413][T26977] EXT4-fs error (device loop4): __ext4_iget:5439: inode #11: block 524312: comm syz.4.8679: invalid block
[  268.082941][T26977] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.8679: couldn't read orphan inode 11 (err -117)
[  268.095310][T26977] EXT4-fs (loop4): 1 truncate cleaned up
[  268.101307][T26977] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  268.136227][ T3328] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  268.503589][T27013] loop4: detected capacity change from 0 to 2048
[  268.560027][T27013]  loop4: p1 < > p4
[  268.564552][T27013] loop4: p4 size 8388608 extends beyond EOD, truncated
[  268.641521][T27020] netlink: zone id is out of range
[  268.646663][T27020] netlink: zone id is out of range
[  268.651974][T27020] netlink: zone id is out of range
[  268.657222][T27020] netlink: zone id is out of range
[  268.662554][T27020] netlink: zone id is out of range
[  268.667681][T27020] netlink: zone id is out of range
[  268.672833][T27020] netlink: zone id is out of range
[  268.677939][T27020] netlink: zone id is out of range
[  268.683098][T27020] netlink: zone id is out of range
[  269.058299][T27052] loop5: detected capacity change from 0 to 2048
[  269.160160][T27052]  loop5: p1 < > p4
[  269.164641][T27052] loop5: p4 size 8388608 extends beyond EOD, truncated
[  269.646115][T27088] x_tables: ip6_tables: TCPOPTSTRIP target: only valid in mangle table, not filter
[  269.723997][T27101] vlan1: entered allmulticast mode
[  270.274249][T27147] loop4: detected capacity change from 0 to 512
[  270.291953][T27147] EXT4-fs warning (device loop4): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  270.303649][T27147] EXT4-fs warning (device loop4): dx_probe:849: Enable large directory feature to access it
[  270.313906][T27147] EXT4-fs warning (device loop4): dx_probe:934: inode #2: comm syz.4.8749: Corrupt directory, running e2fsck is recommended
[  270.328069][T27147] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117
[  270.328456][T27154] __nla_validate_parse: 11 callbacks suppressed
[  270.328468][T27154] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8751'.
[  270.351726][T27154] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8751'.
[  270.361028][T27147] EXT4-fs error (device loop4): ext4_iget_extra_inode:5071: inode #15: comm syz.4.8749: corrupted in-inode xattr: e_name out of bounds
[  270.379870][T27147] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.8749: couldn't read orphan inode 15 (err -117)
[  270.400161][T27147] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  270.436273][T27158] netlink: 'syz.0.8753': attribute type 10 has an invalid length.
[  270.454209][ T3328] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  271.240214][T27216] loop5: detected capacity change from 0 to 2048
[  271.258643][T27216] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  271.404924][ T5541] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  272.572220][T27269] netlink: 'syz.2.8793': attribute type 1 has an invalid length.
[  272.580140][T27269] netlink: 'syz.2.8793': attribute type 4 has an invalid length.
[  272.587880][T27269] netlink: 9462 bytes leftover after parsing attributes in process `syz.2.8793'.
[  272.728828][   T29] kauditd_printk_skb: 113 callbacks suppressed
[  272.728847][   T29] audit: type=1326 audit(2000000101.089:12054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27275 comm="syz.0.8797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58c1c8f749 code=0x7ffc0000
[  272.799769][   T29] audit: type=1326 audit(2000000101.119:12055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27275 comm="syz.0.8797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f58c1c8f749 code=0x7ffc0000
[  272.823614][   T29] audit: type=1326 audit(2000000101.119:12056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27275 comm="syz.0.8797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58c1c8f749 code=0x7ffc0000
[  272.847250][   T29] audit: type=1326 audit(2000000101.119:12057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27275 comm="syz.0.8797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58c1c8f749 code=0x7ffc0000
[  272.870859][   T29] audit: type=1326 audit(2000000101.119:12058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27275 comm="syz.0.8797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f58c1c8f749 code=0x7ffc0000
[  272.894396][   T29] audit: type=1326 audit(2000000101.119:12059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27275 comm="syz.0.8797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58c1c8f749 code=0x7ffc0000
[  272.918155][   T29] audit: type=1326 audit(2000000101.119:12060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27275 comm="syz.0.8797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58c1c8f749 code=0x7ffc0000
[  273.547222][T27303] loop5: detected capacity change from 0 to 512
[  273.560925][T27303] EXT4-fs warning (device loop5): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  273.572538][T27303] EXT4-fs warning (device loop5): dx_probe:849: Enable large directory feature to access it
[  273.582652][T27303] EXT4-fs warning (device loop5): dx_probe:934: inode #2: comm syz.5.8806: Corrupt directory, running e2fsck is recommended
[  273.612658][T27303] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -117
[  273.632346][T27303] EXT4-fs error (device loop5): ext4_iget_extra_inode:5071: inode #15: comm syz.5.8806: corrupted in-inode xattr: e_name out of bounds
[  273.699409][T27314] netlink: 24 bytes leftover after parsing attributes in process `syz.4.8811'.
[  273.715836][T27303] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.8806: couldn't read orphan inode 15 (err -117)
[  273.736953][T27320] netlink: 'syz.0.8813': attribute type 3 has an invalid length.
[  273.744350][T27303] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  273.760922][   T29] audit: type=1400 audit(2000000102.129:12061): avc:  denied  { mount } for  pid=27321 comm="syz.2.8814" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  273.788919][T27325] netlink: 204 bytes leftover after parsing attributes in process `syz.4.8815'.
[  273.806296][ T5541] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  273.817378][   T29] audit: type=1326 audit(2000000102.149:12062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27317 comm="syz.3.8810" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa16b27f749 code=0x7ffc0000
[  273.841843][   T29] audit: type=1326 audit(2000000102.149:12063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27317 comm="syz.3.8810" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa16b27f749 code=0x7ffc0000
[  273.883836][T27330] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=27330 comm=syz.2.8816
[  273.923157][T27336] netlink: 16 bytes leftover after parsing attributes in process `syz.5.8820'.
[  273.934120][T27336] netlink: 'syz.5.8820': attribute type 3 has an invalid length.
[  273.981042][T27344] netlink: 24 bytes leftover after parsing attributes in process `syz.4.8823'.
[  274.060629][T27360] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8830'.
[  274.610644][T27394] netlink: 96 bytes leftover after parsing attributes in process `syz.3.8845'.
[  274.991683][T27408] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=27408 comm=syz.2.8851
[  275.203381][T27423] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8857'.
[  275.571321][T27461] __nla_validate_parse: 1 callbacks suppressed
[  275.571338][T27461] netlink: 96 bytes leftover after parsing attributes in process `syz.2.8875'.
[  275.681913][T27471] loop4: detected capacity change from 0 to 164
[  275.974427][T27505] net_ratelimit: 4 callbacks suppressed
[  275.974441][T27505] openvswitch: netlink: Missing key (keys=40, expected=2000)
[  276.269511][T27533] netlink: 'syz.3.8905': attribute type 6 has an invalid length.
[  276.344338][T27539] netlink: 48 bytes leftover after parsing attributes in process `syz.3.8908'.
[  276.856788][T27601] loop5: detected capacity change from 0 to 128
[  276.935774][T27615] Trying to write to read-only block-device loop5
[  276.966346][T27615] bio_check_eod: 98 callbacks suppressed
[  276.966360][T27615] syz.5.8934: attempt to access beyond end of device
[  276.966360][T27615] loop5: rw=2049, sector=145, nr_sectors = 16 limit=128
[  277.040063][T27615] syz.5.8934: attempt to access beyond end of device
[  277.040063][T27615] loop5: rw=2049, sector=169, nr_sectors = 8 limit=128
[  277.055036][T27615] syz.5.8934: attempt to access beyond end of device
[  277.055036][T27615] loop5: rw=2049, sector=185, nr_sectors = 8 limit=128
[  277.068803][T27615] syz.5.8934: attempt to access beyond end of device
[  277.068803][T27615] loop5: rw=2049, sector=201, nr_sectors = 8 limit=128
[  277.085810][T27615] syz.5.8934: attempt to access beyond end of device
[  277.085810][T27615] loop5: rw=2049, sector=217, nr_sectors = 8 limit=128
[  277.099332][T27615] syz.5.8934: attempt to access beyond end of device
[  277.099332][T27615] loop5: rw=2049, sector=233, nr_sectors = 8 limit=128
[  277.123904][T27615] syz.5.8934: attempt to access beyond end of device
[  277.123904][T27615] loop5: rw=2049, sector=249, nr_sectors = 8 limit=128
[  277.137775][T27615] syz.5.8934: attempt to access beyond end of device
[  277.137775][T27615] loop5: rw=2049, sector=265, nr_sectors = 8 limit=128
[  277.165182][T27615] syz.5.8934: attempt to access beyond end of device
[  277.165182][T27615] loop5: rw=2049, sector=281, nr_sectors = 8 limit=128
[  277.183601][T27615] syz.5.8934: attempt to access beyond end of device
[  277.183601][T27615] loop5: rw=2049, sector=297, nr_sectors = 8 limit=128
[  277.290990][T27631] netlink: 2048 bytes leftover after parsing attributes in process `syz.5.8944'.
[  277.300275][T27631] netlink: 4 bytes leftover after parsing attributes in process `syz.5.8944'.
[  277.794878][   T29] kauditd_printk_skb: 249 callbacks suppressed
[  277.794894][   T29] audit: type=1400 audit(2000000106.159:12313): avc:  denied  { execute } for  pid=27654 comm="syz.3.8955" name="cgroup" dev="tmpfs" ino=9767 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=lnk_file permissive=1
[  278.121027][T27664] loop4: detected capacity change from 0 to 164
[  278.155042][T27662] 8021q: adding VLAN 0 to HW filter on device team0
[  278.188052][T27662] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[  278.228699][T27664] Unsupported NM flag settings (240)
[  278.395437][   T29] audit: type=1326 audit(2000000106.759:12314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27668 comm="syz.4.8962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01ea2ef749 code=0x7ffc0000
[  278.423008][   T29] audit: type=1326 audit(2000000106.789:12315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27668 comm="syz.4.8962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01ea2ef749 code=0x7ffc0000
[  278.446679][   T29] audit: type=1326 audit(2000000106.789:12316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27668 comm="syz.4.8962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f01ea2ef749 code=0x7ffc0000
[  278.470495][   T29] audit: type=1326 audit(2000000106.789:12317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27668 comm="syz.4.8962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01ea2ef749 code=0x7ffc0000
[  278.494124][   T29] audit: type=1326 audit(2000000106.789:12318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27668 comm="syz.4.8962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01ea2ef749 code=0x7ffc0000
[  278.517857][   T29] audit: type=1326 audit(2000000106.789:12319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27668 comm="syz.4.8962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f01ea2ef749 code=0x7ffc0000
[  278.541500][   T29] audit: type=1326 audit(2000000106.789:12320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27668 comm="syz.4.8962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01ea2ef749 code=0x7ffc0000
[  278.565202][   T29] audit: type=1326 audit(2000000106.789:12321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27668 comm="syz.4.8962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=50 compat=0 ip=0x7f01ea2ef749 code=0x7ffc0000
[  278.588709][   T29] audit: type=1326 audit(2000000106.789:12322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27668 comm="syz.4.8962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01ea2ef749 code=0x7ffc0000
[  278.896365][T27712] netlink: 'gtp': attribute type 10 has an invalid length.
[  279.006752][T27720] netlink: 96 bytes leftover after parsing attributes in process `syz.2.8984'.
[  279.033600][T27724] netlink: 'syz.2.8985': attribute type 1 has an invalid length.
[  279.155044][T27739] netlink: 24 bytes leftover after parsing attributes in process `syz.0.8992'.
[  279.193124][T27741] loop4: detected capacity change from 0 to 2048
[  279.240304][T27741]  loop4: p1 p3
[  279.246404][T27741] loop4: p3 start 8388352 is beyond EOD, truncated
[  279.430240][T27765] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9004'.
[  279.551271][T27771] netlink: 'syz.3.9007': attribute type 3 has an invalid length.
[  279.600913][T27776] netlink: 28 bytes leftover after parsing attributes in process `syz.5.9009'.
[  279.619748][T27776] netem: change failed
[  279.724784][T27783] loop5: detected capacity change from 0 to 164
[  279.957638][T27811] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[  280.104905][T27836] loop5: detected capacity change from 0 to 164
[  280.473694][T27854] netlink: 96 bytes leftover after parsing attributes in process `syz.5.9044'.
[  281.039555][T27887] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9057'.
[  281.142644][T27872] ==================================================================
[  281.150779][T27872] BUG: KCSAN: data-race in shmem_file_splice_read / shmem_file_splice_read
[  281.159392][T27872] 
[  281.161796][T27872] write to 0xffff888118fe35e8 of 8 bytes by task 27869 on cpu 0:
[  281.169506][T27872]  shmem_file_splice_read+0x470/0x600
[  281.175489][T27872]  splice_direct_to_actor+0x26f/0x680
[  281.180870][T27872]  do_splice_direct+0xda/0x150
[  281.185674][T27872]  do_sendfile+0x380/0x650
[  281.190431][T27872]  __x64_sys_sendfile64+0x105/0x150
[  281.195632][T27872]  x64_sys_call+0x2db1/0x3000
[  281.200297][T27872]  do_syscall_64+0xd8/0x2a0
[  281.204800][T27872]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  281.210690][T27872] 
[  281.213016][T27872] write to 0xffff888118fe35e8 of 8 bytes by task 27872 on cpu 1:
[  281.220718][T27872]  shmem_file_splice_read+0x470/0x600
[  281.226101][T27872]  splice_direct_to_actor+0x26f/0x680
[  281.231653][T27872]  do_splice_direct+0xda/0x150
[  281.236421][T27872]  do_sendfile+0x380/0x650
[  281.240916][T27872]  __x64_sys_sendfile64+0x105/0x150
[  281.246113][T27872]  x64_sys_call+0x2db1/0x3000
[  281.250783][T27872]  do_syscall_64+0xd8/0x2a0
[  281.255287][T27872]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  281.261267][T27872] 
[  281.263592][T27872] value changed: 0x00000000000225d8 -> 0x00000000000225f0
[  281.270689][T27872] 
[  281.273001][T27872] Reported by Kernel Concurrency Sanitizer on:
[  281.279147][T27872] CPU: 1 UID: 0 PID: 27872 Comm: syz.5.9050 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  281.290512][T27872] Tainted: [W]=WARN
[  281.294309][T27872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  281.304358][T27872] ==================================================================