last executing test programs:

1m44.278902824s ago: executing program 32 (id=77):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x2d41, 0x0)
flock(r0, 0x5)
r1 = open(&(0x7f0000000200)='./bus\x00', 0x1612c2, 0x0)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/locks\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x200)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
flock(r3, 0x6)

1m24.515948097s ago: executing program 3 (id=597):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
write$cgroup_subtree(r2, 0x0, 0x36)

1m24.35951997s ago: executing program 3 (id=602):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='attr/exec\x00')
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f00000000c0)={0x5, 0x80, 0xec, 0x7, 0x40, 0x7, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x4, 0x2, @perf_bp={0x0, 0x4}, 0x100987, 0x7ff, 0x7, 0x2, 0x81, 0x2, 0x5, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
syz_genetlink_get_family_id$mptcp(0x0, r0)
socket(0x10, 0x803, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)

1m24.3052508s ago: executing program 3 (id=604):
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000540), 0x84)
mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x12, r0, 0x0)
perf_event_open(&(0x7f00000004c0)={0x8, 0x80, 0x0, 0xc, 0x0, 0x0, 0x82, 0x200000000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x9}, 0x18204, 0x0, 0x3, 0x0, 0x0, 0x5338c7af, 0x0, 0x0, 0x0, 0x0, 0x2}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0xfffffffffffffffe}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

1m24.049457864s ago: executing program 3 (id=611):
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)

1m24.019936904s ago: executing program 3 (id=612):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x70, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
tkill(0x0, 0x12)
r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00')
pread64(r1, 0x0, 0x0, 0x100008)

1m23.765807038s ago: executing program 3 (id=624):
socket$tipc(0x1e, 0x2, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x5, 0x3, &(0x7f0000000580)=ANY=[@ANYBLOB="c06e6d772cb04ac9fc168ddadf43d1f43009000000f07f00180000000000eb3c0000c23ac38b575e84c62f689a9ba450ded9f7b4b7475ed3780818ad271fdf1242655e50d2ac711676c3cc336cfeeabccfedb8351ae2511d60e9b072bea1595860f5cb136a0cfe722714a4d2467ad056286d50cf4e3ea23692c9dfb35111187a71a78db82e473dc8"], &(0x7f0000000c00)='GPL\x00', 0xfffffffe, 0x0, 0x0, 0x41000, 0x38, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xa, @void, @value}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r0)
pipe(&(0x7f00000002c0))
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000410"], 0x50)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=ANY=[], &(0x7f0000000180), 0x0)

1m23.765654308s ago: executing program 33 (id=624):
socket$tipc(0x1e, 0x2, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x5, 0x3, &(0x7f0000000580)=ANY=[@ANYBLOB="c06e6d772cb04ac9fc168ddadf43d1f43009000000f07f00180000000000eb3c0000c23ac38b575e84c62f689a9ba450ded9f7b4b7475ed3780818ad271fdf1242655e50d2ac711676c3cc336cfeeabccfedb8351ae2511d60e9b072bea1595860f5cb136a0cfe722714a4d2467ad056286d50cf4e3ea23692c9dfb35111187a71a78db82e473dc8"], &(0x7f0000000c00)='GPL\x00', 0xfffffffe, 0x0, 0x0, 0x41000, 0x38, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xa, @void, @value}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r0)
pipe(&(0x7f00000002c0))
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000410"], 0x50)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=ANY=[], &(0x7f0000000180), 0x0)

1m12.176369685s ago: executing program 6 (id=766):
perf_event_open(&(0x7f0000000800)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0xffffffffffffffff, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x8000, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB, @ANYBLOB], 0x50)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$cgroup_type(0xffffffffffffffff, &(0x7f0000000180), 0x40001)
perf_event_open(&(0x7f0000000500)={0x5, 0x80, 0x56, 0x1, 0x0, 0x0, 0x0, 0x210e, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x407fff, 0xaea}, 0x107105, 0x32, 0xfffffbff, 0x3, 0x2, 0x0, 0xfffa, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)

1m12.084809966s ago: executing program 6 (id=769):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000140)=@newtfilter={0x64, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, r3, {0x8, 0xffe0}, {}, {0xa, 0xfff3}}, [@filter_kind_options=@f_flower={{0xb}, {0x34, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS_MASK={0x18, 0x55, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0x14, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_VER={0x5, 0x1, 0x2}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_HWID={0x5, 0x4, 0x7}]}]}, @TCA_FLOWER_KEY_ENC_OPTS={0x18, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0x14, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_VER={0x5, 0x1, 0x1}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_INDEX={0x8, 0x2, 0x100c}]}]}]}}]}, 0x64}, 0x1, 0x0, 0x0, 0x22044028}, 0x0)

1m11.830925049s ago: executing program 6 (id=777):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = syz_io_uring_setup(0x4e5b, &(0x7f0000000200)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000000)=<r2=>0x0)
syz_io_uring_setup(0x5e5, &(0x7f0000000280)={0x0, 0x4, 0x1}, &(0x7f0000000180)=<r3=>0x0, &(0x7f0000000080))
syz_io_uring_submit(r3, r2, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54})
io_uring_enter(r1, 0xb15, 0x0, 0x0, 0x0, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23, 0x400000, @loopback, 0x2}, 0x1c)
sendto$inet6(r0, &(0x7f0000000180)="1a", 0x34000, 0x0, &(0x7f0000000480)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

1m11.75554558s ago: executing program 6 (id=781):
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x800)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x20000, 0x0)
open_tree(r0, &(0x7f0000000640)='\x00', 0x89901)

1m11.691084251s ago: executing program 6 (id=783):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1d, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xb, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r2}, 0x10)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)

1m11.423671255s ago: executing program 6 (id=790):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x34, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='vm_unmapped_area\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='vm_unmapped_area\x00', r2}, 0x10)
io_setup(0x3, &(0x7f0000000340))

1m11.423496905s ago: executing program 34 (id=790):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x34, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='vm_unmapped_area\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='vm_unmapped_area\x00', r2}, 0x10)
io_setup(0x3, &(0x7f0000000340))

41.155156859s ago: executing program 2 (id=1773):
ioctl(0xffffffffffffffff, 0xfffff001, &(0x7f0000000000)="94d06c30df2aafdfce6b4a7fb14b02d900bbb07d1089")
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x43, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_emit_ethernet(0x7a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000086dd6015690900442f"], 0x0)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0xf5ffffff, &(0x7f0000000000)='%', 0x0, 0xd01, 0xbe02, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="14000000100001000000000000dfff000000000a20000000000a01020000000000000000010000000900010073797a30000000006c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a30000000004000038008000140000000002c0003801400010067656e65766530000000000000000000140001006c6f0000000000000000000000000000080002"], 0xb4}}, 0x0)

40.876432873s ago: executing program 2 (id=1785):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
r2 = socket$igmp6(0xa, 0x3, 0x2)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r2, 0x8983, &(0x7f0000000300)={0x0, 'syzkaller1\x00'})
write$tun(r0, &(0x7f0000000700)={@void, @void, @eth={@multicast, @local, @val={@val={0x88a8, 0x0, 0x0, 0x6}}, {@mpls_mc={0x8848, {[], @ipv4=@gre={{0x5, 0x4, 0x2, 0x1d, 0x58, 0x66, 0x0, 0x5, 0x2f, 0x0, @multicast1, @local}, {{0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, {}, {0x1, 0x0, 0x0, 0x1}, {0x8, 0x88be, 0x0, {{0x9, 0x1, 0x1c, 0x1, 0x1, 0x2, 0x1, 0xd4}, 0x1, {0x7}}}, {0x8, 0x22eb, 0x3, {{0x5, 0x2, 0xf, 0x3, 0x0, 0x0, 0x3}, 0x2, {0xc9, 0x200, 0x2, 0x9, 0x0, 0x1, 0x1, 0x1, 0x1}}}}}}}}}}, 0x6e)

40.753068225s ago: executing program 2 (id=1791):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'bond0\x00', <r3=>0x0})
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000800)=@newqdisc={0x94, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r3, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x64, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], 0x0, [0x8, 0x4, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0x8]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x8, 0x2, 0x0, 0x1, [{0x4}]}]}}]}, 0x94}}, 0x0)

40.728744915s ago: executing program 2 (id=1793):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f0000000580)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x8000000}}, {@noauto_da_alloc}, {@dioread_nolock}, {@usrquota}, {@nobarrier}, {@nodelalloc}, {@minixdf}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x40}}]}, 0x1, 0xba6, &(0x7f0000000c00)="$eJzs3M1rXFUUAPDzXj7bRicVEeumEZEWxGlaSbFFsJWKGxeCboWGdFJCph8kkZo0i4n+A6KuBTeCWpQu7LobBbdutG4tLoQisVEQ0cibjyQ2M0naTvJq8vvBzbt3zpvcc/KYeffCTALYsQayH2nEvog4nUQU6o+nEdFd7fVGVGrnLczPjvwxPzuSxOLi678mkUTE7fnZkcbvSurHPfVBb0R891ISj7y7et7J6Znx4XK5NFEfH5o6d/HQ5PTMs2Pnhs+WzpbOHz76/NCRoaODx4baVuufP5249vuTr/xc+euzv6/89sEnSZyIvnpsZR3tMhADS3+TlTojYrjdk+Wko17PyjqTznWelG5yUgAAtJSuWMM9FoXoiOXFWyG+/j7X5AAAAIC2WOyIWAQAAAC2ucT+HwAAALa5xucAbs/PjjRavp9I2Fq3TkZEf63+hXqrRTqjUj32RldE7L6dxMqvtSa1p923gYi4+eOxL7MWm/Q95LVU5iLi8WbXP6nW31/9Fvfq+tOIGGzD/AN3jP9P9Z9ow/x51w/AznT9ZO1Gtvr+ly6tf6LJ/a+zyb3rXuR9/2us/xZWrf+W6+9osf57bYNzXP70o0utYln9L1x7+YtGy+bPjvdV1F24NRfxRGez+pOl+pMW9Z/e4ByFfy6VWsXyrn/x44gD0bz+hmTt/090aHSsXBqs/Ww6x9y3Q5+3mj/v+rPrv7tF/etd/4sbnOPNU6eutoqtX3/6S3fyRrXXXX/k7eGpqYnDEd3Jq6sfP7J2Lo1zGr8jq//gU2u//pvVn70nVOp/h2wvMFc/ZuN37pjzxSuXv1qr/mzvl+f1P3OP1/+9Dc7x9DfvH2wVW7n/zVo2/82kthcGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIY0IvoiSYtL/TQtFiP2RMSjsTstX5icemb0wlvnz2SxiP7oSkfHyqXBiCjUxkk2PlztL4+P3DF+LiL2RsSHhV3VcXHkQvlM3sUDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwZE9E9EWSFiMijYiFQpoWi3lnBQAAALRdf94JAAAAAJvO/h8AAAC2P/t/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANtne/ddvJBFROb6r2jLd9VhXrpkBmy3NOwEgNx15JwDkpjPvBIDc3OUe33IBtqFknXhvy0hP23MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4MF1YN/1G0lEVI7vqrZMdz3W1fQZ+7cwO2AzpXknAOSmY61g59blAWw9L3HYuZrv8YGdJFkn3rt8TuW/kZ5NywkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAB09ftSVpMSLSaj9Ni8WIhyKiP7qS0bFyaTAiHo6IHwpdPdm4J++kAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaLvJ6Znx4XK5NKGjo5NvJ3kw0qh18n5nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgD5PTM+PD5XJpYjLvTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC8TU7PjA+Xy6WJDXSu3s3JKzp51wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQH7+DQAA//+LYA3r")
open(&(0x7f0000000000)='./bus\x00', 0x1050c1, 0x170)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200]})
write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b)

40.44152274s ago: executing program 2 (id=1804):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000400)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x22)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040), 0x2, 0x0)
rmdir(&(0x7f0000000140)='./cgroup/../file0\x00')

39.72160184s ago: executing program 2 (id=1817):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'sit0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r3, {0x0, 0x6}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0x10, 0x1}}]}}, @TCA_RATE={0x6}]}, 0x4c}, 0x1, 0x0, 0x0, 0x48801}, 0x0)

39.72123354s ago: executing program 35 (id=1817):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'sit0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r3, {0x0, 0x6}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0x10, 0x1}}]}}, @TCA_RATE={0x6}]}, 0x4c}, 0x1, 0x0, 0x0, 0x48801}, 0x0)

35.069263877s ago: executing program 7 (id=1947):
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
write$UHID_CREATE2(r0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x70f9a000)
r1 = syz_io_uring_setup(0x19d1, &(0x7f00000003c0)={0x0, 0x0, 0x10100, 0x8000004, 0x8000000}, &(0x7f0000000080)=<r2=>0x0, &(0x7f0000000040)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r1, 0xa3d, 0x0, 0x0, 0x0, 0xff39)
syz_open_dev$hidraw(&(0x7f0000000000), 0x0, 0x81)

34.507418975s ago: executing program 7 (id=1959):
r0 = syz_clone(0x20300000, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r1)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r2 = syz_open_procfs(r0, &(0x7f0000000200)='stack\x00')
syz_usb_connect$cdc_ecm(0x0, 0x4d, &(0x7f0000000100)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x10, 0x525, 0xa4a1, 0x40, 0x0, 0x0, 0xffffffffffff8001, 0x1, [{{0x9, 0x2, 0x3b, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x2, 0x2, 0x0, 0x0, {{0x5}, {0x5, 0x24, 0x0, 0x4}, {0xd, 0x24, 0xf, 0x1, 0x0, 0xfffd, 0x1}}, {[], {}, {{0x9, 0x5, 0x3, 0x2, 0x0, 0xfd}}}}}]}}]}}, 0x0)
preadv(r2, &(0x7f00000001c0)=[{&(0x7f0000000340)=""/230, 0xe6}], 0x1, 0x401, 0x9)

33.934450083s ago: executing program 7 (id=1975):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x1a, &(0x7f0000000100)=0x401, 0x4)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty, 0xffffffff}, 0x1c)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000000)=0x5, 0x4)
bind$inet6(r1, &(0x7f0000000080)={0xa, 0x14e22, 0x0, @ipv4}, 0x1c)

33.904113364s ago: executing program 7 (id=1976):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f0000000580)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x8000000}}, {@noauto_da_alloc}, {@dioread_nolock}, {@usrquota}, {@nobarrier}, {@nodelalloc}, {@minixdf}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x40}}]}, 0x1, 0xba6, &(0x7f0000000c00)="$eJzs3M1rXFUUAPDzXj7bRicVEeumEZEWxGlaSbFFsJWKGxeCboWGdFJCph8kkZo0i4n+A6KuBTeCWpQu7LobBbdutG4tLoQisVEQ0cibjyQ2M0naTvJq8vvBzbt3zpvcc/KYeffCTALYsQayH2nEvog4nUQU6o+nEdFd7fVGVGrnLczPjvwxPzuSxOLi678mkUTE7fnZkcbvSurHPfVBb0R891ISj7y7et7J6Znx4XK5NFEfH5o6d/HQ5PTMs2Pnhs+WzpbOHz76/NCRoaODx4baVuufP5249vuTr/xc+euzv6/89sEnSZyIvnpsZR3tMhADS3+TlTojYrjdk+Wko17PyjqTznWelG5yUgAAtJSuWMM9FoXoiOXFWyG+/j7X5AAAAIC2WOyIWAQAAAC2ucT+HwAAALa5xucAbs/PjjRavp9I2Fq3TkZEf63+hXqrRTqjUj32RldE7L6dxMqvtSa1p923gYi4+eOxL7MWm/Q95LVU5iLi8WbXP6nW31/9Fvfq+tOIGGzD/AN3jP9P9Z9ow/x51w/AznT9ZO1Gtvr+ly6tf6LJ/a+zyb3rXuR9/2us/xZWrf+W6+9osf57bYNzXP70o0utYln9L1x7+YtGy+bPjvdV1F24NRfxRGez+pOl+pMW9Z/e4ByFfy6VWsXyrn/x44gD0bz+hmTt/090aHSsXBqs/Ww6x9y3Q5+3mj/v+rPrv7tF/etd/4sbnOPNU6eutoqtX3/6S3fyRrXXXX/k7eGpqYnDEd3Jq6sfP7J2Lo1zGr8jq//gU2u//pvVn70nVOp/h2wvMFc/ZuN37pjzxSuXv1qr/mzvl+f1P3OP1/+9Dc7x9DfvH2wVW7n/zVo2/82kthcGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIY0IvoiSYtL/TQtFiP2RMSjsTstX5icemb0wlvnz2SxiP7oSkfHyqXBiCjUxkk2PlztL4+P3DF+LiL2RsSHhV3VcXHkQvlM3sUDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwZE9E9EWSFiMijYiFQpoWi3lnBQAAALRdf94JAAAAAJvO/h8AAAC2P/t/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANtne/ddvJBFROb6r2jLd9VhXrpkBmy3NOwEgNx15JwDkpjPvBIDc3OUe33IBtqFknXhvy0hP23MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4MF1YN/1G0lEVI7vqrZMdz3W1fQZ+7cwO2AzpXknAOSmY61g59blAWw9L3HYuZrv8YGdJFkn3rt8TuW/kZ5NywkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAB09ftSVpMSLSaj9Ni8WIhyKiP7qS0bFyaTAiHo6IHwpdPdm4J++kAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaLvJ6Znx4XK5NKGjo5NvJ3kw0qh18n5nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgD5PTM+PD5XJpYjLvTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC8TU7PjA+Xy6WJDXSu3s3JKzp51wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQH7+DQAA//+LYA3r")
open(&(0x7f0000000000)='./bus\x00', 0x1050c1, 0x170)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200]})
write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b)

33.606435548s ago: executing program 7 (id=1983):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
sendto$inet6(r0, 0x0, 0x0, 0x20004041, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000280)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x19}, 0x7}, 0x1c)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000001c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0900000000000000000002000000140001800500020001"], 0x28}}, 0x0)

33.397571981s ago: executing program 7 (id=1989):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000012c0)=ANY=[@ANYBLOB="10000000040000000400000002"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000a80)={{r2}, &(0x7f0000000a00), &(0x7f0000000a40)=r1}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{r2}, &(0x7f0000000880), &(0x7f00000008c0)=r1}, 0x20)

33.397329261s ago: executing program 36 (id=1989):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000012c0)=ANY=[@ANYBLOB="10000000040000000400000002"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000a80)={{r2}, &(0x7f0000000a00), &(0x7f0000000a40)=r1}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{r2}, &(0x7f0000000880), &(0x7f00000008c0)=r1}, 0x20)

9.901144548s ago: executing program 0 (id=2659):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000140)={0x1, &(0x7f00000000c0)=[{0x4, 0x0, 0x0, 0x7ffc1ffb}]})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x1, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1, 0x0, 0x2}, 0x18)
uname(&(0x7f0000000000)=""/228)

9.869362118s ago: executing program 0 (id=2661):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4)
sendmsg$inet(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000240)='n', 0x1}], 0x1}, 0x0)
setsockopt$sock_int(r0, 0x1, 0xa, &(0x7f0000000040)=0x1, 0x4)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000480)={&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0}, &(0x7f00000004c0)=0x40)

9.835376079s ago: executing program 0 (id=2662):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000900)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000000680)={0x0, 0x0, 0x0}, 0x0)
recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0)

9.74595994s ago: executing program 0 (id=2664):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
pivot_root(&(0x7f00000000c0)='./file0\x00', &(0x7f00000001c0)='./file0/../file0/../file0/../file0\x00')

9.7453576s ago: executing program 0 (id=2666):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0xfffeffff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'sit0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000140)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x8}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x8}]}, 0x40}}, 0x0)

9.573259172s ago: executing program 0 (id=2668):
r0 = socket$inet6(0xa, 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000004c0)={'ip6_vti0\x00', &(0x7f0000001080)={'syztnl1\x00', 0x0, 0x29, 0x0, 0x3, 0x0, 0x4e, @private1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x10, 0x7, 0x0, 0x4}})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000680)={'syztnl1\x00', 0x0})

9.517609953s ago: executing program 37 (id=2668):
r0 = socket$inet6(0xa, 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000004c0)={'ip6_vti0\x00', &(0x7f0000001080)={'syztnl1\x00', 0x0, 0x29, 0x0, 0x3, 0x0, 0x4e, @private1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x10, 0x7, 0x0, 0x4}})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000680)={'syztnl1\x00', 0x0})

3.064798956s ago: executing program 5 (id=2865):
r0 = epoll_create1(0x0)
r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$RTC_PIE_ON(r1, 0x7005)
pselect6(0x40, &(0x7f0000000000)={0x9, 0x0, 0x0, 0x7, 0xfffffffffffffffc}, 0x0, 0x0, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000000))
r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$AUTOFS_IOC_EXPIRE(r2, 0x810c9365, &(0x7f0000000080)={{0x101, 0xb668}, 0x100, './file0/file0\x00'})
openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x2d41, 0x0)

2.233570678s ago: executing program 5 (id=2888):
socket(0x29, 0x2e19621493e5494a, 0xb32)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000680)=ANY=[@ANYBLOB="4c000000020601080000000000000000000000400500010006000000050005000200000005000400000000000900020073797a310000000011000300686173683a69702c6d61726b"], 0x4c}}, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000700)=ANY=[@ANYBLOB="480000000906010200000000000000000200ffff200007800c00018008000140e000000208000a400000000205000300020000000900020073797a310000000005000100070000005975192da26ef530a98d26af65b277884f9bd56a1d45840077e8b751bd4a56f5e6bc48d3a07ea2e1f8893b355a6688f9bcba8b0ff34fa839692f4fb58014088752664c69f6e1eef91747e4a894142e892dd7a5e7a66a7566cb9661117a8545e2887adf3dae545f65bfd7a64309ed7d63937df834e3924b3a38d6df06eae1e388a6f6676095278eb5a7149ec41dbe8a6f6db5aa0939d03b410ddac26d591feb1abfaff0e378708a26c1db5c12101e2e349ce5e4927dfcada05885e7b529ba2e4e8d329c7a17365333295a301c2d0d63ee60ae0f268e58b84d9d26dcce4e247ebbc8cbad97f8d24833c16385"], 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080)

1.675608096s ago: executing program 5 (id=2899):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000004080)={{r1}, &(0x7f0000004000), &(0x7f0000004040)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x10)
write$binfmt_misc(r0, &(0x7f0000000240), 0xfffffecc)
ioctl$TIOCSSOFTCAR(r0, 0x541a, &(0x7f0000000000)=0x81d)

1.594087757s ago: executing program 1 (id=2900):
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x1)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000010100008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x2d)
r2 = creat(&(0x7f00000000c0)='./file0\x00', 0x4)
r3 = dup2(r2, r2)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x200000a, 0x1})
ioctl$BLKTRACESETUP(r3, 0x1276, 0x0)

1.341936581s ago: executing program 9 (id=2905):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
unshare(0x2c020400)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
unshare(0x2a020400)

1.282769142s ago: executing program 9 (id=2907):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
creat(&(0x7f0000000040)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x4000000)
r0 = open(&(0x7f0000000040)='./bus\x00', 0x165142, 0x110)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000004c0)='./file0\x00', 0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="73686f72746e616d653d77696e39352c756e695f786c6174653d312c636865636b3d7374726963742c646f733178666c6f7070792c757466383d312c757466383d312c757466383d302c696f636861727365743d6370313235de26302c696f636861727365743d69736f383835392d342c696f636861727365743d64656661756c742c73686f72746e616d653d6d69786564", @ANYRESOCT], 0x80, 0x1ca, &(0x7f0000000200)="$eJzs2z9rU1EYB+D3xiYmdUgGJ3G44OIUmn4Cg1QQA4KSQUFQbAPSKwELBR00m4OT38CP46qfxLGDcOXmj23qbS0Yk2qfZ+nbc88vvCfk5CQheXr95e72cG/wZPA56kkSlVt5HgdJtKISM6MosVY2CAD8Cw7yPL7leV4c541Pkef5qjsCAP622fmfXx45/wHggnj46PG9bq+39SBNa9OhfkT2fr8/+ac7iBeRxU5sRDO+R/ECYWpS37nb29pIx1rxIXu33y+Sxd9L8/lONKNVnu9M8ul8vhrrR/Ob0Yyr5fnN0nwtbt44km9HM74+j2FksR1F9jD/tpOmt+/3juWvjOcBAADA/6Cd/lT6/r3dPun6JN9Nzvr5QBLz+bW45juEALASe6/f7D7Lsp1XCy2qcfbJETGajtTj1zlf1qedJhGxoA5niy+fk/4m/jEiyi7NbnXRd+byikbpuv6sqNYi4rws8LSieHydgzZOL4aVYyPFvhgXjQU1X5/ti5U8HQFLdLj7V90JAAAAAAAAAAAAAABwkmX8dGnVawQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg4vkRAAD//xZnfJg=")
fallocate(r0, 0x10, 0x0, 0x2000)

1.256240812s ago: executing program 1 (id=2910):
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000600)='kfree\x00', r1}, 0x18)
r2 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
r3 = dup2(r2, r2)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000240)={'\x00', 0x40, 0x9, 0x1, 0xa, 0x10})
ioctl$BLKTRACETEARDOWN(r3, 0x1276, 0x0)

1.197353463s ago: executing program 9 (id=2912):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=@base={0x1, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
fcntl$setlease(r0, 0x400, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='leases_conflict\x00', r2}, 0x10)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x101042, 0xa4)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x84402, 0x20)

1.118208704s ago: executing program 1 (id=2915):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x3, &(0x7f0000000440)=@framed, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
r1 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_linger(r1, 0x1, 0x3c, &(0x7f0000000100)={0x200000000000001}, 0x8)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @dev, 0x5}, 0x1c)
setsockopt$inet6_IPV6_HOPOPTS(r1, 0x29, 0x36, &(0x7f0000001440)=ANY=[@ANYBLOB="0017"], 0xc0)
sendmmsg$inet6(r1, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000)
setsockopt$inet6_IPV6_RTHDR(r1, 0x29, 0x39, 0x0, 0x0)

1.117744384s ago: executing program 1 (id=2916):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x52)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r2}, 0x10)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)

1.091919284s ago: executing program 1 (id=2917):
bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="0100000004000000fd09"], 0x50)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
ioctl$TCSETAF(r0, 0x5408, &(0x7f00000000c0)={0x80, 0x8000, 0x0, 0xb9ff, 0x15})
write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x3})
r1 = syz_open_pts(r0, 0x101000)
r2 = dup3(r1, r0, 0x0)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000000)=0x17)

802.856129ms ago: executing program 4 (id=2920):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000540)='inet_sock_set_state\x00', r1}, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000540)='inet_sock_set_state\x00', r3}, 0x10)
listen(r2, 0x3)

741.82891ms ago: executing program 4 (id=2921):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007000000850000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000740), 0x1, r1}, 0x38)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r2, 0x0, 0x2}, 0x18)
r3 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000080)="2e00000038000511d25a80698c63940d0124fc602f6e35400c000200001ec00037153e370a00018025581d00d1bd", 0x2e}], 0x1, 0x0, 0x0, 0x39c}, 0x0)

687.51526ms ago: executing program 1 (id=2922):
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x68, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clock_nanosleep(0xfffffff2, 0xca9a3b, &(0x7f0000000000)={0x77359400}, 0xfffffffffffffffe)
r0 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x14)
fcntl$setsig(r0, 0xa, 0x13)
fcntl$setlease(r0, 0x400, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000280))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
truncate(&(0x7f0000000040)='./file0\x00', 0x0)

669.16242ms ago: executing program 5 (id=2923):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
pivot_root(&(0x7f00000000c0)='./file0/../file0/../file0/../file0\x00', &(0x7f00000001c0)='./file0/../file0/../file0/../file0\x00')
pivot_root(&(0x7f0000000080)='./file0\x00', &(0x7f0000000600)='./file0/../file0/../file0/../file0\x00')

665.74994ms ago: executing program 4 (id=2924):
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200003, 0x0, 0x0, 0x3})
setrlimit(0x40000000000008, &(0x7f0000000000))
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000000000000000000400121001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000002000083850000007100000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
sendmmsg$inet(r0, &(0x7f0000000780)=[{{&(0x7f0000000040)={0x2, 0x4e21, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1414aaffffffff0000000010000000000000000000000007"], 0x30}}], 0x1, 0x4008804)

636.986621ms ago: executing program 5 (id=2925):
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000, 0x0, 0x0, 0x8})
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="180000000040000000000000000000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000020000838500000071000000850000005000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
io_setup(0x2, &(0x7f0000002400)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x2000000000, 0x4, 0x0, 0x1, 0x0, r0, &(0x7f0000000040)="0200ffff0000", 0x6, 0x0, 0x0, 0x2}])

631.453051ms ago: executing program 4 (id=2926):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r2}, 0x10)
socketpair(0x1d, 0x2, 0x2, &(0x7f0000000280))

464.985723ms ago: executing program 4 (id=2931):
r0 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000100)={0x200000000000001}, 0x8)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @dev, 0x5}, 0x1c)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000001440)=ANY=[], 0xc0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xc94284a3061bb7fe, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000)

396.534514ms ago: executing program 4 (id=2934):
socket(0x28, 0x5, 0x0)
socket(0x28, 0x5, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x2000000000000021, 0x2, 0x10000000000002)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0xa, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

396.056854ms ago: executing program 9 (id=2935):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000003e00000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=ANY=[@ANYBLOB="1200000004000000080000000b"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000540)=ANY=[@ANYRES32=r2, @ANYRES32=r1, @ANYBLOB='\a'], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r2, &(0x7f0000000240), &(0x7f0000000140)=@tcp6=r0}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmmsg$inet6(r0, &(0x7f0000002440)=[{{0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000600)="e2", 0x1}], 0x1}}, {{0x0, 0x1, &(0x7f0000000480), 0x14}}], 0x400, 0x10)

352.921825ms ago: executing program 9 (id=2937):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
shmat(0x0, &(0x7f0000aa2000/0x2000)=nil, 0x2000)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='mmap_lock_acquire_returned\x00', r0}, 0x18)
remap_file_pages(&(0x7f0000157000/0x2000)=nil, 0x1fffff, 0x0, 0x0, 0x0)
mremap(&(0x7f0000000000/0x9000)=nil, 0x9000, 0x3000, 0x3, &(0x7f0000ffc000/0x3000)=nil)
sendmmsg(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x40)

217.662607ms ago: executing program 8 (id=2940):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r0}, &(0x7f0000000000), &(0x7f00000005c0)=r1}, 0x20)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f00000000c0), 0xfc, 0x574, &(0x7f0000001980)="$eJzs3c9rHFUcAPDvbJI2/aFJoRT1IIEerNRumsQfFTzUk4gWC3qvS7INJZtuyW5KEwu2B3vxIkUQsSB69+6x+A/4VxS0UKQEPXiJzGY2XZPZNNlumm3384Fp35uZzZvvvvm+fbOzywbQt8bSfwoRL0fEN0nESMu2wcg2jq3tt/Lw+nS6JLG6+ulfSSTZuub+Sfb/oazyUkT89lXEycLmdmtLy3OlSqW8kNXH6/NXxmtLy6cuzZdmy7Ply5NTU2fempp89523uxbr6+f/+f6Tux+e+fr4yne/3D9yO4mzcTjb1hrHE7jRWhmLsew5GYqzG3ac6EJjvSTZ6wOgIwNZng9FOgaMxECW9blWR57moQG77Ms0rYE+lch/6FPNeUDz2r5L18HPjAfvr10AbY5/cO29kRhuXBsdXEn+d2WUXu+OdqH9tI1f/7xzO12i3fsQ+7vQEMAGN25GxOnBwc3jX5KNf507vY19NrbRb68/sJfupvOfN/LmP4X1+U/kzH8O5eRuJx6f/4X7XWimrXT+917u/Hf9ptXoQFZ7oTHnG0ouXqqU07HtxYg4EUP70/pERHyQfxPk88LKvdV27bfO/9Ilbb85F8yO4/7ghvnfTKleevLI1zy4GfFK7vw3We//JKf/0+fj/DbbOFa+82q7bY+Pf3et/hTxWm7/P+rMZOv7k+ON82G8eVZs9vetY7+3a3+v40/7/+DW8Y8mrfdraztv48fhf8vttnV6/u9LPmuU92XrrpXq9YWJiH3Jx5vXTz56bLPe3D+N/8Txrce/vPP/QJrY24z/1tFbrbsO7yz+3ZXGP7Oj/t954d5HX/zQrv3t9f+bjdKJbM12xr/tHuCTPHcAAAAAAADQawoRcTiSQnG9XCgUi2uf7zgaBwuVaq1+8mJ18fJMNL4rOxpDhead7pGWz0NMZJ+HbdYnN9SnIuJIRHw7cKBRL05XKzN7HTwAAAAAAAAAAAAAAAAAAAD0iEMRw3nf/0/9MZD/mDargWfRFj/5DTzn2ud/tqUbv/QE9CSv/9C/5D/0L/kP/Uv+Q/+S/9C/5D/0L/kP/Wsn+f/zuV08EAAAAAAAAAAAAAAAAAAAAAAAAAAAAHg+nD93Ll1WVx5en07rM1eXFueqV0/NlGtzxfnF6eJ0deFKcbZana2Ui9PV+cf9vUq1emViMhavjdfLtfp4bWn5wnx18XL9wqX50mz5QnnoqUQFAAAAAAAAAAAAAAAAAAAAz5ba0vJcqVIpLygodFQY7I3D6MFCoTcOo8PCXo9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDIfwEAAP//wGE62g==")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
fsetxattr$trusted_overlay_redirect(r2, &(0x7f0000000040), 0x0, 0x0, 0x0)

181.247437ms ago: executing program 8 (id=2941):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = memfd_create(&(0x7f0000000100)=';e\x00\x00\xa4\xd8\xe0\x9c\x7f9\x8aZ]3N\xbb\xe1^\x9c\xe1\x9b6s$0Y\xf8\x90\x00\x00\x00\x00\xd2~l\xf6\x12\xde\xdd\xd5\x1d\x96\xb0a\xad\xcd\x16\xd8G\xae\xd9DZm\xabO\xad\x11%\x7f`@\x16c\xc0\xb6\x1f\xe3\x00\x1a_\xc7\xbf\xa7T\xbe\x13\x8b\xb3r\x8fL\xe6\xba\xe7\x18\xb4$BIj\xa3\xc9\xc6|\x9b\x88\xddPx\x02I\xde\xe8\xcd\x02\xc1\xedc2\x06\xcbM\xfb\x13jZ\x96\xeej\x9b\xe4XjN\xb9>\xdf3U\r \x8dh8T/h)\x90\xff\x8d\xd9\x89\xab\xf8P\xacYtk\xa3\xed\xfa*8\x13\b\xce\xf8z\xed\xadnz\x96\xa3\x9a9R\xd9]\xe11We\xfe3\xe06\x1a^\x04^\xef\xa3\x0fU\x9b1\xc6J\x83\x9d[\\a\xfd\xdc\xa1\xcd\xbe\x9b\xc5z7\xe8VP\x89\x16MK`\xe5\x137\b\x00\x00\x00\xd5\x01\xea\x98\xe6Z\x95j\xe3\x0ek>\x14\x80\rXS\xce\xf9\x0e\x89\xc4\xc6\x1bOm4Lla\r\xce\x17\xb5r&\xf3\x96\xbc\xc39\xa7\x95\xd9F\x17', 0x0)
r2 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r2, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
r3 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r3, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}, 0x108)
close_range(r1, 0xffffffffffffffff, 0x0)
ioctl$SIOCSIFMTU(r0, 0x8922, &(0x7f0000000440)={'syz_tun\x00', 0x101})

144.786038ms ago: executing program 5 (id=2942):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r2}, 0x10)
socketpair(0x1d, 0x2, 0x2, &(0x7f0000000280))

93.741849ms ago: executing program 8 (id=2943):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000200), &(0x7f0000000240)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000200000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x31, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r3, &(0x7f0000000500)="a4", 0x34000, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x2000000, @loopback, 0xffffffff}, 0x1c)

93.439539ms ago: executing program 38 (id=2942):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r2}, 0x10)
socketpair(0x1d, 0x2, 0x2, &(0x7f0000000280))

93.197779ms ago: executing program 8 (id=2945):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="05000000010000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000800)={{r0}, &(0x7f0000000780), &(0x7f00000007c0)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2c}}, 0x10)
connect$inet(r2, &(0x7f0000000280)={0x2, 0x4, @multicast1}, 0x10)
sendmmsg$inet(r2, &(0x7f0000004540)=[{{&(0x7f0000000040)={0x2, 0x4e22, @multicast1}, 0x7e1f, 0x0}, 0xee0000b0}, {{0x0, 0x0, &(0x7f00000012c0)=[{&(0x7f0000001100)="15b26f226e2966667482d50903b0a8d92ccd9e69d5cc4cb3d467a670b237a9225fb56c0f7ea725dee27c4bb43bb50c6748c83b71d59f0537405dfab648c096607340fac939a2efd31cbe2f8ca29c409e87ea0974b7bceff9afef5d07d691575f5115f2f961ad488e3386036913e98181a6034febaab853a3e928b9035b0e3a8e1cb393c70f6d0448970e0af2476f8b923ee09c19deca55d58f70e8eeff55dda6381cb96afe97196c0af0a8fd450a1447a1a521e2c211fb84cbcf4aebd31298972ec6bea1764fbde5500fa30c5f2459cff4d7f123ab94cfd5762d586ec7a28abc2f8c9e608f8f964b96ecb0883d60d444f317834a3d734cb304051a60d1a084a84da8f9a23a1b9d4951c0a81985c63ae193f40e9deb358b2f08553324fd6086be9e70e5061568abefebcda50e70f4dab2e4dc0cf6d85aced044d7005326922886194895267165f7f592036ebe11dcf1cad98f5cda766eaea90fb4cb5e793525126c7594f8599055192d63a81d3cd26aadd50983f1c3f1d4655c1b5f59e80f733e3abc4792b760729fd26298ef15141cf76cc4", 0xc3}, {&(0x7f0000000d80)="7d68e6de85f9b0cbc9d710267f321ec64eab043ecad9af7e01e9463218ec45924a99867163e468d36a682fadd749caa325e685d75559a87139e02fae7271be8f55671cfd32a09896278d1941370174720838039d0989bc3394b8a4c4f4a30f0496be313d6d60fe47966c634a3ee1f659e8ef310647725bda0130d5de5028220a4cf5fc808a75694738ee26cb21302b4bba4265b845a5d5dce706d9820c6936b122f9658446d74a9016b94424971dd443a6907eb5c73b6b200e92b23f2c36a214729b0bc231511e4c", 0xc8}, {&(0x7f0000000380)="73fd71361e8d6c80ae1bc9953e2a4aeac7a314273066fc7f65a51969b46df1774bb0be94ccd4824f2d57ad2cd37242b1258402395481f9f07e067652e52aa8ccefcd0962ba0c48757b68d493f3ad702e65d4daa7dfc1605a173185472ae12470eea64c70ef4e64793b8a830447de0f423bef3964934eef4243cac42939ba6fa68d821b9373b5f3e2c26e7ca75ed8fb3203aef3a6637cecdd0251532b99537e02f604058f50e66c8a657d59beeed127695475f082d3d2b9790181fc987ad000ac00887d1506be89f388ecb405660b4ea196ee8f5a92b12ec43bbf49567db613d478ebe2358364f7600bf4f80ef4b2756fb13416c4fa22880cc96a03f07888575aedb001d5a74bb2f906797912b5ac080a0a3d361425f1a92ab03bbe65d5dcb235f43b5ad1162a16ebdc647baac013bf076945126cdd5a080853976a97ad55184601102fbb8df86b21aa8162858d74465c5fb7dc766602a3567f6eaf441f85ec50ca7fb3a4fdb450d1420531da25d01a412958a5e3895c59542238cf8e188e7fb5641eb24a5f1819bf8d2e9dd6c1d0e93564d723e311db9cd268bb1e477036e822b135cdbaf40f812aa7db01d22c829ab01ae24997dae96ddeed49e62d285701d5419e3f94a8b95790cf5a296ed15bffae1f71470c6a6eda872528844a2df42590d898630263cab5cccec57b7cea365ad8c91bfbe7cb419635ce6bf340a56115c0ad922b6fade9538e543bc5def2a85d35ab16d20c219c4733837be2c14ba4d3d32c3a6882ce6857626f55109b4cdcb634425d710bf3108f9b31b4af0cc17a58e49e871a56126dd8bed08e038ba64008587237b3442d28032e52fc9fae1a5784ba59d0edfa03d38352724903ed6f6970b3f4dfa6e40bf933b6765c6ee648174765f1e8ec71b80cac86abd065a3005b40a43a665707cc590997c5048183006a9dd8026d39def05950183b3d4f12f4e1644ef78cddac7c5569985c2c232bb350f28857675339e53f63a868704d2e0b38993dc57a02d3e297fc9a5b9384622841018c303a05bac25d509df5a2d0e3232927283fcc3ec67e4fa7b71d22f115cf693851dcceab4bce38cbfbb32829e211cdcb6a359e14fe416663541050d340aef2555dbd292bd9cbab8fcf20378149cc994569c2bc95fb33fd2d9321b8ac8e5160b02e202492f470eb719a8f2ac3a4be37ea0918b54b14789b7aa228d47f7b13fd9af608740c5a8fe02109a7cc0e555b22628ef790e513ecadfd338d30aed8ca219e64ee4fb0bd0e21e5101bf2072ffa071eb1aa0454caccc015ff1e166813f819a142b56a22e4ff387bb319288a0ef747c6fc8fdee3a0e193b0d086eb816e97e0322fcdaa30da61cd26ac9d8d0748fccd911ce0fd4adc953e9486e137fe66bc8aedfd5b78c562ebfc578ac9f96a453311766564541e16955e30b95914e9411a0b4cd95e0d8732d5ff7a4f921ef41d986a195334266585353b16b9449955523913a30c087532bcb899f733af3abea59baea174cf04359547a633b5f8a582ae3ef12a1d0125bef8c6e8c9fb589d3597c5ab3879491b0c5e3607203f06836a6805d3f7979c4325f9fecb2aceddedb272237132460cda812ef7d613a585898d59f92ef68ec95f12b47b440f6d899ecbfab48055e0c1605ba4cd9dbc17c4cbfec8a953ebbd38c45a6737a57ee58e21a20e530171137968ae4f0d0366cdb0b9d6a4667b011fcd7cd9e77364e5221989d8f0d80793260e748e3bd394849c090c744f6044328304cd6f02e941c5405647daffc1fd2f2864b37f92bbf4931c8e4a7c6bafd0ea79d39d330e70e6776bf6a926de227e5a43653bba04883e98d67bb64aa86e8bf271ba87604bc598e47f2992c7618ad25068860a481554b53352c7339de7e79c3bd1aed5bef8f398432858c888a5d8651969ea40eb3d486e9fe61d49b20500fdfd1548f567da970103d36730657c35d03d2c36b142665f62203b1fb12d616478cfef6f38b34cda87a634dd06d359f33e98b94a5e5b46b2a8d73126352d1d5b65af75055455cc903e384c41876fbdff935d047284d9d203b147a6ba0e9cb50beef7798886c33d2f2f0c0d9abe0e32c7c809f8b0b28fc59471987353c862a311776b8275bf319d5cb9a59f8f103b6e567ef5dd8859973cc3fe41e356bf5bd3186240e49286977eca36a8ad44185973b276cd7958b73e14a221b7fd567818bebf54ad27ee95161bd2aeeb356482ff467500a7d36f0464f58a591ec6b728f984ec78d0abe14c6d3411ac3ffc4c3179d1f95d029f26cceb545723519d3d4209a2b1243e78767273c13dc2bd320512674b6f1a50313bae7b9d16aebb476dbc829e8fd8dd46a1696efaff5795cf75de57c90f05ed9ef4a5cdfbf20d3d9ed95fb4114b1d5c9ade0856212e7ba330ce5bccf2c993dff89112b28bd3b17d3fcfacef7590f62bf948977dd79e2d8025946c80bf263e34035409b5ba1443d4929727180761bd56d258c3670a0aa4de21111fc3172367582de2d164ff3a18d0696b8dd8e5c1423b2ea1e2c0cfe141e4cf04f8cdaed48976b94c40d6a581300458661bbdbfeeb4969af6319eb1798843d0872f68f0c6537bbc9c7dd1e9b0564bf442d8d25f8aa884aba1df074d374f99750d9227bb821ba0355f60de2829a5c8cd47c89d29a2e3d7d53d59db5c3ace8f484664202c210c68a3b33076fb00d59938e84fbad6d6618c0bb89cf94035fa2de4da351e0d71df416450ea7ec3af33aa5c0313c63e654bd79c73b39dc1933636956761058d76648746daca469f8fce62c17a8160cdefc6a927eef9ec4a8dd684e46f35282546ce2362ab8afedd39bf699fd7c2cde538f52ea43c08558f42ba77b2986b800c45fa76a130b30919b3e1d504573e3c1e7dd2dc5d81379df53d736511f1da4ad8791e46adb27bb5c38129e89edda0aed99dcc03fe400f7d05d48e3e9e17744e8487f8ac464c86f7332211fb9799e9d27a6832d5f17ccd1a2da255f6da047e4728dd80860c04391bca4b7833f0346866401ec20033bcf6dfa85fd1520de5a03b4f9f6f5d2f8d7b6e7d7df1cbe5c05e23e080cf335639c94c48aaeb0bfebbe79530d67d35fb101c91839954c0e50dd4b90a86428b22b0be1e906fee30f68d7ce4bf9c68eafe695f07f5e4e4d473d77104b7b1b5dcfeb84e8c83624c0068d4e1cccfe740f8e5d5699603f8481ef2a1f2d4b8fd2314c5cb1985fe34cf8ede7d2e8bddea269422490903489c7f5951114d7ccb29a19455a987d538955712a460243105b25ccb6e6f34c370a6bbb234bee150dbcea5188e45305253f1014f7c0b5d60d517d2d05707f5ca9249a921d6c5307caf41deca0509b49102d801320db65c00f6e1c05fb8c2e1cc554673bf6168dd64086b19af28eec508fd0c304837e802173ac9947c4d73929c61d9632ab929a25f2a04350954612c2de705c1c25215284fe933fc8ccfd30ab3fc9ff5e04dd68d4720d95a29d6da176ac9d332c9ce77358f3c262777ea828fe6473638bc77be2aa586a3733e275744bc42c3742c1ad8f89d25c31958902f2f498c58fc85e9b78fb7a331734cb081cfa9ccfd262df927c0ff46983f8765af4add3532de2b91f2436df028", 0x9fd}], 0x3}}, {{0x0, 0x0, &(0x7f00000017c0)=[{&(0x7f0000001700)="a6", 0x1}], 0x300}}], 0x3, 0x0)

90.699798ms ago: executing program 9 (id=2946):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x143082, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r3, 0x0, 0x2}, 0x18)
close(0x3)

37.388119ms ago: executing program 8 (id=2947):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000380)={0x2, 0x4e22, @multicast2}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x800000000f, &(0x7f0000000080)=0x7, 0x4)
setresuid(0x0, 0xee00, 0xee00)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000000)=0x2, 0x4)
bind$inet6(r1, &(0x7f0000000240)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x43}}}, 0x1c)
listen(r0, 0x0)

0s ago: executing program 8 (id=2948):
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f0000000180)={'ip6_vti0\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @empty, @private2={0xfc, 0x2, '\x00', 0x1}, 0x7800, 0x80, 0xfffffffc, 0xdc67}})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r2, 0x89f2, &(0x7f0000000040)={'syztnl1\x00', 0x0})

kernel console output (not intermixed with test programs):

0000 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[   93.018310][T10310] program syz.1.1536 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   93.034802][   T29] audit: type=1400 audit(1747326674.352:1416): avc:  denied  { lock } for  pid=10311 comm="syz.5.1537" path="socket:[18492]" dev="sockfs" ino=18492 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1
[   93.081917][   T29] audit: type=1400 audit(1747326674.405:1417): avc:  denied  { create } for  pid=10319 comm="syz.5.1539" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[   93.114601][   T29] audit: type=1400 audit(1747326674.405:1418): avc:  denied  { write } for  pid=10319 comm="syz.5.1539" path="socket:[17265]" dev="sockfs" ino=17265 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[   93.189364][   T29] audit: type=1326 audit(1747326674.511:1419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10329 comm="syz.1.1544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13c44be969 code=0x7ffc0000
[   93.212982][   T29] audit: type=1326 audit(1747326674.511:1420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10329 comm="syz.1.1544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13c44be969 code=0x7ffc0000
[   93.341476][T10345] loop2: detected capacity change from 0 to 2048
[   93.350594][T10345] EXT4-fs: test_dummy_encryption option not supported
[   93.403901][T10352] bridge0: entered promiscuous mode
[   93.409510][T10352] macvlan2: entered promiscuous mode
[   93.416477][T10352] bridge0: port 3(macvlan2) entered blocking state
[   93.423252][T10352] bridge0: port 3(macvlan2) entered disabled state
[   93.430235][T10352] macvlan2: entered allmulticast mode
[   93.435676][T10352] bridge0: entered allmulticast mode
[   93.441881][T10352] macvlan2: left allmulticast mode
[   93.447082][T10352] bridge0: left allmulticast mode
[   93.452985][T10352] bridge0: left promiscuous mode
[   93.533977][T10363] loop2: detected capacity change from 0 to 512
[   93.546492][T10363] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[   93.569389][T10363] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002]
[   93.578051][T10363] EXT4-fs error (device loop2): ext4_iget_extra_inode:4693: inode #15: comm syz.2.1552: corrupted in-inode xattr: e_value size too large
[   93.594919][T10363] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.1552: couldn't read orphan inode 15 (err -117)
[   93.609755][T10363] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   93.644073][ T3323] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   93.824962][T10399] bridge0: entered promiscuous mode
[   93.837398][T10399] macvlan2: entered promiscuous mode
[   93.843742][T10406] netlink: 'syz.7.1566': attribute type 10 has an invalid length.
[   93.853251][T10399] bridge0: port 3(macvlan2) entered blocking state
[   93.859975][T10399] bridge0: port 3(macvlan2) entered disabled state
[   93.867914][T10399] macvlan2: entered allmulticast mode
[   93.867934][T10399] bridge0: entered allmulticast mode
[   93.868498][T10399] macvlan2: left allmulticast mode
[   93.868516][T10399] bridge0: left allmulticast mode
[   93.872389][T10399] bridge0: left promiscuous mode
[   93.936274][T10406] hsr_slave_0: left promiscuous mode
[   93.951678][T10427] netlink: 'syz.2.1569': attribute type 27 has an invalid length.
[   93.960645][T10406] hsr_slave_1: left promiscuous mode
[   94.051881][T10442] random: crng reseeded on system resumption
[   94.155067][T10463] loop2: detected capacity change from 0 to 512
[   94.178346][T10463] EXT4-fs (loop2): orphan cleanup on readonly fs
[   94.224879][T10471] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1579'.
[   94.242889][T10463] EXT4-fs error (device loop2): ext4_orphan_get:1417: comm syz.2.1578: bad orphan inode 13
[   94.293173][T10463] ext4_test_bit(bit=12, block=18) = 1
[   94.298635][T10463] is_bad_inode(inode)=0
[   94.302825][T10463] NEXT_ORPHAN(inode)=2130706432
[   94.307838][T10463] max_ino=32
[   94.311330][T10463] i_nlink=1
[   94.345069][T10463] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   94.398208][T10497] bridge0: entered promiscuous mode
[   94.411600][T10497] macvlan2: entered promiscuous mode
[   94.423484][T10497] bridge0: port 3(macvlan2) entered blocking state
[   94.430103][T10497] bridge0: port 3(macvlan2) entered disabled state
[   94.437596][ T3323] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   94.464226][T10497] macvlan2: entered allmulticast mode
[   94.469720][T10497] bridge0: entered allmulticast mode
[   94.492594][T10497] macvlan2: left allmulticast mode
[   94.497880][T10497] bridge0: left allmulticast mode
[   94.509217][T10497] bridge0: left promiscuous mode
[   94.608966][T10540] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1600'.
[   94.641028][T10544] netlink: 256 bytes leftover after parsing attributes in process `syz.7.1601'.
[   94.823771][T10587] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1613'.
[   94.926230][T10607] atomic_op ffff88810ad01128 conn xmit_atomic 0000000000000000
[   94.954928][T10611] loop5: detected capacity change from 0 to 128
[   95.017807][T10621] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=10621 comm=syz.0.1624
[   95.030635][T10621] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=10621 comm=syz.0.1624
[   95.164965][T10651] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[   95.245906][T10663] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1637'.
[   95.255281][T10663] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1637'.
[   95.274038][T10663] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1637'.
[   95.300704][T10663] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1637'.
[   95.309922][T10663] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1637'.
[   95.348559][T10663] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1637'.
[   95.665087][T10687] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   95.684286][T10687] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   96.114583][T10763] netlink: 'syz.7.1667': attribute type 298 has an invalid length.
[   96.293873][T10785] 9pnet: p9_errstr2errno: server reported unknown error ����*�i��Ƈ޿_���k�."��#p�/��yL�a��~+>�����3�l{@./file0
[   96.510498][T10811] loop5: detected capacity change from 0 to 2048
[   96.546679][T10811] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   96.630958][T10825] bond1: entered promiscuous mode
[   96.636043][T10825] bond1: entered allmulticast mode
[   96.642705][T10825] 8021q: adding VLAN 0 to HW filter on device bond1
[   96.663685][T10825] bond1 (unregistering): Released all slaves
[   96.732378][ T3646] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.844697][T10927] loop2: detected capacity change from 0 to 164
[   96.871792][T10927] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   96.894221][T10927] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   97.012632][T10953] loop5: detected capacity change from 0 to 512
[   97.031087][T10953] EXT4-fs: Ignoring removed nobh option
[   97.049918][T10953] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -13
[   97.060679][T10953] EXT4-fs error (device loop5): ext4_clear_blocks:876: inode #13: comm syz.5.1701: attempt to clear invalid blocks 2 len 1
[   97.082102][T10953] EXT4-fs (loop5): Remounting filesystem read-only
[   97.094147][T10953] EXT4-fs (loop5): 1 truncate cleaned up
[   97.106337][T10953] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   97.157464][ T3646] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.272075][T10977] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   97.280720][T10977] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   97.424166][T11013] xt_hashlimit: max too large, truncated to 1048576
[   97.873687][   T29] kauditd_printk_skb: 99 callbacks suppressed
[   97.873702][   T29] audit: type=1326 audit(1747326679.457:1520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11031 comm="syz.2.1723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97e53de969 code=0x7ffc0000
[   97.903401][   T29] audit: type=1326 audit(1747326679.457:1521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11031 comm="syz.2.1723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97e53de969 code=0x7ffc0000
[   97.927154][   T29] audit: type=1326 audit(1747326679.457:1522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11031 comm="syz.2.1723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f97e53de969 code=0x7ffc0000
[   97.951105][   T29] audit: type=1326 audit(1747326679.457:1523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11031 comm="syz.2.1723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97e53de969 code=0x7ffc0000
[   97.974883][   T29] audit: type=1326 audit(1747326679.457:1524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11031 comm="syz.2.1723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97e53de969 code=0x7ffc0000
[   97.998417][   T29] audit: type=1326 audit(1747326679.457:1525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11031 comm="syz.2.1723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f97e53de969 code=0x7ffc0000
[   98.022096][   T29] audit: type=1326 audit(1747326679.457:1526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11031 comm="syz.2.1723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97e53de969 code=0x7ffc0000
[   98.045872][   T29] audit: type=1326 audit(1747326679.457:1527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11031 comm="syz.2.1723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97e53de969 code=0x7ffc0000
[   98.069534][   T29] audit: type=1326 audit(1747326679.457:1528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11031 comm="syz.2.1723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f97e53de969 code=0x7ffc0000
[   98.093048][   T29] audit: type=1326 audit(1747326679.457:1529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11031 comm="syz.2.1723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97e53de969 code=0x7ffc0000
[   98.194945][T11042] futex_wake_op: syz.5.1727 tries to shift op by -1; fix this program
[   98.220933][T11044] netlink: 'syz.2.1728': attribute type 4 has an invalid length.
[   98.352092][T11054] loop5: detected capacity change from 0 to 512
[   98.419574][T11063] bond0: entered promiscuous mode
[   98.424715][T11063] bond_slave_0: entered promiscuous mode
[   98.430649][T11063] bond_slave_1: entered promiscuous mode
[   98.439960][T11054] EXT4-fs (loop5): 1 orphan inode deleted
[   98.446626][T11063] batadv0: entered promiscuous mode
[   98.452902][T11063] hsr1: Slave A (bond0) is not up; please bring it up to get a fully working HSR network
[   98.453051][T11054] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   98.462857][T11063] hsr1: Slave B (batadv0) is not up; please bring it up to get a fully working HSR network
[   98.486165][ T7913] EXT4-fs error (device loop5): ext4_release_dquot:6971: comm kworker/u8:40: Failed to release dquot type 1
[   98.486406][T11063] 8021q: adding VLAN 0 to HW filter on device hsr1
[   98.506520][T11063] bond0: left promiscuous mode
[   98.511414][T11063] bond_slave_0: left promiscuous mode
[   98.517027][T11063] bond_slave_1: left promiscuous mode
[   98.522840][T11054] ext4 filesystem being mounted at /325/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   98.537660][T11063] batadv0: left promiscuous mode
[   98.682200][ T3646] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.698869][ T7913] EXT4-fs error (device loop5): ext4_release_dquot:6971: comm kworker/u8:40: Failed to release dquot type 1
[   98.912211][T11097] loop2: detected capacity change from 0 to 8192
[   98.924615][T11097] vfat: Unknown parameter '&�#�0�!T�.yՄ��������*���#�'
[   99.082958][T11137] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11137 comm=syz.2.1764
[   99.130864][T11135] ------------[ cut here ]------------
[   99.136535][T11135] WARNING: CPU: 1 PID: 11135 at mm/page_alloc.c:4946 __alloc_frozen_pages_noprof+0x218/0x360
[   99.146924][T11135] Modules linked in:
[   99.150948][T11135] CPU: 1 UID: 0 PID: 11135 Comm: syz.5.1763 Not tainted 6.15.0-rc6-syzkaller-00105-g088d13246a46 #0 PREEMPT(voluntary) 
[   99.163600][T11135] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   99.173969][T11135] RIP: 0010:__alloc_frozen_pages_noprof+0x218/0x360
[   99.180860][T11135] Code: 83 3d 83 b2 50 05 02 72 0e 48 83 b8 a0 fb ff ff 00 0f 84 48 ff ff ff 81 ca 00 01 00 00 e9 3d ff ff ff c6 05 32 af 4c 05 01 90 <0f> 0b 90 31 c0 eb 84 a9 00 00 08 00 75 52 44 89 f1 81 e1 7f ff ff
[   99.190061][T11149] loop7: detected capacity change from 0 to 1024
[   99.200678][T11135] RSP: 0018:ffffc90001a63aa8 EFLAGS: 00010246
[   99.200704][T11135] RAX: 420094a9a85d9f00 RBX: 0000000000000016 RCX: 0000000000000000
[   99.200719][T11135] RDX: 0000000000000000 RSI: 0000000000000016 RDI: 0000000000040dc0
[   99.200761][T11135] RBP: 0000000000000dc0 R08: ffff888103511b18 R09: 0000000000000000
[   99.200777][T11135] R10: ffff8881117f0440 R11: 00018881117f0440 R12: ffffc90001a63d38
[   99.217417][T11149] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   99.221419][T11135] R13: 00000000616c6572 R14: 0000000000040dc0 R15: 0000000000000000
[   99.221439][T11135] FS:  00007f493e1276c0(0000) GS:ffff8882aef50000(0000) knlGS:0000000000000000
[   99.221482][T11135] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   99.221500][T11135] CR2: 0000200000001000 CR3: 000000012a910000 CR4: 00000000003506f0
[   99.221521][T11135] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   99.221536][T11135] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600
[   99.221549][T11135] Call Trace:
[   99.221556][T11135]  <TASK>
[   99.221569][T11135]  __alloc_pages_noprof+0x9/0x20
[   99.229855][T11149] ext4 filesystem being mounted at /171/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   99.237747][T11135]  ___kmalloc_large_node+0x73/0x130
[   99.333039][T11135]  __kmalloc_large_node_noprof+0x16/0xa0
[   99.338718][T11135]  __kmalloc_noprof+0x2ab/0x3e0
[   99.343603][T11135]  ? hashtab_init+0x9b/0xe0
[   99.348181][T11135]  hashtab_init+0x9b/0xe0
[   99.352751][T11135]  symtab_init+0x2c/0x40
[   99.357039][T11135]  policydb_read+0x516/0x1330
[   99.361741][T11135]  ? security_load_policy+0x90/0x890
[   99.367069][T11135]  security_load_policy+0xba/0x890
[   99.372286][T11135]  ? rep_movs_alternative+0x4a/0x90
[   99.377554][T11135]  sel_write_load+0x1d4/0x380
[   99.382271][T11135]  ? __pfx_sel_write_load+0x10/0x10
[   99.387555][T11135]  vfs_write+0x266/0x8d0
[   99.391932][T11135]  ? __rcu_read_unlock+0x4f/0x70
[   99.396978][T11135]  ? __fget_files+0x184/0x1c0
[   99.401707][T11135]  ksys_write+0xda/0x1a0
[   99.405971][T11135]  __x64_sys_write+0x40/0x50
[   99.410680][T11135]  x64_sys_call+0x2cdd/0x2fb0
[   99.415478][T11135]  do_syscall_64+0xd0/0x1a0
[   99.420045][T11135]  ? clear_bhb_loop+0x40/0x90
[   99.424825][T11135]  ? clear_bhb_loop+0x40/0x90
[   99.429535][T11135]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.435948][T11135] RIP: 0033:0x7f493fabe969
[   99.440491][T11135] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   99.460320][T11135] RSP: 002b:00007f493e127038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   99.468886][T11135] RAX: ffffffffffffffda RBX: 00007f493fce5fa0 RCX: 00007f493fabe969
[   99.476903][T11135] RDX: 0000000000002000 RSI: 0000200000000000 RDI: 0000000000000003
[   99.484909][T11135] RBP: 00007f493fb40ab1 R08: 0000000000000000 R09: 0000000000000000
[   99.492943][T11135] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   99.501700][T11135] R13: 0000000000000000 R14: 00007f493fce5fa0 R15: 00007ffd6498f6e8
[   99.509887][T11135]  </TASK>
[   99.512981][T11135] ---[ end trace 0000000000000000 ]---
[   99.518502][T11135] SELinux: failed to load policy
[   99.533899][T11152] netlink: 'syz.1.1770': attribute type 3 has an invalid length.
[   99.534215][ T6925] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.550944][T11154] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[   99.662488][T11175] __nla_validate_parse: 5 callbacks suppressed
[   99.662506][T11175] netlink: 12 bytes leftover after parsing attributes in process `+}[@'.
[   99.746108][T11187] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1781'.
[   99.903529][T11209] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1788'.
[  100.038973][T11232] loop2: detected capacity change from 0 to 4096
[  100.084360][T11241] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1797'.
[  100.097418][T11232] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.213200][T11232] loop2: detected capacity change from 4096 to 64
[  100.226785][T11251] EXT4-fs error (device loop2): ext4_write_dquot:6915: comm syz.2.1793: Failed to commit dquot type 0
[  100.259326][T11251] EXT4-fs error (device loop2): ext4_write_dquot:6915: comm syz.2.1793: Failed to commit dquot type 1
[  100.344877][ T3323] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.414737][T11277] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1810'.
[  100.603390][ T7913] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.681451][ T7913] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.747506][ T7913] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.823238][ T7913] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.924417][ T7913] bridge_slave_1: left allmulticast mode
[  100.924943][T11309] loop5: detected capacity change from 0 to 512
[  100.930095][ T7913] bridge_slave_1: left promiscuous mode
[  100.930293][ T7913] bridge0: port 2(bridge_slave_1) entered disabled state
[  100.989483][ T7913] bridge_slave_0: left allmulticast mode
[  100.995175][ T7913] bridge_slave_0: left promiscuous mode
[  101.001420][ T7913] bridge0: port 1(bridge_slave_0) entered disabled state
[  101.018835][T11309] EXT4-fs: Ignoring removed mblk_io_submit option
[  101.151588][T11309] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  101.216375][T11309] EXT4-fs (loop5): 1 truncate cleaned up
[  101.222635][T11309] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  101.263158][ T7913] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  101.283213][ T7913] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  101.304331][ T7913] bond0 (unregistering): Released all slaves
[  101.351961][T11340] program syz.7.1827 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  101.432383][ T7913] hsr_slave_0: left promiscuous mode
[  101.450409][ T7913] hsr_slave_1: left promiscuous mode
[  101.464528][ T7913] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  101.472041][ T7913] batman_adv: batadv0: Removing interface: batadv_slave_0
[  101.501998][ T7913] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  101.509429][ T7913] batman_adv: batadv0: Removing interface: batadv_slave_1
[  101.525737][ T3646] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.538537][ T7913] veth1_macvtap: left allmulticast mode
[  101.544254][ T7913] veth1_macvtap: left promiscuous mode
[  101.551786][ T7913] veth0_macvtap: left promiscuous mode
[  101.558301][ T7913] veth1_vlan: left promiscuous mode
[  101.565305][ T7913] veth0_vlan: left promiscuous mode
[  101.627805][ T7913] team0 (unregistering): Port device batadv1 removed
[  101.650453][T11357] SELinux: failed to load policy
[  101.677382][ T7913] team0 (unregistering): Port device team_slave_1 removed
[  101.691121][ T7913] team0 (unregistering): Port device team_slave_0 removed
[  101.734815][T11348] macvlan2: entered promiscuous mode
[  101.740651][T11348] bridge0: entered promiscuous mode
[  101.748462][T11348] bridge0: port 3(macvlan2) entered blocking state
[  101.755052][T11348] bridge0: port 3(macvlan2) entered disabled state
[  101.761698][T11348] macvlan2: entered allmulticast mode
[  101.767172][T11348] bridge0: entered allmulticast mode
[  101.774058][T11348] macvlan2: left allmulticast mode
[  101.779231][T11348] bridge0: left allmulticast mode
[  101.784586][T11348] bridge0: left promiscuous mode
[  101.796549][T11355] bridge0: entered promiscuous mode
[  101.801909][T11355] macvlan0: entered promiscuous mode
[  101.808205][T11355] bridge0: port 3(macvlan0) entered blocking state
[  101.814857][T11355] bridge0: port 3(macvlan0) entered disabled state
[  101.821593][T11355] macvlan0: entered allmulticast mode
[  101.827147][T11355] bridge0: entered allmulticast mode
[  101.833085][T11355] macvlan0: left allmulticast mode
[  101.838388][T11355] bridge0: left allmulticast mode
[  101.844174][T11355] bridge0: left promiscuous mode
[  101.925540][T11401] macvlan2: entered promiscuous mode
[  101.932039][T11401] bridge0: entered promiscuous mode
[  101.942549][T11401] bridge0: port 3(macvlan2) entered blocking state
[  101.949765][T11401] bridge0: port 3(macvlan2) entered disabled state
[  101.956753][T11401] macvlan2: entered allmulticast mode
[  101.962415][T11401] bridge0: entered allmulticast mode
[  101.968497][T11401] macvlan2: left allmulticast mode
[  101.973648][T11401] bridge0: left allmulticast mode
[  101.979937][T11401] bridge0: left promiscuous mode
[  102.003415][T11320] chnl_net:caif_netlink_parms(): no params data found
[  102.057844][T11320] bridge0: port 1(bridge_slave_0) entered blocking state
[  102.065567][T11320] bridge0: port 1(bridge_slave_0) entered disabled state
[  102.073530][T11320] bridge_slave_0: entered allmulticast mode
[  102.081149][T11320] bridge_slave_0: entered promiscuous mode
[  102.108619][T11320] bridge0: port 2(bridge_slave_1) entered blocking state
[  102.115850][T11320] bridge0: port 2(bridge_slave_1) entered disabled state
[  102.138718][T11320] bridge_slave_1: entered allmulticast mode
[  102.149732][T11320] bridge_slave_1: entered promiscuous mode
[  102.195044][T11320] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  102.215662][T11320] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  102.243234][T11320] team0: Port device team_slave_0 added
[  102.261964][T11320] team0: Port device team_slave_1 added
[  102.296102][T11320] batman_adv: batadv0: Adding interface: batadv_slave_0
[  102.296467][ T3379] page_pool_release_retry() stalled pool shutdown: id 34, 1 inflight 60 sec
[  102.304030][T11320] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  102.339958][T11320] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  102.351800][T11320] batman_adv: batadv0: Adding interface: batadv_slave_1
[  102.359136][T11320] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  102.387423][T11320] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  102.420209][T11320] hsr_slave_0: entered promiscuous mode
[  102.426453][T11320] hsr_slave_1: entered promiscuous mode
[  102.432440][T11320] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  102.440456][T11320] Cannot create hsr debugfs directory
[  102.512014][T11320] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  102.521179][T11320] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  102.530408][T11320] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  102.541963][T11320] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  102.558412][T11320] bridge0: port 2(bridge_slave_1) entered blocking state
[  102.565609][T11320] bridge0: port 2(bridge_slave_1) entered forwarding state
[  102.572989][T11320] bridge0: port 1(bridge_slave_0) entered blocking state
[  102.580157][T11320] bridge0: port 1(bridge_slave_0) entered forwarding state
[  102.609848][T11320] 8021q: adding VLAN 0 to HW filter on device bond0
[  102.622562][ T7893] bridge0: port 1(bridge_slave_0) entered disabled state
[  102.631616][ T7893] bridge0: port 2(bridge_slave_1) entered disabled state
[  102.643335][T11320] 8021q: adding VLAN 0 to HW filter on device team0
[  102.654042][ T7913] bridge0: port 1(bridge_slave_0) entered blocking state
[  102.661342][ T7913] bridge0: port 1(bridge_slave_0) entered forwarding state
[  102.671850][ T7882] bridge0: port 2(bridge_slave_1) entered blocking state
[  102.678985][ T7882] bridge0: port 2(bridge_slave_1) entered forwarding state
[  102.714001][   T29] kauditd_printk_skb: 113 callbacks suppressed
[  102.714015][   T29] audit: type=1400 audit(1747326684.579:1639): avc:  denied  { write } for  pid=11729 comm="syz.7.1847" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  102.756058][T11320] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  102.766574][T11320] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  102.788811][T11735] bridge0: entered promiscuous mode
[  102.794317][T11735] macvlan2: entered promiscuous mode
[  102.801558][T11735] bridge0: port 3(macvlan2) entered blocking state
[  102.806281][T11740] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1850'.
[  102.808233][T11735] bridge0: port 3(macvlan2) entered disabled state
[  102.825731][T11735] macvlan2: entered allmulticast mode
[  102.831233][T11735] bridge0: entered allmulticast mode
[  102.837641][T11735] macvlan2: left allmulticast mode
[  102.842830][T11735] bridge0: left allmulticast mode
[  102.848550][T11735] bridge0: left promiscuous mode
[  102.931400][T11320] 8021q: adding VLAN 0 to HW filter on device batadv0
[  102.980046][   T29] audit: type=1400 audit(1747326684.864:1640): avc:  denied  { relabelfrom } for  pid=11757 comm="syz.0.1856" name="" dev="pipefs" ino=21007 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  103.026390][   T29] audit: type=1400 audit(1747326684.896:1641): avc:  denied  { bind } for  pid=11759 comm="syz.5.1857" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  103.046537][   T29] audit: type=1400 audit(1747326684.896:1642): avc:  denied  { name_bind } for  pid=11759 comm="syz.5.1857" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[  103.067675][   T29] audit: type=1400 audit(1747326684.896:1643): avc:  denied  { node_bind } for  pid=11759 comm="syz.5.1857" saddr=224.0.0.2 src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[  103.148524][T11773] netlink: 'syz.5.1859': attribute type 10 has an invalid length.
[  103.176152][   T29] audit: type=1326 audit(1747326684.980:1644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11603 comm="syz.1.1853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f13c44be969 code=0x7fc00000
[  103.199844][   T29] audit: type=1326 audit(1747326684.980:1645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11603 comm="syz.1.1853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13c44be969 code=0x7fc00000
[  103.223364][   T29] audit: type=1326 audit(1747326684.980:1646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11603 comm="syz.1.1853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13c44be969 code=0x7fc00000
[  103.247023][   T29] audit: type=1326 audit(1747326684.980:1647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11603 comm="syz.1.1853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13c44be969 code=0x7fc00000
[  103.270617][   T29] audit: type=1326 audit(1747326684.980:1648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11603 comm="syz.1.1853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13c44be969 code=0x7fc00000
[  103.297362][T11773] hsr_slave_0: left promiscuous mode
[  103.310253][T11773] hsr_slave_1: left promiscuous mode
[  103.343798][T11320] veth0_vlan: entered promiscuous mode
[  103.359368][T11787] xt_hashlimit: max too large, truncated to 1048576
[  103.361771][T11320] veth1_vlan: entered promiscuous mode
[  103.406208][T11320] veth0_macvtap: entered promiscuous mode
[  103.432389][T11320] veth1_macvtap: entered promiscuous mode
[  103.447448][T11320] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  103.457980][T11320] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  103.467861][T11320] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  103.478442][T11320] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  103.488296][T11320] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  103.498754][T11320] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  103.508667][T11320] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  103.519327][T11320] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  103.535777][T11320] batman_adv: batadv0: Interface activated: batadv_slave_0
[  103.557471][T11320] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  103.568001][T11320] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  103.577878][T11320] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  103.588470][T11320] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  103.598786][T11320] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  103.609268][T11320] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  103.619240][T11320] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  103.629736][T11320] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  103.654506][T11320] batman_adv: batadv0: Interface activated: batadv_slave_1
[  103.665775][T11808] netlink: 'syz.1.1867': attribute type 5 has an invalid length.
[  103.676182][T11320] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  103.685267][T11320] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  103.694276][T11320] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  103.703016][T11320] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  103.720431][T11814] capability: warning: `syz.0.1870' uses 32-bit capabilities (legacy support in use)
[  103.837758][T11836] bond0: entered promiscuous mode
[  103.842961][T11836] bond_slave_0: entered promiscuous mode
[  103.848781][T11836] bond_slave_1: entered promiscuous mode
[  103.857316][T11836] batadv0: entered promiscuous mode
[  103.874828][T11836] 8021q: adding VLAN 0 to HW filter on device hsr1
[  103.905272][T11836] bond0: left promiscuous mode
[  103.910167][T11836] bond_slave_0: left promiscuous mode
[  103.916009][T11836] bond_slave_1: left promiscuous mode
[  103.934181][T11836] batadv0: left promiscuous mode
[  104.069956][T11867] syz.1.1887: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0
[  104.084574][T11867] CPU: 1 UID: 0 PID: 11867 Comm: syz.1.1887 Tainted: G        W           6.15.0-rc6-syzkaller-00105-g088d13246a46 #0 PREEMPT(voluntary) 
[  104.084614][T11867] Tainted: [W]=WARN
[  104.084620][T11867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  104.084635][T11867] Call Trace:
[  104.084640][T11867]  <TASK>
[  104.084647][T11867]  __dump_stack+0x1d/0x30
[  104.084738][T11867]  dump_stack_lvl+0xe8/0x140
[  104.084766][T11867]  dump_stack+0x15/0x1b
[  104.084788][T11867]  warn_alloc+0x12b/0x1a0
[  104.084822][T11867]  ? schedule+0x5f/0xd0
[  104.084858][T11867]  ? futex_unqueue+0xb9/0xf0
[  104.084952][T11867]  __vmalloc_node_range_noprof+0x9c/0xdf0
[  104.084981][T11867]  ? __pfx_futex_wake_mark+0x10/0x10
[  104.085013][T11867]  ? __rcu_read_unlock+0x4f/0x70
[  104.085102][T11867]  ? avc_has_perm_noaudit+0x1b1/0x200
[  104.085125][T11867]  ? should_fail_ex+0x30/0x280
[  104.085161][T11867]  ? xskq_create+0x36/0xe0
[  104.085255][T11867]  ? should_failslab+0x8c/0xb0
[  104.085291][T11867]  vmalloc_user_noprof+0x59/0x70
[  104.085350][T11867]  ? xskq_create+0x80/0xe0
[  104.085382][T11867]  xskq_create+0x80/0xe0
[  104.085473][T11867]  xsk_init_queue+0x95/0xf0
[  104.085506][T11867]  xsk_setsockopt+0x35c/0x510
[  104.085537][T11867]  ? __pfx_xsk_setsockopt+0x10/0x10
[  104.085711][T11867]  __sys_setsockopt+0x181/0x200
[  104.085735][T11867]  ? fpregs_restore_userregs+0xbb/0x190
[  104.085769][T11867]  __x64_sys_setsockopt+0x64/0x80
[  104.085791][T11867]  x64_sys_call+0x2bd5/0x2fb0
[  104.085820][T11867]  do_syscall_64+0xd0/0x1a0
[  104.085846][T11867]  ? clear_bhb_loop+0x40/0x90
[  104.085869][T11867]  ? clear_bhb_loop+0x40/0x90
[  104.085900][T11867]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.085959][T11867] RIP: 0033:0x7f13c44be969
[  104.086025][T11867] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  104.086048][T11867] RSP: 002b:00007f13c2b27038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  104.086072][T11867] RAX: ffffffffffffffda RBX: 00007f13c46e5fa0 RCX: 00007f13c44be969
[  104.086091][T11867] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000006
[  104.086106][T11867] RBP: 00007f13c4540ab1 R08: 0000000000000004 R09: 0000000000000000
[  104.086120][T11867] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  104.086135][T11867] R13: 0000000000000000 R14: 00007f13c46e5fa0 R15: 00007ffcff809208
[  104.086188][T11867]  </TASK>
[  104.325614][T11867] Mem-Info:
[  104.329217][T11867] active_anon:20746 inactive_anon:6 isolated_anon:0
[  104.329217][T11867]  active_file:18819 inactive_file:2255 isolated_file:0
[  104.329217][T11867]  unevictable:0 dirty:246 writeback:0
[  104.329217][T11867]  slab_reclaimable:3303 slab_unreclaimable:16278
[  104.329217][T11867]  mapped:28737 shmem:17681 pagetables:789
[  104.329217][T11867]  sec_pagetables:0 bounce:0
[  104.329217][T11867]  kernel_misc_reclaimable:0
[  104.329217][T11867]  free:1797393 free_pcp:72071 free_cma:0
[  104.374475][T11867] Node 0 active_anon:82984kB inactive_anon:24kB active_file:75276kB inactive_file:9020kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:114948kB dirty:984kB writeback:0kB shmem:70724kB writeback_tmp:0kB kernel_stack:3712kB pagetables:3156kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  104.403473][T11867] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  104.430698][T11867] lowmem_reserve[]: 0 2884 7863 7863
[  104.436060][T11867] Node 0 DMA32 free:2950032kB boost:0kB min:4132kB low:7064kB high:9996kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2953564kB mlocked:0kB bounce:0kB free_pcp:3532kB local_pcp:0kB free_cma:0kB
[  104.464472][T11867] lowmem_reserve[]: 0 0 4978 4978
[  104.469797][T11867] Node 0 Normal free:4224180kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB active_anon:83100kB inactive_anon:24kB active_file:75276kB inactive_file:9020kB unevictable:0kB writepending:984kB present:5242880kB managed:5098244kB mlocked:0kB bounce:0kB free_pcp:284560kB local_pcp:43784kB free_cma:0kB
[  104.500166][T11867] lowmem_reserve[]: 0 0 0 0
[  104.504803][T11867] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  104.517671][T11867] Node 0 DMA32: 4*4kB (M) 2*8kB (M) 3*16kB (M) 4*32kB (M) 3*64kB (M) 2*128kB (M) 3*256kB (M) 3*512kB (M) 4*1024kB (M) 3*2048kB (M) 717*4096kB (M) = 2950032kB
[  104.533941][T11867] Node 0 Normal: 3*4kB (UME) 1*8kB (U) 294*16kB (M) 507*32kB (UME) 373*64kB (ME) 131*128kB (UME) 46*256kB (UM) 11*512kB (UME) 8*1024kB (UME) 4*2048kB (UM) 1008*4096kB (UM) = 4224148kB
[  104.552590][T11867] Node 0 hugepages_total=6 hugepages_free=0 hugepages_surp=2 hugepages_size=2048kB
[  104.562044][T11867] 38725 total pagecache pages
[  104.566743][T11867] 7 pages in swap cache
[  104.571059][T11867] Free swap  = 124968kB
[  104.575235][T11867] Total swap = 124996kB
[  104.579625][T11867] 2097051 pages RAM
[  104.583637][T11867] 0 pages HighMem/MovableOnly
[  104.588421][T11867] 80259 pages reserved
[  104.697671][T11896] 9pnet: p9_errstr2errno: server reported unknown error �j���=��ƫ&B
[  104.753821][T11903] loop5: detected capacity change from 0 to 512
[  104.809380][T11903] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  104.822114][T11913] loop7: detected capacity change from 0 to 512
[  104.823296][T11903] ext4 filesystem being mounted at /361/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  104.862766][T11913] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  104.894887][ T3646] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.906599][T11913] EXT4-fs (loop7): 1 truncate cleaned up
[  104.916506][T11913] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  104.970789][T11913] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.105584][T11953] bond1: entered promiscuous mode
[  105.110689][T11953] bond1: entered allmulticast mode
[  105.116211][T11953] 8021q: adding VLAN 0 to HW filter on device bond1
[  105.134422][T11953] bond1 (unregistering): Released all slaves
[  105.240359][T12036] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1923'.
[  105.250534][T12031] pim6reg1: entered promiscuous mode
[  105.256038][T12031] pim6reg1: entered allmulticast mode
[  105.302117][T12046] loop5: detected capacity change from 0 to 512
[  105.311757][T12046] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  105.338914][T12046] EXT4-fs (loop5): 1 truncate cleaned up
[  105.345058][T12046] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  105.379330][ T3646] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.402519][T12062] loop5: detected capacity change from 0 to 512
[  105.410568][T12062] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  105.441636][T12069] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  105.444273][T12062] EXT4-fs (loop5): 1 truncate cleaned up
[  105.449132][T12069] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  105.477660][T12066] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1934'.
[  105.487061][T12062] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  105.542753][ T3646] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.599027][T12086] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0
[  105.663677][    T9] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  105.677566][T12104] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1945'.
[  105.677908][    T9] hid-generic 0000:0000:0000.0006: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  105.774375][T12119] SELinux: syz.1.1950 (12119) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  106.257372][T12189] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  106.291136][T12189] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  106.428413][T12230] SELinux: syz.1.1963 (12230) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  106.463506][T12236] random: crng reseeded on system resumption
[  106.740846][T12294] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  106.748370][T12294] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  106.882698][T12306] loop7: detected capacity change from 0 to 4096
[  106.910478][T12306] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  106.976810][T12306] loop7: detected capacity change from 4096 to 64
[  106.995327][T12329] EXT4-fs error (device loop7): ext4_write_dquot:6915: comm syz.7.1976: Failed to commit dquot type 0
[  107.067299][T12329] EXT4-fs error (device loop7): ext4_write_dquot:6915: comm syz.7.1976: Failed to commit dquot type 1
[  107.142254][ T6925] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.158841][T12345] netlink: 44 bytes leftover after parsing attributes in process `syz.5.1982'.
[  107.595005][T12387] chnl_net:caif_netlink_parms(): no params data found
[  107.652308][T12387] bridge0: port 1(bridge_slave_0) entered blocking state
[  107.659493][T12387] bridge0: port 1(bridge_slave_0) entered disabled state
[  107.693793][T12387] bridge_slave_0: entered allmulticast mode
[  107.736919][T12387] bridge_slave_0: entered promiscuous mode
[  107.764411][T12387] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.771649][T12387] bridge0: port 2(bridge_slave_1) entered disabled state
[  107.801424][T12387] bridge_slave_1: entered allmulticast mode
[  107.812757][T12387] bridge_slave_1: entered promiscuous mode
[  107.843204][T12387] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  107.855424][T12387] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  107.875156][T12619] mmap: syz.5.2009 (12619) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  107.876697][T12590] vhci_hcd: invalid port number 254
[  107.892679][T12590] vhci_hcd: default hub control req: 040d v0004 i00fe l0
[  107.914914][T12387] team0: Port device team_slave_0 added
[  107.931644][T12387] team0: Port device team_slave_1 added
[  107.971770][   T29] kauditd_printk_skb: 217 callbacks suppressed
[  107.971788][   T29] audit: type=1326 audit(1747326690.132:1864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12657 comm="syz.8.2013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96785ee969 code=0x7ffc0000
[  108.001841][   T29] audit: type=1326 audit(1747326690.132:1865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12657 comm="syz.8.2013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=326 compat=0 ip=0x7f96785ee969 code=0x7ffc0000
[  108.036819][   T29] audit: type=1326 audit(1747326690.132:1866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12657 comm="syz.8.2013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96785ee969 code=0x7ffc0000
[  108.063604][T12387] batman_adv: batadv0: Adding interface: batadv_slave_0
[  108.070739][T12387] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  108.096797][T12387] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  108.138500][T12387] batman_adv: batadv0: Adding interface: batadv_slave_1
[  108.145587][T12387] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  108.171819][T12387] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  108.186161][T12693] loop8: detected capacity change from 0 to 164
[  108.207143][T12693] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  108.223843][   T29] audit: type=1326 audit(1747326690.396:1867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12699 comm="syz.5.2019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f493fabe969 code=0x7ffc0000
[  108.227047][T12693] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  108.247440][   T29] audit: type=1326 audit(1747326690.396:1868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12699 comm="syz.5.2019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f493fabe969 code=0x7ffc0000
[  108.279696][   T29] audit: type=1326 audit(1747326690.449:1869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12699 comm="syz.5.2019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f493fabe969 code=0x7ffc0000
[  108.312390][   T29] audit: type=1326 audit(1747326690.449:1870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12699 comm="syz.5.2019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f493fabe969 code=0x7ffc0000
[  108.336299][   T29] audit: type=1326 audit(1747326690.449:1871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12699 comm="syz.5.2019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f493fabe969 code=0x7ffc0000
[  108.339722][T12693] Symlink component flag not implemented
[  108.360018][   T29] audit: type=1326 audit(1747326690.449:1872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12699 comm="syz.5.2019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f493fabd2d0 code=0x7ffc0000
[  108.366003][T12693] Symlink component flag not implemented
[  108.391312][   T29] audit: type=1326 audit(1747326690.449:1873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12699 comm="syz.5.2019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f493fabe969 code=0x7ffc0000
[  108.425150][T12693] Symlink component flag not implemented (7)
[  108.431412][T12693] Symlink component flag not implemented (116)
[  108.453570][T12387] hsr_slave_0: entered promiscuous mode
[  108.459986][T12387] hsr_slave_1: entered promiscuous mode
[  108.472576][T12387] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  108.489580][T12387] Cannot create hsr debugfs directory
[  108.524275][T12751] hub 9-0:1.0: USB hub found
[  108.540675][T12755] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2026'.
[  108.549918][T12755] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2026'.
[  108.559686][T12751] hub 9-0:1.0: 8 ports detected
[  108.575910][T12755] erspan0: entered promiscuous mode
[  108.595048][T12755] gretap0: entered promiscuous mode
[  108.603302][T12755] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  108.612999][T12755] Cannot create hsr debugfs directory
[  108.788438][T12387] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  108.804125][T12858] netlink: 'syz.0.2038': attribute type 4 has an invalid length.
[  108.812726][T12387] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  108.848579][T12387] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  108.870044][T12387] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  108.897316][T12874] xt_hashlimit: max too large, truncated to 1048576
[  108.930923][T12387] 8021q: adding VLAN 0 to HW filter on device bond0
[  108.974941][T12387] 8021q: adding VLAN 0 to HW filter on device team0
[  108.988023][T12886] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2045'.
[  108.998838][ T7916] bridge0: port 1(bridge_slave_0) entered blocking state
[  109.006214][ T7916] bridge0: port 1(bridge_slave_0) entered forwarding state
[  109.023494][    T9] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  109.025930][ T7916] bridge0: port 2(bridge_slave_1) entered blocking state
[  109.037979][ T7916] bridge0: port 2(bridge_slave_1) entered forwarding state
[  109.047438][    T9] hid-generic 0000:0000:0000.0007: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  109.071449][T12886] bond0: (slave bond_slave_0): Releasing backup interface
[  109.202814][T12387] 8021q: adding VLAN 0 to HW filter on device batadv0
[  109.401162][T12963] loop8: detected capacity change from 0 to 1024
[  109.432677][T12963] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  109.465646][T12387] veth0_vlan: entered promiscuous mode
[  109.481003][T11320] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.499572][T12387] veth1_vlan: entered promiscuous mode
[  109.550439][T12387] veth0_macvtap: entered promiscuous mode
[  109.565575][T12387] veth1_macvtap: entered promiscuous mode
[  109.591102][T12387] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  109.601642][T12387] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  109.611662][T12387] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  109.622157][T12387] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  109.632032][T12387] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  109.642858][T12387] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  109.652721][T12387] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  109.663243][T12387] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  109.673120][T12387] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  109.683746][T12387] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  109.696236][T12387] batman_adv: batadv0: Interface activated: batadv_slave_0
[  109.719168][T12997] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=12997 comm=syz.0.2059
[  109.748199][T12387] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  109.758778][T12387] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  109.768694][T12387] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  109.779248][T12387] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  109.789290][T12387] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  109.799765][T12387] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  109.809832][T12387] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  109.820481][T12387] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  109.830381][T12387] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  109.840931][T12387] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  109.852684][T12387] batman_adv: batadv0: Interface activated: batadv_slave_1
[  109.877915][T12387] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  109.886824][T12387] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  109.895729][T12387] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  109.904478][T12387] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  109.948900][T13027] random: crng reseeded on system resumption
[  109.967341][T13032] netlink: 20 bytes leftover after parsing attributes in process `syz.8.2065'.
[  110.137489][T13055] xt_CT: No such helper "pptp"
[  110.243358][T13076] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  110.243358][T13076]    program syz.9.2070 not setting count and/or reply_len properly
[  110.303367][T13082] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2074'.
[  110.312338][T13082] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2074'.
[  110.419635][    T9] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  110.439081][    T9] hid-generic 0000:0000:0000.0008: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  110.533636][T13134] xt_hashlimit: max too large, truncated to 1048576
[  110.551281][ T7893] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  110.606935][ T7893] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  110.674724][ T7893] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  110.735256][ T7893] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  110.802861][T13158] random: crng reseeded on system resumption
[  110.885057][ T7893] bridge_slave_1: left allmulticast mode
[  110.891008][ T7893] bridge_slave_1: left promiscuous mode
[  110.896752][ T7893] bridge0: port 2(bridge_slave_1) entered disabled state
[  110.909513][ T7893] bridge_slave_0: left promiscuous mode
[  110.915228][ T7893] bridge0: port 1(bridge_slave_0) entered disabled state
[  111.026081][T13191] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  111.035898][T13191] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  111.045917][ T7893] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  111.056267][ T7893] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  111.065936][ T7893] bond0 (unregistering): Released all slaves
[  111.075383][ T7893] bond1 (unregistering): Released all slaves
[  111.117903][ T7893] tipc: Disabling bearer <udp:s>
[  111.123018][ T7893] tipc: Left network mode
[  111.130608][ T7893] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  111.138098][ T7893] batman_adv: batadv0: Removing interface: batadv_slave_0
[  111.145882][ T7893] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  111.153456][ T7893] batman_adv: batadv0: Removing interface: batadv_slave_1
[  111.165910][ T7893] veth1_macvtap: left promiscuous mode
[  111.168270][ T3392] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  111.171551][ T7893] veth0_macvtap: left promiscuous mode
[  111.204131][ T3392] hid-generic 0000:0000:0000.0009: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  111.220836][ T7893] veth1_vlan: left promiscuous mode
[  111.236188][ T7893] veth0_vlan: left promiscuous mode
[  111.392988][T13225] netlink: 96 bytes leftover after parsing attributes in process `syz.5.2102'.
[  111.401360][ T7893] team0 (unregistering): Port device team_slave_1 removed
[  111.407190][T13225] netlink: 'syz.5.2102': attribute type 5 has an invalid length.
[  111.417264][T13225] netlink: 44 bytes leftover after parsing attributes in process `syz.5.2102'.
[  111.426643][ T7893] team0 (unregistering): Port device team_slave_0 removed
[  111.525139][T13232] netlink: 104 bytes leftover after parsing attributes in process `syz.5.2106'.
[  111.601502][T13245] loop9: detected capacity change from 0 to 512
[  111.627952][T13245] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  111.661854][T13251] loop8: detected capacity change from 0 to 2048
[  111.669270][T13245] ext4 filesystem being mounted at /8/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  111.697237][T13251]  loop8: p1 < > p4 < >
[  111.709997][T13249] loop5: detected capacity change from 0 to 8192
[  111.826677][T12387] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.848321][T13292] SELinux: ebitmap start bit (1728054080) is beyond the end of the bitmap (1472)
[  111.863897][T13292] SELinux: failed to load policy
[  111.968046][T13319] ������: renamed from vlan1 (while UP)
[  112.065149][T13327] C: renamed from team_slave_0 (while UP)
[  112.084549][T13327] netlink: 'syz.9.2129': attribute type 1 has an invalid length.
[  112.092467][T13327] netlink: 152 bytes leftover after parsing attributes in process `syz.9.2129'.
[  112.104715][T13327] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  112.137473][T13324] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2125'.
[  112.155046][T13332] syzkaller0: entered promiscuous mode
[  112.160692][T13332] syzkaller0: entered allmulticast mode
[  112.190321][T13332] PF_CAN: dropped non conform CAN skbuff: dev type 65534, len 65487
[  112.285689][T13362] syzkaller1: entered promiscuous mode
[  112.291346][T13362] syzkaller1: entered allmulticast mode
[  112.385879][ T3379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  112.393538][ T3379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  112.401029][ T3379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  112.416944][ T3379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  112.424556][ T3379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  112.432029][ T3379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  112.439574][ T3379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  112.447167][ T3379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  112.454801][ T3379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  112.462309][ T3379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  112.469752][ T3379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  112.477208][ T3379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  112.484746][ T3379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  112.492201][ T3379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  112.499873][ T3379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  112.507335][ T3379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  112.514853][ T3379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  112.522376][ T3379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  112.529971][ T3379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  112.537536][ T3379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  112.545087][ T3379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  112.552623][ T3379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  112.560205][ T3379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  112.567646][ T3379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  112.575137][ T3379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  112.582589][ T3379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  112.590041][ T3379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  112.597490][ T3379] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  112.606223][ T3379] hid-generic 0000:0000:0000.000A: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  112.724377][T13408] macsec0: entered promiscuous mode
[  112.729715][T13408] macsec0: entered allmulticast mode
[  112.754751][T13408] veth1_macvtap: entered allmulticast mode
[  112.767595][T13408] macsec0: left promiscuous mode
[  112.772677][T13408] macsec0: left allmulticast mode
[  112.777856][T13408] veth1_macvtap: left allmulticast mode
[  112.821736][   T29] kauditd_printk_skb: 84 callbacks suppressed
[  112.821751][   T29] audit: type=1326 audit(1747326695.239:1958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13417 comm="syz.9.2152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f5f49655927 code=0x7ffc0000
[  112.857214][   T29] audit: type=1326 audit(1747326695.239:1959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13417 comm="syz.9.2152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5f495fab39 code=0x7ffc0000
[  112.880927][   T29] audit: type=1326 audit(1747326695.239:1960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13417 comm="syz.9.2152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f5f49655927 code=0x7ffc0000
[  112.904623][   T29] audit: type=1326 audit(1747326695.239:1961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13417 comm="syz.9.2152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5f495fab39 code=0x7ffc0000
[  112.913878][T13422] loop5: detected capacity change from 0 to 1024
[  112.928123][   T29] audit: type=1326 audit(1747326695.239:1962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13417 comm="syz.9.2152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f4965e969 code=0x7ffc0000
[  112.928161][   T29] audit: type=1326 audit(1747326695.239:1963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13417 comm="syz.9.2152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f4965e969 code=0x7ffc0000
[  112.928203][   T29] audit: type=1326 audit(1747326695.250:1964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13417 comm="syz.9.2152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f5f4965e969 code=0x7ffc0000
[  112.928234][   T29] audit: type=1326 audit(1747326695.261:1965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13417 comm="syz.9.2152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f5f49655927 code=0x7ffc0000
[  112.928265][   T29] audit: type=1326 audit(1747326695.261:1966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13417 comm="syz.9.2152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5f495fab39 code=0x7ffc0000
[  113.052880][   T29] audit: type=1326 audit(1747326695.261:1967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13417 comm="syz.9.2152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f5f49655927 code=0x7ffc0000
[  113.082073][T13422] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  113.125936][T13422] ext4 filesystem being mounted at /413/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  113.324322][T13438] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2160'.
[  113.453063][T13447] loop8: detected capacity change from 0 to 256
[  113.525336][T13461] xt_CT: No such helper "pptp"
[  113.682480][ T3646] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.833809][T13498] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2182'.
[  114.332280][T13517] loop8: detected capacity change from 0 to 512
[  114.352103][T13517] EXT4-fs (loop8): 1 orphan inode deleted
[  114.358554][T13517] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  114.371403][ T7936] EXT4-fs error (device loop8): ext4_release_dquot:6971: comm kworker/u8:59: Failed to release dquot type 1
[  114.376984][T13517] ext4 filesystem being mounted at /40/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  114.415216][T11320] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.509680][T13539] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2197'.
[  114.630553][T13549] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  114.652690][T13549] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  114.667318][T13555] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=13555 comm=syz.0.2204
[  115.008794][T13596] IPVS: Error joining to the multicast group
[  115.098909][T13607] loop9: detected capacity change from 0 to 2048
[  115.135954][T13607] EXT4-fs (loop9): failed to initialize system zone (-117)
[  115.143327][T13607] EXT4-fs (loop9): mount failed
[  115.250215][T13629] ip6gretap1: entered allmulticast mode
[  115.405388][T13638] __nla_validate_parse: 3 callbacks suppressed
[  115.405403][T13638] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2235'.
[  115.926151][T13693] loop8: detected capacity change from 0 to 128
[  116.061701][T13702] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2252'.
[  116.083349][T13702] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2252'.
[  116.150704][T13700] wireguard0: entered promiscuous mode
[  116.156223][T13700] wireguard0: entered allmulticast mode
[  116.361513][T13734] loop8: detected capacity change from 0 to 2048
[  116.385748][T13737] caif0: entered promiscuous mode
[  116.390967][T13737] caif0: entered allmulticast mode
[  116.404470][T13734] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  116.440680][T13743] syzkaller1: entered promiscuous mode
[  116.446351][T13743] syzkaller1: entered allmulticast mode
[  116.475085][T11320] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.522297][T13759] netlink: 'syz.9.2267': attribute type 21 has an invalid length.
[  116.530269][T13759] netlink: 128 bytes leftover after parsing attributes in process `syz.9.2267'.
[  116.540096][T13759] netlink: 'syz.9.2267': attribute type 4 has an invalid length.
[  116.548037][T13759] netlink: 'syz.9.2267': attribute type 5 has an invalid length.
[  116.555931][T13759] netlink: 3 bytes leftover after parsing attributes in process `syz.9.2267'.
[  116.970172][T13779] loop9: detected capacity change from 0 to 512
[  116.987143][T13779] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  117.004895][T13779] EXT4-fs (loop9): 1 truncate cleaned up
[  117.016619][T13779] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  117.056519][T12387] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.424355][T13859] netlink: 'syz.9.2289': attribute type 1 has an invalid length.
[  117.432203][T13859] netlink: 'syz.9.2289': attribute type 1 has an invalid length.
[  117.882336][T13896] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2303'.
[  117.994936][   T29] kauditd_printk_skb: 72 callbacks suppressed
[  117.994954][   T29] audit: type=1326 audit(1747326700.703:2039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13905 comm="syz.8.2306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96785ee969 code=0x7ffc0000
[  118.025387][   T29] audit: type=1326 audit(1747326700.703:2040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13905 comm="syz.8.2306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96785ee969 code=0x7ffc0000
[  118.048992][   T29] audit: type=1326 audit(1747326700.714:2041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13905 comm="syz.8.2306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f96785ee969 code=0x7ffc0000
[  118.072554][   T29] audit: type=1326 audit(1747326700.714:2042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13905 comm="syz.8.2306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96785ee969 code=0x7ffc0000
[  118.096763][   T29] audit: type=1326 audit(1747326700.714:2043): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13905 comm="syz.8.2306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f96785ee969 code=0x7ffc0000
[  118.120595][   T29] audit: type=1326 audit(1747326700.714:2044): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13905 comm="syz.8.2306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96785ee969 code=0x7ffc0000
[  118.144553][   T29] audit: type=1326 audit(1747326700.714:2045): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13905 comm="syz.8.2306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f96785e5927 code=0x7ffc0000
[  118.168157][   T29] audit: type=1326 audit(1747326700.714:2046): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13905 comm="syz.8.2306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f967858ab39 code=0x7ffc0000
[  118.191678][   T29] audit: type=1326 audit(1747326700.714:2047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13905 comm="syz.8.2306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f96785e5927 code=0x7ffc0000
[  118.215181][   T29] audit: type=1326 audit(1747326700.714:2048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13905 comm="syz.8.2306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f967858ab39 code=0x7ffc0000
[  118.336539][T13934] ip6gretap1: entered allmulticast mode
[  118.487696][T13963] loop5: detected capacity change from 0 to 512
[  118.498760][T13963] EXT4-fs error (device loop5): ext4_orphan_get:1391: inode #15: comm syz.5.2324: casefold flag without casefold feature
[  118.511982][T13963] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.2324: couldn't read orphan inode 15 (err -117)
[  118.530107][T13963] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  118.562981][ T3646] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.637942][T13980] loop9: detected capacity change from 0 to 256
[  118.680136][T13988] netlink: 'syz.9.2332': attribute type 10 has an invalid length.
[  118.688261][T13988] bridge0: port 2(bridge_slave_1) entered disabled state
[  118.695436][T13988] bridge0: port 1(bridge_slave_0) entered disabled state
[  118.707121][T13988] bridge0: port 2(bridge_slave_1) entered blocking state
[  118.714236][T13988] bridge0: port 2(bridge_slave_1) entered forwarding state
[  118.721616][T13988] bridge0: port 1(bridge_slave_0) entered blocking state
[  118.728776][T13988] bridge0: port 1(bridge_slave_0) entered forwarding state
[  118.739810][T13988] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  118.821011][T13998] netlink: 332 bytes leftover after parsing attributes in process `syz.5.2336'.
[  118.830470][T13998] netlink: 'syz.5.2336': attribute type 9 has an invalid length.
[  118.838397][T13998] netlink: 108 bytes leftover after parsing attributes in process `syz.5.2336'.
[  118.847600][T13998] netlink: 32 bytes leftover after parsing attributes in process `syz.5.2336'.
[  118.880288][T14000] C: renamed from team_slave_0 (while UP)
[  118.888063][T14000] netlink: 'syz.5.2337': attribute type 3 has an invalid length.
[  118.895997][T14000] netlink: 152 bytes leftover after parsing attributes in process `syz.5.2337'.
[  118.908036][T14000] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  119.203563][T14012] syz_tun: entered allmulticast mode
[  119.210101][T14011] syz_tun: left allmulticast mode
[  119.417738][T14021] netlink: 'syz.5.2346': attribute type 1 has an invalid length.
[  119.443798][T14021] bond1: entered promiscuous mode
[  119.450773][T14021] 8021q: adding VLAN 0 to HW filter on device bond1
[  119.473468][T14021] batadv1: entered promiscuous mode
[  119.478854][T14021] batadv1: entered allmulticast mode
[  119.485658][T14021] 8021q: adding VLAN 0 to HW filter on device batadv1
[  119.494231][T14021] bond1: (slave batadv1): making interface the new active one
[  119.503303][T14021] bond1: (slave batadv1): Enslaving as an active interface with an up link
[  119.547980][T14064] loop5: detected capacity change from 0 to 512
[  119.558923][T14062] vhci_hcd: default hub control req: 6006 v0301 i0000 l0
[  119.569754][T14064] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  119.622011][T14064] EXT4-fs (loop5): 1 truncate cleaned up
[  119.628204][T14064] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  119.661467][    C1] vcan0: j1939_tp_rxtimer: 0xffff888119432e00: rx timeout, send abort
[  119.669887][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888119432e00: 0x20000: (3) A timeout occurred and this is the connection abort to close the session.
[  119.696196][T14073] netem: change failed
[  119.735377][ T3646] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  119.761383][T14077] can0: slcan on ttyS3.
[  119.829008][T14077] can0 (unregistered): slcan off ttyS3.
[  119.834833][T14077] Falling back ldisc for ttyS3.
[  119.994519][T14114] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[  120.198433][T14121] loop8: detected capacity change from 0 to 512
[  120.203944][T14121] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  120.225384][T14121] EXT4-fs (loop8): 1 truncate cleaned up
[  120.225856][T14121] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  120.255254][T11320] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  120.509059][T14152] SELinux:  policydb version -898261484 does not match my version range 15-34
[  120.509128][T14152] SELinux: failed to load policy
[  120.561549][T14158] __nla_validate_parse: 1 callbacks suppressed
[  120.561588][T14158] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2372'.
[  120.699568][T14158] 8021q: adding VLAN 0 to HW filter on device team1
[  121.587301][T14238] netlink: 'syz.8.2391': attribute type 1 has an invalid length.
[  121.714372][T14253] netlink: 332 bytes leftover after parsing attributes in process `syz.0.2395'.
[  121.725805][T14253] netlink: 'syz.0.2395': attribute type 9 has an invalid length.
[  121.733570][T14253] netlink: 108 bytes leftover after parsing attributes in process `syz.0.2395'.
[  121.742668][T14253] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2395'.
[  121.762633][T14257] vhci_hcd: default hub control req: 6006 v0301 i0000 l0
[  121.828337][T14265] loop8: detected capacity change from 0 to 2048
[  121.922765][T14281] wireguard0: entered promiscuous mode
[  121.928372][T14281] wireguard0: entered allmulticast mode
[  122.126864][T14302] geneve0: entered allmulticast mode
[  122.163033][T14307] netlink: 'syz.8.2409': attribute type 1 has an invalid length.
[  122.178236][T14307] bond1: entered promiscuous mode
[  122.184074][T14307] 8021q: adding VLAN 0 to HW filter on device bond1
[  122.200485][T14307] netlink: 3 bytes leftover after parsing attributes in process `syz.8.2409'.
[  122.212716][T14307] batadv1: entered promiscuous mode
[  122.218059][T14307] batadv1: entered allmulticast mode
[  122.238895][T14307] 8021q: adding VLAN 0 to HW filter on device batadv1
[  122.250539][T14307] bond1: (slave batadv1): making interface the new active one
[  122.259051][T14307] bond1: (slave batadv1): Enslaving as an active interface with an up link
[  122.327589][T14352] loop9: detected capacity change from 0 to 512
[  122.343085][T14357] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2418'.
[  122.354020][T14352] EXT4-fs (loop9): 1 orphan inode deleted
[  122.360441][T14352] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  122.374635][ T7921] EXT4-fs error (device loop9): ext4_release_dquot:6971: comm kworker/u8:47: Failed to release dquot type 1
[  122.375395][T14352] ext4 filesystem being mounted at /77/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  122.425377][T12387] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  122.462494][T14370] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  122.481826][T14370] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap1
[  122.493149][T14370] batman_adv: batadv0: Adding interface: ip6gretap1
[  122.499832][T14370] batman_adv: batadv0: The MTU of interface ip6gretap1 is too small (1434) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  122.527895][T14370] batman_adv: batadv0: Interface activated: ip6gretap1
[  122.572067][T14376] vhci_hcd: invalid port number 65
[  122.762525][T14392] vhci_hcd: invalid port number 96
[  122.767710][T14392] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  122.861268][   T29] kauditd_printk_skb: 225 callbacks suppressed
[  122.861283][   T29] audit: type=1400 audit(1747326705.828:2273): avc:  denied  { setopt } for  pid=14407 comm="syz.0.2436" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  122.899264][   T29] audit: type=1400 audit(1747326705.828:2274): avc:  denied  { read } for  pid=14407 comm="syz.0.2436" path="socket:[26230]" dev="sockfs" ino=26230 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  122.941311][T14412] netlink: 'syz.5.2438': attribute type 298 has an invalid length.
[  123.142531][   T29] audit: type=1400 audit(1747326706.133:2275): avc:  denied  { bind } for  pid=14435 comm="syz.0.2443" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  123.190498][T14437] loop8: detected capacity change from 0 to 256
[  123.198186][T14437] FAT-fs (loop8): bogus number of FAT sectors
[  123.204322][T14437] FAT-fs (loop8): Can't find a valid FAT filesystem
[  123.385607][T14460] wireguard0: entered promiscuous mode
[  123.391671][T14460] wireguard0: entered allmulticast mode
[  123.453790][T14474] netlink: 304 bytes leftover after parsing attributes in process `syz.8.2457'.
[  123.466711][T14474] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2457'.
[  123.469728][T14482] netlink: 12 bytes leftover after parsing attributes in process `syz.9.2459'.
[  123.578272][T14494] loop5: detected capacity change from 0 to 1024
[  123.603080][   T29] audit: type=1400 audit(1747326706.608:2276): avc:  denied  { read } for  pid=14495 comm="syz.0.2465" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  123.650428][T14494] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  123.685907][T14494] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  123.701169][T14494] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 64 with error 28
[  123.713605][T14494] EXT4-fs (loop5): This should not happen!! Data will be lost
[  123.713605][T14494] 
[  123.723501][T14494] EXT4-fs (loop5): Total free blocks count 0
[  123.729575][T14494] EXT4-fs (loop5): Free/Dirty block details
[  123.735495][T14494] EXT4-fs (loop5): free_blocks=68451041280
[  123.741404][T14494] EXT4-fs (loop5): dirty_blocks=64
[  123.746613][T14494] EXT4-fs (loop5): Block reservation details
[  123.752614][T14494] EXT4-fs (loop5): i_reserved_data_blocks=4
[  123.804899][ T3646] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  123.921636][T14532] loop5: detected capacity change from 0 to 1024
[  123.949218][T14532] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  123.981924][T14532] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4113: comm syz.5.2474: Allocating blocks 497-513 which overlap fs metadata
[  124.000883][T14532] EXT4-fs (loop5): pa ffff8881071668c0: logic 16, phys. 145, len 23
[  124.008992][T14532] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1
[  124.022582][T14542] wireguard0: entered promiscuous mode
[  124.028124][T14542] wireguard0: entered allmulticast mode
[  124.036786][T14532] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 28
[  124.049255][T14532] EXT4-fs (loop5): This should not happen!! Data will be lost
[  124.049255][T14532] 
[  124.059076][T14532] EXT4-fs (loop5): Total free blocks count 0
[  124.065090][T14532] EXT4-fs (loop5): Free/Dirty block details
[  124.071055][T14532] EXT4-fs (loop5): free_blocks=16
[  124.076179][T14532] EXT4-fs (loop5): dirty_blocks=0
[  124.081272][T14532] EXT4-fs (loop5): Block reservation details
[  124.087276][T14532] EXT4-fs (loop5): i_reserved_data_blocks=0
[  124.433859][T14584] pimreg: entered allmulticast mode
[  124.470096][T14584] pimreg: left allmulticast mode
[  124.939395][T14658] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  125.085514][   T29] audit: type=1326 audit(1747326708.178:2277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14682 comm="syz.1.2500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13c44be969 code=0x7ffc0000
[  125.109433][   T29] audit: type=1326 audit(1747326708.178:2278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14682 comm="syz.1.2500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f13c44bd2d0 code=0x7ffc0000
[  125.116037][T14683] sd 0:0:1:0: device reset
[  125.133486][   T29] audit: type=1326 audit(1747326708.178:2279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14682 comm="syz.1.2500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13c44be969 code=0x7ffc0000
[  125.166428][   T29] audit: type=1326 audit(1747326708.210:2280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14682 comm="syz.1.2500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f13c44be969 code=0x7ffc0000
[  125.214986][   T29] audit: type=1326 audit(1747326708.294:2281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14682 comm="syz.1.2500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13c44be969 code=0x7ffc0000
[  125.238812][   T29] audit: type=1326 audit(1747326708.294:2282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14682 comm="syz.1.2500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13c44be969 code=0x7ffc0000
[  125.548083][   T36] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0
[  125.556103][   T36] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0
[  125.564163][   T36] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0
[  125.584012][   T36] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0
[  125.591975][   T36] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0
[  125.599817][   T36] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0
[  125.607639][   T36] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0
[  125.615680][   T36] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0
[  125.623897][   T36] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0
[  125.631810][   T36] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0
[  125.639798][   T36] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0
[  125.648040][   T36] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0
[  125.656030][   T36] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0
[  125.663942][   T36] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0
[  125.673973][   T36] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0
[  125.682182][   T36] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0
[  125.690043][   T36] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0
[  125.698008][   T36] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0
[  125.705838][   T36] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0
[  125.713675][   T36] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0
[  125.721456][   T36] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0
[  125.729749][   T36] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0
[  125.737883][   T36] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0
[  125.746028][   T36] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0
[  125.753855][   T36] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0
[  125.761798][   T36] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0
[  125.769581][   T36] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0
[  125.777536][   T36] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0
[  125.785338][   T36] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0
[  125.794004][   T36] hid-generic 0000:0000:20000000.000B: hidraw0: <UNKNOWN> HID v0.01 Device [syz0] on syz1
[  126.023111][T14806] SELinux: failed to load policy
[  126.159579][T14821] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  126.200357][T14824] pimreg: entered allmulticast mode
[  126.213238][T14824] pimreg: left allmulticast mode
[  126.326895][T14834] geneve0: entered allmulticast mode
[  126.376520][T14848] hub 9-0:1.0: USB hub found
[  126.381652][T14848] hub 9-0:1.0: 8 ports detected
[  126.391298][ T7940] nci: nci_rsp_packet: unknown rsp opcode 0x116
[  126.457009][T14861] netlink: 28 bytes leftover after parsing attributes in process `syz.9.2544'.
[  126.473976][T14861] netem: change failed
[  126.626470][T14881] loop8: detected capacity change from 0 to 512
[  126.635788][T14881] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  126.657025][T14881] EXT4-fs (loop8): 1 truncate cleaned up
[  126.663253][T14881] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  126.726081][T11320] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  126.765437][T14892] xt_CT: You must specify a L4 protocol and not use inversions on it
[  126.795320][T14891] SELinux: failed to load policy
[  126.828291][T14898] loop8: detected capacity change from 0 to 128
[  126.842090][T14898] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  126.854893][T14898] ext4 filesystem being mounted at /113/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  126.886106][T11320] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  126.911198][T14904] loop5: detected capacity change from 0 to 2048
[  126.927514][T14904] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  126.995717][T14904] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.2560: bg 0: block 234: padding at end of block bitmap is not set
[  127.010461][T14904] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1574 with error 117
[  127.023029][T14904] EXT4-fs (loop5): This should not happen!! Data will be lost
[  127.023029][T14904] 
[  127.173953][ T3646] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  127.215749][T14931] syzkaller0: entered promiscuous mode
[  127.221350][T14931] syzkaller0: entered allmulticast mode
[  127.446709][T14955] 9pnet: p9_errstr2errno: server reported unknown error 
[  127.519753][T14961] program syz.9.2577 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  127.530018][T14961] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  127.598806][T14972] netlink: 'syz.8.2582': attribute type 3 has an invalid length.
[  127.613717][   T29] kauditd_printk_skb: 198 callbacks suppressed
[  127.613730][   T29] audit: type=1326 audit(1747326710.845:2481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14939 comm="syz.5.2569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f493fab5927 code=0x7ffc0000
[  127.643593][   T29] audit: type=1326 audit(1747326710.845:2482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14939 comm="syz.5.2569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f493fa5ab39 code=0x7ffc0000
[  127.667328][   T29] audit: type=1326 audit(1747326710.845:2483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14939 comm="syz.5.2569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=276 compat=0 ip=0x7f493fabe969 code=0x7ffc0000
[  127.695034][   T29] audit: type=1326 audit(1747326710.855:2484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14939 comm="syz.5.2569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f493fab5927 code=0x7ffc0000
[  127.718505][   T29] audit: type=1326 audit(1747326710.855:2485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14939 comm="syz.5.2569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f493fa5ab39 code=0x7ffc0000
[  127.742027][   T29] audit: type=1326 audit(1747326710.855:2486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14939 comm="syz.5.2569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=276 compat=0 ip=0x7f493fabe969 code=0x7ffc0000
[  127.766109][   T29] audit: type=1326 audit(1747326710.876:2487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14939 comm="syz.5.2569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f493fab5927 code=0x7ffc0000
[  127.789607][   T29] audit: type=1326 audit(1747326710.876:2488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14939 comm="syz.5.2569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f493fa5ab39 code=0x7ffc0000
[  127.813120][   T29] audit: type=1326 audit(1747326710.876:2489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14939 comm="syz.5.2569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=276 compat=0 ip=0x7f493fabe969 code=0x7ffc0000
[  127.836633][   T29] audit: type=1326 audit(1747326710.908:2490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14939 comm="syz.5.2569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f493fab5927 code=0x7ffc0000
[  128.163354][T14994] loop5: detected capacity change from 0 to 512
[  128.190233][T14994] EXT4-fs (loop5): orphan cleanup on readonly fs
[  128.202639][T14994] EXT4-fs error (device loop5): ext4_orphan_get:1417: comm syz.5.2591: bad orphan inode 13
[  128.220443][T14994] ext4_test_bit(bit=12, block=18) = 1
[  128.226069][T14994] is_bad_inode(inode)=0
[  128.230298][T14994] NEXT_ORPHAN(inode)=2130706432
[  128.235325][T14994] max_ino=32
[  128.238645][T14994] i_nlink=1
[  128.242506][T14994] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  128.263748][T14994] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[  128.287167][T14994] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.2591: bg 0: block 248: padding at end of block bitmap is not set
[  128.324138][T14994] EXT4-fs error (device loop5): ext4_acquire_dquot:6935: comm syz.5.2591: Failed to acquire dquot type 1
[  128.362725][T14994] EXT4-fs warning (device loop5): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  128.440042][ T3646] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.472673][T15034] smc: net device bond0 applied user defined pnetid SYZ2
[  128.514555][T15044] loop9: detected capacity change from 0 to 7
[  128.521474][T15044] Buffer I/O error on dev loop9, logical block 0, async page read
[  128.535918][T15044] Buffer I/O error on dev loop9, logical block 0, async page read
[  128.544007][T15044]  loop9: unable to read partition table
[  128.558883][T15044] loop_reread_partitions: partition scan of loop9 (�被������ڬ��dƤ����ݡ�����
[  128.558883][T15044] 
U�������) failed (rc=-5)
[  128.614767][T15058] loop9: detected capacity change from 0 to 512
[  128.630508][T15058] EXT4-fs: Ignoring removed mblk_io_submit option
[  128.649841][T15067] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  128.661472][T15058] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  128.703133][T15058] EXT4-fs (loop9): 1 truncate cleaned up
[  128.719038][T15058] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  128.757628][T15058] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[  128.794519][T15078] loop8: detected capacity change from 0 to 512
[  128.827356][T15078] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  128.848049][T15078] ext4 filesystem being mounted at /125/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  128.860718][T12387] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.885785][T15098] netlink: 'syz.9.2613': attribute type 1 has an invalid length.
[  128.916193][T15098] 8021q: adding VLAN 0 to HW filter on device bond1
[  128.947700][T15098] bond1: (slave gretap1): making interface the new active one
[  128.957094][T15098] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  128.970529][T11320] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.215573][T15191] loop9: detected capacity change from 0 to 128
[  129.298526][T15191] syz.9.2627: attempt to access beyond end of device
[  129.298526][T15191] loop9: rw=2049, sector=128, nr_sectors = 1 limit=128
[  129.312169][T15191] Buffer I/O error on dev loop9, logical block 128, lost async page write
[  129.337435][T15191] syz.9.2627: attempt to access beyond end of device
[  129.337435][T15191] loop9: rw=2049, sector=129, nr_sectors = 1 limit=128
[  129.350997][T15191] Buffer I/O error on dev loop9, logical block 129, lost async page write
[  129.366764][T15191] syz.9.2627: attempt to access beyond end of device
[  129.366764][T15191] loop9: rw=2049, sector=130, nr_sectors = 1 limit=128
[  129.380432][T15191] Buffer I/O error on dev loop9, logical block 130, lost async page write
[  129.393315][T15191] syz.9.2627: attempt to access beyond end of device
[  129.393315][T15191] loop9: rw=2049, sector=131, nr_sectors = 1 limit=128
[  129.407022][T15191] Buffer I/O error on dev loop9, logical block 131, lost async page write
[  129.432878][T15191] syz.9.2627: attempt to access beyond end of device
[  129.432878][T15191] loop9: rw=2049, sector=132, nr_sectors = 1 limit=128
[  129.446612][T15191] Buffer I/O error on dev loop9, logical block 132, lost async page write
[  129.475527][T15191] syz.9.2627: attempt to access beyond end of device
[  129.475527][T15191] loop9: rw=2049, sector=141, nr_sectors = 8 limit=128
[  129.506171][T15191] syz.9.2627: attempt to access beyond end of device
[  129.506171][T15191] loop9: rw=2049, sector=157, nr_sectors = 1 limit=128
[  129.519702][T15191] Buffer I/O error on dev loop9, logical block 157, lost async page write
[  129.533168][T15169] netlink: 5 bytes leftover after parsing attributes in process `syz.8.2622'.
[  129.538009][T15191] syz.9.2627: attempt to access beyond end of device
[  129.538009][T15191] loop9: rw=2049, sector=158, nr_sectors = 1 limit=128
[  129.555564][T15191] Buffer I/O error on dev loop9, logical block 158, lost async page write
[  129.573062][T15191] syz.9.2627: attempt to access beyond end of device
[  129.573062][T15191] loop9: rw=2049, sector=159, nr_sectors = 1 limit=128
[  129.575062][T15169] 0�X��D: renamed from gretap0 (while UP)
[  129.586524][T15191] Buffer I/O error on dev loop9, logical block 159, lost async page write
[  129.586738][T15191] syz.9.2627: attempt to access beyond end of device
[  129.586738][T15191] loop9: rw=2049, sector=160, nr_sectors = 1 limit=128
[  129.649326][T15169] 0�X��D: entered allmulticast mode
[  129.677271][T15169] A link change request failed with some changes committed already. Interface 
30�X��D may have been left with an inconsistent configuration, please check.
[  129.715641][T15221] netlink: 'syz.9.2628': attribute type 11 has an invalid length.
[  129.732358][T15221] netlink: 448 bytes leftover after parsing attributes in process `syz.9.2628'.
[  129.986871][T15255] netem: change failed
[  130.169347][T15284] loop9: detected capacity change from 0 to 512
[  130.194153][T15284] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  130.207176][T15284] ext4 filesystem being mounted at /126/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  130.249195][T12387] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  130.270509][T15300] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2643'.
[  130.326278][T15300] A link change request failed with some changes committed already. Interface gre2 may have been left with an inconsistent configuration, please check.
[  130.420153][T15309] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 808
[  130.875496][T15342] ALSA: seq fatal error: cannot create timer (-22)
[  131.345807][T15374] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2671'.
[  131.452750][T15363] chnl_net:caif_netlink_parms(): no params data found
[  131.549999][T15363] bridge0: port 1(bridge_slave_0) entered blocking state
[  131.557212][T15363] bridge0: port 1(bridge_slave_0) entered disabled state
[  131.564652][T15363] bridge_slave_0: entered allmulticast mode
[  131.579468][T15363] bridge_slave_0: entered promiscuous mode
[  131.586689][T15363] bridge0: port 2(bridge_slave_1) entered blocking state
[  131.593917][T15363] bridge0: port 2(bridge_slave_1) entered disabled state
[  131.601246][T15363] bridge_slave_1: entered allmulticast mode
[  131.608105][T15363] bridge_slave_1: entered promiscuous mode
[  131.631193][T15363] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  131.642213][T15363] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  131.698752][T15363] team0: Port device team_slave_0 added
[  131.705432][T15363] team0: Port device team_slave_1 added
[  131.751454][T15363] batman_adv: batadv0: Adding interface: batadv_slave_0
[  131.751471][T15599] netlink: 2108 bytes leftover after parsing attributes in process `syz.8.2678'.
[  131.758552][T15363] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  131.758586][T15363] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  131.771961][T15363] batman_adv: batadv0: Adding interface: batadv_slave_1
[  131.811403][T15363] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  131.837604][T15363] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  131.908094][T15599] netlink: 1260 bytes leftover after parsing attributes in process `syz.8.2678'.
[  131.928623][T15363] hsr_slave_0: entered promiscuous mode
[  131.934875][T15363] hsr_slave_1: entered promiscuous mode
[  131.961096][T15363] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  131.980328][T15363] Cannot create hsr debugfs directory
[  132.062904][T15703] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2687'.
[  132.096551][T15703] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2687'.
[  132.157649][T15744] netlink: 5 bytes leftover after parsing attributes in process `syz.8.2690'.
[  132.248162][ T3379] IPVS: starting estimator thread 0...
[  132.335100][T15770] IPVS: using max 2208 ests per chain, 110400 per kthread
[  132.515728][T15363] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  132.558644][T15363] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  132.568431][T15363] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  132.587131][T15363] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  132.673237][T15363] 8021q: adding VLAN 0 to HW filter on device bond0
[  132.685737][T15363] 8021q: adding VLAN 0 to HW filter on device team0
[  132.700655][ T7871] bridge0: port 1(bridge_slave_0) entered blocking state
[  132.707864][ T7871] bridge0: port 1(bridge_slave_0) entered forwarding state
[  132.735038][T15363] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  132.746104][T15363] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  132.765533][T15827] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2702'.
[  132.766319][ T7871] bridge0: port 2(bridge_slave_1) entered blocking state
[  132.781640][ T7871] bridge0: port 2(bridge_slave_1) entered forwarding state
[  132.808885][T15827] ip6gre1: entered allmulticast mode
[  132.882074][T15363] 8021q: adding VLAN 0 to HW filter on device batadv0
[  132.973529][T15866] loop5: detected capacity change from 0 to 1024
[  133.035236][T15868] vhci_hcd: invalid port number 96
[  133.040642][T15868] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  133.050435][T15866] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  133.089309][T15882] xt_CT: You must specify a L4 protocol and not use inversions on it
[  133.107087][T15866] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 49 with max blocks 15 with error 28
[  133.119726][T15866] EXT4-fs (loop5): This should not happen!! Data will be lost
[  133.119726][T15866] 
[  133.129510][T15866] EXT4-fs (loop5): Total free blocks count 0
[  133.135801][T15866] EXT4-fs (loop5): Free/Dirty block details
[  133.141798][T15866] EXT4-fs (loop5): free_blocks=0
[  133.146910][T15866] EXT4-fs (loop5): dirty_blocks=0
[  133.152185][T15866] EXT4-fs (loop5): Block reservation details
[  133.158464][T15866] EXT4-fs (loop5): i_reserved_data_blocks=0
[  133.166014][T15888] netlink: 12 bytes leftover after parsing attributes in process `syz.8.2718'.
[  133.196034][T15363] veth0_vlan: entered promiscuous mode
[  133.207001][T15363] veth1_vlan: entered promiscuous mode
[  133.215309][T15888] netlink: 12 bytes leftover after parsing attributes in process `syz.8.2718'.
[  133.230667][T15895] netlink: 'syz.9.2719': attribute type 1 has an invalid length.
[  133.275833][T15895] 8021q: adding VLAN 0 to HW filter on device bond2
[  133.286532][T15932] 9pnet: p9_errstr2errno: server reported unknown error &��j���=��ƫ&B
[  133.296615][T15363] veth0_macvtap: entered promiscuous mode
[  133.307675][ T3646] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.324721][T15935] gtp0: entered promiscuous mode
[  133.357321][T15934] bond2: (slave veth3): Enslaving as an active interface with a down link
[  133.366966][T15363] veth1_macvtap: entered promiscuous mode
[  133.385743][T15895] bond2: (slave veth0_to_bond): making interface the new active one
[  133.395553][T15895] veth0_to_bond: entered promiscuous mode
[  133.401570][T15895] bond2: (slave veth0_to_bond): Enslaving as an active interface with an up link
[  133.422790][T15363] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  133.433373][T15363] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  133.443266][T15363] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  133.454254][T15363] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  133.464443][T15363] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  133.475363][T15363] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  133.485848][T15363] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  133.496311][T15363] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  133.506183][T15363] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  133.516744][T15363] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  133.537727][T15968] netlink: '+}[@': attribute type 10 has an invalid length.
[  133.545215][T15968] netlink: 2 bytes leftover after parsing attributes in process `+}[@'.
[  133.546703][T15363] batman_adv: batadv0: Interface activated: batadv_slave_0
[  133.571940][T15968] team0: entered promiscuous mode
[  133.577038][T15968] C: entered promiscuous mode
[  133.582221][T15968] team_slave_1: entered promiscuous mode
[  133.591468][T15968] bridge0: port 3(team0) entered blocking state
[  133.597956][T15968] bridge0: port 3(team0) entered disabled state
[  133.604516][T15968] team0: entered allmulticast mode
[  133.609876][T15968] C: entered allmulticast mode
[  133.615102][T15968] team_slave_1: entered allmulticast mode
[  133.623693][T15968] bridge0: port 3(team0) entered blocking state
[  133.630149][T15968] bridge0: port 3(team0) entered forwarding state
[  133.640626][   T29] kauditd_printk_skb: 454 callbacks suppressed
[  133.640662][   T29] audit: type=1400 audit(1747326717.167:2943): avc:  denied  { write } for  pid=15970 comm="syz.5.2729" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  133.666404][   T29] audit: type=1400 audit(1747326717.188:2944): avc:  denied  { watch } for  pid=15972 comm="syz.8.2730" path="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=dir permissive=1
[  133.690076][T15363] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  133.701729][T15363] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  133.702493][T15978] loop5: detected capacity change from 0 to 512
[  133.712559][T15363] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  133.729346][T15363] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  133.739346][T15363] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  133.749800][T15363] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  133.760121][T15363] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  133.771180][T15363] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  133.780709][T15978] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  133.781186][T15363] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  133.804558][T15363] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  133.814952][T15978] ext4 filesystem being mounted at /524/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  133.819233][T15363] batman_adv: batadv0: Interface activated: batadv_slave_1
[  133.889968][ T3646] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.900618][T15363] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  133.910404][T15363] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  133.921561][T15363] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  133.931387][T15363] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  134.028427][T16017] loop5: detected capacity change from 0 to 512
[  134.057526][T16017] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  134.079408][T16027] pim6reg1: entered promiscuous mode
[  134.085499][T16027] pim6reg1: entered allmulticast mode
[  134.116677][T16017] ext4 filesystem being mounted at /526/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  134.142612][   T29] audit: type=1326 audit(1747326717.725:2945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16016 comm="syz.5.2738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f493fabe969 code=0x7ffc0000
[  134.147014][T16033] sch_fq: defrate 0 ignored.
[  134.177298][   T29] audit: type=1326 audit(1747326717.757:2946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16016 comm="syz.5.2738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f493fabe969 code=0x7ffc0000
[  134.200929][   T29] audit: type=1326 audit(1747326717.757:2947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16016 comm="syz.5.2738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f493fabe969 code=0x7ffc0000
[  134.224651][   T29] audit: type=1326 audit(1747326717.757:2948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16016 comm="syz.5.2738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f493fabe969 code=0x7ffc0000
[  134.248458][   T29] audit: type=1326 audit(1747326717.757:2949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16016 comm="syz.5.2738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=5 compat=0 ip=0x7f493fabe969 code=0x7ffc0000
[  134.272163][   T29] audit: type=1326 audit(1747326717.757:2950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16016 comm="syz.5.2738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f493fabe969 code=0x7ffc0000
[  134.295985][   T29] audit: type=1326 audit(1747326717.757:2951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16016 comm="syz.5.2738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f493fabe969 code=0x7ffc0000
[  134.319767][   T29] audit: type=1326 audit(1747326717.757:2952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16016 comm="syz.5.2738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f493fabe969 code=0x7ffc0000
[  134.346661][ T3646] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.532488][T16081] loop9: detected capacity change from 0 to 512
[  134.542235][T16081] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  134.555108][T16081] EXT4-fs (loop9): 1 truncate cleaned up
[  134.561087][T16081] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  134.608588][T16090] netlink: 'syz.1.2759': attribute type 1 has an invalid length.
[  134.626539][T12387] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.666210][T16100] loop4: detected capacity change from 0 to 164
[  134.675618][T16100] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  134.691083][T16100] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  134.701419][T16100] Symlink component flag not implemented
[  134.707723][T16100] Symlink component flag not implemented
[  134.746526][T16103] loop9: detected capacity change from 0 to 128
[  134.780229][T16100] Symlink component flag not implemented (7)
[  134.786719][T16100] Symlink component flag not implemented (116)
[  134.814527][T16116] syzkaller0: entered allmulticast mode
[  134.835192][T16116] syzkaller0 (unregistering): left allmulticast mode
[  134.938873][T16136] vhci_hcd vhci_hcd.0: pdev(8) rhport(0) sockfd(7)
[  134.945812][T16136] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  134.957627][T16136] vhci_hcd vhci_hcd.0: Device attached
[  134.968263][T16137] vhci_hcd: connection closed
[  134.968610][ T7877] vhci_hcd: stop threads
[  134.978027][ T7877] vhci_hcd: release socket
[  134.982785][ T7877] vhci_hcd: disconnect device
[  135.435428][T16174] loop4: detected capacity change from 0 to 128
[  135.483341][T16174] bio_check_eod: 12 callbacks suppressed
[  135.483356][T16174] syz.4.2789: attempt to access beyond end of device
[  135.483356][T16174] loop4: rw=2049, sector=145, nr_sectors = 8 limit=128
[  135.549465][T16174] syz.4.2789: attempt to access beyond end of device
[  135.549465][T16174] loop4: rw=2049, sector=161, nr_sectors = 8 limit=128
[  135.566949][T16174] syz.4.2789: attempt to access beyond end of device
[  135.566949][T16174] loop4: rw=2049, sector=177, nr_sectors = 1 limit=128
[  135.716437][T16215] loop8: detected capacity change from 0 to 128
[  135.718410][T16215] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  135.817584][T16232] loop8: detected capacity change from 0 to 512
[  135.864368][T16232] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  135.864445][T16232] ext4 filesystem being mounted at /157/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  135.937968][T11320] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.174697][T16267] loop4: detected capacity change from 0 to 1024
[  136.181436][T16269] loop5: detected capacity change from 0 to 164
[  136.191208][T16269] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  136.205012][T16269] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  136.205203][T16269] Symlink component flag not implemented
[  136.205211][T16269] Symlink component flag not implemented
[  136.205240][T16269] Symlink component flag not implemented (7)
[  136.205252][T16269] Symlink component flag not implemented (116)
[  136.286782][T16267] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  136.465603][T15363] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.944662][T16348] netlink: '+}[@': attribute type 10 has an invalid length.
[  136.952134][T16348] __nla_validate_parse: 8 callbacks suppressed
[  136.952176][T16348] netlink: 2 bytes leftover after parsing attributes in process `+}[@'.
[  136.979743][T16348] team0: entered promiscuous mode
[  136.980798][T16351] loop9: detected capacity change from 0 to 128
[  136.984820][T16348] C: entered promiscuous mode
[  136.996058][T16348] team_slave_1: entered promiscuous mode
[  137.005705][T16348] 8021q: adding VLAN 0 to HW filter on device team0
[  137.012930][T16348] batman_adv: batadv0: Interface activated: team0
[  137.019629][T16348] batman_adv: batadv0: Interface deactivated: team0
[  137.026344][T16348] batman_adv: batadv0: Removing interface: team0
[  137.038748][T16348] bridge0: port 3(team0) entered blocking state
[  137.045146][T16348] bridge0: port 3(team0) entered disabled state
[  137.056018][T16348] team0: entered allmulticast mode
[  137.061281][T16348] C: entered allmulticast mode
[  137.066078][T16348] team_slave_1: entered allmulticast mode
[  137.076877][T16348] bridge0: port 3(team0) entered blocking state
[  137.079577][T16351] syz.9.2841: attempt to access beyond end of device
[  137.079577][T16351] loop9: rw=2049, sector=145, nr_sectors = 8 limit=128
[  137.083303][T16348] bridge0: port 3(team0) entered forwarding state
[  137.124947][T16356] syz_tun: entered promiscuous mode
[  137.139820][T16356] batadv_slave_0: entered promiscuous mode
[  137.156269][T16351] syz.9.2841: attempt to access beyond end of device
[  137.156269][T16351] loop9: rw=2049, sector=161, nr_sectors = 8 limit=128
[  137.170457][T16356] hsr1: entered allmulticast mode
[  137.175553][T16356] syz_tun: entered allmulticast mode
[  137.180976][T16356] batadv_slave_0: entered allmulticast mode
[  137.187193][T16351] syz.9.2841: attempt to access beyond end of device
[  137.187193][T16351] loop9: rw=2049, sector=177, nr_sectors = 1 limit=128
[  137.245397][T16367] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2846'.
[  137.508943][T16410] bridge: RTM_NEWNEIGH with invalid ether address
[  137.564787][T16414] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2859'.
[  137.566652][T16411] loop9: detected capacity change from 0 to 8192
[  137.616353][T16421] program syz.5.2862 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  137.640939][T16411]  loop9: p1 p3 p4
[  137.644792][T16411] loop9: p1 size 8390912 extends beyond EOD, truncated
[  137.655489][T16411] loop9: p3 size 589824 extends beyond EOD, truncated
[  137.782094][T16446] loop4: detected capacity change from 0 to 2048
[  137.817388][T16446] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  137.852638][T15363] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.133642][T16497] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2876'.
[  138.168149][T16507] netlink: '+}[@': attribute type 10 has an invalid length.
[  138.175553][T16507] netlink: 2 bytes leftover after parsing attributes in process `+}[@'.
[  138.187258][T16507] team0: entered promiscuous mode
[  138.192437][T16507] team_slave_0: entered promiscuous mode
[  138.198396][T16507] team_slave_1: entered promiscuous mode
[  138.206864][T16507] bridge0: port 3(team0) entered blocking state
[  138.213220][T16507] bridge0: port 3(team0) entered disabled state
[  138.220102][T16507] team0: entered allmulticast mode
[  138.225296][T16507] team_slave_0: entered allmulticast mode
[  138.231085][T16507] team_slave_1: entered allmulticast mode
[  138.233470][T16477] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2876'.
[  138.238741][T16507] bridge0: port 3(team0) entered blocking state
[  138.252147][T16507] bridge0: port 3(team0) entered forwarding state
[  138.317770][T16512] loop4: detected capacity change from 0 to 512
[  138.325556][T16512] journal_path: Lookup failure for './file0'
[  138.331576][T16512] EXT4-fs: error: could not find journal device path
[  138.521185][T16535] netlink: 96 bytes leftover after parsing attributes in process `syz.1.2887'.
[  138.531652][T16542] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2885'.
[  138.540631][T16542] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2885'.
[  138.678491][T16551] netlink: '+}[@': attribute type 10 has an invalid length.
[  138.685975][T16551] netlink: 2 bytes leftover after parsing attributes in process `+}[@'.
[  138.696134][T16552] loop9: detected capacity change from 0 to 512
[  138.716748][T16551] team0: entered promiscuous mode
[  138.721861][T16551] team_slave_0: entered promiscuous mode
[  138.727647][T16551] team_slave_1: entered promiscuous mode
[  138.741438][T16551] 8021q: adding VLAN 0 to HW filter on device team0
[  138.749182][T16551] bridge0: port 3(team0) entered blocking state
[  138.755597][T16551] bridge0: port 3(team0) entered disabled state
[  138.766151][T16551] team0: entered allmulticast mode
[  138.771566][T16551] team_slave_0: entered allmulticast mode
[  138.777451][T16551] team_slave_1: entered allmulticast mode
[  138.799750][T16552] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  138.816052][T16552] ext4 filesystem being mounted at /172/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  138.866021][T12387] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.906819][T16537] Set syz1 is full, maxelem 65536 reached
[  138.936778][   T29] kauditd_printk_skb: 136 callbacks suppressed
[  138.936796][   T29] audit: type=1326 audit(1747326722.771:3089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16568 comm="syz.9.2897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f4965e969 code=0x7ffc0000
[  138.975139][   T29] audit: type=1326 audit(1747326722.802:3090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16568 comm="syz.9.2897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5f4965e969 code=0x7ffc0000
[  139.000069][   T29] audit: type=1326 audit(1747326722.813:3091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16568 comm="syz.9.2897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f4965e969 code=0x7ffc0000
[  139.026849][   T29] audit: type=1326 audit(1747326722.813:3092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16568 comm="syz.9.2897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f4965e969 code=0x7ffc0000
[  139.052089][   T29] audit: type=1326 audit(1747326722.813:3093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16568 comm="syz.9.2897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5f4965e969 code=0x7ffc0000
[  139.076250][   T29] audit: type=1326 audit(1747326722.813:3094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16568 comm="syz.9.2897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f4965e969 code=0x7ffc0000
[  139.100008][   T29] audit: type=1326 audit(1747326722.813:3095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16568 comm="syz.9.2897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=271 compat=0 ip=0x7f5f4965e969 code=0x7ffc0000
[  139.141863][   T29] audit: type=1326 audit(1747326722.897:3096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16568 comm="syz.9.2897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f4965e969 code=0x7ffc0000
[  139.165978][   T29] audit: type=1326 audit(1747326722.897:3097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16568 comm="syz.9.2897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f4965e969 code=0x7ffc0000
[  139.319939][T16587] loop8: detected capacity change from 0 to 512
[  139.320687][T16587] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  139.343742][T16587] EXT4-fs (loop8): 1 truncate cleaned up
[  139.344182][T16587] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  139.346657][T16587] EXT4-fs error (device loop8): __ext4_iget:5025: inode #12: block 2: comm syz.8.2903: invalid block
[  139.346924][T16587] EXT4-fs (loop8): Remounting filesystem read-only
[  139.392583][T11320] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.427844][T16597] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  139.485412][T16602] loop9: detected capacity change from 0 to 128
[  139.485864][T16602] vfat: Bad value for 'shortname'
[  139.486198][    C1] operation not supported error, dev loop9, sector 0 op 0x9:(WRITE_ZEROES) flags 0x10000800 phys_seg 0 prio class 0
[  139.556992][T16616] SELinux:  Context � is not valid (left unmapped).
[  140.029729][T16638] openvswitch: netlink: Message has 6 unknown bytes.
[  140.212537][   T29] audit: type=1326 audit(1747326724.108:3098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16654 comm="syz.8.2930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96785ee969 code=0x7ffc0000
[  140.483806][T16678] loop8: detected capacity change from 0 to 1024
[  140.501673][T16678] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  140.518894][T16678] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  140.550676][T11320] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  140.598492][ T7912] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  140.667371][T16692] tipc: Started in network mode
[  140.672516][T16692] tipc: Node identity d2f93cc3558d, cluster identity 4711
[  140.679942][T16692] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  140.697076][ T7912] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  140.716035][T16692] tipc: Disabling bearer <eth:syzkaller0>
[  140.751389][ T7912] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  140.772893][    C0] ==================================================================
[  140.781093][    C0] BUG: KCSAN: data-race in do_select / pollwake
[  140.787349][    C0] 
[  140.789666][    C0] read to 0xffffc900036c7a00 of 4 bytes by task 16663 on cpu 1:
[  140.797303][    C0]  do_select+0xe41/0xf40
[  140.801578][    C0]  core_sys_select+0x3b2/0x600
[  140.806352][    C0]  __se_sys_pselect6+0x216/0x280
[  140.811299][    C0]  __x64_sys_pselect6+0x78/0x90
[  140.816337][    C0]  x64_sys_call+0x1caa/0x2fb0
[  140.821015][    C0]  do_syscall_64+0xd0/0x1a0
[  140.825521][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  140.831512][    C0] 
[  140.833843][    C0] write to 0xffffc900036c7a00 of 4 bytes by interrupt on cpu 0:
[  140.841474][    C0]  pollwake+0xb6/0x100
[  140.845560][    C0]  __wake_up+0x63/0xb0
[  140.849642][    C0]  bpf_ringbuf_notify+0x22/0x30
[  140.854514][    C0]  irq_work_run+0xdf/0x2d0
[  140.858942][    C0]  __sysvec_irq_work+0x22/0x170
[  140.863807][    C0]  sysvec_irq_work+0x66/0x80
[  140.868404][    C0]  asm_sysvec_irq_work+0x1a/0x20
[  140.873338][    C0]  native_apic_msr_write+0x3d/0x60
[  140.878451][    C0]  x2apic_send_IPI_self+0x10/0x20
[  140.883484][    C0]  arch_irq_work_raise+0x46/0x50
[  140.888427][    C0]  __irq_work_queue_local+0x80/0x1b0
[  140.893722][    C0]  irq_work_queue+0x70/0x100
[  140.898312][    C0]  bpf_ringbuf_discard+0xd3/0xf0
[  140.903351][    C0]  bpf_prog_fe0ed97373b08409+0x4b/0x4f
[  140.908805][    C0]  bpf_trace_run3+0x10f/0x1d0
[  140.913481][    C0]  kmem_cache_free+0x246/0x2f0
[  140.918239][    C0]  __fput+0x555/0x650
[  140.922216][    C0]  ____fput+0x1c/0x30
[  140.926193][    C0]  task_work_run+0x131/0x1a0
[  140.930781][    C0]  do_exit+0x5dd/0x17c0
[  140.934941][    C0]  do_group_exit+0x139/0x140
[  140.939533][    C0]  __x64_sys_exit_group+0x1f/0x20
[  140.944565][    C0]  x64_sys_call+0x2fa4/0x2fb0
[  140.949241][    C0]  do_syscall_64+0xd0/0x1a0
[  140.954005][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  140.959904][    C0] 
[  140.962222][    C0] value changed: 0x00000001 -> 0x00000000
[  140.967940][    C0] 
[  140.970258][    C0] Reported by Kernel Concurrency Sanitizer on:
[  140.976561][    C0] CPU: 0 UID: 0 PID: 16711 Comm: modprobe Tainted: G        W           6.15.0-rc6-syzkaller-00105-g088d13246a46 #0 PREEMPT(voluntary) 
[  140.990460][    C0] Tainted: [W]=WARN
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  140.994270][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  141.004329][    C0] ==================================================================
[  141.096355][ T7912] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  141.156615][T16663] syz_tun (unregistering): left promiscuous mode
[  141.207763][ T7912] team0: left allmulticast mode
[  141.213195][ T7912] C: left allmulticast mode
[  141.218262][ T7912] team_slave_1: left allmulticast mode
[  141.224082][ T7912] bridge0: port 3(team0) entered disabled state
[  141.231970][ T7912] bridge_slave_1: left allmulticast mode
[  141.237713][ T7912] bridge_slave_1: left promiscuous mode
[  141.243555][ T7912] bridge0: port 2(bridge_slave_1) entered disabled state
[  141.251929][ T7912] bridge_slave_0: left promiscuous mode
[  141.258756][ T7912] bridge0: port 1(bridge_slave_0) entered disabled state
[  141.320259][ T7912] erspan0 (unregistering): left promiscuous mode
[  141.356320][ T7912] gretap0 (unregistering): left promiscuous mode
[  141.421858][ T7912] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  141.432370][ T7912] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  141.442050][ T7912] bond0 (unregistering): Released all slaves
[  141.451354][ T7912] bond1 (unregistering): (slave batadv1): Releasing active interface
[  141.461259][ T7912] bond1 (unregistering): Released all slaves
[  141.499570][ T7912] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  141.510224][ T7912] batman_adv: batadv0: Removing interface: batadv_slave_0
[  141.518090][ T7912] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  141.525789][ T7912] batman_adv: batadv0: Removing interface: batadv_slave_1
[  141.536525][ T7912] veth1_macvtap: left promiscuous mode
[  141.542250][ T7912] veth0_macvtap: left promiscuous mode
[  141.586668][ T7912] team_slave_1 (unregistering): left promiscuous mode
[  141.595201][ T7912] team0 (unregistering): Port device team_slave_1 removed
[  141.604475][ T7912] C (unregistering): left promiscuous mode
[  141.612211][ T7912] team0 (unregistering): Port device C removed
[  141.973425][ T7912] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  142.020922][ T7912] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  142.068026][ T7912] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  142.124920][ T7912] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  142.194464][ T7912] team0: left allmulticast mode
[  142.199489][ T7912] team_slave_0: left allmulticast mode
[  142.205084][ T7912] team_slave_1: left allmulticast mode
[  142.210924][ T7912] bridge0: port 3(team0) entered disabled state
[  142.218410][ T7912] bridge_slave_1: left allmulticast mode
[  142.224101][ T7912] bridge_slave_1: left promiscuous mode
[  142.230126][ T7912] bridge0: port 2(bridge_slave_1) entered disabled state
[  142.238331][ T7912] bridge_slave_0: left allmulticast mode
[  142.244013][ T7912] bridge_slave_0: left promiscuous mode
[  142.249808][ T7912] bridge0: port 1(bridge_slave_0) entered disabled state
[  142.325235][ T7912] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  142.335612][ T7912] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  142.346281][ T7912] bond0 (unregistering): Released all slaves
[  142.354981][ T7912] bond1 (unregistering): (slave batadv1): Releasing active interface
[  142.364129][ T7912] bond1 (unregistering): Released all slaves
[  142.402204][ T7912] hsr_slave_0: left promiscuous mode
[  142.407982][ T7912] hsr_slave_1: left promiscuous mode
[  142.413680][ T7912] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  142.421148][ T7912] batman_adv: batadv0: Removing interface: batadv_slave_0
[  142.428997][ T7912] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  142.436466][ T7912] batman_adv: batadv0: Removing interface: batadv_slave_1
[  142.446952][ T7912] veth1_macvtap: left promiscuous mode
[  142.452539][ T7912] veth0_macvtap: left promiscuous mode
[  142.458364][ T7912] veth1_vlan: left promiscuous mode
[  142.463819][ T7912] veth0_vlan: left promiscuous mode
[  142.528948][ T7912] team_slave_1 (unregistering): left promiscuous mode
[  142.537892][ T7912] team0 (unregistering): Port device team_slave_1 removed
[  142.547653][ T7912] team_slave_0 (unregistering): left promiscuous mode
[  142.555543][ T7912] team0 (unregistering): Port device team_slave_0 removed
[  143.322425][ T7912] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  143.378709][ T7912] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  143.426067][ T7912] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  143.492775][ T7912] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  143.553385][ T7912] bridge_slave_1: left allmulticast mode
[  143.559114][ T7912] bridge_slave_1: left promiscuous mode
[  143.564796][ T7912] bridge0: port 2(bridge_slave_1) entered disabled state
[  143.572560][ T7912] bridge_slave_0: left allmulticast mode
[  143.578328][ T7912] bridge_slave_0: left promiscuous mode
[  143.584082][ T7912] bridge0: port 1(bridge_slave_0) entered disabled state
[  143.664436][ T7912] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  143.674502][ T7912] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  143.684182][ T7912] bond0 (unregistering): Released all slaves
[  143.720102][ T7912] batadv_slave_0: left promiscuous mode
[  143.728034][ T7912] hsr_slave_0: left promiscuous mode
[  143.733699][ T7912] hsr_slave_1: left promiscuous mode
[  143.739567][ T7912] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  143.747419][ T7912] batman_adv: batadv0: Removing interface: batadv_slave_0
[  143.755269][ T7912] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  143.762866][ T7912] batman_adv: batadv0: Removing interface: batadv_slave_1
[  143.773689][ T7912] veth1_macvtap: left promiscuous mode
[  143.779203][ T7912] veth0_macvtap: left promiscuous mode
[  143.784962][ T7912] veth1_vlan: left promiscuous mode
[  143.790251][ T7912] veth0_vlan: left promiscuous mode
[  143.854265][ T7912] team0 (unregistering): Port device team_slave_1 removed
[  143.864351][ T7912] team0 (unregistering): Port device team_slave_0 removed
[  144.363979][ T7911] veth0_to_bond: left promiscuous mode