last executing test programs:

1m4.490096834s ago: executing program 2 (id=3350):
io_uring_setup(0x1504, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x8000)
syz_usb_disconnect(r1)
syz_usb_connect(0x0, 0x36, &(0x7f0000000040)=ANY=[], 0x0)
ioctl$EVIOCGBITSW(r1, 0x40095505, 0x0)

1m3.770422525s ago: executing program 2 (id=3371):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0xd9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x18)
r2 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r2, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x1}, 0x8)
sendto$inet6(r2, &(0x7f00000005c0)="f5", 0x1, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0xfffffffc, @rand_addr=' \x01\x00', 0xfffffffc}, 0x1c)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r2, 0x84, 0x7c, &(0x7f00000002c0)={0x0, 0x0, 0x4}, 0x8)

1m3.722443776s ago: executing program 2 (id=3375):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000004000000e57f000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = getpgrp(0x0)
r3 = syz_pidfd_open(r2, 0x0)
pidfd_send_signal(r3, 0x0, 0x0, 0x4)

1m3.485921389s ago: executing program 2 (id=3379):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)

1m3.284057273s ago: executing program 2 (id=3384):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xf4f3, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r0}, 0x18)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r2 = syz_open_dev$usbfs(&(0x7f0000000000), 0x200, 0x102)
r3 = dup(r2)
ioctl$USBDEVFS_SUBMITURB(r3, 0x8038550a, &(0x7f0000000100)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0xffff}, 0x10007, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
close_range(r1, 0xffffffffffffffff, 0x0)

1m3.094736405s ago: executing program 2 (id=3386):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x10, &(0x7f00000000c0)={<r1=>0xffffffffffffffff}, 0x13f}}, 0x20)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0b00000005000000020000000400000005"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f00000009c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000feffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000100ff03850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kfree\x00', r3, 0x0, 0x8000000000000000}, 0x18)
write$RDMA_USER_CM_CMD_LISTEN(r0, &(0x7f0000000080)={0x7, 0x8, 0xfa00, {r1, 0x4}}, 0x10)
write$RDMA_USER_CM_CMD_DESTROY_ID(r0, &(0x7f00000003c0)={0x1, 0x10, 0xfa00, {&(0x7f0000000140), r1}}, 0x18)

1m3.082758366s ago: executing program 32 (id=3386):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x10, &(0x7f00000000c0)={<r1=>0xffffffffffffffff}, 0x13f}}, 0x20)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0b00000005000000020000000400000005"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f00000009c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000feffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000100ff03850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kfree\x00', r3, 0x0, 0x8000000000000000}, 0x18)
write$RDMA_USER_CM_CMD_LISTEN(r0, &(0x7f0000000080)={0x7, 0x8, 0xfa00, {r1, 0x4}}, 0x10)
write$RDMA_USER_CM_CMD_DESTROY_ID(r0, &(0x7f00000003c0)={0x1, 0x10, 0xfa00, {&(0x7f0000000140), r1}}, 0x18)

53.887568267s ago: executing program 5 (id=3744):
mknod$loop(&(0x7f0000000400)='./file0\x00', 0x100000000000600d, 0x1)
r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x76200}], 0x1, 0x7c00, 0x0, 0x3)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x143a82, 0x8)
r2 = dup(r1)
r3 = open(&(0x7f0000000100)='./bus\x00', 0x40542, 0x0)
sendfile(r2, r3, 0x0, 0x8000fffffffe)

53.05947781s ago: executing program 5 (id=3773):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r2, &(0x7f0000001280), 0x6)

52.968504511s ago: executing program 5 (id=3786):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000780)={[{@errors_remount}, {@bh}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@resgid}, {@auto_da_alloc}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
prctl$PR_SET_NAME(0xf, &(0x7f0000000700)=',&#^%\x00')
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000e40)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000040000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r1, 0x400, 0x0)
unlink(&(0x7f0000000140)='./file1\x00')

52.861636853s ago: executing program 5 (id=3779):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000340)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x10909d, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000600)='./file0/file0\x00', &(0x7f0000000140)='./file0/../file0\x00', 0x0, 0x21800, 0x0)
umount2(&(0x7f0000000040)='./file0/../file0\x00', 0x0)

52.645106837s ago: executing program 5 (id=3784):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000400)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x18, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0xfffffd35, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x203, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0, 0x0, 0xffffffffffffffff}, 0x13)
r1 = fsopen(&(0x7f0000000040)='sysfs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x5)
mount_setattr(r2, &(0x7f0000000000)='.\x00', 0x0, &(0x7f0000000200)={0x5}, 0x20)

52.44831051s ago: executing program 5 (id=3796):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000500)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0, 0x0, 0x3}, 0x18)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x4000005}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x1, 0x803, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="4800000010000104000000000400000000000000", @ANYRES32=r3, @ANYBLOB="000000000000000028001280090001007665746800000000180002801400010000000000", @ANYRES32=r3], 0x48}}, 0x0)

52.41644455s ago: executing program 33 (id=3796):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000500)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0, 0x0, 0x3}, 0x18)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x4000005}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x1, 0x803, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="4800000010000104000000000400000000000000", @ANYRES32=r3, @ANYBLOB="000000000000000028001280090001007665746800000000180002801400010000000000", @ANYRES32=r3], 0x48}}, 0x0)

14.83865076s ago: executing program 3 (id=5265):
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x70)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kmem_cache_free\x00', r1, 0x0, 0x10000}, 0x18)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f0000005b80)={{{@in6=@remote, @in6=@rand_addr=' \x01\x00', 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {0x0, 0x0, 0x1}}, {{@in, 0x0, 0x6c}, 0x0, @in6=@dev, 0xffffffff}}, 0xe8)
syz_emit_ethernet(0x2a, &(0x7f0000000300)={@local, @random="21e300", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, @info_reply={0x10, 0x0, 0x0, 0xb7, 0xb}}}}}, 0x0)

14.789253781s ago: executing program 3 (id=5266):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x4, &(0x7f0000001180)=ANY=[@ANYBLOB="1800000020000000000000000000000085000000d000000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='hrtimer_start\x00', r0}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x5, 0x0, 0x0, 0x40e00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='hrtimer_start\x00', r2}, 0x3d)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)

14.787812601s ago: executing program 3 (id=5267):
syz_mount_image$ext4(&(0x7f00000005c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x30000c6, &(0x7f00000000c0), 0x2, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
fallocate(r0, 0x0, 0x0, 0x8000c62)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000007d000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r1}, 0x10)
r2 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
sendfile(r2, r2, 0x0, 0x800000009)

12.93161543s ago: executing program 3 (id=5320):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)
unshare(0x60600)
umount2(&(0x7f00000001c0)='./file0/file0\x00', 0x0)

12.862715881s ago: executing program 3 (id=5321):
r0 = syz_io_uring_setup(0xe43, &(0x7f0000000380)={0x0, 0x5f39, 0x0, 0x3, 0xfffffffd}, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_RENAMEAT={0x23, 0x2, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000a00)='./file0\x00'})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x18)
io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0x0)

12.765620692s ago: executing program 3 (id=5322):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000001c0), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x2, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, @fallback=0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r0, 0x0, 0x178}, 0x18)
r1 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
ftruncate(r1, 0x2007ffc)
sendfile(r1, r1, 0x0, 0x800000009)

12.753987372s ago: executing program 34 (id=5322):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000001c0), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x2, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, @fallback=0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r0, 0x0, 0x178}, 0x18)
r1 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
ftruncate(r1, 0x2007ffc)
sendfile(r1, r1, 0x0, 0x800000009)

9.891252256s ago: executing program 6 (id=5386):
r0 = perf_event_open$cgroup(&(0x7f00000001c0)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd304, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xc}, 0x0, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x810)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x30000c6, &(0x7f0000000180), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
ioctl$PERF_EVENT_IOC_ID(r0, 0x4008240b, &(0x7f00000013c0))

9.68299329s ago: executing program 7 (id=5394):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x12, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000940)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
r3 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'bond0\x00', <r4=>0x0})
sendmsg$nl_xfrm(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000140)=@updsa={0x144, 0x10, 0x1, 0x0, 0x200017, {{@in6=@dev, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x32}, {@in6=@private1, 0x0, 0x32}, @in=@multicast2, {}, {0xffffffffffffffff}, {}, 0x0, 0x0, 0xa}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @offload={0xc, 0x1c, {r4, 0x4}}]}, 0x144}}, 0x0)

9.627815951s ago: executing program 7 (id=5397):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000850000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = io_uring_setup(0x1d48, &(0x7f0000000600)={0x0, 0x0, 0x1000, 0x2, 0x3bd})
r2 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r2, &(0x7f0000000000)=@in4={0x21, 0x4, 0x2, 0x10, {0x2, 0x0, @empty}}, 0x24)
listen(r2, 0x4)
recvmmsg(r2, &(0x7f00000050c0)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f000000}}], 0x1, 0x40000100, 0x0)
close_range(r1, r2, 0x0)

9.430837864s ago: executing program 7 (id=5405):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000a40)={[{@stripe={'stripe', 0x3d, 0x3}}, {@noauto_da_alloc}, {@jqfmt_vfsold}, {@data_err_ignore}, {@noauto_da_alloc}, {@delalloc}, {@resuid}, {@oldalloc}, {@jqfmt_vfsv1}]}, 0xfc, 0x550, &(0x7f0000000b00)="$eJzs3d9rW1UcAPDvTdv91nUwhvoghT04mUvX1h8TfJiPosOBvs/Q3pXRZBlNOtY6cHtwL77IEEQciH+A7z4O/wH/ioEOhoyiD75EbnrTZWvSZm22Zubzgduec89Nzz0593t6bk5CAhhaE9mPQsSrEfFtEnG4rWw08sKJteNWH16fzbYkGo3P/koiyfe1jk/y3wfzzCsR8dvXEScLG+utLa8slMrldDHPT9YrVyZryyunLlVK8+l8enl6ZubMOzPT77/3bt/a+ub5f3749O5HZ745vvr9L/eP3E7ibBzKy9rbsQM32jMTMZE/J2Nx9okDp/pQ2SBJdvsE2JaRPM7HIhsDDsdIHvXA/99XEdEAhlQi/mFIteYBrXv7Pt0HvzAefLh2A7Sx/aNrr43Evua90YHV5LE7o+x+d7wP9Wd1/PrnndvZFv17HQJgSzduRsTp0dGN41+Sj3/bd7qHY56sw/gHz8/dbP7zVqf5T2F9/hMd5j8HO8Tudmwd/4X7faimq2z+90HH+e/6otX4SJ57qTnnG0suXiqn2dj2ckSciLG9WX6z9Zwzq/ca3cra53/ZltXfmgvm53F/dO/jj5kr1Us7aXO7BzcjXus4/03W+z/p0P/Z83G+xzqOpXde71a2dfufrcbPEW907P9HK1rJ5uuTk83rYbJ1VWz0961jv3erf7fbn/X/gc3bP560r9fWnr6On/b9m3Yr2+71vyf5vJnek++7VqrXF6ci9iSfbNw//eixrXzr+Kz9J45vPv51uv73R8QXPbb/1tFbXQ8dhP6fe6r+f/rEvY+//LFb/b31/9vN1Il8Ty/jX68nuJPnDgAAAAAAAAZNISIORVIorqcLhWJx7f0dR+NAoVyt1U9erC5dnovmZ2XHY6zQWuk+3PZ+iKn8/bCt/PQT+ZmIOBIR343sb+aLs9Xy3G43HgAAAAAAAAAAAAAAAAAAAAbEwYh9nT7/n/ljZLfPDnjmfOU3DK/u8Z+X9OObnoCB5P8/DC/xD8NL/MPwEv8wvMQ/DC/xD8NL/MPwEv8AAAAAAAAAAAAAAAAAAAAAAAAAAADQV+fPncu2xurD67NZfu7q8tJC9eqpubS2UKwszRZnq4tXivPV6nw5Lc5WK1v9vXK1emVqOpauTdbTWn2ytrxyoVJduly/cKlSmk8vpGPPpVUAAAAAAAAAAAAAAAAAAADwYqktryyUyuV0UUJiW4nRwTgNiT4ndntkAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBH/gsAAP//sQI4ww==")
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698dfa871c51852e4451b57d037ad3c045942824251d7d17b5191584cdd4fbe40a27424d", "bcfd56f1373669caaa2f19935e6996c7096ffe4f3a4745a8f762b964", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
recvmmsg(r0, &(0x7f00000057c0)=[{{0x0, 0x0, 0x0}, 0x3}, {{0x0, 0x0, &(0x7f0000002cc0)=[{0x0}, {&(0x7f00000017c0)=""/130, 0x94}], 0x2}, 0xa1}], 0x2, 0x0, 0x0)

8.658721926s ago: executing program 7 (id=5419):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x89901)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x22004002, &(0x7f0000000140)={[{@jqfmt_vfsold}, {@nojournal_checksum}, {@noload}, {@noinit_itable}, {@usrjquota}, {@grpjquota, 0x2e}], [{@seclabel}]}, 0x81, 0x46c, &(0x7f00000004c0)="$eJzs3MtvG8UfAPDvrpP09ctD/ZVHH1BDQUQUkiYU6IELCKRekJDgAMeQhqrUbVETJFpVtCBUjoi/ADgi8RdwggsCTiCucEdIFeqFwgEtWnu3dWIndZwYN/jzkdae2YdnZmcnnp3xJoCBVc1fkogsIn6OiPFGdPkO1cbbjeuX5v+8fmk+iSx7+fekvt8f1y/Nl7uWx+0qIpNpRPpBEvvbpLt44eLpuVpt4XwRn14689b04oWLj586M3dy4eTC2dljx44+MfP0U7NPbko5R/O87nv33IG9x1/7+MX5LF7/7os8v/8rtjeXo2Fiw2lWo7r8XNaN1F8f3vCn31lGm8LJUB8zwrpUIiKvruF6+x+PStyqvPF44f2+Zg7oqSzLsm0taytl4EoG/Icl0e8cAP1RftHn97/l8i92P/ru2rONG6C83DeKpbFlKNL8bXvjjn20R+lXI+LVK399ki/RdhwCAGBzfZX3fx5r1/8bS+5u2m+smBuaiIjDEbE7Iv4fEXsi4q6IyPe9JyLuXWf61RXx1v7Pjzu6KliH8v7fM8Xc1vL+X1ruMlEpYqP18g8nb5yqLRwpzslkDG/L4zNrpPH18z99tNq25v5fvuTpl33BIh+/Da0YoDsxtzS3kTI3u/ZexL6hduVPbs4EJBGxNyL2dfH5+Tk79ejnB/Lw2K7W7QduW/41bMI8U/ZZxCON+r8SK8pfShoprTY/Ob09agtHpsurotX3P1x9qTk+3BS+ff33Vl7/O9te/0X5y2ZQztcurj+Nq798uOo9TbfX/0jySj08Uqx7Z25p6fxMxEixYtn62VvHlvFy/7z8k4falX8s2R3x96fFcfuLa/W+iLg/Ig4WeX8gIh6MiENrlP/b5x56c+0z1N/6P7FW/UdMJM3z9V0EKqe/+XK19Dur/6P10GSxppO/f51mcCPnDgAAALaKtP4b+CSduhlO06mpxm/498TOtHZucelwNd4+e6LxW/mJGE7Lka7xpvHQmWJsuIzProiXY15ZtqMen5o/V+vVnDrQmV2rtP/cr5V+5w7ouXXNo7U+0QZsYZ7XhMGl/cPg0v5hcGn/MLjatf/LETeaoj19CAPoH9//MLi0fxhc2j8MLu0fBlLrI/HlSF83T/rfCuw+vqHDByhQ6dEnR/M/7ehBINK+n7ruA+mdkI2DRWBbRHR61OWe1unK6wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDr+ycAAP//ENre5A==")

8.371285531s ago: executing program 7 (id=5425):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0xffffffffffffffff, 0x87, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, 0x0, &(0x7f00000002c0)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000080)='U', 0x1080}], 0x29a, 0x0, 0x3e80}, 0x0)

8.345797851s ago: executing program 6 (id=5426):
syz_mount_image$ext4(&(0x7f00000007c0)='ext4\x00', &(0x7f00000006c0)='./file1\x00', 0x40, &(0x7f00000000c0)={[{@user_xattr}, {@nodioread_nolock}]}, 0x1, 0x576, &(0x7f00000010c0)="$eJzs3T1sG2UfAPD/neO3X3nf9JXeVwLUoQKkIlV1kn5AYWpXRKVKHZBYIHLcqIoTV7EDTZQh3StEBwSoS9lgYAQxMCAWRlYWEDNSRSOQmg5g5K80TZzglDouud9POvuee87+P8+d/499pzs5gMw62nhII56OiItJxMi6uqFoVx5trbe6slS8v7JUTKJev/RLEklE3FtZKnbWT9rPhyJiOSKeiohv8hHH081xqwuL0xPlcmmuXR6tzVwdrS4snrgyMzFVmirNnnrp5TNnT58ZPzm+/mX36+tL+Z319caPN9+98d2rt29++tmR5eL7E0mci+F23fp+PE6tbZKPcxuWn+5HsAFKBt0AHkmuneeNVPp/jESunfXd1Ed2tWlAn9X3RdSBjErkP2RU53dA4/i3M+3m748751sHII24q+2pVTPUOjcR+5vHJgd/TR46Mmkcbx7ezYayJy1fj4ixoaHNn/+k/fl7dGOPo4H01dfnWztq8/5P18af6DL+DHfOnf5NnfFvddP49yB+bovx72KPMX5/46ePtox/PeKZrvGTtfhJl/hpRLzVY/xbr395dqu6+scRx6J7/I5k+/PDo5evlEtjrceuMb46duSV7fp/cIv4rXO2+5tfM922f5fT2l198e3nzy5vE/+F57bf/922/4GIeK/H+P+998lrW9XduZ7cbfwK2On+TyIft3uM/+K5oz/0uCoAAAAAAAAAALADafNatiQtrM2naaHQuof3f3EwLVeqteOXK/Ozk61r3g5HPu1caTXSKieN8nj7etxO+eSG8qlcO2DuQLNcKFbKkwPuOwAAAAAAAAAAAAAAAAAAADwpDm24//+3XPP+/41/Vw3sVVv/5Tew18l/yK6H8z8ZWDuA3ef7HzKrLv8hu+Q/ZJf8h+yS/5Bd8h+yS/5Ddsl/AAAAAAAAAAAAAAAAAAAAAAAAAADoi4sXLjSm+v2VpWKjPDm0MD9defvEZKk6XZiZLxaKlbmrhalKZapcKhQrM3/1fkmlcnUsZuevjdZK1dpodWHxzZnK/GznP0VL+b73CAAAAAAAAAAAAAAAAAAAAP55hptTkhYiIm3Op2mhEPHviDicRHL5Srk0FhH/iYjvc/l9jfL4oBsNAAAAAAAAAAAAAAAAAAAAe0x1YXF6olwuzWVkZmgnK0fE8uNtRuMdd/yqfHtfPSnb0EwWZgY8MAEAAAAAAAAAAAAAAAAAQAY9uOm311f80d8GAQAAAAAAAAAAAAAAAAAAQCalPycR0ZiOjTw/vLH2X8lqrvkcEe/cuvTBtYlabW68sfzu2vLah+3lJwfRfqBXnTzt5DEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwQHVhcXqiXC7N9XFm0H0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBR/BgAA///eANcP")
mlockall(0x6)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x15)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1, <r2=>0xffffffffffffffff}, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000a40)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x10)
pwrite64(r0, &(0x7f0000000140)='2', 0xfdef, 0xe7c)

7.938625897s ago: executing program 6 (id=5434):
symlink(&(0x7f0000001780)='./file0/../file0\x00', &(0x7f0000000180)='./file0\x00')
r0 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x2)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000200)='kfree\x00', r2}, 0x18)
write$binfmt_script(r0, &(0x7f0000000300)={'#! ', './file0'}, 0xb)
execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

7.845608698s ago: executing program 6 (id=5437):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x89901)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x22004002, &(0x7f0000000140)={[{@jqfmt_vfsold}, {@nojournal_checksum}, {@noload}, {@noinit_itable}, {@usrjquota}, {@grpjquota, 0x2e}], [{@seclabel}]}, 0x81, 0x46c, &(0x7f00000004c0)="$eJzs3MtvG8UfAPDvrpP09ctD/ZVHH1BDQUQUkiYU6IELCKRekJDgAMeQhqrUbVETJFpVtCBUjoi/ADgi8RdwggsCTiCucEdIFeqFwgEtWnu3dWIndZwYN/jzkdae2YdnZmcnnp3xJoCBVc1fkogsIn6OiPFGdPkO1cbbjeuX5v+8fmk+iSx7+fekvt8f1y/Nl7uWx+0qIpNpRPpBEvvbpLt44eLpuVpt4XwRn14689b04oWLj586M3dy4eTC2dljx44+MfP0U7NPbko5R/O87nv33IG9x1/7+MX5LF7/7os8v/8rtjeXo2Fiw2lWo7r8XNaN1F8f3vCn31lGm8LJUB8zwrpUIiKvruF6+x+PStyqvPF44f2+Zg7oqSzLsm0taytl4EoG/Icl0e8cAP1RftHn97/l8i92P/ru2rONG6C83DeKpbFlKNL8bXvjjn20R+lXI+LVK399ki/RdhwCAGBzfZX3fx5r1/8bS+5u2m+smBuaiIjDEbE7Iv4fEXsi4q6IyPe9JyLuXWf61RXx1v7Pjzu6KliH8v7fM8Xc1vL+X1ruMlEpYqP18g8nb5yqLRwpzslkDG/L4zNrpPH18z99tNq25v5fvuTpl33BIh+/Da0YoDsxtzS3kTI3u/ZexL6hduVPbs4EJBGxNyL2dfH5+Tk79ejnB/Lw2K7W7QduW/41bMI8U/ZZxCON+r8SK8pfShoprTY/Ob09agtHpsurotX3P1x9qTk+3BS+ff33Vl7/O9te/0X5y2ZQztcurj+Nq798uOo9TbfX/0jySj08Uqx7Z25p6fxMxEixYtn62VvHlvFy/7z8k4falX8s2R3x96fFcfuLa/W+iLg/Ig4WeX8gIh6MiENrlP/b5x56c+0z1N/6P7FW/UdMJM3z9V0EKqe/+XK19Dur/6P10GSxppO/f51mcCPnDgAAALaKtP4b+CSduhlO06mpxm/498TOtHZucelwNd4+e6LxW/mJGE7Lka7xpvHQmWJsuIzProiXY15ZtqMen5o/V+vVnDrQmV2rtP/cr5V+5w7ouXXNo7U+0QZsYZ7XhMGl/cPg0v5hcGn/MLjatf/LETeaoj19CAPoH9//MLi0fxhc2j8MLu0fBlLrI/HlSF83T/rfCuw+vqHDByhQ6dEnR/M/7ehBINK+n7ruA+mdkI2DRWBbRHR61OWe1unK6wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDr+ycAAP//ENre5A==")

7.683177761s ago: executing program 6 (id=5440):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r2 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./bus\x00', 0x289c2, 0x1)
fcntl$setlease(r2, 0x400, 0x1)
fremovexattr(r2, &(0x7f0000000040)=@known='system.posix_acl_default\x00')

7.08405874s ago: executing program 7 (id=5461):
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000003800)=@raw={'raw\x00', 0x3c1, 0x3, 0x2b0, 0x0, 0x5c, 0x160, 0xd0, 0x3e0, 0x1e0, 0x228, 0x25a, 0x1e0, 0x228, 0x4, 0x0, {[{{@ipv6={@remote, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', [], [0x0, 0x1fe], 'veth0_to_batadv\x00', 'batadv_slave_0\x00', {}, {0xff}}, 0x5002, 0xa8, 0xd0, 0x52020000, {0x0, 0x6802000000000000}}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@dev, @mcast1, [], [], 'virt_wifi0\x00', 'lo\x00', {}, {}, 0x89}, 0x0, 0xa8, 0x110}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x7, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x310)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$unix(r0, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000080)="03", 0x1}], 0x1, &(0x7f0000000280)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0xc, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, [@ringbuf_output={{0x18, 0x2, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xc}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x43}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000001640)='kfree\x00', r3}, 0x10)
recvmmsg(r1, &(0x7f0000001140), 0x700, 0x2, 0x0)

7.08371103s ago: executing program 35 (id=5461):
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000003800)=@raw={'raw\x00', 0x3c1, 0x3, 0x2b0, 0x0, 0x5c, 0x160, 0xd0, 0x3e0, 0x1e0, 0x228, 0x25a, 0x1e0, 0x228, 0x4, 0x0, {[{{@ipv6={@remote, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', [], [0x0, 0x1fe], 'veth0_to_batadv\x00', 'batadv_slave_0\x00', {}, {0xff}}, 0x5002, 0xa8, 0xd0, 0x52020000, {0x0, 0x6802000000000000}}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@dev, @mcast1, [], [], 'virt_wifi0\x00', 'lo\x00', {}, {}, 0x89}, 0x0, 0xa8, 0x110}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x7, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x310)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$unix(r0, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000080)="03", 0x1}], 0x1, &(0x7f0000000280)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0xc, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, [@ringbuf_output={{0x18, 0x2, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xc}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x43}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000001640)='kfree\x00', r3}, 0x10)
recvmmsg(r1, &(0x7f0000001140), 0x700, 0x2, 0x0)

7.046601881s ago: executing program 6 (id=5466):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0xfffff000)
mremap(&(0x7f00006bd000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000721000/0x4000)=nil)
munmap(&(0x7f0000a88000/0x1000)=nil, 0x1000)
mremap(&(0x7f0000807000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000ffe000/0x1000)=nil)
mremap(&(0x7f000061c000/0x13000)=nil, 0x13000, 0x4000, 0x3, &(0x7f0000fb0000/0x4000)=nil)
mremap(&(0x7f00007b2000/0x4000)=nil, 0x4000, 0x3000, 0x3, &(0x7f0000968000/0x3000)=nil)
mremap(&(0x7f000046b000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000769000/0x1000)=nil)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)

7.014431281s ago: executing program 36 (id=5466):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0xfffff000)
mremap(&(0x7f00006bd000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000721000/0x4000)=nil)
munmap(&(0x7f0000a88000/0x1000)=nil, 0x1000)
mremap(&(0x7f0000807000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000ffe000/0x1000)=nil)
mremap(&(0x7f000061c000/0x13000)=nil, 0x13000, 0x4000, 0x3, &(0x7f0000fb0000/0x4000)=nil)
mremap(&(0x7f00007b2000/0x4000)=nil, 0x4000, 0x3000, 0x3, &(0x7f0000968000/0x3000)=nil)
mremap(&(0x7f000046b000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000769000/0x1000)=nil)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)

683.277389ms ago: executing program 9 (id=5604):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @multicast2}, 0x2}}, 0x2e)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdde, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2}, 0x18)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r3, &(0x7f00000000c0)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast1}, 0x2, 0x2}}, 0x26)
close_range(r1, 0xffffffffffffffff, 0x0)

630.887529ms ago: executing program 9 (id=5606):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xa, 0x20000261, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000380)='./file2\x00', 0x404, &(0x7f0000000140)={[{@bh}, {@noauto_da_alloc}, {@mblk_io_submit}, {@journal_dev={'journal_dev', 0x3d, 0xaa9}}, {@journal_dev={'journal_dev', 0x3d, 0x4}}, {@quota}]}, 0x13, 0x440, &(0x7f00000005c0)="$eJzs28tvG8UfAPDv2nH66+uXUJVHH0CgICoeSZOW0gMXEEgcQEKCQzmGJK1K3QY1QaJVBIFDOaJK3BFHJP4CTnBBwAmJK9xRpQrl0sLJaO3dxHbtNE6cOI0/H2nbmd2xZr6eHXt2Jg6gb42k/yQR+yLij4gYqmUbC4zU/ruztDD1z9LCVBKVyjt/J9Vyt5cWpvKi+ev2VjPF5bNHWtQ7d/XaxclyeeZKlh+bv/Th2NzVay9cuDR5fub8zOWJM2dOnRx/6fTEi12JM43r9uFPZo8eeuO9G29Nnb3x/i/fJXn8TXF0ychqF5+uVLpcXW/tr0snAz1sCB1JR2naXaXq+B+KYqx03lC8/nk1oT9hR6pUKpWH2l9erAA7WBK9bgHQG/kXffr8mx9bNPXYFm69Unu+SeO+kx21KwNRyMqUmp5vu2kkIs4u/vt1esTmrEMAADT4IZ3/PN9q/leI+nWh/2d7KMMR8UBEHIiI0xFxMCIejKiWfTgiHumw/uZNkrvnP4WbeWqw0+DWIJ3/vZztbTXO//LZXwwXs9z+avyl5NyF8syJ7D05HqVdaX58lTp+fO33L9tdq5//pUdafz4XzNpxc2BX42umJ+cnNxJzvVufRRweaBV/srzsn0TEoYg4vM46Ljz77dF21+4d/yq6sC9R+SbimVr/L0ZT/Llk9f3Jsf9FeebEWH5X3O3X366/3a7+DcXfBWn/72l5/y/HP5zU79fOdV7H9T+/aPtMs977fzB5t+Hcx5Pz81fGIwaTN2uNrj8/0VRuYqV8Gv/xY63H/4FYeSeORER6Ez8aEY9FxONZ25+IiCcj4tgq8f/86lMfrD/+zZXGP91R/68kBqP5TOtE8eJP3zdUOtxJ/Gn/n6qmjmdn1vL5t5Z2re9uBgAAgPtPISL2RVIYXU4XCqOjtb/hPxh7CuXZufnnzs1+dHm69huB4SgV8pWuobr10PHssX4wy09k+fz6yWzd+Kvi7mp+dGq2PN3r4KHP7W0z/lN/FXvdOmDT+X0P9C/jH/qX8Q/9y/iH/tVi/O/uRTuArdfq+//THrQD2HpN49+2H/QRz//Qv4x/6F/GP/Slud1x7x/J76hEIbZFM+77RBS2RTM2lChtj2Zsy0SvP5kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC6478AAAD//5gk5Pc=")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x0, 0x0)
open_by_handle_at(r2, &(0x7f0000000000)=@shmem={0xc, 0x1, {0x2}}, 0x40000)

613.88511ms ago: executing program 4 (id=5607):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
listen(r0, 0xfffffffc)
r1 = syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x34f}, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000080)=<r3=>0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0xd, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_MADVISE={0x19, 0x7b, 0x0, 0x0, 0x0, &(0x7f0000011000/0x4000)=nil, 0x4000, 0xc})
io_uring_enter(r1, 0x47bc, 0x0, 0x0, 0x0, 0x0)

505.166652ms ago: executing program 4 (id=5610):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r0}, 0x10)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x1)
r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x1f4)
r2 = dup2(r1, r1)
ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x200000a, 0x1, 0x8})
ioctl$BLKTRACESETUP(r2, 0x1276, 0x0)

427.956553ms ago: executing program 1 (id=5611):
r0 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bond0\x00', <r1=>0x0})
bind$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local}, 0x14)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newlink={0x4c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x300}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x8}]}}}, @IFLA_LINK={0x8, 0x5, r4}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x4c}}, 0x0)

393.294363ms ago: executing program 9 (id=5612):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000000)='kmem_cache_free\x00', r0, 0x0, 0x4}, 0x18)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r2 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f00000003c0)={0x0, {0x2, 0x4e20, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x2, 0x4a24, @dev={0xac, 0x14, 0x14, 0x1a}}, {0x2, 0x4e21, @multicast2}, 0x4, 0x0, 0x0, 0x0, 0x8, 0x0, 0x6f8, 0x1ff, 0x9})
write$tun(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="080000fa"], 0xdc)

392.327963ms ago: executing program 4 (id=5614):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x52)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f00000003c0)='kmem_cache_free\x00', r0}, 0x10)
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x360, &(0x7f0000000b00)="$eJzs3c1rO0UYwPEnaZImKW1yEEVBOtiLXpY2ehaDtCAELG0jtoKwbTcasiYlG6oRse3Jq3j3JHgovVnwUND+A71404sI3noRPFhBXdm3ZPPWl5g0/trvB0omM/PszmQn5dm0m718+/MPKiVLK+kNiSaVRERErkSyEpVAxH+MuuWEhB3KSzO///j8+mYx6VWolfzGyzml1Nz8dx9+kvK7nU3LRfbdy99yv148ffHs5T8b75ctVbZUtdZQutqu/dzQt01D7ZatiqbUqmnolqHKVcuoe+3f+Nsxa3t7TaVXd2fTe3XDspRebaqK0VSNmmrUm0p/Ty9XlaZpajYtuEnxeG1Nzw8ZvDPiwWBM6vW8PiUiqZ6W4vFEBgQAACaqO/+POin9MPn/lswVCstryunczv9PXjhvzLx1Oufn/2eJfvn/Kz952+rI/53TiXb+X/POD0o35/9fyh3y/96M6HEZOv/PjmEwGM58oqcq0vHMyf/T/vvXdfTOyaJbIP8HAAAAAAAAAAAAAAAAAAAAAOBJcGXbGdu2M8Fj8NO+hMB/jgdp0PGfFpGkc/Rtjv9Dtr65JUn3wj3nGJuf7Rf3i96j3+FcREwx/ra7OWsjuPJIObLyvXngxx/sF6fclnxJyk68LElGsu56CsXb9sobheUl5fHjW5cppcPxOcnIU+H4b93V6cTnOuP9/SfkxYVQvCYZ+WFHamLKrhvZ3v+nS0q9/mahKz7l9hORX+79oAAAAAAAMGKaaul7/q5pg9q9bxnJl9yPiQxZlIz81f/8frHv+Xks81xs0rMHAAAAAOBxsJofV3SJGnW3YJr9CikZ2DSCQqyjJi4ifTsnumri1215KjTD244nId4dTP7rvL4KXtW7RAX/SOEMvNXk31FFhhtPMH+3JhJrNf1513lFDsVdAIfhpqjcIjzWPfh5p0L17bwwcDtH/kRaNcHHRokBr7Os9m4nes1KiPfU2JHhFsAzX3z9x+jeIK+e+ivgo5s7H5mGfSC3OShdBWcXvU3xsf/iAQAAAHDv2kl/UPNauDl8I5HwzXL4yz0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAACM0lq/06ypMeo4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/8W/AQAA//9/d/Qh")
r1 = open(&(0x7f0000000080)='./file0\x00', 0x40c5, 0x130)
r2 = open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x51)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x3, 0x0, 0x17, 0x8}}, 0x20)
write$9p(r1, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff5295e8cd6f55ce071b304aa0a588b3b7a2efa2f167dd9c1b8b016268d37d9a30983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e7", 0x1f1)
sendfile(r1, r2, 0x0, 0xe065)

381.145224ms ago: executing program 8 (id=5615):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f00000004c0), &(0x7f0000003300)=""/172}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r1}, 0x18)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000140)={0x28, 0x0, 0x0, @host}, 0x10)

340.257324ms ago: executing program 0 (id=5616):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000280)=0x2, 0x4)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c)
sendto$inet6(r0, &(0x7f00000001c0)="a6e2976b5c4383036d32dadd2e144d8645ca8d1b230e105614396838da83c754887e7bea2f35d4ea667817d90d532af065f2e398dd9081ea16f8b371a202a6f9e505bbc964a0d3880bf0104a0a0a2f0d311efee1637e85a0125b38f961918f99bf9c2c146e42327f178dc2b3d4936e7f7f0a79f74ba464d83ab41742d1186776dc1779b5c50ac82d0fa8f9e42074b5b6079207fb21e718080907964669be539791e3e98687ee059853", 0xfffffffffffffcc1, 0x840, 0x0, 0x56)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x2, 0x11, r1, 0x0)
recvmsg(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000b80)=[{&(0x7f0000000780)=""/243, 0x11000}], 0x1}, 0x142)

307.033185ms ago: executing program 8 (id=5617):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={&(0x7f00000007c0)='skb_copy_datagram_iovec\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={&(0x7f00000007c0)='skb_copy_datagram_iovec\x00', r1}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000003c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x0)
recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x10100)

306.358855ms ago: executing program 4 (id=5618):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000380)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002b80)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r1, 0x0, 0x5}, 0x18)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
sendmsg$NL802154_CMD_DEL_SEC_DEVKEY(0xffffffffffffffff, &(0x7f0000000e40)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000180)={0x14, 0x0, 0x1, 0x70bd25, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x20000041}, 0xc880)
write$cgroup_subtree(r2, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x75)

284.782395ms ago: executing program 0 (id=5619):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20702, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000b00)=@newqdisc={0x24, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}, {0x2, 0x1}}}, 0x24}, 0x1, 0x0, 0x0, 0x400dc}, 0x4000080)

283.807275ms ago: executing program 1 (id=5620):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x1, 0x4, 0x523, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='blkio.bfq.io_service_bytes\x00', 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000080)='netlink_extack\x00', r1}, 0x10)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6_vti0\x00', 0x200})
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8922, &(0x7f0000000080))

268.753715ms ago: executing program 8 (id=5621):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10)
umount2(&(0x7f00000001c0)='./file0\x00', 0x0)

243.657706ms ago: executing program 4 (id=5622):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'ip6_vti0\x00', <r3=>0x0})
sendto$packet(r0, &(0x7f0000000180)="10030600e0ff020004004788aa96a13bb100001100007fca1a00", 0x10608, 0x0, &(0x7f0000000140)={0x11, 0x0, r3}, 0x14)

240.095135ms ago: executing program 1 (id=5623):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000010080)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000400)='locks_get_lock_context\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000400)='locks_get_lock_context\x00', r2}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000600)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
fcntl$lock(r3, 0x26, &(0x7f0000000000))

227.634586ms ago: executing program 8 (id=5624):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
preadv(0xffffffffffffffff, 0x0, 0x0, 0xf0, 0x3)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000c80)={'lo\x00', <r3=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(r2, 0x8916, &(0x7f0000005b80)={@loopback, 0x33, r3})

214.078886ms ago: executing program 9 (id=5625):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='kfree\x00', r0}, 0x18)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x275a, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x12, r1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000540), 0x84)
perf_event_open(&(0x7f00000004c0)={0x8, 0x80, 0x0, 0xf, 0x0, 0x0, 0x82, 0x200000000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x9}, 0x18804, 0x0, 0x3, 0x0, 0x0, 0x5338c7af, 0x0, 0x0, 0x1, 0x0, 0x2}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

195.506036ms ago: executing program 0 (id=5626):
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0)
socket$inet6(0xa, 0x2, 0x0)
socket$inet6(0xa, 0x3, 0x6)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="5c00000000010104000000000000000002001000240002801400018008000100e000000108000200e00000010c00028005000100000000001c0010800800014000000000d97405010000000008000240000000000800", @ANYRES64=r1], 0x5c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000)

171.554107ms ago: executing program 4 (id=5627):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240)={0x0, <r1=>0x0}, &(0x7f0000000280)=0x5)
setuid(r1)
r2 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x0, 0x2, 0xbfdffffc}, &(0x7f0000000000)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, r2, 0x0, &(0x7f0000000040)='./file0\x00', 0x64, 0x183000, 0x23456})
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002)
io_uring_enter(r2, 0x47f6, 0x0, 0x2, 0x0, 0x0)

166.008267ms ago: executing program 8 (id=5628):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff010000850000000e000000850000005000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x18)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0))
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x0, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000071127f000000000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x34)
bpf$MAP_LOOKUP_ELEM(0x5, &(0x7f00000000c0)={r1, &(0x7f0000000000), &(0x7f0000000040)=""/73}, 0x70)

151.806207ms ago: executing program 1 (id=5629):
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=@newqdisc={0x38, 0x24, 0xf0b, 0x13, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0x5}, {0xffff, 0xffff}, {0xffff}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}}, 0x8000)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$ARPT_SO_SET_ADD_COUNTERS(r2, 0x0, 0x60, &(0x7f0000000080)={'filter\x00', 0x1058, [{0x11}, {0x0, 0x100000000000000}]}, 0x68)

141.939177ms ago: executing program 0 (id=5630):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1, 0x0, 0xfffffffffffffffc}, 0x18)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x12, r2, 0x0)
mlock2(&(0x7f0000003000/0x4000)=nil, 0x4000, 0x0)

112.206818ms ago: executing program 8 (id=5631):
r0 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x80, 0x2, 0x8b6}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000300)=<r2=>0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bf"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r3}, 0x18)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, r0, 0x0, &(0x7f0000000040)='./file0\x00', 0x64, 0x183000, 0x23456})
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002)
io_uring_enter(r0, 0x47f6, 0x0, 0x2, 0x0, 0x0)

111.708128ms ago: executing program 1 (id=5632):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$SMC_PNETID_GET(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r0, &(0x7f00000005c0)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000580)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000780)=@newlink={0x44, 0x10, 0x437, 0x1, 0x25dfdbf8, {0x0, 0x0, 0x0, r1, 0x40c89}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipip={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_LOCAL={0x8, 0x2, @remote}]}}}, @IFLA_NUM_TX_QUEUES={0x8, 0x1f, 0x6}]}, 0x44}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
r2 = socket$inet(0x2, 0x2, 0x0)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @remote}, 0x10)
sendmmsg$inet(r2, &(0x7f00000017c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r1, @empty, @loopback}}}], 0x20}}], 0x1, 0x4040880)
sendmmsg$inet(r2, &(0x7f0000001100)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000a80)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r1, @local, @local}}}], 0x20}}], 0x1, 0x4000800)

94.674588ms ago: executing program 9 (id=5633):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'bond0\x00', <r3=>0x0})
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000800)=@newqdisc={0x94, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r3, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x64, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], 0x0, [0x8, 0x4, 0x0, 0x0, 0x16f8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x4]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x8, 0x2, 0x0, 0x1, [{0x4}]}]}}]}, 0x94}}, 0x0)

84.576658ms ago: executing program 0 (id=5634):
r0 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4)
setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='batadv_slave_0\x00', 0x10)
ioctl$SCSI_IOCTL_DOORLOCK(0xffffffffffffffff, 0x5380)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000140), 0x4)

11.649339ms ago: executing program 0 (id=5635):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xffffffffffffffe9)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000040), &(0x7f0000000280)='%-010d \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r3 = dup(r2)
write$UHID_INPUT(r3, &(0x7f0000001040)={0xf, {"a2e3ad21ed0d09f91b3d090987f70e06d038e7ff7fc6e5539b0d650e8b089b3f360068090890e0878f0e1ac6e7049b3341959b759a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d07640936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15ffffffffffffffff1243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f423500c7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9cc8036cbd65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400", 0x1000}}, 0x1006)

11.142579ms ago: executing program 9 (id=5636):
r0 = memfd_create(&(0x7f0000000bc0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85Q\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~Mx\x02\x00(v\xe6`\x026\xfcgC\xb5\xf0\x13.zb\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x80\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0F91 ^x\x85\x80[\xa3B\n#!\xc2R\xdd\xf4)\xba\x1e\xfb6U\xabc\xda\x9a)\xc3\x9a\x06\xc5\xccP)\xdf.\xa7-\x84\xdf8\xbf\xfc1^}B\xee\xccR/z\x1e\xe8\x1e\x99\x99\n\xf4u\xd4\xbd^L\xb2j\xda\xff\x1d\x10\xc8\xad\xbd_OI\xb1\xe8y\x003\a\x06\x92\x8e\n\x8b\xf3\xd4G\x85\xbd\x1a\x81+3\x99jq\xd1\xacK^\xef\xb6!8\xcd?\x1e\\\x16W2\xbd4$zn\xa9\x7f\x9dE\xaf\x0f\xdb\xe0\xfa\x10\xc3\xb2\xf8\x80\x8c\xec$\xda\xc0\x94y1\t\xc5`\xda\xca\xd1\xab:\x18\x10\x9b\xd0w', 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000300)='kmem_cache_free\x00', r2}, 0x18)
write$binfmt_misc(r0, &(0x7f0000000180)="e502", 0x2)
syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000800)='./file0\x00', 0x0, &(0x7f0000001140)=ANY=[@ANYBLOB="757466382c626c6f636b3d307830303030303030303030303030323030006e6f726f636b2c63727566742c6d61703d6f66662c646d6f64653d3078303430303030303030303030303063664173657373696f6e3d3078303030303030303030303030303033382c756e686964652c756e686964652c6769643d29e0cd5c372ab078c28fb05c6421428d066455368833565fd726743513f4466efa8d4fba06d57341875f5775ab343c0f6bc59fbde784ec3597e0e286d8d0dbf360afa3bc5c145b6e4f8b0305932fb55ff13f9fcb5035769f5fca33ac02bdeacb24c58103edc3d8b46df7614aa493952584ee662174309b11a4ad19e64dcdeeca1c148170b8d1aaf26082364b0d90d63d8502ffa63dde945e4612ac134315f389af667a04931ad25ff10b9b5107e517dbbcf5dcb60f564f54b344218d9325b53e829c38c96c69adc9e745202923a1b8124333cce0a8f1c748d42a272eb3e5502051090f1ac34fe5e8f038", @ANYRES8, @ANYRESHEX], 0x2, 0x699, &(0x7f0000000140)="$eJzs3V9rG9n9x/HPyLIte3+E5dcSQsifk6QLDk2VkbxxMCl01dHInlbSiBm52FBY0o29hMjZNkmh8c3WN/0D2yfQu970og+i0Ot9Fr0pLSztXaE3KnNmJEvRv3ijOLvN+2V2NTrznTnfmaPoy9iaIwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADle1XVLjupBc2fXTOZVo7AxZX26t0XdTBduzuxXcpL/VCjoQtp04Zsnq88n/7uuS+mzSyokDwUdvXP+3XvfyOd6209J6MvQaXf49PnRo/udzv6Tl4hd0Kl3/yYp11taycZkTNCW3wziMGhUtnwTxKHZ3Nhwb2/XYlML6n68F7f9hvEiP9cOI7Pm3TSlzc114xf3wp3mVrVS93uNd79Tdt0N84PldKAlFWNvO6jXg+aWjUlWJzF3zWc/TgP8SsOYg4ed/fVZR5IElV4mqDwrqOyWy6VSuVzauLN5567r5kca3ITj9mkkYu4vWnzNzOeNG5iDXFL//+pIdRXU1I52Zcb+eKoqUqjGhPWZXv1/77Y/td/B+t+r8hek72WrL8rW/yvpsyuT6v+EXIyM3WDcGmdC++l+Fm1GRk/1XEd6pPvqqKN9PZnDvo3M1bns5Qx+tuSrqUCxQgVqqGJbTNZitKkNbcjVh9pWTbGMagpUl69Ye4rVlm9fUZ4i+aqorVCRjNbk6aaMStrUptZl5KuoPYXaUVNbqqqif3e73QM9tOd9fUqO6gWVJgQsDwaVp+xpUv3/yafp6zSr/y71/22Vvg6W04fPp8UAXwHd7Pp/UG72ZldfX0YAAAAAAGDeHPvbd8f+7f6ypK5qQd1333RaAAAAAABgjhx1l3VJTnL9L+myHK7/AQAAAAD4X+PYe+wcSav2Q/3OyZ1QL/NLgIUzSBEAAAAAALwie+f/lSWpayetuCrnVNf/AAAAAADga+A3A3Ps53tz7HZ7f9bPSYpby86f/7msaNE5bu1+yzmsJGsqh1nMyCcA2rWLzrlsol77sCTJPvP8S07WWzYJZn/ewS8OZs3170QvJLC0MLiDCQk4Sc8b+eyZPtO1dJNr2TzzD45ysmvSXlZrQd0vemH9XkmVyrlc299t//zxw19IUf84Dx529osffdJ5YHM5TpqOD5OdfjqUTm78yTjJ5Zmdb8HeczHuiFdU63X522Zj1bH9ur3jX1DlMDfY0bQBOOnzV7qejtn11TR29ag/435y/IXk+EtFO2RDRx8tOidZlF488nEDMSGLgs3iRhpzY+2Gyn9Ll/ujkHMK316QysXRMRjKojyYxexz4fxr5FwMZGEfemsGzsV6ksVfkh1NyGL9dFmMjAgAvCkHuiz7LnRZdhLzfhUqZHW3Vx56b2pfqu7Mru4fDFf3Z7/vdu0GC1I++9vE1F4KSt7R1xxbh5bSQ8pfHPOO7mZ1paAJ7+juK1S3pK8/nXwHUpb2SBb/6Xa790q239+9UFX/MNTdSL9xvbyQnMLbzw5/aifAT3y8//H+43J5fcN933XvlLVoDyN7WBC1BwAwYvZ37MyMcN7XtTTi2oN/vJcuDVW8/+9/pKCoj/SJOnqgW72vELg6fq+rAx9DuJVetWrgqtWcf/ee/V664diSbk28qrO1dCC23I9dVG+T4Up9Erv+mkcBAICzdX1GHR5f/wtD9f+W1tKItYtjr7uHa3l2ddy/pJ8UW5qd/AfzPhsAALwd/OgLZ7X9ayeKgtaHpc3NUqW97Zso9H5ooqC65Zug2fYjb7vS3PJNKwrboRfWTSvSclD1YxPvtFph1Da1MDKtMA527Te/m+yr32O/UWm2Ay9u1f1K7BsvbLYrXttUg9gzrZ3v14N424/sxnHL94Ja4FXaQdg0cbgTeX7RmNj3BwKDqt9sB7UgWWyaVhQ0KtGe+VFY32n4purHXhS02mG6w15fQbMWRg2722K+O+7zAgAAvHWePj96dL/T2X/y4sJKcmmethxrQszowpKePk+uypOWfLaKOYIAAPiKOSngp9io8BoTAgAAAAAAAAAAAAAAAAAAAAAAI2bf0nfKhcVxNwtK/Zafncta9Eud3GI4sh9H807sNAu5027VuyXi6NHnU4JX+i290z8Yc3xmB/j3/5PesS1KW/Lz72tlyuC+joXvHqRndGJMsnLsquX+WOTn/88hWXj8xwmrut1ud/rmy8PncGnaAQ4v5CU9WXqFITj79yIAZ+u/AQAA//9b5DOa")
execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

0s ago: executing program 1 (id=5637):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000040)={0x44, 0x2, 0x6, 0x3, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x44}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @empty=0xfffffffe}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @loopback}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000050)
sendmsg$IPSET_CMD_SAVE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x1c, 0x8, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x4}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000380)={0x0, 0x0})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

it(140.987:3051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10920 comm="syz.0.3195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f87f1e929 code=0x7ffc0000
[  139.482796][T10926] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  139.492025][   T29] audit: type=1326 audit(140.987:3052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10920 comm="syz.0.3195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6f87f1e929 code=0x7ffc0000
[  139.500311][T10926] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  139.524551][   T29] audit: type=1326 audit(140.987:3053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10920 comm="syz.0.3195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f87f1e929 code=0x7ffc0000
[  139.532189][T10926] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  139.532222][T10926] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  139.556149][   T29] audit: type=1326 audit(140.987:3054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10920 comm="syz.0.3195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6f87f1e929 code=0x7ffc0000
[  139.599981][   T29] audit: type=1326 audit(140.987:3055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10920 comm="syz.0.3195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f87f1e929 code=0x7ffc0000
[  139.629531][T10926] netdevsim netdevsim3 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[  139.638351][T10926] netdevsim netdevsim3 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[  139.647550][T10926] netdevsim netdevsim3 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[  139.657282][T10926] netdevsim netdevsim3 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[  139.716939][T10937] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3203'.
[  139.765430][T10941] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3205'.
[  139.803437][T10941] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3205'.
[  140.194054][T10980] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  140.305949][T10997] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3225'.
[  140.497986][T11016] netlink: 576 bytes leftover after parsing attributes in process `syz.3.3236'.
[  140.586611][T11020] loop3: detected capacity change from 0 to 2048
[  140.600891][T11020] EXT4-fs mount: 4 callbacks suppressed
[  140.600909][T11020] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  140.624317][T11020] EXT4-fs error (device loop3): ext4_ext_precache:632: inode #2: comm syz.3.3238: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 5(5)
[  140.643379][T11020] EXT4-fs (loop3): Remounting filesystem read-only
[  140.708081][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  140.755955][T11029] netlink: 'syz.3.3241': attribute type 1 has an invalid length.
[  140.783884][T11029] 8021q: adding VLAN 0 to HW filter on device bond1
[  140.812638][T11029] bond1: (slave gretap1): making interface the new active one
[  140.821583][T11029] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  140.866685][T11043] wireguard1: entered promiscuous mode
[  140.872384][T11043] wireguard1: entered allmulticast mode
[  140.948870][T11052] loop3: detected capacity change from 0 to 8192
[  140.957129][T11052] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  141.320663][T11095] 9pnet: p9_errstr2errno: server reported unknown error 18446744
[  141.375753][T11097] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3268'.
[  141.726164][T11128] block device autoloading is deprecated and will be removed.
[  141.831956][T11134] tipc: Enabled bearer <udp:syz1>, priority 10
[  142.186922][T11159] netlink: 'syz.2.3288': attribute type 2 has an invalid length.
[  142.519757][T11217] 9pnet: p9_errstr2errno: server reported unknown error 18446744
[  142.727616][T11213] netlink: 'syz.3.3309': attribute type 2 has an invalid length.
[  142.889834][T11248] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3326'.
[  143.174667][ T6735] kernel write not supported for file bpf-prog (pid: 6735 comm: kworker/0:13)
[  143.236751][ T8882] IPVS: starting estimator thread 0...
[  143.341821][T11295] IPVS: using max 2256 ests per chain, 112800 per kthread
[  143.487570][T11304] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  143.497107][T11304] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  143.511896][T11322] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.3359'.
[  143.521814][T11322] netlink: zone id is out of range
[  143.527723][T11322] netlink: zone id is out of range
[  143.533549][T11322] netlink: zone id is out of range
[  143.538913][T11322] netlink: zone id is out of range
[  143.544688][T11322] netlink: del zone limit has 8 unknown bytes
[  143.718096][T11324] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3360'.
[  143.729203][T11324] netlink: 'syz.1.3360': attribute type 4 has an invalid length.
[  144.041010][T11353] netlink: 68 bytes leftover after parsing attributes in process `syz.1.3373'.
[  144.084471][   T29] kauditd_printk_skb: 200 callbacks suppressed
[  144.084495][   T29] audit: type=1326 audit(145.953:3256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11356 comm="syz.2.3375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40e249e929 code=0x7ffc0000
[  144.119994][   T29] audit: type=1326 audit(145.984:3257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11356 comm="syz.2.3375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=111 compat=0 ip=0x7f40e249e929 code=0x7ffc0000
[  144.145214][   T29] audit: type=1326 audit(145.984:3258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11356 comm="syz.2.3375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40e249e929 code=0x7ffc0000
[  144.168811][   T29] audit: type=1326 audit(145.984:3259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11356 comm="syz.2.3375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40e249e929 code=0x7ffc0000
[  144.197120][   T29] audit: type=1326 audit(146.068:3260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11356 comm="syz.2.3375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=434 compat=0 ip=0x7f40e249e929 code=0x7ffc0000
[  144.220479][   T29] audit: type=1326 audit(146.068:3261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11356 comm="syz.2.3375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40e249e929 code=0x7ffc0000
[  144.244030][   T29] audit: type=1326 audit(146.068:3262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11356 comm="syz.2.3375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40e249e929 code=0x7ffc0000
[  144.328067][   T29] audit: type=1326 audit(146.194:3263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11363 comm="syz.1.3378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f814d27e929 code=0x7ffc0000
[  144.351222][   T29] audit: type=1326 audit(146.194:3264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11363 comm="syz.1.3378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f814d27e929 code=0x7ffc0000
[  144.374648][   T29] audit: type=1326 audit(146.194:3265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11363 comm="syz.1.3378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7f814d27e929 code=0x7ffc0000
[  144.498346][T11376] netlink: 'syz.4.3383': attribute type 10 has an invalid length.
[  144.506482][T11376] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3383'.
[  144.561845][T11376] dummy0: entered promiscuous mode
[  144.574293][T11376] bridge0: port 3(dummy0) entered blocking state
[  144.581412][T11376] bridge0: port 3(dummy0) entered disabled state
[  144.598651][T11376] dummy0: entered allmulticast mode
[  144.786775][T11378] loop3: detected capacity change from 0 to 8192
[  144.891985][   T51] bridge_slave_1: left allmulticast mode
[  144.898532][   T51] bridge_slave_1: left promiscuous mode
[  144.904381][   T51] bridge0: port 2(bridge_slave_1) entered disabled state
[  144.999042][   T51] bridge_slave_0: left promiscuous mode
[  145.004855][   T51] bridge0: port 1(bridge_slave_0) entered disabled state
[  145.106487][   T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  145.118066][   T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  145.152900][   T51] bond0 (unregistering): (slave dummy0): Releasing backup interface
[  145.169886][   T51] bond0 (unregistering): Released all slaves
[  145.190492][   T51] bond1 (unregistering): Released all slaves
[  145.237335][   T51] tipc: Disabling bearer <udp:syz0>
[  145.242699][   T51] tipc: Left network mode
[  145.316773][   T51] hsr_slave_0: left promiscuous mode
[  145.323907][T11433] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3405'.
[  145.333271][   T51] hsr_slave_1: left promiscuous mode
[  145.342933][   T51] batman_adv: batadv0: Removing interface: batadv_slave_0
[  145.357577][   T51] batman_adv: batadv0: Removing interface: batadv_slave_1
[  145.420200][   T51] team0 (unregistering): Port device team_slave_1 removed
[  145.435571][   T51] team0 (unregistering): Port device team_slave_0 removed
[  145.483097][T11433] netlink: 'syz.1.3405': attribute type 1 has an invalid length.
[  145.489836][T11453] loop3: detected capacity change from 0 to 512
[  145.491079][T11433] netlink: 'syz.1.3405': attribute type 2 has an invalid length.
[  145.498660][T11453] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  145.522150][T11453] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842e11c, mo2=0102]
[  145.538169][T11453] EXT4-fs (loop3): orphan cleanup on readonly fs
[  145.551422][T11453] EXT4-fs error (device loop3): ext4_clear_blocks:876: inode #11: comm syz.3.3415: attempt to clear invalid blocks 1024 len 1
[  145.564827][T11386] chnl_net:caif_netlink_parms(): no params data found
[  145.592609][T11453] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.3415: bg 0: block 361: padding at end of block bitmap is not set
[  145.616311][T11453] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  145.658377][T11453] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.3415: invalid indirect mapped block 1811939328 (level 0)
[  145.675274][T11453] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.3415: invalid indirect mapped block 2185560079 (level 1)
[  145.692844][T11453] EXT4-fs (loop3): 1 truncate cleaned up
[  145.699362][T11453] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none.
[  145.715933][T11453] EXT4-fs warning (device loop3): dx_probe:861: inode #2: comm syz.3.3415: dx entry: limit 0 != root limit 125
[  145.728527][T11453] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.3415: Corrupt directory, running e2fsck is recommended
[  145.744394][T11453] EXT4-fs warning (device loop3): dx_probe:861: inode #2: comm syz.3.3415: dx entry: limit 0 != root limit 125
[  145.749157][T11386] bridge0: port 1(bridge_slave_0) entered blocking state
[  145.757054][T11453] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.3415: Corrupt directory, running e2fsck is recommended
[  145.764642][T11386] bridge0: port 1(bridge_slave_0) entered disabled state
[  145.785324][T11386] bridge_slave_0: entered allmulticast mode
[  145.793334][T11386] bridge_slave_0: entered promiscuous mode
[  145.801307][T11386] bridge0: port 2(bridge_slave_1) entered blocking state
[  145.809046][T11386] bridge0: port 2(bridge_slave_1) entered disabled state
[  145.816500][T11386] bridge_slave_1: entered allmulticast mode
[  145.823288][T11386] bridge_slave_1: entered promiscuous mode
[  145.835630][T11453] EXT4-fs warning (device loop3): dx_probe:861: inode #2: comm syz.3.3415: dx entry: limit 0 != root limit 125
[  145.847697][T11453] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.3415: Corrupt directory, running e2fsck is recommended
[  145.861441][T11453] EXT4-fs warning (device loop3): dx_probe:861: inode #2: comm syz.3.3415: dx entry: limit 0 != root limit 125
[  145.873826][T11453] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.3415: Corrupt directory, running e2fsck is recommended
[  145.890831][T11453] EXT4-fs warning (device loop3): dx_probe:861: inode #2: comm syz.3.3415: dx entry: limit 0 != root limit 125
[  145.902913][T11453] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.3415: Corrupt directory, running e2fsck is recommended
[  145.935100][T11386] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  145.946900][T11386] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  145.974746][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  145.997885][T11386] team0: Port device team_slave_0 added
[  146.009142][T11386] team0: Port device team_slave_1 added
[  146.041155][T11386] batman_adv: batadv0: Adding interface: batadv_slave_0
[  146.048316][T11386] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  146.074804][T11386] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  146.076373][T11484] netlink: 596 bytes leftover after parsing attributes in process `syz.3.3424'.
[  146.099963][T11386] batman_adv: batadv0: Adding interface: batadv_slave_1
[  146.107062][T11386] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  146.134566][T11386] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  146.163055][   T51] IPVS: stop unused estimator thread 0...
[  146.188020][T11386] hsr_slave_0: entered promiscuous mode
[  146.210670][T11386] hsr_slave_1: entered promiscuous mode
[  146.224117][T11386] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  146.232841][T11386] Cannot create hsr debugfs directory
[  146.348123][T11503] netlink: 'syz.1.3434': attribute type 2 has an invalid length.
[  146.388202][T11386] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  146.404637][T11386] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  146.439118][T11386] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  146.458352][T11386] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  146.494114][T11509] netlink: 80 bytes leftover after parsing attributes in process `syz.1.3436'.
[  146.512071][T11386] bridge0: port 2(bridge_slave_1) entered blocking state
[  146.519238][T11386] bridge0: port 2(bridge_slave_1) entered forwarding state
[  146.527493][T11386] bridge0: port 1(bridge_slave_0) entered blocking state
[  146.534901][T11386] bridge0: port 1(bridge_slave_0) entered forwarding state
[  146.599699][   T31] bridge0: port 1(bridge_slave_0) entered disabled state
[  146.610664][   T31] bridge0: port 2(bridge_slave_1) entered disabled state
[  146.648094][T11518] 9pnet: Could not find request transport: f
[  146.695199][T11386] 8021q: adding VLAN 0 to HW filter on device bond0
[  146.731370][T11386] 8021q: adding VLAN 0 to HW filter on device team0
[  146.772896][T11536] bridge0: port 1(bridge_slave_0) entered blocking state
[  146.780325][T11536] bridge0: port 1(bridge_slave_0) entered forwarding state
[  146.809558][T11536] bridge0: port 2(bridge_slave_1) entered blocking state
[  146.816993][T11536] bridge0: port 2(bridge_slave_1) entered forwarding state
[  147.007576][T11386] 8021q: adding VLAN 0 to HW filter on device batadv0
[  147.349059][T11386] veth0_vlan: entered promiscuous mode
[  147.388015][T11386] veth1_vlan: entered promiscuous mode
[  147.445990][T11386] veth0_macvtap: entered promiscuous mode
[  147.516826][T11386] veth1_macvtap: entered promiscuous mode
[  147.548573][T11386] batman_adv: batadv0: Interface activated: batadv_slave_0
[  147.563442][T11386] batman_adv: batadv0: Interface activated: batadv_slave_1
[  147.573064][T11386] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  147.582221][T11386] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  147.591089][T11386] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  147.599842][T11386] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  147.790451][T11644] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3455'.
[  147.938262][T11661] IPVS: stopping master sync thread 11664 ...
[  147.945454][T11664] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  147.977748][T11667] wg2: entered promiscuous mode
[  147.982773][T11667] wg2: entered allmulticast mode
[  148.077129][T11681] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3474'.
[  148.093716][T11681] bond2: entered promiscuous mode
[  148.098921][T11681] bond2: entered allmulticast mode
[  148.104607][T11681] 8021q: adding VLAN 0 to HW filter on device bond2
[  148.496340][T11736] loop3: detected capacity change from 0 to 512
[  148.503211][T11736] EXT4-fs: Ignoring removed i_version option
[  148.518054][T11736] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  148.578862][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  148.681833][T11752] gtp0: entered promiscuous mode
[  148.737620][T11758] loop3: detected capacity change from 0 to 256
[  148.756546][T11758] FAT-fs (loop3): bogus number of FAT sectors
[  148.762857][T11758] FAT-fs (loop3): Can't find a valid FAT filesystem
[  148.858573][T11677] 9pnet_fd: p9_fd_create_tcp (11677): problem connecting socket to 127.0.0.1
[  149.032111][   T29] kauditd_printk_skb: 65 callbacks suppressed
[  149.032128][   T29] audit: type=1326 audit(151.139:3331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11771 comm="syz.3.3511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2dfd4de929 code=0x7ffc0000
[  149.062708][   T29] audit: type=1326 audit(151.139:3332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11771 comm="syz.3.3511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2dfd4de929 code=0x7ffc0000
[  149.086362][   T29] audit: type=1326 audit(151.139:3333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11771 comm="syz.3.3511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=441 compat=0 ip=0x7f2dfd4de929 code=0x7ffc0000
[  149.103428][T11775] loop5: detected capacity change from 0 to 1024
[  149.110854][   T29] audit: type=1326 audit(151.139:3334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11771 comm="syz.3.3511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2dfd4de929 code=0x7ffc0000
[  149.141832][   T29] audit: type=1326 audit(151.139:3335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11771 comm="syz.3.3511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2dfd4de929 code=0x7ffc0000
[  149.191465][T11756] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3505'.
[  149.205187][T11775] EXT4-fs (loop5): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  149.216009][T11756] netlink: 'syz.4.3505': attribute type 4 has an invalid length.
[  149.229862][T11775] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  149.353766][T11386] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  149.491718][T11798] loop5: detected capacity change from 0 to 1024
[  149.530341][T11806] IPVS: Error connecting to the multicast addr
[  149.535277][T11798] EXT4-fs: Ignoring removed orlov option
[  149.555627][T11798] EXT4-fs (loop5): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  149.569585][T11812] syzkaller1: entered promiscuous mode
[  149.576531][T11812] syzkaller1: entered allmulticast mode
[  149.592775][T11798] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  149.670822][   T29] audit: type=1400 audit(151.790:3336): avc:  denied  { append } for  pid=11797 comm="syz.5.3521" name="file1" dev="loop5" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  149.705890][   T29] audit: type=1326 audit(151.853:3337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11831 comm="syz.1.3535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f814d27e929 code=0x7ffc0000
[  149.729592][   T29] audit: type=1326 audit(151.853:3338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11831 comm="syz.1.3535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f814d27e929 code=0x7ffc0000
[  149.753020][   T29] audit: type=1326 audit(151.853:3339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11831 comm="syz.1.3535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=281 compat=0 ip=0x7f814d27e929 code=0x7ffc0000
[  149.777297][   T29] audit: type=1326 audit(151.853:3340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11831 comm="syz.1.3535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f814d27e929 code=0x7ffc0000
[  149.810105][T11386] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  149.820646][T11837] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3538'.
[  149.861786][T11837] bond2: entered promiscuous mode
[  149.867977][T11837] bond2: entered allmulticast mode
[  149.891782][T11837] 8021q: adding VLAN 0 to HW filter on device bond2
[  149.921477][T11853] netlink: 'syz.4.3544': attribute type 1 has an invalid length.
[  149.947135][T11856] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3545'.
[  150.002237][T11858] vhci_hcd: invalid port number 96
[  150.007578][T11858] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  150.132061][T11878] netlink: 404 bytes leftover after parsing attributes in process `syz.0.3557'.
[  150.173689][T11880] random: crng reseeded on system resumption
[  150.282796][T11893] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.3566'.
[  150.303473][T11893] netlink: zone id is out of range
[  150.309396][T11893] netlink: del zone limit has 8 unknown bytes
[  150.351415][T11907] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  150.366801][T11907] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  150.384970][T11909] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  150.472964][T11923] gtp0: entered promiscuous mode
[  150.574914][T11944] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3587'.
[  150.615673][T11950] rdma_op ffff888126fa4d80 conn xmit_rdma 0000000000000000
[  150.799736][T11972] random: crng reseeded on system resumption
[  150.904667][T11986] netlink: 'syz.0.3604': attribute type 10 has an invalid length.
[  150.914013][T11986] dummy0: entered allmulticast mode
[  151.299285][T12014] loop3: detected capacity change from 0 to 1024
[  151.314630][T12014] EXT4-fs: Ignoring removed orlov option
[  151.323675][T12014] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  151.365999][T12014] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  151.453583][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  151.661825][T12063] vhci_hcd: invalid port number 96
[  151.667106][T12063] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  151.741924][T12085] loop5: detected capacity change from 0 to 512
[  151.787684][T12085] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  151.800624][T12088] 9pnet: Could not find request transport: R
[  151.998249][T12102] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #19: comm syz.5.3649: corrupted inode contents
[  152.037858][T12102] EXT4-fs error (device loop5): ext4_dirty_inode:6459: inode #19: comm syz.5.3649: mark_inode_dirty error
[  152.074573][T12102] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #19: comm syz.5.3649: corrupted inode contents
[  152.089928][T12102] EXT4-fs error (device loop5): ext4_xattr_delete_inode:2991: inode #19: comm syz.5.3649: mark_inode_dirty error
[  152.103622][T12102] EXT4-fs error (device loop5): ext4_xattr_delete_inode:2994: inode #19: comm syz.5.3649: mark inode dirty (error -117)
[  152.128488][T12102] EXT4-fs warning (device loop5): ext4_evict_inode:274: xattr delete (err -117)
[  152.149412][T12126] netlink: 'syz.3.3665': attribute type 5 has an invalid length.
[  152.177614][T11386] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  152.393329][T12150] netlink: 4 bytes leftover after parsing attributes in process `wÞ£ÿ'.
[  152.618217][T12171] netlink: 'syz.1.3688': attribute type 10 has an invalid length.
[  152.727598][T12192] tipc: Failed to remove unknown binding: 66,1,1/0:2287960274/2287960276
[  152.797225][T12198] xt_time: unknown flags 0xc
[  152.934891][T12216] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3708'.
[  153.003633][T12223] netlink: 'syz.5.3711': attribute type 13 has an invalid length.
[  153.091883][T12223] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  153.202882][T12235] af_packet: tpacket_rcv: packet too big, clamped from 1 to 4294967272. macoff=96
[  153.282251][T12245] netlink: 'syz.3.3721': attribute type 10 has an invalid length.
[  153.459891][T12263] bond0: entered promiscuous mode
[  153.465033][T12263] bond_slave_0: entered promiscuous mode
[  153.470943][T12263] bond_slave_1: entered promiscuous mode
[  153.495904][T12263] dummy0: entered promiscuous mode
[  153.516001][T12263] batadv0: entered promiscuous mode
[  153.525445][T12269] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=12269 comm=syz.0.3730
[  153.538433][T12269] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=12269 comm=syz.0.3730
[  153.538463][T12263] hsr1: Slave A (bond0) is not up; please bring it up to get a fully working HSR network
[  153.561654][T12263] hsr1: Slave B (batadv0) is not up; please bring it up to get a fully working HSR network
[  153.572465][T12263] 8021q: adding VLAN 0 to HW filter on device hsr1
[  153.581786][T12263] bond0: left promiscuous mode
[  153.586660][T12263] bond_slave_0: left promiscuous mode
[  153.592685][T12263] bond_slave_1: left promiscuous mode
[  153.618682][T12263] dummy0: left promiscuous mode
[  153.624489][T12263] batadv0: left promiscuous mode
[  153.650051][T12273] sch_tbf: burst 0 is lower than device lo mtu (230) !
[  153.786313][T12293] vlan2: entered allmulticast mode
[  153.791682][T12293] bridge_slave_0: entered allmulticast mode
[  153.852405][T12297] program syz.5.3743 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  153.863466][   T29] kauditd_printk_skb: 186 callbacks suppressed
[  153.863482][   T29] audit: type=1400 audit(156.220:3527): avc:  denied  { mount } for  pid=12294 comm="syz.3.3741" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  154.036744][T12317] ALSA: seq fatal error: cannot create timer (-19)
[  154.154570][T12299] syz.5.3744: attempt to access beyond end of device
[  154.154570][T12299] loop11: rw=2048, sector=0, nr_sectors = 8 limit=0
[  154.477952][T12375] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  154.820797][T12429] loop5: detected capacity change from 0 to 512
[  154.827660][T12429] EXT4-fs: Ignoring removed bh option
[  154.833699][T12429] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  154.851158][T12429] EXT4-fs (loop5): 1 truncate cleaned up
[  154.858396][T12429] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  154.877686][   T29] audit: type=1400 audit(157.280:3528): avc:  denied  { lock } for  pid=12427 comm=",&#^%" path="/61/file2/file1" dev="loop5" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  154.914942][T11386] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  154.925413][   T29] audit: type=1326 audit(157.333:3529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12437 comm="syz.1.3778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f814d27e929 code=0x7ffc0000
[  154.959895][   T29] audit: type=1326 audit(157.333:3530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12437 comm="syz.1.3778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f814d27e929 code=0x7ffc0000
[  154.983143][   T29] audit: type=1326 audit(157.333:3531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12437 comm="syz.1.3778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f814d27e929 code=0x7ffc0000
[  155.006387][   T29] audit: type=1326 audit(157.333:3532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12437 comm="syz.1.3778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f814d27e929 code=0x7ffc0000
[  155.029429][   T29] audit: type=1326 audit(157.333:3533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12437 comm="syz.1.3778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f814d27e929 code=0x7ffc0000
[  155.052731][   T29] audit: type=1326 audit(157.333:3534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12437 comm="syz.1.3778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f814d27e929 code=0x7ffc0000
[  155.076126][   T29] audit: type=1326 audit(157.364:3535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12437 comm="syz.1.3778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f814d27e929 code=0x7ffc0000
[  155.213522][T12456] netlink: 96 bytes leftover after parsing attributes in process `syz.0.3788'.
[  155.346152][   T29] audit: type=1326 audit(157.774:3536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12472 comm="syz.1.3797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f814d27e929 code=0x7ffc0000
[  155.416919][T12484] netlink: 'syz.4.3801': attribute type 25 has an invalid length.
[  155.694094][T12522] vlan0: entered allmulticast mode
[  155.715621][T12483] chnl_net:caif_netlink_parms(): no params data found
[  155.749743][T12529] netlink: 96 bytes leftover after parsing attributes in process `syz.4.3818'.
[  155.785214][ T6735] kernel write not supported for file [eventfd] (pid: 6735 comm: kworker/0:13)
[  155.820702][T12483] bridge0: port 1(bridge_slave_0) entered blocking state
[  155.828005][T12483] bridge0: port 1(bridge_slave_0) entered disabled state
[  155.835377][T12483] bridge_slave_0: entered allmulticast mode
[  155.842155][T12483] bridge_slave_0: entered promiscuous mode
[  155.851041][T12483] bridge0: port 2(bridge_slave_1) entered blocking state
[  155.858350][T12483] bridge0: port 2(bridge_slave_1) entered disabled state
[  155.865815][T12483] bridge_slave_1: entered allmulticast mode
[  155.872557][T12483] bridge_slave_1: entered promiscuous mode
[  155.903927][T12483] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  155.916680][T12483] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  155.946913][T12483] team0: Port device team_slave_0 added
[  155.955587][T12483] team0: Port device team_slave_1 added
[  156.012666][T12483] batman_adv: batadv0: Adding interface: batadv_slave_0
[  156.019724][T12483] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  156.045769][T12483] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  156.075415][T12483] batman_adv: batadv0: Adding interface: batadv_slave_1
[  156.082521][T12483] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  156.109288][T12483] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  156.165434][T12483] hsr_slave_0: entered promiscuous mode
[  156.171810][T12483] hsr_slave_1: entered promiscuous mode
[  156.179078][T12483] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  156.187088][T12483] Cannot create hsr debugfs directory
[  156.272453][T12573] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  156.272453][T12573] The task syz.0.3829 (12573) triggered the difference, watch for misbehavior.
[  156.317305][T12483] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  156.327842][T12483] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  156.347818][T12483] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  156.369712][T12483] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  156.394292][T12483] bridge0: port 2(bridge_slave_1) entered blocking state
[  156.401605][T12483] bridge0: port 2(bridge_slave_1) entered forwarding state
[  156.409015][T12483] bridge0: port 1(bridge_slave_0) entered blocking state
[  156.416209][T12483] bridge0: port 1(bridge_slave_0) entered forwarding state
[  156.419300][T12591] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3839'.
[  156.444493][T12593] ipip0: entered promiscuous mode
[  156.479639][T12483] 8021q: adding VLAN 0 to HW filter on device bond0
[  156.490679][T12597] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  156.500191][T11536] bridge0: port 1(bridge_slave_0) entered disabled state
[  156.514952][T11536] bridge0: port 2(bridge_slave_1) entered disabled state
[  156.538977][T12483] 8021q: adding VLAN 0 to HW filter on device team0
[  156.557240][T11536] bridge0: port 1(bridge_slave_0) entered blocking state
[  156.564385][T11536] bridge0: port 1(bridge_slave_0) entered forwarding state
[  156.580544][ T3449] bridge0: port 2(bridge_slave_1) entered blocking state
[  156.587689][ T3449] bridge0: port 2(bridge_slave_1) entered forwarding state
[  156.688392][T12483] 8021q: adding VLAN 0 to HW filter on device batadv0
[  156.822530][T12483] veth0_vlan: entered promiscuous mode
[  156.840872][T12483] veth1_vlan: entered promiscuous mode
[  156.873573][T12483] veth0_macvtap: entered promiscuous mode
[  156.892713][T12483] veth1_macvtap: entered promiscuous mode
[  156.905413][T12483] batman_adv: batadv0: Interface activated: batadv_slave_0
[  156.918708][T12483] batman_adv: batadv0: Interface activated: batadv_slave_1
[  156.930401][T12483] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  156.939301][T12483] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  156.948254][T12483] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  156.957336][T12483] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  157.070907][T12659] loop6: detected capacity change from 0 to 512
[  157.101580][T12659] EXT4-fs error (device loop6): ext4_acquire_dquot:6933: comm syz.6.3799: Failed to acquire dquot type 1
[  157.116501][T12659] EXT4-fs (loop6): 1 truncate cleaned up
[  157.126201][ T6731] kernel write not supported for file [eventfd] (pid: 6731 comm: kworker/0:9)
[  157.129845][T12659] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  157.222632][T12679] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3866'.
[  157.232600][T12483] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.303696][T12689] rdma_op ffff888119794180 conn xmit_rdma 0000000000000000
[  157.462572][T12708] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3891'.
[  157.471679][T12708] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3891'.
[  157.548953][T12712] loop6: detected capacity change from 0 to 164
[  157.695211][T12741] vlan2: entered allmulticast mode
[  157.727631][T12744] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3895'.
[  157.814994][T12746] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3896'.
[  157.821968][T12753] loop6: detected capacity change from 0 to 512
[  157.842365][T12753] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  157.921184][T12483] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.061664][T12770] loop6: detected capacity change from 0 to 512
[  158.069192][T12770] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  158.082025][T12770] EXT4-fs (loop6): 1 truncate cleaned up
[  158.088252][T12770] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  158.126101][T12483] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.463424][T12783] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3909'.
[  158.532254][T12791] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3913'.
[  158.560280][T12791] A link change request failed with some changes committed already. Interface gre2 may have been left with an inconsistent configuration, please check.
[  158.707428][T12806] netem: change failed
[  158.848665][T12810] SELinux: ebitmap: truncated map
[  158.869045][T12810] SELinux: failed to load policy
[  159.043332][   T29] kauditd_printk_skb: 96 callbacks suppressed
[  159.043352][   T29] audit: type=1326 audit(161.647:3631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12831 comm="syz.1.3933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f814d27e929 code=0x7ffc0000
[  159.073383][   T29] audit: type=1326 audit(161.647:3632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12831 comm="syz.1.3933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=310 compat=0 ip=0x7f814d27e929 code=0x7ffc0000
[  159.097371][   T29] audit: type=1326 audit(161.647:3633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12831 comm="syz.1.3933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f814d27e929 code=0x7ffc0000
[  159.120355][   T29] audit: type=1326 audit(161.647:3634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12831 comm="syz.1.3933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=111 compat=0 ip=0x7f814d27e929 code=0x7ffc0000
[  159.143540][   T29] audit: type=1326 audit(161.647:3635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12831 comm="syz.1.3933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f814d27e929 code=0x7ffc0000
[  159.216952][T12847] Invalid ELF header magic: != ELF
[  159.217082][   T29] audit: type=1400 audit(161.836:3636): avc:  denied  { module_load } for  pid=12846 comm="syz.1.3939" path="/sys/kernel/notes" dev="sysfs" ino=212 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=system permissive=1
[  159.312529][   T29] audit: type=1326 audit(161.931:3637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12855 comm="syz.4.3944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63fa4ee929 code=0x7ffc0000
[  159.335752][   T29] audit: type=1326 audit(161.931:3638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12855 comm="syz.4.3944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63fa4ee929 code=0x7ffc0000
[  159.358920][   T29] audit: type=1326 audit(161.962:3639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12855 comm="syz.4.3944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f63fa4ee929 code=0x7ffc0000
[  159.382251][   T29] audit: type=1326 audit(161.962:3640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12855 comm="syz.4.3944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63fa4ee929 code=0x7ffc0000
[  159.413989][T12857] netlink: 96 bytes leftover after parsing attributes in process `syz.3.3943'.
[  159.483790][T12865] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3948'.
[  160.013911][T12923] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3972'.
[  160.309139][T12960] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[  160.370038][T12957] infiniband syz!: set active
[  160.374826][T12957] infiniband syz!: added team_slave_0
[  160.387999][T12968] netlink: 96 bytes leftover after parsing attributes in process `syz.0.3992'.
[  160.439395][T12957] RDS/IB: syz!: added
[  160.449242][T12957] smc: adding ib device syz! with port count 1
[  160.459575][T12957] smc:    ib device syz! port 1 has pnetid 
[  160.542579][T12975] netlink: 100 bytes leftover after parsing attributes in process `syz.0.3996'.
[  161.048269][T13031] netlink: 'syz.4.4018': attribute type 1 has an invalid length.
[  161.113690][T13035] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=13035 comm=syz.6.4021
[  161.126971][T13035] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=13035 comm=syz.6.4021
[  161.143915][T13043] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4026'.
[  161.160026][T13048] C: renamed from team_slave_0
[  161.178159][T13048] netlink: 'syz.0.4027': attribute type 1 has an invalid length.
[  161.186036][T13048] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  161.544931][T13094] SELinux:  Context system_u:object_r:hwdata_t:s0 is not valid (left unmapped).
[  161.932894][T13137] loop6: detected capacity change from 0 to 1024
[  161.951445][T13137] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  161.984868][T13137] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  162.009002][T13137] EXT4-fs (loop6): Remounting filesystem read-only
[  162.053592][T12483] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.849012][T13219] __nla_validate_parse: 4 callbacks suppressed
[  162.849030][T13219] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4105'.
[  162.916076][T13228] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4109'.
[  162.927102][T13228] IPVS: Unknown mcast interface: vcan0
[  163.085532][T13239] netlink: 332 bytes leftover after parsing attributes in process `syz.3.4114'.
[  163.176093][T13247] netlink: 'syz.0.4118': attribute type 3 has an invalid length.
[  163.228413][T13249] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4119'.
[  163.237798][T13249] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4119'.
[  163.256159][T13249] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  163.265083][T13249] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  163.273975][T13249] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  163.282701][T13249] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  163.400077][T13265] netlink: 'syz.3.4127': attribute type 1 has an invalid length.
[  163.511021][ T8882] kernel read not supported for file /1858/oom_adj (pid: 8882 comm: kworker/1:16)
[  163.535945][T13281] netlink: 'syz.0.4133': attribute type 10 has an invalid length.
[  163.550508][T13281] team0: Port device dummy0 added
[  163.693285][T13300] SELinux:  policydb version -508506518 does not match my version range 15-34
[  163.704052][T13300] SELinux: failed to load policy
[  163.744951][T13305] SELinux: syz.3.4144 (13305) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  163.776277][T13310] netlink: 28 bytes leftover after parsing attributes in process `syz.6.4147'.
[  163.795681][T13310] netlink: 204 bytes leftover after parsing attributes in process `syz.6.4147'.
[  163.813772][T13314] netlink: 'syz.1.4149': attribute type 1 has an invalid length.
[  163.843109][   T29] kauditd_printk_skb: 304 callbacks suppressed
[  163.843127][   T29] audit: type=1400 audit(422.699:3945): avc:  denied  { cpu } for  pid=13319 comm="syz.3.4152" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  163.920177][   T29] audit: type=1400 audit(422.773:3946): avc:  denied  { create } for  pid=13325 comm="syz.0.4153" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  163.940496][   T29] audit: type=1400 audit(422.773:3947): avc:  denied  { bind } for  pid=13325 comm="syz.0.4153" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  163.964697][   T29] audit: type=1400 audit(422.773:3948): avc:  denied  { write } for  pid=13325 comm="syz.0.4153" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  164.017436][   T29] audit: type=1326 audit(422.878:3949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13339 comm="syz.3.4161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2dfd4de929 code=0x7ffc0000
[  164.040819][   T29] audit: type=1326 audit(422.878:3950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13339 comm="syz.3.4161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2dfd4de929 code=0x7ffc0000
[  164.064973][   T29] audit: type=1326 audit(422.878:3951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13339 comm="syz.3.4161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2dfd4de929 code=0x7ffc0000
[  164.089025][   T29] audit: type=1326 audit(422.878:3952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13339 comm="syz.3.4161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2dfd4de929 code=0x7ffc0000
[  164.120676][   T29] audit: type=1326 audit(422.878:3953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13339 comm="syz.3.4161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2dfd4de929 code=0x7ffc0000
[  164.143804][   T29] audit: type=1326 audit(422.983:3954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13339 comm="syz.3.4161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2dfd4de929 code=0x7ffc0000
[  164.178005][T13350] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[  164.274607][T13362] atomic_op ffff88811a0b2528 conn xmit_atomic 0000000000000000
[  164.348131][T13371] netlink: 96 bytes leftover after parsing attributes in process `syz.3.4174'.
[  164.460017][T13390] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4184'.
[  164.594372][T13402] loop6: detected capacity change from 0 to 1024
[  164.601461][T13402] EXT4-fs: Ignoring removed orlov option
[  164.607282][T13402] EXT4-fs: Ignoring removed nomblk_io_submit option
[  164.653240][T13402] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  164.713512][T12483] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.768382][T13424] loop6: detected capacity change from 0 to 2048
[  164.775776][T13424] EXT4-fs: Ignoring removed mblk_io_submit option
[  164.795762][T13424] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  164.855543][ T6735] Process accounting resumed
[  164.862585][T11536] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm kworker/u8:10: bg 0: block 234: padding at end of block bitmap is not set
[  164.890552][T11536] EXT4-fs (loop6): Remounting filesystem read-only
[  164.972987][T12483] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.009320][T13462] netlink: 88 bytes leftover after parsing attributes in process `syz.4.4215'.
[  165.492875][T13519] ÿ: renamed from bond_slave_0
[  165.889567][T13585] loop6: detected capacity change from 0 to 128
[  165.902571][T13585] FAT-fs (loop6): Directory bread(block 32) failed
[  165.914002][T13585] FAT-fs (loop6): Directory bread(block 33) failed
[  165.921095][T13585] FAT-fs (loop6): Directory bread(block 34) failed
[  165.927998][T13585] FAT-fs (loop6): Directory bread(block 35) failed
[  165.934854][T13585] FAT-fs (loop6): Directory bread(block 36) failed
[  165.942414][T13585] FAT-fs (loop6): Directory bread(block 37) failed
[  165.949433][T13585] FAT-fs (loop6): Directory bread(block 38) failed
[  165.956532][T13585] FAT-fs (loop6): Directory bread(block 39) failed
[  165.963468][T13585] FAT-fs (loop6): Directory bread(block 40) failed
[  165.971320][T13585] FAT-fs (loop6): Directory bread(block 41) failed
[  166.182974][T13596] loop6: detected capacity change from 0 to 8192
[  166.275461][T13601] gretap0: entered promiscuous mode
[  166.281357][T13601] vlan2: entered promiscuous mode
[  166.310459][T13603] netlink: 'syz.6.4279': attribute type 1 has an invalid length.
[  166.324987][T13603] 8021q: adding VLAN 0 to HW filter on device bond1
[  166.477150][T13621] netlink: 'syz.1.4287': attribute type 10 has an invalid length.
[  166.491782][T13623] pimreg: entered allmulticast mode
[  166.499202][T13623] pimreg: left allmulticast mode
[  166.574509][T13629] netlink: 'syz.1.4290': attribute type 1 has an invalid length.
[  166.599549][T13629] 8021q: adding VLAN 0 to HW filter on device bond3
[  166.634494][T13629] 8021q: adding VLAN 0 to HW filter on device bond3
[  166.657031][T13629] bond3: (slave vxcan3): The slave device specified does not support setting the MAC address
[  166.718310][T13629] bond3: (slave vxcan3): Error -95 calling set_mac_address
[  167.104804][T13688] netlink: 'syz.1.4316': attribute type 2 has an invalid length.
[  167.113043][T13688] netlink: 'syz.1.4316': attribute type 9 has an invalid length.
[  167.186332][T13690] IPVS: Unknown mcast interface: vcan0
[  167.626813][T13747] loop6: detected capacity change from 0 to 1024
[  167.684017][T13747] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  167.735302][T13747] EXT4-fs error (device loop6): ext4_map_blocks:816: inode #15: block 1: comm syz.6.4342: lblock 1 mapped to illegal pblock 1 (length 15)
[  167.773053][T13747] EXT4-fs error (device loop6): ext4_ext_remove_space:2955: inode #15: comm syz.6.4342: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[  167.842358][T13747] EXT4-fs error (device loop6): ext4_free_blocks:6587: comm syz.6.4342: Freeing blocks not in datazone - block = 2, count = 2
[  167.898808][T12483] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.925960][T13765] __nla_validate_parse: 6 callbacks suppressed
[  167.925977][T13765] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4350'.
[  168.025435][T13779] bond3: entered promiscuous mode
[  168.031405][T13779] bond3: entered allmulticast mode
[  168.037415][T13779] 8021q: adding VLAN 0 to HW filter on device bond3
[  168.048689][T13779] bond3 (unregistering): Released all slaves
[  168.166697][T13795] netlink: 'syz.6.4362': attribute type 1 has an invalid length.
[  168.174786][T13795] netlink: 'syz.6.4362': attribute type 2 has an invalid length.
[  168.183159][T13795] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4362'.
[  168.289967][T13803] loop6: detected capacity change from 0 to 8192
[  168.517189][T13828] xt_hashlimit: max too large, truncated to 1048576
[  168.635675][T13843] loop6: detected capacity change from 0 to 512
[  168.645880][T13843] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  168.689235][T13843] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.713830][T13852] rdma_op ffff8881023d8d80 conn xmit_rdma 0000000000000000
[  168.760389][T12483] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.855060][T13861] bond0: (slave macvlan2): Opening slave failed
[  168.881811][   T29] kauditd_printk_skb: 265 callbacks suppressed
[  168.881826][   T29] audit: type=1400 audit(427.980:4220): avc:  denied  { mount } for  pid=13865 comm="syz.6.4393" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  168.925627][   T29] audit: type=1400 audit(428.022:4221): avc:  denied  { unmount } for  pid=12483 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  168.982860][T13875] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4397'.
[  169.061125][   T29] audit: type=1400 audit(428.179:4222): avc:  denied  { create } for  pid=13888 comm="syz.3.4404" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  169.084113][   T29] audit: type=1400 audit(428.200:4223): avc:  denied  { mounton } for  pid=13888 comm="syz.3.4404" path="/900/file0" dev="tmpfs" ino=4679 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  169.113932][   T29] audit: type=1400 audit(428.200:4224): avc:  denied  { unlink } for  pid=3317 comm="syz-executor" name="file0" dev="tmpfs" ino=4679 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  169.314122][T13923] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4427'.
[  169.488626][T13929] veth1_to_bond: entered allmulticast mode
[  169.565725][T13929] veth1_to_bond: left allmulticast mode
[  169.649254][   T29] audit: type=1326 audit(428.788:4225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13942 comm="syz.1.4423" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f814d27e929 code=0x0
[  169.769287][   T29] audit: type=1400 audit(428.914:4226): avc:  denied  { bind } for  pid=13949 comm="syz.0.4426" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  170.017814][   T29] audit: type=1400 audit(429.176:4227): avc:  denied  { ioctl } for  pid=13957 comm="syz.4.4432" path="/885/file0" dev="tmpfs" ino=4581 ioctlcmd=0x1273 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  170.273908][T13975] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4438'.
[  170.286404][T13975] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  170.295435][T13975] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  170.303982][T13975] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  170.313281][T13975] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  170.325873][T13975] geneve2: entered promiscuous mode
[  170.348134][T13982] vhci_hcd: default hub control req: 800f v0000 i0000 l31125
[  170.349668][   T29] audit: type=1400 audit(429.512:4228): avc:  denied  { append } for  pid=13981 comm="syz.3.4440" name="001" dev="devtmpfs" ino=165 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  170.450179][T13989] xt_CT: You must specify a L4 protocol and not use inversions on it
[  170.502294][   T29] audit: type=1400 audit(429.670:4229): avc:  denied  { create } for  pid=13996 comm="syz.3.4450" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  170.706124][T14009] netlink: 56 bytes leftover after parsing attributes in process `syz.3.4455'.
[  170.754428][T14009] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4455'.
[  171.299376][T14044] ------------[ cut here ]------------
[  171.305080][T14044] WARNING: CPU: 1 PID: 14044 at mm/page_alloc.c:4935 __alloc_frozen_pages_noprof+0x218/0x360
[  171.315674][T14044] Modules linked in:
[  171.319961][T14044] CPU: 1 UID: 0 PID: 14044 Comm: syz.3.4469 Not tainted 6.16.0-rc1-syzkaller-00157-g02adc1490e6d #0 PREEMPT(voluntary) 
[  171.333677][T14044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  171.344468][T14044] RIP: 0010:__alloc_frozen_pages_noprof+0x218/0x360
[  171.351814][T14044] Code: 83 3d 53 24 50 05 02 72 0e 48 83 b8 e0 fb ff ff 00 0f 84 48 ff ff ff 81 ca 00 01 00 00 e9 3d ff ff ff c6 05 0a 1d 4c 05 01 90 <0f> 0b 90 31 c0 eb 84 a9 00 00 08 00 75 52 44 89 f1 81 e1 7f ff ff
[  171.373093][T14044] RSP: 0018:ffffc9000ba679d8 EFLAGS: 00010246
[  171.379360][T14044] RAX: 600087d0ebcda700 RBX: 000000000000000f RCX: 0000000000000000
[  171.387451][T14044] RDX: 0000000000000000 RSI: 000000000000000f RDI: 0000000000040dc0
[  171.395681][T14044] RBP: 0000000000000dc0 R08: ffff88811c403b58 R09: 0000000000000000
[  171.403950][T14044] R10: ffff888119a18a98 R11: 0001888119a18a98 R12: ffffc9000ba67d28
[  171.412059][T14044] R13: ffff888119a18a98 R14: 0000000000040dc0 R15: 0000000000000000
[  171.420260][T14044] FS:  00007f2dfbb476c0(0000) GS:ffff8882aef3c000(0000) knlGS:0000000000000000
[  171.429431][T14044] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  171.436184][T14044] CR2: 0000200000004000 CR3: 000000015573c000 CR4: 00000000003506f0
[  171.444673][T14044] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  171.452996][T14044] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  171.461290][T14044] Call Trace:
[  171.464969][T14044]  <TASK>
[  171.467984][T14044]  __alloc_pages_noprof+0x9/0x20
[  171.473474][T14044]  ___kmalloc_large_node+0x73/0x140
[  171.479855][T14044]  __kmalloc_large_node_noprof+0x16/0xa0
[  171.486470][T14044]  __kmalloc_noprof+0x2ab/0x3e0
[  171.492416][T14044]  ? hashtab_init+0x9b/0xe0
[  171.497067][T14044]  ? class_read+0x6a/0x6d0
[  171.501683][T14044]  hashtab_init+0x9b/0xe0
[  171.508665][T14044]  symtab_init+0x2c/0x40
[  171.513260][T14044]  class_read+0x154/0x6d0
[  171.517891][T14044]  ? kmem_cache_alloc_noprof+0x186/0x310
[  171.523627][T14044]  ? ebitmap_read+0x254/0x500
[  171.528641][T14044]  ? hashtab_init+0x6e/0xe0
[  171.533238][T14044]  ? __pfx_class_read+0x10/0x10
[  171.538212][T14044]  policydb_read+0x652/0x1330
[  171.542948][T14044]  ? security_load_policy+0x90/0x890
[  171.548870][T14044]  security_load_policy+0xba/0x890
[  171.554075][T14044]  ? rep_movs_alternative+0x4a/0x90
[  171.559497][T14044]  sel_write_load+0x1d4/0x380
[  171.564584][T14044]  ? __pfx_sel_write_load+0x10/0x10
[  171.570612][T14044]  vfs_write+0x269/0x8e0
[  171.575079][T14044]  ? __rcu_read_unlock+0x4f/0x70
[  171.580090][T14044]  ? __fget_files+0x184/0x1c0
[  171.584959][T14044]  ksys_write+0xda/0x1a0
[  171.589372][T14044]  __x64_sys_write+0x40/0x50
[  171.594205][T14044]  x64_sys_call+0x2cdd/0x2fb0
[  171.598986][T14044]  do_syscall_64+0xd2/0x200
[  171.603535][T14044]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  171.609712][T14044]  ? clear_bhb_loop+0x40/0x90
[  171.614469][T14044]  ? clear_bhb_loop+0x40/0x90
[  171.619778][T14044]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.625904][T14044] RIP: 0033:0x7f2dfd4de929
[  171.630808][T14044] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  171.650826][T14044] RSP: 002b:00007f2dfbb47038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  171.659534][T14044] RAX: ffffffffffffffda RBX: 00007f2dfd705fa0 RCX: 00007f2dfd4de929
[  171.667888][T14044] RDX: 00000000000044f0 RSI: 0000200000000000 RDI: 0000000000000003
[  171.676365][T14044] RBP: 00007f2dfd560b39 R08: 0000000000000000 R09: 0000000000000000
[  171.685508][T14044] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  171.693925][T14044] R13: 0000000000000000 R14: 00007f2dfd705fa0 R15: 00007ffd8480dc08
[  171.702162][T14044]  </TASK>
[  171.705759][T14044] ---[ end trace 0000000000000000 ]---
[  171.725166][T14044] SELinux: failed to load policy
[  171.841865][T14071] veth0: entered promiscuous mode
[  171.847755][T14071] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4482'.
[  171.909461][T14071] veth0 (unregistering): left promiscuous mode
[  171.933152][T14082] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4487'.
[  172.135671][T14101] loop9: detected capacity change from 0 to 7
[  172.146677][T14101] buffer_io_error: 6 callbacks suppressed
[  172.146691][T14101] Buffer I/O error on dev loop9, logical block 0, async page read
[  172.165790][T14101] Buffer I/O error on dev loop9, logical block 0, async page read
[  172.173948][T14101]  loop9: unable to read partition table
[  172.202135][T14101] loop_reread_partitions: partition scan of loop9 (þ被xüŸÑø éÚ¬§½dG¤´à–ƒÝ¡¯ �â·û
[  172.202135][T14101] 
) failed (rc=-5)
[  172.220822][T14106] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4497'.
[  172.245886][T14106] 8021q: adding VLAN 0 to HW filter on device bond4
[  172.834451][T14158] netlink: 96 bytes leftover after parsing attributes in process `syz.0.4522'.
[  172.860554][T14164] netlink: 'syz.6.4525': attribute type 13 has an invalid length.
[  172.897307][T14164] gretap0: refused to change device tx_queue_len
[  172.904486][T14164] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  172.975058][T14176] loop6: detected capacity change from 0 to 128
[  173.084447][T14190] netlink: 100 bytes leftover after parsing attributes in process `syz.4.4536'.
[  173.570137][T14220] lo speed is unknown, defaulting to 1000
[  173.591809][T14220] lo speed is unknown, defaulting to 1000
[  173.609792][T14220] lo speed is unknown, defaulting to 1000
[  173.632673][T14220] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  173.654817][T14220] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  173.681489][T14220] lo speed is unknown, defaulting to 1000
[  173.695711][T14220] lo speed is unknown, defaulting to 1000
[  173.720846][T14220] lo speed is unknown, defaulting to 1000
[  173.744858][T14220] lo speed is unknown, defaulting to 1000
[  173.766763][T14220] lo speed is unknown, defaulting to 1000
[  173.798518][T14220] lo speed is unknown, defaulting to 1000
[  173.817898][   T29] kauditd_printk_skb: 156 callbacks suppressed
[  173.817947][   T29] audit: type=1326 audit(433.166:4386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14219 comm="syz.0.4549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f87f1e929 code=0x7ffc0000
[  174.059899][T14243] loop6: detected capacity change from 0 to 164
[  174.096963][T14243] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  174.126276][   T29] audit: type=1400 audit(433.481:4387): avc:  denied  { mount } for  pid=14241 comm="syz.6.4558" name="/" dev="loop6" ino=1792 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1
[  174.312737][   T29] audit: type=1400 audit(433.680:4388): avc:  denied  { setopt } for  pid=14263 comm="syz.0.4568" lport=36205 faddr=172.30.0.1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=tcp_socket permissive=1
[  174.372095][T14273] xt_CT: You must specify a L4 protocol and not use inversions on it
[  174.375625][   T29] audit: type=1400 audit(433.712:4389): avc:  denied  { unmount } for  pid=12483 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1
[  174.543242][T14290] netlink: 'syz.3.4579': attribute type 4 has an invalid length.
[  174.556255][T14294] rdma_op ffff8881023db580 conn xmit_rdma 0000000000000000
[  174.597668][T14290] netlink: 'syz.3.4579': attribute type 4 has an invalid length.
[  174.659202][T14302] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4584'.
[  174.741872][   T29] audit: type=1400 audit(434.090:4390): avc:  denied  { ioctl } for  pid=14310 comm="syz.3.4588" path="socket:[42423]" dev="sockfs" ino=42423 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  174.766389][   T29] audit: type=1400 audit(434.121:4391): avc:  denied  { bind } for  pid=14310 comm="syz.3.4588" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  174.821854][T14322] netlink: 'syz.4.4591': attribute type 4 has an invalid length.
[  174.875085][   T29] audit: type=1400 audit(434.279:4392): avc:  denied  { create } for  pid=14330 comm="syz.4.4595" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1
[  174.976334][T14345] smc: net device bond0 applied user defined pnetid SYZ2
[  174.984210][T14345] smc: net device bond0 erased user defined pnetid SYZ2
[  175.019781][   T29] audit: type=1400 audit(434.425:4393): avc:  denied  { setopt } for  pid=14349 comm="syz.1.4603" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  175.075859][T14355] netlink: 60 bytes leftover after parsing attributes in process `syz.6.4605'.
[  175.158633][   T29] audit: type=1400 audit(434.572:4394): avc:  denied  { name_bind } for  pid=14358 comm="syz.6.4607" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[  175.539303][T14381] loop6: detected capacity change from 0 to 2048
[  175.549037][T14381] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  175.567407][   T29] audit: type=1400 audit(435.003:4395): avc:  denied  { read write open } for  pid=14380 comm="syz.6.4618" path="/127/file1/bus" dev="loop6" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  175.815994][T12483] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  175.893554][T14425] netlink: 96 bytes leftover after parsing attributes in process `syz.6.4632'.
[  175.970627][T14436] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8192 sclass=netlink_route_socket pid=14436 comm=syz.4.4642
[  175.993843][T14432] sg_write: data in/out 2012/14 bytes for SCSI command 0x0-- guessing data in;
[  175.993843][T14432]    program syz.6.4640 not setting count and/or reply_len properly
[  176.046237][T14442] netlink: 'syz.3.4644': attribute type 1 has an invalid length.
[  176.054088][T14442] netlink: 224 bytes leftover after parsing attributes in process `syz.3.4644'.
[  176.293729][T14483] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4664'.
[  177.101635][T14601] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4717'.
[  177.829728][T14658] netlink: 'syz.6.4740': attribute type 8 has an invalid length.
[  177.860726][T14660] siw: device registration error -23
[  177.954598][T14664] netlink: 24 bytes leftover after parsing attributes in process `syz.6.4743'.
[  179.010206][T14766] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4780'.
[  179.146166][   T29] kauditd_printk_skb: 162 callbacks suppressed
[  179.146244][   T29] audit: type=1326 audit(438.751:4558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14788 comm="syz.4.4787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63fa4ee929 code=0x7ffc0000
[  179.213002][   T29] audit: type=1326 audit(438.793:4559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14788 comm="syz.4.4787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f63fa4ee929 code=0x7ffc0000
[  179.237136][   T29] audit: type=1326 audit(438.793:4560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14788 comm="syz.4.4787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63fa4ee929 code=0x7ffc0000
[  179.262974][   T29] audit: type=1326 audit(438.793:4561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14788 comm="syz.4.4787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63fa4ee929 code=0x7ffc0000
[  179.290891][   T29] audit: type=1326 audit(438.793:4562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14788 comm="syz.4.4787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f63fa4ee929 code=0x7ffc0000
[  179.316778][   T29] audit: type=1326 audit(438.793:4563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14788 comm="syz.4.4787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63fa4ee929 code=0x7ffc0000
[  179.341126][   T29] audit: type=1326 audit(438.793:4564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14788 comm="syz.4.4787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63fa4ee929 code=0x7ffc0000
[  179.364230][   T29] audit: type=1326 audit(438.803:4565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14788 comm="syz.4.4787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=426 compat=0 ip=0x7f63fa4ee929 code=0x7ffc0000
[  179.388901][   T29] audit: type=1326 audit(438.803:4566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14788 comm="syz.4.4787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63fa4ee929 code=0x7ffc0000
[  179.412650][   T29] audit: type=1326 audit(438.803:4567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14788 comm="syz.4.4787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63fa4ee929 code=0x7ffc0000
[  179.574139][T14800] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4792'.
[  179.803085][T14826] netlink: 28 bytes leftover after parsing attributes in process `syz.6.4804'.
[  179.819084][T14828] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 0, id = 0
[  180.892114][T14936] SELinux:  Context system_u:object_r:framebuf_device_t:s0 is not valid (left unmapped).
[  181.537593][T14987] netlink: 100 bytes leftover after parsing attributes in process `syz.1.4875'.
[  181.756295][T15022] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4890'.
[  181.775168][T15015] loop6: detected capacity change from 0 to 4096
[  181.782386][T15022] netlink: 32 bytes leftover after parsing attributes in process `syz.1.4890'.
[  181.796116][T15015] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  181.880566][T12483] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  182.249602][T15076] netlink: 'syz.4.4911': attribute type 1 has an invalid length.
[  182.258084][T15076] netlink: 'syz.4.4911': attribute type 4 has an invalid length.
[  182.266850][T15076] netlink: 9462 bytes leftover after parsing attributes in process `syz.4.4911'.
[  182.276961][T15074] usb usb2: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  182.284677][T15074] vhci_hcd: default hub control req: 6011 v8001 i0001 l0
[  182.435544][ T6731] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  182.443369][ T6731] hid-generic 0000:0000:0000.0006: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  182.570840][T15101] sch_tbf: burst 0 is lower than device lo mtu (14) !
[  182.718316][T15119] loop6: detected capacity change from 0 to 256
[  182.740896][T15119] FAT-fs (loop6): bogus number of FAT sectors
[  182.747193][T15119] FAT-fs (loop6): Can't find a valid FAT filesystem
[  182.774312][T15124] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4933'.
[  182.868985][T15135] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4937'.
[  183.235817][T15192] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4964'.
[  183.249444][T15192] macvtap1: entered promiscuous mode
[  183.254966][T15192] erspan0: entered promiscuous mode
[  183.260363][T15192] macvtap1: entered allmulticast mode
[  183.266029][T15192] erspan0: entered allmulticast mode
[  183.277520][T15192] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4964'.
[  183.411721][T15210] rdma_op ffff88811fcdd980 conn xmit_rdma 0000000000000000
[  183.440246][T15203] lo speed is unknown, defaulting to 1000
[  183.762072][T15235] hub 6-0:1.0: USB hub found
[  183.762171][T15235] hub 6-0:1.0: 8 ports detected
[  183.771477][T15237] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4983'.
[  183.940902][T15248] lo speed is unknown, defaulting to 1000
[  184.398666][   T29] kauditd_printk_skb: 108 callbacks suppressed
[  184.398688][   T29] audit: type=1326 audit(444.273:4676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15274 comm="syz.6.4998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f075754e929 code=0x7ffc0000
[  184.459444][   T29] audit: type=1326 audit(444.304:4677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15274 comm="syz.6.4998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f075754e929 code=0x7ffc0000
[  184.459514][   T29] audit: type=1326 audit(444.315:4678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15274 comm="syz.6.4998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=290 compat=0 ip=0x7f075754e929 code=0x7ffc0000
[  184.507486][   T29] audit: type=1326 audit(444.315:4679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15274 comm="syz.6.4998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f075754e929 code=0x7ffc0000
[  184.530784][   T29] audit: type=1326 audit(444.315:4680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15274 comm="syz.6.4998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f075754e929 code=0x7ffc0000
[  184.555490][   T29] audit: type=1326 audit(444.315:4681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15274 comm="syz.6.4998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f075754e929 code=0x7ffc0000
[  184.555529][   T29] audit: type=1326 audit(444.315:4682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15274 comm="syz.6.4998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f075754e929 code=0x7ffc0000
[  184.555569][   T29] audit: type=1326 audit(444.315:4683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15274 comm="syz.6.4998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f075754e929 code=0x7ffc0000
[  184.627422][   T29] audit: type=1326 audit(444.315:4684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15274 comm="syz.6.4998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f075754e929 code=0x7ffc0000
[  184.627460][   T29] audit: type=1326 audit(444.315:4685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15274 comm="syz.6.4998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f075754e929 code=0x7ffc0000
[  184.710185][T15279] netlink: 'syz.6.5000': attribute type 3 has an invalid length.
[  184.862728][T15291] netlink: 404 bytes leftover after parsing attributes in process `syz.4.5007'.
[  184.975378][T15299] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5010'.
[  185.345604][T15345] xt_hashlimit: max too large, truncated to 1048576
[  185.437100][T15351] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5030'.
[  185.446287][T15351] netlink: 'syz.4.5030': attribute type 7 has an invalid length.
[  185.454064][T15351] netlink: 'syz.4.5030': attribute type 8 has an invalid length.
[  185.461962][T15351] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5030'.
[  185.620757][T15375] loop6: detected capacity change from 0 to 128
[  185.693601][T15379] vhci_hcd: invalid port number 224
[  186.081185][T15402] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  186.383597][T15435] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5076'.
[  186.394509][T15435] dummy0: left allmulticast mode
[  186.399791][T15435] bridge0: port 3(dummy0) entered disabled state
[  186.407112][T15435] bridge_slave_1: left allmulticast mode
[  186.412849][T15435] bridge_slave_1: left promiscuous mode
[  186.418754][T15435] bridge0: port 2(bridge_slave_1) entered disabled state
[  186.428342][T15435] bridge_slave_0: left promiscuous mode
[  186.434134][T15435] bridge0: port 1(bridge_slave_0) entered disabled state
[  187.148504][T15452] 9pnet_fd: Insufficient options for proto=fd
[  187.208104][T15457] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  187.235336][T15457] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  187.317568][T15459] lo speed is unknown, defaulting to 1000
[  187.980671][T15536] openvswitch: netlink: Message has 6 unknown bytes.
[  188.054494][T15545] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[  188.217272][T15564] vhci_hcd: invalid port number 96
[  188.222493][T15564] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  188.262452][T15574] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5126'.
[  188.339912][T15580] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5130'.
[  188.360584][T15580] macvtap2: entered promiscuous mode
[  188.366276][T15580] macvtap2: entered allmulticast mode
[  188.442868][T15586] xt_hashlimit: max too large, truncated to 1048576
[  188.763060][T15605] netlink: 28 bytes leftover after parsing attributes in process `syz.6.5141'.
[  188.858732][T15611] syz_tun: entered allmulticast mode
[  188.871390][T15612] sd 0:0:1:0: device reset
[  188.880541][T15609] syz_tun: left allmulticast mode
[  189.187127][   T29] kauditd_printk_skb: 135 callbacks suppressed
[  189.187146][   T29] audit: type=1400 audit(449.291:4821): avc:  denied  { module_request } for  pid=15632 comm="syz.4.5152" kmod="netdev-syzkaller0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  189.221625][T15582] syz.1.5131 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  189.236056][T15582] CPU: 0 UID: 0 PID: 15582 Comm: syz.1.5131 Tainted: G        W           6.16.0-rc1-syzkaller-00157-g02adc1490e6d #0 PREEMPT(voluntary) 
[  189.236097][T15582] Tainted: [W]=WARN
[  189.236105][T15582] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  189.236125][T15582] Call Trace:
[  189.236133][T15582]  <TASK>
[  189.236143][T15582]  __dump_stack+0x1d/0x30
[  189.236178][T15582]  dump_stack_lvl+0xe8/0x140
[  189.236199][T15582]  dump_stack+0x15/0x1b
[  189.236261][T15582]  dump_header+0x81/0x220
[  189.236302][T15582]  oom_kill_process+0x334/0x3f0
[  189.236342][T15582]  out_of_memory+0x979/0xb80
[  189.236383][T15582]  try_charge_memcg+0x5e6/0x9e0
[  189.236419][T15582]  obj_cgroup_charge_pages+0xa6/0x150
[  189.236530][T15582]  __memcg_kmem_charge_page+0x9f/0x170
[  189.236565][T15582]  __alloc_frozen_pages_noprof+0x188/0x360
[  189.236653][T15582]  alloc_pages_mpol+0xb3/0x250
[  189.236730][T15582]  alloc_pages_noprof+0x90/0x130
[  189.236762][T15582]  __vmalloc_node_range_noprof+0x6f2/0xe00
[  189.236861][T15582]  __kvmalloc_node_noprof+0x30f/0x4e0
[  189.236949][T15582]  ? ip_set_alloc+0x1f/0x30
[  189.236986][T15582]  ? ip_set_alloc+0x1f/0x30
[  189.237052][T15582]  ? __kmalloc_cache_noprof+0x189/0x320
[  189.237082][T15582]  ip_set_alloc+0x1f/0x30
[  189.237147][T15582]  hash_netiface_create+0x282/0x740
[  189.237185][T15582]  ? __pfx_hash_netiface_create+0x10/0x10
[  189.237239][T15582]  ip_set_create+0x3cc/0x960
[  189.237278][T15582]  ? __nla_parse+0x40/0x60
[  189.237302][T15582]  nfnetlink_rcv_msg+0x4c6/0x590
[  189.237353][T15582]  ? selinux_capable+0x1f9/0x270
[  189.237389][T15582]  netlink_rcv_skb+0x123/0x220
[  189.237487][T15582]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  189.237526][T15582]  nfnetlink_rcv+0x16b/0x1690
[  189.237634][T15582]  ? __list_add_valid_or_report+0x38/0xe0
[  189.237672][T15582]  ? merge_sched_in+0x605/0xa60
[  189.237715][T15582]  ? rb_next+0x5c/0x80
[  189.237774][T15582]  ? visit_groups_merge+0xf7e/0xfd0
[  189.237854][T15582]  ? enqueue_task_fair+0x35e/0x980
[  189.237880][T15582]  ? should_fail_ex+0x30/0x280
[  189.237916][T15582]  ? selinux_nlmsg_lookup+0x99/0x890
[  189.237961][T15582]  ? selinux_netlink_send+0x59f/0x5f0
[  189.237979][T15582]  ? __rcu_read_unlock+0x34/0x70
[  189.238002][T15582]  ? __netlink_lookup+0x266/0x2a0
[  189.238029][T15582]  netlink_unicast+0x5a1/0x670
[  189.238094][T15582]  netlink_sendmsg+0x58b/0x6b0
[  189.238119][T15582]  ? __pfx_netlink_sendmsg+0x10/0x10
[  189.238176][T15582]  __sock_sendmsg+0x145/0x180
[  189.238214][T15582]  ____sys_sendmsg+0x31e/0x4e0
[  189.238239][T15582]  ___sys_sendmsg+0x17b/0x1d0
[  189.238277][T15582]  __x64_sys_sendmsg+0xd4/0x160
[  189.238333][T15582]  x64_sys_call+0x2999/0x2fb0
[  189.238356][T15582]  do_syscall_64+0xd2/0x200
[  189.238378][T15582]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  189.238406][T15582]  ? clear_bhb_loop+0x40/0x90
[  189.238433][T15582]  ? clear_bhb_loop+0x40/0x90
[  189.238456][T15582]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  189.238478][T15582] RIP: 0033:0x7f814d27e929
[  189.238504][T15582] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  189.238523][T15582] RSP: 002b:00007f814b8e7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  189.238643][T15582] RAX: ffffffffffffffda RBX: 00007f814d4a5fa0 RCX: 00007f814d27e929
[  189.238656][T15582] RDX: 0000000000000810 RSI: 0000200000000040 RDI: 0000000000000004
[  189.238669][T15582] RBP: 00007f814d300b39 R08: 0000000000000000 R09: 0000000000000000
[  189.238692][T15582] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  189.238768][T15582] R13: 0000000000000000 R14: 00007f814d4a5fa0 R15: 00007ffc2b4150f8
[  189.238788][T15582]  </TASK>
[  189.238838][T15582] memory: usage 307200kB, limit 307200kB, failcnt 273
[  189.341899][T15635] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=15635 comm=syz.6.5153
[  189.345990][T15582] memory+swap: usage 307564kB, limit 9007199254740988kB, failcnt 0
[  189.350562][T15635] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=15635 comm=syz.6.5153
[  189.355191][T15582] kmem: usage 307184kB, limit 9007199254740988kB, failcnt 0
[  189.558825][   T29] audit: type=1400 audit(449.679:4822): avc:  denied  { sys_module } for  pid=15632 comm="syz.4.5152" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  189.564129][T15582] Memory cgroup stats for /syz1:
[  189.696486][T15582] cache 0
[  189.704517][T15582] rss 0
[  189.707311][T15582] shmem 0
[  189.710277][T15582] mapped_file 0
[  189.713983][T15582] dirty 0
[  189.716972][T15582] writeback 4096
[  189.721291][T15582] workingset_refault_anon 158
[  189.726061][T15582] workingset_refault_file 224
[  189.730925][T15582] swap 368640
[  189.734379][T15582] swapcached 12288
[  189.738214][T15582] pgpgin 184268
[  189.741787][T15582] pgpgout 184264
[  189.745390][T15582] pgfault 208780
[  189.749093][T15582] pgmajfault 103
[  189.752965][T15582] inactive_anon 4096
[  189.757049][T15582] active_anon 8192
[  189.762065][T15582] inactive_file 0
[  189.766070][T15582] active_file 4096
[  189.770213][T15582] unevictable 0
[  189.773896][T15582] hierarchical_memory_limit 314572800
[  189.779405][T15582] hierarchical_memsw_limit 9223372036854771712
[  189.786388][T15582] total_cache 0
[  189.789944][T15582] total_rss 0
[  189.793531][T15582] total_shmem 0
[  189.797716][T15582] total_mapped_file 0
[  189.802728][T15582] total_dirty 0
[  189.806720][T15582] total_writeback 4096
[  189.810918][T15582] total_workingset_refault_anon 158
[  189.816256][T15582] total_workingset_refault_file 224
[  189.821583][T15582] total_swap 368640
[  189.825400][T15582] total_swapcached 12288
[  189.829844][T15582] total_pgpgin 184268
[  189.833937][T15582] total_pgpgout 184264
[  189.838036][T15582] total_pgfault 208780
[  189.842319][T15582] total_pgmajfault 103
[  189.846430][T15582] total_inactive_anon 4096
[  189.851042][T15582] total_active_anon 8192
[  189.855468][T15582] total_inactive_file 0
[  189.859805][T15582] total_active_file 4096
[  189.864077][T15582] total_unevictable 0
[  189.868256][T15582] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.5131,pid=15581,uid=0
[  189.883187][T15582] Memory cgroup out of memory: Killed process 15581 (syz.1.5131) total-vm:95800kB, anon-rss:936kB, file-rss:22052kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[  189.901809][   T29] audit: type=1400 audit(450.057:4823): avc:  denied  { create } for  pid=15642 comm="syz.6.5156" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  189.934209][   T29] audit: type=1400 audit(450.088:4824): avc:  denied  { create } for  pid=15639 comm="syz.4.5154" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  189.953373][   T29] audit: type=1400 audit(450.088:4825): avc:  denied  { ioctl } for  pid=15639 comm="syz.4.5154" path="socket:[46373]" dev="sockfs" ino=46373 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  189.978126][   T29] audit: type=1400 audit(450.088:4826): avc:  denied  { connect } for  pid=15639 comm="syz.4.5154" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  189.997196][   T29] audit: type=1400 audit(450.088:4827): avc:  denied  { write } for  pid=15639 comm="syz.4.5154" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  190.084499][   T29] audit: type=1400 audit(450.088:4828): avc:  denied  { execute } for  pid=15645 comm="syz.3.5157" path="/1050/file1" dev="tmpfs" ino=5444 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  190.192960][   T29] audit: type=1400 audit(450.351:4829): avc:  denied  { write } for  pid=15659 comm="syz.3.5164" lport=48441 faddr=::ffff:100.1.1.0 fport=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  190.231777][   T29] audit: type=1326 audit(450.382:4830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15661 comm="syz.0.5163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f87f1e929 code=0x7ffc0000
[  190.472307][T15689] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5173'.
[  190.542789][T15691] lo speed is unknown, defaulting to 1000
[  190.795352][T15705] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5180'.
[  190.807323][T15705] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5180'.
[  190.818494][T15705] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5180'.
[  190.828179][T15705] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5180'.
[  191.080786][T15739] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5196'.
[  191.090536][T15739] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  191.098183][T15739] batman_adv: batadv0: Removing interface: batadv_slave_0
[  191.125158][T15739] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  191.132747][T15739] batman_adv: batadv0: Removing interface: batadv_slave_1
[  191.273442][T15765] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5206'.
[  191.401920][T15785] netlink: 'syz.3.5215': attribute type 4 has an invalid length.
[  191.799141][T15818] 9pnet_fd: Insufficient options for proto=fd
[  191.856987][T15822] pim6reg1: entered promiscuous mode
[  191.862364][T15822] pim6reg1: entered allmulticast mode
[  191.879118][T15816] lo speed is unknown, defaulting to 1000
[  191.968328][ T8882] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  191.975959][ T8882] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  191.983635][ T8882] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  192.000452][ T8882] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  192.008350][ T8882] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  192.016151][ T8882] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  192.024001][ T8882] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  192.031547][ T8882] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  192.039119][ T8882] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  192.047271][ T8882] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  192.054928][ T8882] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  192.062522][ T8882] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  192.070121][ T8882] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  192.089776][ T8882] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  192.097454][ T8882] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  192.105644][ T8882] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  192.113367][ T8882] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  192.121546][ T8882] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  192.129316][ T8882] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  192.136881][ T8882] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  192.144571][ T8882] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  192.152047][ T8882] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  192.159505][ T8882] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  192.167090][ T8882] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  192.174645][ T8882] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  192.182131][ T8882] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  192.189657][ T8882] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  192.197142][ T8882] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  192.207635][ T8882] hid-generic 0000:0000:0000.0007: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  192.632957][T15855] lo speed is unknown, defaulting to 1000
[  193.129200][T15911] macsec0: entered promiscuous mode
[  193.386953][T15937] tipc: Bearer <udp:syz0>: already 2 bearers with priority 10
[  193.395748][T15937] tipc: Bearer <udp:syz0>: trying with adjusted priority
[  193.403014][T15937] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  193.440381][T15935] lo speed is unknown, defaulting to 1000
[  193.733441][ T6732] IPVS: starting estimator thread 0...
[  193.827896][T15950] IPVS: using max 2208 ests per chain, 110400 per kthread
[  193.967041][   T29] kauditd_printk_skb: 124 callbacks suppressed
[  193.967060][   T29] audit: type=1400 audit(454.319:4955): avc:  denied  { name_bind } for  pid=15971 comm="syz.6.5296" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[  194.094931][T15981] wg2: left promiscuous mode
[  194.099616][T15981] wg2: left allmulticast mode
[  194.113593][   T29] audit: type=1400 audit(454.466:4956): avc:  denied  { watch } for  pid=15984 comm="syz.0.5303" path="/1178/file0" dev="tmpfs" ino=6083 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  194.168917][T15981] wg2: entered promiscuous mode
[  194.174380][T15981] wg2: entered allmulticast mode
[  194.344855][T15985] lo speed is unknown, defaulting to 1000
[  194.533000][T16013] netlink: 'syz.0.5314': attribute type 4 has an invalid length.
[  194.614447][   T29] audit: type=1400 audit(454.991:4957): avc:  denied  { ioctl } for  pid=16014 comm="syz.6.5316" path="socket:[46922]" dev="sockfs" ino=46922 ioctlcmd=0x745a scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  194.705494][T16021] loop6: detected capacity change from 0 to 128
[  194.858242][   T29] audit: type=1400 audit(455.254:4958): avc:  denied  { unmount } for  pid=16028 comm="syz.3.5320" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  195.116199][   T29] audit: type=1400 audit(455.526:4959): avc:  denied  { mounton } for  pid=16031 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  195.342841][T16041] lo speed is unknown, defaulting to 1000
[  195.427873][T16031] lo speed is unknown, defaulting to 1000
[  195.504220][   T29] audit: type=1400 audit(455.925:4960): avc:  denied  { watch watch_reads } for  pid=16045 comm="syz.6.5326" path="/255" dev="tmpfs" ino=1336 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  195.629780][T16031] chnl_net:caif_netlink_parms(): no params data found
[  195.660933][   T29] audit: type=1400 audit(456.083:4961): avc:  denied  { setopt } for  pid=16057 comm="syz.6.5331" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  195.706988][T16061] netlink: 'syz.1.5330': attribute type 3 has an invalid length.
[  195.727871][T16064] loop6: detected capacity change from 0 to 128
[  195.744771][   T29] audit: type=1400 audit(456.179:4962): avc:  denied  { mount } for  pid=16063 comm="syz.6.5333" name="/" dev="loop6" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[  195.795740][T16064] syz.6.5333: attempt to access beyond end of device
[  195.795740][T16064] loop6: rw=2049, sector=129, nr_sectors = 8 limit=128
[  195.818912][T16031] bridge0: port 1(bridge_slave_0) entered blocking state
[  195.826693][T16031] bridge0: port 1(bridge_slave_0) entered disabled state
[  195.835050][T16031] bridge_slave_0: entered allmulticast mode
[  195.841404][T16064] syz.6.5333: attempt to access beyond end of device
[  195.841404][T16064] loop6: rw=2049, sector=153, nr_sectors = 8 limit=128
[  195.842031][T16031] bridge_slave_0: entered promiscuous mode
[  195.863013][T16031] bridge0: port 2(bridge_slave_1) entered blocking state
[  195.871645][T16031] bridge0: port 2(bridge_slave_1) entered disabled state
[  195.879272][T16031] bridge_slave_1: entered allmulticast mode
[  195.885949][T16031] bridge_slave_1: entered promiscuous mode
[  195.892999][T16064] syz.6.5333: attempt to access beyond end of device
[  195.892999][T16064] loop6: rw=2049, sector=169, nr_sectors = 8 limit=128
[  195.929684][T16064] syz.6.5333: attempt to access beyond end of device
[  195.929684][T16064] loop6: rw=2049, sector=185, nr_sectors = 8 limit=128
[  195.978406][T16064] syz.6.5333: attempt to access beyond end of device
[  195.978406][T16064] loop6: rw=2049, sector=201, nr_sectors = 8 limit=128
[  196.022283][T16064] syz.6.5333: attempt to access beyond end of device
[  196.022283][T16064] loop6: rw=2049, sector=217, nr_sectors = 8 limit=128
[  196.047745][T16031] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  196.069145][T16064] syz.6.5333: attempt to access beyond end of device
[  196.069145][T16064] loop6: rw=2049, sector=233, nr_sectors = 8 limit=128
[  196.103084][T16064] syz.6.5333: attempt to access beyond end of device
[  196.103084][T16064] loop6: rw=2049, sector=249, nr_sectors = 8 limit=128
[  196.105254][T16031] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  196.117485][T16064] syz.6.5333: attempt to access beyond end of device
[  196.117485][T16064] loop6: rw=2049, sector=265, nr_sectors = 8 limit=128
[  196.139908][T16064] syz.6.5333: attempt to access beyond end of device
[  196.139908][T16064] loop6: rw=2049, sector=281, nr_sectors = 8 limit=128
[  196.174878][   T29] audit: type=1400 audit(456.633:4963): avc:  denied  { unmount } for  pid=12483 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[  196.212185][T16031] team0: Port device team_slave_0 added
[  196.219686][T16031] team0: Port device team_slave_1 added
[  196.249573][   T29] audit: type=1400 audit(456.718:4964): avc:  denied  { read write } for  pid=16086 comm="syz.6.5342" name="ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  196.290198][T16031] batman_adv: batadv0: Adding interface: batadv_slave_0
[  196.297433][T16031] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  196.323860][T16031] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  196.355146][T16031] batman_adv: batadv0: Adding interface: batadv_slave_1
[  196.362307][T16031] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  196.389269][T16031] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  196.431902][T16091] netlink: 96 bytes leftover after parsing attributes in process `syz.0.5344'.
[  196.457271][T16031] hsr_slave_0: entered promiscuous mode
[  196.463965][T16031] hsr_slave_1: entered promiscuous mode
[  196.470437][T16031] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  196.478469][T16031] Cannot create hsr debugfs directory
[  196.575217][T16104] IPv4: Oversized IP packet from 127.202.26.0
[  196.699213][T16031] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  196.721751][T16031] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  196.737149][T16031] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  196.748036][T16031] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  196.810880][T16031] 8021q: adding VLAN 0 to HW filter on device bond0
[  196.843063][T16031] 8021q: adding VLAN 0 to HW filter on device team0
[  196.869889][T11553] bridge0: port 1(bridge_slave_0) entered blocking state
[  196.877796][T11553] bridge0: port 1(bridge_slave_0) entered forwarding state
[  196.901022][T11579] bridge0: port 2(bridge_slave_1) entered blocking state
[  196.908179][T11579] bridge0: port 2(bridge_slave_1) entered forwarding state
[  196.992641][T16133] xt_cluster: you have exceeded the maximum number of cluster nodes (514 > 32)
[  197.059082][T16031] 8021q: adding VLAN 0 to HW filter on device batadv0
[  197.278895][T16031] veth0_vlan: entered promiscuous mode
[  197.289788][T16163] pimreg: entered allmulticast mode
[  197.299614][T16163] pimreg: left allmulticast mode
[  197.317460][T16031] veth1_vlan: entered promiscuous mode
[  197.338037][T16031] veth0_macvtap: entered promiscuous mode
[  197.346494][T16031] veth1_macvtap: entered promiscuous mode
[  197.348625][T16165] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5365'.
[  197.369269][T16165] 8021q: adding VLAN 0 to HW filter on device team1
[  197.378701][T16031] batman_adv: batadv0: Interface activated: batadv_slave_0
[  197.392481][T16031] batman_adv: batadv0: Interface activated: batadv_slave_1
[  197.403689][T16031] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  197.406872][T16167] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5368'.
[  197.412859][T16031] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  197.430620][T16031] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  197.439781][T16031] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  197.744648][T16201] netlink: 96 bytes leftover after parsing attributes in process `syz.1.5381'.
[  197.810877][T16207] pim6reg: entered allmulticast mode
[  197.826845][T16207] pim6reg: left allmulticast mode
[  197.927305][T16216] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[  197.970215][T16219] loop6: detected capacity change from 0 to 1024
[  197.977963][T16221] netlink: 4 bytes leftover after parsing attributes in process `syz.7.5389'.
[  198.004227][T16223] netlink: 48 bytes leftover after parsing attributes in process `syz.0.5390'.
[  198.014139][T16221] netlink: 12 bytes leftover after parsing attributes in process `syz.7.5389'.
[  198.053935][T16219] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  198.089832][T16219] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.236282][T16253] netlink: 16 bytes leftover after parsing attributes in process `syz.0.5401'.
[  198.246073][T16253] netlink: 16 bytes leftover after parsing attributes in process `syz.0.5401'.
[  198.363629][T16262] loop7: detected capacity change from 0 to 1024
[  198.384615][T16262] EXT4-fs: Ignoring removed oldalloc option
[  198.401685][T16262] EXT4-fs (loop7): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  198.697270][T16262] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  198.716781][   T29] kauditd_printk_skb: 57 callbacks suppressed
[  198.716799][   T29] audit: type=1400 audit(459.330:5022): avc:  denied  { accept } for  pid=16283 comm="syz.0.5412" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  199.033608][   T29] audit: type=1400 audit(459.668:5023): avc:  denied  { map } for  pid=16294 comm="syz.1.5416" path="socket:[47561]" dev="sockfs" ino=47561 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1
[  199.117218][T16031] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.173629][   T29] audit: type=1400 audit(459.806:5024): avc:  denied  { create } for  pid=16301 comm="syz.0.5421" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  199.224741][T16305] loop7: detected capacity change from 0 to 512
[  199.235019][   T29] audit: type=1400 audit(459.848:5025): avc:  denied  { mounton } for  pid=16301 comm="syz.0.5421" path="/1211/file0" dev="tmpfs" ino=6255 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  199.241681][T16305] EXT4-fs (loop7): Cannot turn on journaled quota: type 1: error -2
[  199.273589][T16305] EXT4-fs error (device loop7): ext4_orphan_get:1393: inode #13: comm syz.7.5419: iget: bad i_size value: 12154757448730
[  199.293942][T16305] EXT4-fs error (device loop7): ext4_orphan_get:1398: comm syz.7.5419: couldn't read orphan inode 13 (err -117)
[  199.312337][T16305] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  199.323785][T16212] syz.6.5386 (16212) used greatest stack depth: 5824 bytes left
[  199.353742][T16306] lo speed is unknown, defaulting to 1000
[  199.365881][   T29] audit: type=1400 audit(460.006:5026): avc:  denied  { unlink } for  pid=3307 comm="syz-executor" name="file0" dev="tmpfs" ino=6255 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  199.401416][T16031] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.439200][   T29] audit: type=1400 audit(460.080:5027): avc:  denied  { write } for  pid=16315 comm="syz.4.5427" name="file0" dev="tmpfs" ino=5716 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  199.461652][   T29] audit: type=1400 audit(460.080:5028): avc:  denied  { open } for  pid=16315 comm="syz.4.5427" path="/1106/file0" dev="tmpfs" ino=5716 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  199.502253][T16318] loop6: detected capacity change from 0 to 1024
[  199.521315][T16314] lo speed is unknown, defaulting to 1000
[  199.586320][T16318] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  199.620079][   T29] audit: type=1400 audit(460.271:5029): avc:  denied  { add_name } for  pid=16317 comm="syz.6.5426" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  199.640820][   T29] audit: type=1400 audit(460.271:5030): avc:  denied  { create } for  pid=16317 comm="syz.6.5426" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  199.660739][   T29] audit: type=1400 audit(460.281:5031): avc:  denied  { read write } for  pid=16317 comm="syz.6.5426" name="file1" dev="loop6" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  199.687895][T16318] EXT4-fs error (device loop6): ext4_map_blocks:816: inode #15: block 3: comm syz.6.5426: lblock 3 mapped to illegal pblock 3 (length 13)
[  199.723348][T16318] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 13 with error 117
[  199.736103][T16318] EXT4-fs (loop6): This should not happen!! Data will be lost
[  199.736103][T16318] 
[  199.844657][T12483] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.953418][T16343] loop6: detected capacity change from 0 to 512
[  199.971665][T16343] EXT4-fs (loop6): Cannot turn on journaled quota: type 1: error -2
[  199.981471][T16343] EXT4-fs error (device loop6): ext4_orphan_get:1393: inode #13: comm syz.6.5437: iget: bad i_size value: 12154757448730
[  199.994828][T16343] EXT4-fs error (device loop6): ext4_orphan_get:1398: comm syz.6.5437: couldn't read orphan inode 13 (err -117)
[  200.016358][T16343] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  200.089557][T12483] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  200.261960][T16366] netlink: 'syz.4.5448': attribute type 1 has an invalid length.
[  200.270667][T16366] netlink: 'syz.4.5448': attribute type 4 has an invalid length.
[  200.278617][T16366] netlink: 9462 bytes leftover after parsing attributes in process `syz.4.5448'.
[  200.296085][T16366] netlink: 'syz.4.5448': attribute type 1 has an invalid length.
[  200.304499][T16366] netlink: 'syz.4.5448': attribute type 4 has an invalid length.
[  200.578021][T16386] lo speed is unknown, defaulting to 1000
[  200.662985][T11607] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.743417][T11607] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.824041][T11607] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.889342][T11607] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.971464][T11607] bridge_slave_1: left allmulticast mode
[  200.977415][T11607] bridge_slave_1: left promiscuous mode
[  200.983296][T11607] bridge0: port 2(bridge_slave_1) entered disabled state
[  200.993315][T11607] bridge_slave_0: left allmulticast mode
[  201.000422][T11607] bridge_slave_0: left promiscuous mode
[  201.006698][T11607] bridge0: port 1(bridge_slave_0) entered disabled state
[  201.135784][T11607] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  201.146804][T11607] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  201.157411][T11607] bond0 (unregistering): Released all slaves
[  201.198998][T16405] lo speed is unknown, defaulting to 1000
[  201.283801][T16413] lo speed is unknown, defaulting to 1000
[  201.432188][T11607] hsr_slave_0: left promiscuous mode
[  201.439689][T11607] hsr_slave_1: left promiscuous mode
[  201.446257][T11607] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  201.454091][T11607] batman_adv: batadv0: Removing interface: batadv_slave_0
[  201.469184][T11607] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  201.476816][T11607] batman_adv: batadv0: Removing interface: batadv_slave_1
[  201.491199][T11607] veth1_macvtap: left promiscuous mode
[  201.504032][T11607] veth0_macvtap: left promiscuous mode
[  201.511372][T11607] veth1_vlan: left promiscuous mode
[  201.516752][T11607] veth0_vlan: left promiscuous mode
[  201.596755][T11607] team0 (unregistering): Port device team_slave_1 removed
[  201.607744][T11607] team0 (unregistering): Port device team_slave_0 removed
[  201.660569][T16405] chnl_net:caif_netlink_parms(): no params data found
[  201.699350][T16413] chnl_net:caif_netlink_parms(): no params data found
[  201.768928][T16405] bridge0: port 1(bridge_slave_0) entered blocking state
[  201.776976][T16405] bridge0: port 1(bridge_slave_0) entered disabled state
[  201.784769][T16405] bridge_slave_0: entered allmulticast mode
[  201.792521][T16405] bridge_slave_0: entered promiscuous mode
[  201.809931][T16405] bridge0: port 2(bridge_slave_1) entered blocking state
[  201.817583][T16405] bridge0: port 2(bridge_slave_1) entered disabled state
[  201.833555][T16405] bridge_slave_1: entered allmulticast mode
[  201.845650][T16405] bridge_slave_1: entered promiscuous mode
[  201.871572][T16413] bridge0: port 1(bridge_slave_0) entered blocking state
[  201.879710][T16413] bridge0: port 1(bridge_slave_0) entered disabled state
[  201.887072][T16413] bridge_slave_0: entered allmulticast mode
[  201.897552][T16413] bridge_slave_0: entered promiscuous mode
[  201.930731][T16413] bridge0: port 2(bridge_slave_1) entered blocking state
[  201.938195][T16413] bridge0: port 2(bridge_slave_1) entered disabled state
[  201.945810][T16413] bridge_slave_1: entered allmulticast mode
[  201.953614][T16413] bridge_slave_1: entered promiscuous mode
[  202.005720][T16405] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  202.025734][T16467] lo speed is unknown, defaulting to 1000
[  202.042716][T16413] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  202.053540][T16405] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  202.077898][T16413] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  202.105073][T16405] team0: Port device team_slave_0 added
[  202.112469][T16405] team0: Port device team_slave_1 added
[  202.152125][T16405] batman_adv: batadv0: Adding interface: batadv_slave_0
[  202.159322][T16405] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  202.185935][T16405] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  202.213026][T16413] team0: Port device team_slave_0 added
[  202.220058][T16405] batman_adv: batadv0: Adding interface: batadv_slave_1
[  202.228916][T16405] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  202.255338][T16405] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  202.274829][T16413] team0: Port device team_slave_1 added
[  202.320712][T16413] batman_adv: batadv0: Adding interface: batadv_slave_0
[  202.328679][T16413] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  202.356469][T16413] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  202.378608][T16405] hsr_slave_0: entered promiscuous mode
[  202.384989][T16405] hsr_slave_1: entered promiscuous mode
[  202.392286][T16405] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  202.400249][T16405] Cannot create hsr debugfs directory
[  202.406691][T16413] batman_adv: batadv0: Adding interface: batadv_slave_1
[  202.414353][T16413] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  202.441469][T16413] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  202.453332][T16490] netlink: 'syz.0.5493': attribute type 12 has an invalid length.
[  202.549480][T16413] hsr_slave_0: entered promiscuous mode
[  202.556729][T16413] hsr_slave_1: entered promiscuous mode
[  202.576321][T16413] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  202.586404][T16413] Cannot create hsr debugfs directory
[  202.801363][T16405] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  202.827756][T16405] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  202.846268][T16413] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  202.857383][T16405] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  202.871800][T16405] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  202.900440][T16413] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  202.924919][T16538] __nla_validate_parse: 7 callbacks suppressed
[  202.924938][T16538] netlink: 52 bytes leftover after parsing attributes in process `syz.4.5515'.
[  202.941150][T16413] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  202.969982][T16413] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  203.022005][T16556] block device autoloading is deprecated and will be removed.
[  203.071087][T16405] 8021q: adding VLAN 0 to HW filter on device bond0
[  203.102172][T16405] 8021q: adding VLAN 0 to HW filter on device team0
[  203.126014][T11578] bridge0: port 1(bridge_slave_0) entered blocking state
[  203.133515][T11578] bridge0: port 1(bridge_slave_0) entered forwarding state
[  203.175760][T11578] bridge0: port 2(bridge_slave_1) entered blocking state
[  203.182955][T11578] bridge0: port 2(bridge_slave_1) entered forwarding state
[  203.222522][T16413] 8021q: adding VLAN 0 to HW filter on device bond0
[  203.279673][T16413] 8021q: adding VLAN 0 to HW filter on device team0
[  203.308095][T11603] bridge0: port 1(bridge_slave_0) entered blocking state
[  203.315247][T11603] bridge0: port 1(bridge_slave_0) entered forwarding state
[  203.345056][T16413] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  203.355791][T16413] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  203.370648][T11603] bridge0: port 2(bridge_slave_1) entered blocking state
[  203.378131][T11603] bridge0: port 2(bridge_slave_1) entered forwarding state
[  203.415000][T16405] 8021q: adding VLAN 0 to HW filter on device batadv0
[  203.522084][T16413] 8021q: adding VLAN 0 to HW filter on device batadv0
[  203.660939][T16405] veth0_vlan: entered promiscuous mode
[  203.678588][T16405] veth1_vlan: entered promiscuous mode
[  203.703280][T16405] veth0_macvtap: entered promiscuous mode
[  203.734949][T16405] veth1_macvtap: entered promiscuous mode
[  203.764461][T16405] batman_adv: batadv0: Interface activated: batadv_slave_0
[  203.785563][T16405] batman_adv: batadv0: Interface activated: batadv_slave_1
[  203.810511][T16405] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  203.819509][T16405] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  203.828285][T16405] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  203.837328][T16405] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  203.850467][   T29] kauditd_printk_skb: 74 callbacks suppressed
[  203.850530][   T29] audit: type=1326 audit(464.752:5106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16613 comm="syz.4.5526" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f63fa4ee929 code=0x0
[  203.940345][T16413] veth0_vlan: entered promiscuous mode
[  203.975913][T16413] veth1_vlan: entered promiscuous mode
[  204.004806][T16413] veth0_macvtap: entered promiscuous mode
[  204.022090][T16413] veth1_macvtap: entered promiscuous mode
[  204.022912][   T29] audit: type=1400 audit(464.932:5107): avc:  denied  { read write } for  pid=3311 comm="syz-executor" name="loop1" dev="devtmpfs" ino=654 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  204.049986][T16413] batman_adv: batadv0: Interface activated: batadv_slave_0
[  204.051503][   T29] audit: type=1400 audit(464.932:5108): avc:  denied  { open } for  pid=3311 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=654 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  204.102318][T16413] batman_adv: batadv0: Interface activated: batadv_slave_1
[  204.136494][T16413] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  204.145496][T16413] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  204.152728][   T29] audit: type=1400 audit(465.006:5109): avc:  denied  { ioctl } for  pid=3311 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=654 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  204.154780][T16413] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  204.187513][T16413] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  204.670136][T16665] netlink: 8 bytes leftover after parsing attributes in process `syz.8.5543'.
[  204.674773][T16659] bridge_slave_0: left allmulticast mode
[  204.685411][T16659] bridge_slave_0: left promiscuous mode
[  204.691438][T16659] bridge0: port 1(bridge_slave_0) entered disabled state
[  204.702824][T16659] bridge_slave_1: left allmulticast mode
[  204.708551][T16659] bridge_slave_1: left promiscuous mode
[  204.714435][T16659] bridge0: port 2(bridge_slave_1) entered disabled state
[  204.723881][T16659] bond0: (slave bond_slave_0): Releasing backup interface
[  204.732228][T16669] netlink: 16 bytes leftover after parsing attributes in process `syz.8.5543'.
[  204.745152][T16659] bond0: (slave bond_slave_1): Releasing backup interface
[  204.758296][T16659] team0: Port device team_slave_0 removed
[  204.767572][T16659] team0: Port device team_slave_1 removed
[  204.775021][T16659] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  204.782731][T16659] batman_adv: batadv0: Removing interface: batadv_slave_0
[  204.793715][T16659] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  204.802876][T16659] batman_adv: batadv0: Removing interface: batadv_slave_1
[  204.948524][   T29] audit: type=1326 audit(465.914:5110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16679 comm="syz.9.5549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7f9b8e929 code=0x7ffc0000
[  204.972267][   T29] audit: type=1326 audit(465.914:5111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16679 comm="syz.9.5549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7f9b8e929 code=0x7ffc0000
[  204.999083][   T29] audit: type=1326 audit(465.967:5112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16679 comm="syz.9.5549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd7f9b8e929 code=0x7ffc0000
[  205.023144][   T29] audit: type=1326 audit(465.967:5113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16679 comm="syz.9.5549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7f9b8e929 code=0x7ffc0000
[  205.047589][   T29] audit: type=1326 audit(465.967:5114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16679 comm="syz.9.5549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7f9b8e929 code=0x7ffc0000
[  205.073438][   T29] audit: type=1326 audit(466.052:5115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16679 comm="syz.9.5549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fd7f9b8e929 code=0x7ffc0000
[  205.190177][T16689] tipc: Started in network mode
[  205.195456][T16689] tipc: Node identity 7f000001, cluster identity 4711
[  205.220117][T16689] tipc: Enabled bearer <udp:syz2>, priority 10
[  205.487905][T16704] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5558'.
[  205.511598][T16704] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5558'.
[  205.634597][T16713] loop8: detected capacity change from 0 to 128
[  205.660559][T16713] bio_check_eod: 29 callbacks suppressed
[  205.660658][T16713] syz.8.5563: attempt to access beyond end of device
[  205.660658][T16713] loop8: rw=0, sector=2065, nr_sectors = 1 limit=128
[  205.680126][T16713] Buffer I/O error on dev loop8, logical block 2065, async page read
[  205.749052][T16713] syz.8.5563: attempt to access beyond end of device
[  205.749052][T16713] loop8: rw=0, sector=2066, nr_sectors = 1 limit=128
[  205.762767][T16713] Buffer I/O error on dev loop8, logical block 2066, async page read
[  205.772994][T16713] syz.8.5563: attempt to access beyond end of device
[  205.772994][T16713] loop8: rw=0, sector=2067, nr_sectors = 1 limit=128
[  205.787087][T16713] Buffer I/O error on dev loop8, logical block 2067, async page read
[  205.802587][T16713] syz.8.5563: attempt to access beyond end of device
[  205.802587][T16713] loop8: rw=0, sector=2068, nr_sectors = 1 limit=128
[  205.816395][T16713] Buffer I/O error on dev loop8, logical block 2068, async page read
[  205.827279][T16713] syz.8.5563: attempt to access beyond end of device
[  205.827279][T16713] loop8: rw=0, sector=2069, nr_sectors = 1 limit=128
[  205.840829][T16713] Buffer I/O error on dev loop8, logical block 2069, async page read
[  205.849509][T16713] syz.8.5563: attempt to access beyond end of device
[  205.849509][T16713] loop8: rw=0, sector=2070, nr_sectors = 1 limit=128
[  205.864447][T16713] Buffer I/O error on dev loop8, logical block 2070, async page read
[  205.872955][T16713] syz.8.5563: attempt to access beyond end of device
[  205.872955][T16713] loop8: rw=0, sector=2071, nr_sectors = 1 limit=128
[  205.886855][T16713] Buffer I/O error on dev loop8, logical block 2071, async page read
[  205.918432][T16713] syz.8.5563: attempt to access beyond end of device
[  205.918432][T16713] loop8: rw=0, sector=2072, nr_sectors = 1 limit=128
[  205.932878][T16713] Buffer I/O error on dev loop8, logical block 2072, async page read
[  205.942761][T16713] syz.8.5563: attempt to access beyond end of device
[  205.942761][T16713] loop8: rw=0, sector=2065, nr_sectors = 1 limit=128
[  205.956139][T16713] Buffer I/O error on dev loop8, logical block 2065, async page read
[  205.983791][T16713] syz.8.5563: attempt to access beyond end of device
[  205.983791][T16713] loop8: rw=0, sector=2066, nr_sectors = 1 limit=128
[  205.997287][T16713] Buffer I/O error on dev loop8, logical block 2066, async page read
[  206.206369][T16752] loop8: detected capacity change from 0 to 1024
[  206.234995][T16752] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  206.269275][T16752] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  206.289049][ T8883] tipc: Node number set to 2130706433
[  206.427744][T16764] loop8: detected capacity change from 0 to 1024
[  206.464778][T16767] atomic_op ffff888166ac4d28 conn xmit_atomic 0000000000000000
[  206.502139][T16764] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  206.556612][T16764] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  206.593039][T16776] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.5585'.
[  206.647855][T16777] IPv4: Oversized IP packet from 127.202.26.0
[  206.673180][T16774] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.5585'.
[  207.168365][T16820] loop9: detected capacity change from 0 to 512
[  207.195570][T16820] EXT4-fs: Ignoring removed bh option
[  207.201660][T16820] EXT4-fs: Ignoring removed mblk_io_submit option
[  207.235486][T16820] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  207.272810][T16820] EXT4-fs (loop9): 1 truncate cleaned up
[  207.283066][T16820] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  207.355250][T16831] macvlan2: entered promiscuous mode
[  207.356879][T16413] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  207.363078][T16831] macvlan2: entered allmulticast mode
[  207.380186][T16831] bond0: entered promiscuous mode
[  207.390084][T16831] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  207.416204][T16831] bond0: left promiscuous mode
[  207.452048][T16839] syzkaller1: entered promiscuous mode
[  207.458321][T16839] syzkaller1: entered allmulticast mode
[  207.512451][T16847] ip6_vti0: mtu greater than device maximum
[  207.584840][T16862] netlink: 16 bytes leftover after parsing attributes in process `syz.0.5626'.
[  207.769772][T16872] ==================================================================
[  207.778106][T16872] BUG: KCSAN: data-race in selinux_inode_permission / selinux_inode_permission
[  207.787528][T16872] 
[  207.789969][T16872] write to 0xffff888114861da0 of 4 bytes by task 16878 on cpu 1:
[  207.798514][T16872]  selinux_inode_permission+0x31b/0x620
[  207.804182][T16872]  security_inode_permission+0x6d/0xb0
[  207.810294][T16872]  inode_permission+0x106/0x310
[  207.815375][T16872]  link_path_walk+0x162/0x900
[  207.820730][T16872]  path_openat+0x1de/0x2170
[  207.825791][T16872]  do_filp_open+0x109/0x230
[  207.830415][T16872]  io_openat2+0x272/0x390
[  207.835031][T16872]  io_openat+0x1b/0x30
[  207.840177][T16872]  __io_issue_sqe+0xfb/0x2e0
[  207.845121][T16872]  io_issue_sqe+0x53/0x970
[  207.849585][T16872]  io_wq_submit_work+0x3f7/0x5f0
[  207.856218][T16872]  io_worker_handle_work+0x44e/0x9b0
[  207.863811][T16872]  io_wq_worker+0x22e/0x870
[  207.869235][T16872]  ret_from_fork+0xda/0x150
[  207.874295][T16872]  ret_from_fork_asm+0x1a/0x30
[  207.879123][T16872] 
[  207.881639][T16872] read to 0xffff888114861da0 of 4 bytes by task 16872 on cpu 0:
[  207.889749][T16872]  selinux_inode_permission+0x2a7/0x620
[  207.895690][T16872]  security_inode_permission+0x6d/0xb0
[  207.901631][T16872]  inode_permission+0x106/0x310
[  207.906617][T16872]  link_path_walk+0x162/0x900
[  207.911422][T16872]  path_openat+0x1de/0x2170
[  207.915981][T16872]  do_filp_open+0x109/0x230
[  207.920560][T16872]  io_openat2+0x272/0x390
[  207.924918][T16872]  io_openat+0x1b/0x30
[  207.929016][T16872]  __io_issue_sqe+0xfb/0x2e0
[  207.933652][T16872]  io_issue_sqe+0x53/0x970
[  207.938111][T16872]  io_submit_sqes+0x667/0xfd0
[  207.942924][T16872]  __se_sys_io_uring_enter+0x1c1/0x1b70
[  207.948715][T16872]  __x64_sys_io_uring_enter+0x78/0x90
[  207.954127][T16872]  x64_sys_call+0x28c8/0x2fb0
[  207.958845][T16872]  do_syscall_64+0xd2/0x200
[  207.963493][T16872]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  207.969415][T16872] 
[  207.971757][T16872] value changed: 0x00000000 -> 0x00000001
[  207.977609][T16872] 
[  207.980119][T16872] Reported by Kernel Concurrency Sanitizer on:
[  207.986313][T16872] CPU: 0 UID: 0 PID: 16872 Comm: syz.8.5631 Tainted: G        W           6.16.0-rc1-syzkaller-00157-g02adc1490e6d #0 PREEMPT(voluntary) 
[  208.000516][T16872] Tainted: [W]=WARN
[  208.004361][T16872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  208.014457][T16872] ==================================================================
[  208.037028][T16883] loop9: detected capacity change from 0 to 164
[  208.303577][T16887] Set syz1 is full, maxelem 65536 reached