last executing test programs:

4m42.227396831s ago: executing program 32 (id=320):
socketpair(0x1, 0x2, 0x0, &(0x7f0000000000))
socket(0x1e, 0x805, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180))
openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x8100, 0x0)
unshare(0x20400)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f00000002c0)={0x3ff}, 0x0, 0x0)

4m38.690408285s ago: executing program 33 (id=405):
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0xfffffffffffffe86, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
tgkill(0x0, 0x0, 0x0)

4m29.136917872s ago: executing program 34 (id=637):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0xd9, 0x0, 0xffffffffffffffff, 0xfffffffc}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r1}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r2}, 0x18)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000180a0500000000000000000002000000300003802c00038014000100776732000000000000000000000000001400010076657468315f746f5f627269646765000900020073797a30000000000900010073797a30"], 0x84}, 0x1, 0x0, 0x0, 0x24040089}, 0x20008000)

3m1.172732693s ago: executing program 7 (id=3986):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff47}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0xc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x7fff}, 0x18)
r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
write$selinux_load(r2, &(0x7f0000000280)=ANY=[@ANYBLOB="8cff7cf9080000005345204c696e7578"], 0x65)

3m1.109501469s ago: executing program 7 (id=4000):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x808000, 0x4, 0x20300, 0xfc}, 0x1c)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x5}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r1}, &(0x7f0000000240), &(0x7f0000000280)=r2}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000100)=@req3={0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x861}, 0x1c)

3m1.008518919s ago: executing program 7 (id=3995):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x200, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000002c0)='kfree\x00', r1}, 0x10)
r2 = syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x8401)
r3 = fcntl$dupfd(r2, 0x406, r2)
ioctl$USBDEVFS_SUBMITURB(r3, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x41, &(0x7f0000000080)={0x60, 0x3, 0x0, 0x0, 0x7995}, 0x8, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0})

3m0.966511314s ago: executing program 7 (id=4002):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x4, 0x510, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_bp={0x0}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x2000000020000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000280)={0x1, &(0x7f0000000780)=[{0x200000000006, 0xf, 0x6, 0x7ffc1ffb}]})
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000080), 0x67, 0x52e, &(0x7f0000000480)="$eJzs3U9vI2cZAPBnHHvZ7GabFDhAJUqhRdkVrJ00tI04lCIhOFUCyr2ExImiOHEUO+0mqtis+ABICAESJ7hwQeIDIKFKXDgipEpwBgECIdjCgQN00NjjNJv4X7tOnE1+P2ky78y8M8/zOprxvJ7RTACX1lMR8VJEvJOm6a2ImM7nF/IhDtpDVu/t+28sZ0MSafrKP5JI8nmdbSX5+Hq+2tWI+NqXI76ZnIzb2NvfWKrVqjv5dKW5uV1p7O3fXt9cWquuVbcWFuafX3xh8bnFuZG080ZEvPjFv3z/Oz/90ou//Mzrf3z1bze/laU1lS8/2o73qNhvYbvppdZncXSFnfcZ7DwqtlqYm+xWY+LEnHunnBMAAN1l5/gfjIhPRsStmI6J/qezAAAAwCMo/fxU/DeJSLu70mM+AAAA8AgptO6BTQrl/F6AqSgUyuX2PbwfjmuFWr3R/PRqfXdrpX2v7EyUCqvrtepcfq/wTJSSbHq+VX53+tlj0wsR8XhEfG96sjVdXq7XVsb94wcAAABcEteP9f//Pd3u/3fcHWdyAAAAwOjMjDsBAAAA4NQN2/+/dsp5AAAAAKfH9X8AAAC40L7y8svZkHbef73y2t7uRv212yvVxkZ5c3e5vFzf2S6v1etrrWf2bQ7aXq1e3/5sbO3eqTSrjWalsXc1Nuu7W81X1x94BTYAAABwhh7/+Ju/TyLi4HOTrSFzZbhVh6wGnFfFw1KSj7vs1n94rD3+8xklBZyJiXEnAIxNcdwJAGNTGncCwNglA5b3vHnnN/n4E6PNBwAAGL3Zj/a+/l/ou+ZB/8XAuWcnhsvL9X+4vFrX/4e9k7fgbeBwkZQGnQH07SA4HsBF8NDX/wdK0/eUEAAAMHJTrSEplIud6UKhXI640XotQClZXa9V5yLisYj43XTpA9n0fKtmMrDPAAAAAAAAAAAAAAAAAAAAAAAAAAC0pWkSKQAAAHChRRT+mvyq/Sz/2elnpo7/PnAl+c905K8Iff1Hr/zgzlKzuTOfzf/n4fzmD/P5z47jFwwAAAC4FAa8wP9BnX56px8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKP09v03ljvDWcb9+xciYqZb/GJcbY2vRikirv0rieKR9ZKImBhB/Mnsz0e6xU+ytA5Ddos/OYL4B/f6xo+D/FPoFv/6COLDZfZmdvx5qdv+V4inWuPu+18x4oHp96v38S8Oj38TPfb/G0PGeOKtn1d6xr8X8UTxRPy7WYRO/KRH/KeHjP+Nr+/v91qW/jhituv3T9Kpkh0ho9Lc3K409vZvr28urVXXqlsLC/PPL76w+NziXGV1vVbN/3aN8d2P/eKdfu2/1iP+zID2P3Nia1e6xvjfW3fuf6hdLHWLf/PpLvF//ZO8xsn4hfy771N5OVs+2ykftMtHPfmz3z7Zr/0rPdo/6P9/s9dGj7n11W//aciqAMAZaOztbyzVatWdC1vIeulDVs7Ozs5FzgpDFCYefjt3R5pYmqZptk89xHaSGPenelgY95EJAAAYtXdP+sedCQAAAAAAAAAAAAAAAAAAAFxeZ/E4seMxDw5LySgeoQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBL/DwAA//9t9tlI")
r0 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
r1 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000100), 0x1, 0x0)
write$binfmt_register(r1, &(0x7f0000000440)={0x3a, 'syz2', 0x3a, 'M', 0x3a, 0x0, 0x3a, 'usrjquota=', 0x3a, '', 0x3a, './file2', 0x3a, [0x46]}, 0x32)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0)

3m0.730957597s ago: executing program 7 (id=4009):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xf, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000280)='GPL\x00', 0x6, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r3}, 0x10)
write$tun(0xffffffffffffffff, 0x0, 0x0)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000280)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002abd7000fcdbdf2501000000000000000b000000000600147379"], 0x28}, 0x1, 0x0, 0x0, 0x890}, 0x800)

3m0.549235035s ago: executing program 7 (id=4017):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=@base={0xa, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0x20000}, 0x50)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000000000000850000008600000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000180)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f00000000c0)=r4, 0x4)
sendmsg$unix(r1, &(0x7f00000006c0)={0x0, 0xfffffffffffffe96, 0x0, 0x0, 0x0, 0x0, 0x20000001}, 0x40000)

3m0.521954368s ago: executing program 35 (id=4017):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=@base={0xa, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0x20000}, 0x50)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000000000000850000008600000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000180)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f00000000c0)=r4, 0x4)
sendmsg$unix(r1, &(0x7f00000006c0)={0x0, 0xfffffffffffffe96, 0x0, 0x0, 0x0, 0x0, 0x20000001}, 0x40000)

2m50.846205027s ago: executing program 5 (id=4385):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000000)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x6a, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
r2 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000440)=@req={0x401, 0xfffffffe, 0x0, 0xffffffff}, 0x10)
close(r2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

2m50.785356663s ago: executing program 5 (id=4386):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket(0x8000000010, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="000000000000000000000000000000001860000000000000000000a97600000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b700000000000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000001800000000000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000b40)='neigh_create\x00', r1}, 0x10)
write(r0, &(0x7f00000002c0)="fc0000001c000704ab5b2509b86803000aab087a0400000001481193210001c0f0030584050060100000000000039815fa2c53c28648000000b9d95662537a00bc000c00f0ff7f0000b400600033d44000040560916a0033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8b29d3ef3d92c94170e5bba2e177312e081bea05d3a021e8ca062914a46ccfc510bb73c9455cdc8363ae4f5df77bc4cfd6239ec2a0f0d1bcae5fa0f5f9dcdd51af51af8502943283f4bb102b2b8f5566791cf190201ded815b2ccd243f395ed94e0ad91bd6433802e0784f2013cd1890058a10000c880ac801fe4af000049f0d4796f0000090548de", 0xfc)

2m50.785207483s ago: executing program 5 (id=4387):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000000800000003"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00', r1}, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000850000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='signal_deliver\x00', r2}, 0x10)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)

2m49.851828627s ago: executing program 5 (id=4409):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000300)='./file0/file0\x00', &(0x7f0000000180)='./file0/file0\x00', 0x0, 0xa95058, 0x0)
syz_clone(0x24011, 0x0, 0x0, 0x0, 0x0, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0/file0\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x181097, 0x0)

2m49.681461604s ago: executing program 5 (id=4415):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c0002800500010000000000080007"], 0x64}}, 0x20040000)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001240)=ANY=[@ANYBLOB="6c000000000101040000000000000000020000002c0001801400018008000100e000000108000200ac1414000c00028005000100000000000600034000040000240002801400018008000100e000000108000200e00000010c0002800500010000000000080007"], 0x6c}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000740)=ANY=[@ANYBLOB="680000000001010400fff5000000000002000000240001801400018008000100e0000001080002007f0000010c0002800500010000000000240002801400018008000100e000000108000200e00000010c00028005000100000000000800074000000000040006"], 0x68}}, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000500)={{}, &(0x7f0000000180), &(0x7f0000000300)='%pB    \x00'}, 0x20)

2m49.604821531s ago: executing program 5 (id=4418):
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r3=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x1, 0xb, 0x100005, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', r3, 0xffffffffffffffff, 0x0, 0x2}, 0x48)

2m49.590072453s ago: executing program 36 (id=4418):
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r3=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x1, 0xb, 0x100005, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', r3, 0xffffffffffffffff, 0x0, 0x2}, 0x48)

2m38.749793738s ago: executing program 9 (id=4728):
r0 = socket$phonet_pipe(0x23, 0x5, 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
connect$phonet_pipe(r0, &(0x7f0000000040)={0x23, 0xfd, 0x0, 0x2}, 0x1d)
ioctl$SIOCPNENABLEPIPE(r0, 0x89ed, 0x0)

2m38.718891152s ago: executing program 9 (id=4729):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r0, 0x400448e4, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000000100000100000028"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x8, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x94)
close(r0)

2m38.64022632s ago: executing program 9 (id=4732):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x37, 0x7fffffff}]})
close_range(r0, 0xffffffffffffffff, 0x0)
socket(0x1e, 0x1, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040)={0x7fe, 0xfffffffa, 0x0, 0x88008007}, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000004c0)=ANY=[@ANYBLOB="200000005200014003000000000000000a0000000c00", @ANYRES32=r1], 0x20}, 0x1, 0x0, 0x0, 0x811}, 0x40000)

2m38.64006515s ago: executing program 9 (id=4733):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x8004, &(0x7f0000000080)={[{@init_itable}, {@acl}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x1, 0x7bf, &(0x7f0000002480)="$eJzs3c9rHNcdAPDvrH7LbqVCaeuboOAKjFeVq9ot9ODSQynUYGjPtcVqLVyttEa7MpYQ1KYUCqXQhhwCycXn/HBuueYH5JT8FzkEGyeRTRxyCAqzO6ufu/rl1a4TfT4wmvdmZve977w3M281w24AJ9ZY+icXcSYi/pdEjGTLk4joq6V6Iy7Xt3u2tjoYEYUk1tf/8nlS2+bp2mohtrwmdSrL/Cwi3v9XxLnc7nIryytz06VScTHLT1Tnb01UllfO35yfni3OFhcuTk5NXbj060sX2xfrlx+vnH70/z/+4q3LX//zpw/++0ESl+N0tm5rHO0yFmPZPulLd+E2f2h3YV2WdLsCHEl6aPbUj/I4EyPRU0u1MNTJmgEAx+UfEbEOAJwwies/AJwwjf8DPF1bLTSm7v5HorMe/z4iBuvxP8um+pre7J7dYO0+6PDTZNudkSQiRttQ/lhEvPbO3872ZPm0Hu6lAZ1w915EXB8d233+T3Y9s3BYv9xr5fpAbTa2Y/FJu/5AN72bjn9+02z8l9sY/0ST8c9A/dj9yfOWv//xn3v4vGXsJR3//a7+bNuO8d/GQ2ujPVnuB7UxX19y42apmJ7bfhgR49E3kOYna5s2H7mNP/nmSavys/HfG+n0xUt/fz0tP51vbpF72Duw/TUz09XeD5838MzjezGcJXfEn2y0f9Ji/Hv1gGX86bf/frXVujT+NN7GtDv+47V+P+Js0/bfbMtkz+cTJ2rdYaLRKZp4+5NXhluVv7X90yktP523P9LmHt+LWgdIks19UF+zEf9osvV5zcrhy/jo/sh7rdbtH3/T/j/dn/y1lu7Plt2ZrlYXJyP6kz/vXn5h87WNfGP7NP7xnzc//uvFNu//6WfC6weMv/fRZ28ePf7jlcY/s3f/39H+g9nizSX7JR48m+tpVf7B2n+qlhrPlqTtv19cB6nX0XozAAAAAAAAAAAAAAAAAAAAAAAAABxeLiJOR5LLb6RzuXy+/hveP47hXKlcqZ67UV5amInab2WPRl+u8VWXI1u+D3Uy+z78Rv7CjvyvIuJHEfHywFAtny+USzPdDh4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMqda/P5/6tOBbtcOADg2g92uAADQca7/AHDyHO76P3Rs9QAAOsfnfwA4eQ58/b9+vPUAADrH538AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACO2dUrV9Jp/au11UKan7m9vDRXvn1+pliZy88vFfKF8uKt/Gy5PFsq5gvl+ZZvdLc+K5XLt6ZiYenORLVYqU5UlleuzZeXFqrXbs5PzxavFfs6FhkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHFxleWVuulQqLn4vEnc3A2vzOw91Na7hF2P3bkn0Rvvfuf8FiKudiYF4IapxhMR/ku1niaGOn5cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAviu+DQAA//9jiRXh")
open(&(0x7f0000000200)='./bus\x00', 0x14507e, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000400)='./bus\x00', 0xc40, 0x0)
ioctl$BLKROSET(r0, 0x125d, &(0x7f0000000080)=0x3f)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
fallocate(r1, 0x0, 0x0, 0x8000c62)

2m38.500418143s ago: executing program 9 (id=4739):
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f00000001c0)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0xfffffffd}}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f00000006c0)='kmem_cache_free\x00', r2}, 0x18)
r3 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r3, &(0x7f0000000380)={&(0x7f0000000140)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x4, 0x4}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4000884}, 0x4)

2m38.080302096s ago: executing program 9 (id=4757):
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
r0 = fsopen(&(0x7f0000000180)='proc\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x1, 0x1)
fchdir(r1)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x181040, 0x0)

2m38.006235553s ago: executing program 37 (id=4757):
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
r0 = fsopen(&(0x7f0000000180)='proc\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x1, 0x1)
fchdir(r1)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x181040, 0x0)

2m35.633342221s ago: executing program 6 (id=4820):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000200), &(0x7f0000000280)}, 0x20)
syz_io_uring_setup(0x12ab, 0x0, 0x0, 0x0)
shmat(0xffffffffffffffff, &(0x7f0000ff8000/0x6000)=nil, 0x3000)

2m35.616427123s ago: executing program 6 (id=4822):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000006000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc3c0000000c0a01010000000f000000000a0000060900020073797a31000000000900010073797a3100000000100003800c000080080003400000000214000000110001"], 0xa0}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x7}}, [@NFT_MSG_DELSETELEM={0x3c, 0xe, 0xa, 0x5, 0x0, 0x0, {0xa, 0x0, 0x5}, [@NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x10, 0x3, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}]}]}, @NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0x64}, 0x1, 0x0, 0x0, 0x8080}, 0x400c040)

2m35.602210924s ago: executing program 6 (id=4823):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e22, @multicast1}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)
setsockopt$inet_int(r0, 0x0, 0x14, &(0x7f0000000000)=0x1, 0x4)
recvmmsg(r0, &(0x7f0000007700)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000079c0)=""/211, 0xd3}, 0x6}], 0x6d3, 0x45833af92e4b39ff, 0x0)

2m35.496639305s ago: executing program 6 (id=4825):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x1100)
mount$bind(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000280)='./file0/file0\x00', 0x0, 0x1000, 0x0)
mount$bind(&(0x7f0000000440)='./file0\x00', &(0x7f0000000000)='./file0/file0\x00', 0x0, 0x10a5840, 0x0)
move_mount(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', r0, &(0x7f0000000240)='./file0/file0\x00', 0x272)

2m35.481630006s ago: executing program 6 (id=4826):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x4, &(0x7f00000006c0)=ANY=[@ANYBLOB="18020000000000000000000000000000850000001700000095"], &(0x7f00000005c0)='GPL\x00'}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000180)={r2, r1, 0x25, 0x0, @val=@tracing={0x0, 0x7}}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x18)
syz_emit_ethernet(0xfdef, &(0x7f00000014c0)=ANY=[], 0x0)

2m35.23998239s ago: executing program 6 (id=4834):
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x1a, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000380)='sched_switch\x00', r0}, 0x18)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000a80)={{r2}, &(0x7f0000000a00), &(0x7f0000000a40)=r1}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{r2}, &(0x7f0000000880), &(0x7f00000008c0)=r1}, 0x20)

2m35.196914174s ago: executing program 38 (id=4834):
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x1a, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000380)='sched_switch\x00', r0}, 0x18)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000a80)={{r2}, &(0x7f0000000a00), &(0x7f0000000a40)=r1}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{r2}, &(0x7f0000000880), &(0x7f00000008c0)=r1}, 0x20)

2m23.575195519s ago: executing program 0 (id=5311):
r0 = memfd_create(&(0x7f0000000480)='-B\xd5NI\xc5j\x9appp\xf0\b\x84\xa2m\x00\v\x18\x004\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\xca\x03\x00\x00\x00\xbc\xfa2\xb3\xbb\x8d\xac\xacva}knh#\xcf)\x0f\xc8\xc0:\x9cc\x10`\xee\xa9\x8b\x06%\xb8G\xd1c\xe1$\xff\x97k\xde\xc5\xa96\xddU)\xc98M\xcd\xfb\xcc\x82n=\x7f=\xd9Jx\xaa\x8f~\xb94a\xa9\xb2\x04K\x98\x93=\xabQ\xf7\x05\x1d\xa1\xce\x8b\x19\xcaX\xe3\xd6m\xf7@]iNP\xf1\x1d\xab\x13\xce\x152s\xb8\x85\x98\x84\xbf\x8c\x80{\x16\t\xd6\x17P3\xe9\xebGKL\xd3\x88\xd2\xb1\rLG\x8e\xd6\xa72\xf4\x92\xeb&\xa5\xcc\x14FZN\x98%[p\x989\xf6\xf5\xb6\xedP\xff\xff\xff\xff\xff\xff\xff\xef)\x0f6\x88\x03P\x8ak\xf9\xc9\x82`\xb4Ku\x99\xab\xd4\xb2\xaa1\x99O\x8b\x9b-\xe3\xe6R\xa2T\x1e\n!\xad$\x93c\xd3\"\xd6\xa1\xd6\xfc\v\x81\x9e\xc1\xb3T\n\xd9\xff\x18 \xf8\xc4\xef\xd2\xb0\xf8\x80\xb8\x1e\xb7fo\x1c\a\xc9\x1a!D\xde\xc6\xf1\x13\xc2F\xc44A\x1d\xb7\xe6\xfbB\xee4\xa1\xdf+\xa5\xb1\xc2\xfb\xc0\t\x15\x7fA{\xe0\xc7\xe0\x96\xc9\xe6\x8fk\xe6\x87;\x03\xff\xb0\x10\x10\x1e\x14\x99\xc7\xd5)\x8d\xc7\xf0\xfd\xe9d\xc9\xce\x85\x88\x88\xcd\xf6\xb2\xbf\xf8E\xe4\xd8\xd0\xe00\xbd\xc2M\xe7\x1b\xac\xc0\v\xb0\xfc\"\x12\x8d\xa5\x96\x10\xf3\x82~2\xa3[\xa4w]\n\xb1+\xac\bR&B\xebW0\xe2\xffBO9y\x8e\xb6\x03\x99\r', 0x3)
r1 = dup(r0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
write$binfmt_elf64(r1, &(0x7f0000000c00)=ANY=[@ANYBLOB="7f454c4606ff78a3050000000000000002003e00cd220000c9030000000000004000000000000000ea02000000000000020001000500380001000600b10600040300000081000000ff000000000000000900000000000000070000000000000009"], 0x178)
execveat(r1, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

2m23.55907282s ago: executing program 0 (id=5312):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x42}}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000), 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25)

2m22.709054806s ago: executing program 0 (id=5314):
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x62, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_bp={0x0, 0x9}, 0x0, 0x7ff, 0x800003, 0x5, 0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
socket$caif_stream(0x25, 0x1, 0x4)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
r1 = epoll_create(0x5)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000100)={0x10000010})
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
poll(&(0x7f0000000000), 0x20000000000000b5, 0x9)

2m21.837458363s ago: executing program 0 (id=5371):
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x110)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2151090, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x20000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262)

2m21.820510254s ago: executing program 0 (id=5372):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000a00)='fib_table_lookup\x00', r1}, 0x18)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001ac0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112b0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01ac69398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc786b409ac930c90ff90f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d858952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ef6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b6214912a517810200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09e3187a10d905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367638cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734837ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a6d072034cecc457776c5fa1f33b0203c07052c6bc314b0ac5c63bc2083c9cda0b7480e0b17854ffcc76176ce266bc698f7921b8afe798a7a5ed33ab0374455ee368fda99a0e681bf9426831b193395cb01a7332a50aac841cb7d48a1768a7640a9820631ba775a2d4f12e8e717eaaa2a6d14fee0c15f36c203dbc7c06128bec84231d43e152ef19ce027436fb4ebb9fce431b913f4817597a6f53d1626f9d1cb7b36fb18ac19547a8b20ede70c81a75686cea85dcd34408128da7cab045541bc6b9a0a79f63f2e7646356e04b977c9f47467537015240b974184be9c54b7c628ae4d97ebdb06070344468994afbaac71e5ffac2c61d9af66f9de2760a38e968a781528531c1c936a02065be48f1eee77be878873206d65bd0b1241fab9139abd7f40febe81fed3684e6b59273da01f1743c6a5df300ec59c65e8174fc2d95a62ca7b937289ad14107333007eab833a5849eb19f18ae41743dfb949377e"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x18000000000002a0, 0xfe, 0x60000000, &(0x7f0000000100)="b9ff03076844268cb89e14f008004be0ffff00124000632f77fbac141416ac141416441805034d2f87e5940c05ab845013f2325f1a39010702038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000}, 0x2c)

2m21.56668587s ago: executing program 0 (id=5379):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'sit0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r3, {0x0, 0xffe0}, {0xffff, 0xffff}, {0x0, 0x3}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0x10, 0x1, 0xa}}]}}, @TCA_RATE={0x6}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8090}, 0x4)

2m21.56639492s ago: executing program 39 (id=5379):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'sit0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r3, {0x0, 0xffe0}, {0xffff, 0xffff}, {0x0, 0x3}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0x10, 0x1, 0xa}}]}}, @TCA_RATE={0x6}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8090}, 0x4)

1.659361083s ago: executing program 3 (id=9877):
r0 = socket$netlink(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x18)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000640)=0x1802, 0x4)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0xfd, &(0x7f00000004c0)=[{&(0x7f0000000380)="2e00000010008188e6b62aa73772cc9f1ba1f848110000005e140602000000000e000a001000000002900000121f", 0x2e}], 0x1}, 0x40)
sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000010008188040f80ec59acbc0413a1f848110000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x8084)

1.529069777s ago: executing program 3 (id=9879):
perf_event_open(&(0x7f0000000580)={0x5, 0x80, 0xea, 0x6, 0x40, 0xe5, 0x0, 0x0, 0xd000, 0x6, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x5, 0x2, @perf_bp={0x0, 0x2}, 0x9c7, 0xfc, 0x4, 0x0, 0x81, 0x9, 0x5, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000001000/0x4000)=nil)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r0}, &(0x7f0000000000), &(0x7f00000005c0)=r1}, 0x20)
brk(0x400000ffc000)
brk(0x400000ffc020)

1.241348655s ago: executing program 8 (id=9894):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x6, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r1}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x7, 0x4008032, 0xffffffffffffffff, 0xd06d000)
socketpair(0x10, 0x80000, 0x7, &(0x7f0000000380))
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

1.220954487s ago: executing program 4 (id=9895):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000000100000100000028"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x8914, &(0x7f0000000b80)='lo\x00\x96o\xd6Q\xb4Y\xa9\xc87,%\x81\xfe\x00\xd2\xd1|C\b\x00\x00\x00\x00\x00\x00\x00\xe3\xd8Yk\xdd\x85\xaac{\x8c\x8ffp`-\xcd\xf6jh\xbf\x9c\xd9\xd5\xf4\xe68\xe6O\xc2\xf1V0\x8b\xdd\xcc\xeeR\xf2/\xba\fE>k\a\xe7>t7\x8e(\xf0\x87d\xaf\x93\xfa`\xa6,o\x81.\x1cR\xa5\t\x00\x00\x00\x00\x00\x00\x00|pT\x15\xbc\f*d\x8b\xc2\xcd\x8f\x98\xdf\x00\x00\x1cM\x9c\xa5\xe0\xa8\x00\x00\x00\x80V\xf6\x80\x86\x1b\x05\xe6\"\x1d\f\xaey\x06\xd9$H!w\xa6m\xd8\x7f\xc6\x837\x83/\x9a\xdf\x01\xf2\x9e\xbb\xca^\xf9\x05\xeb\xb8{7[\xf9\xe9\x15\xdc0]\x89\x9b~\x04\xb4\xa5\xad\v.\xd0*%`\xb0\x96\x86\xdb\xa9\xd3\x01\xb2\xc7\xf8G\x069\x90,\xda\xf6\xc5\xcd\xec\xa3B\xc3\"4\xab\xf4\xa7\x83r\xa4\x80|\x03C\x9c\x00\xac\xba\xcb\xa4h\x86w_Eu\xbfy%,\xe5\n\xc1\xb3\xa4g\xa3P\x0f\x11\x93\xc7\x7f\xec\xb2\xc5E\x00\xdd\xf2e\xa8\xf1<\xb2\xc82\xbf=o\x00`\xc1A\'\xc6X\x92\x0e[\x19\xaa?\x06\xe5\x9d\xd1\x87\x92\xbb\xe3Y\x97\xc2')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x5}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="01000000"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x30, 0x10, 0x801, 0x0, 0x25dfdbfb, {}, [@IFLA_MASTER={0x8}, @IFLA_GROUP={0x8}]}, 0x30}}, 0x4)

1.09784016s ago: executing program 1 (id=9899):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7dc470d00281f324, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x7fff}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000980)={{r0}, &(0x7f0000000900), &(0x7f0000000940)=r1}, 0x20)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$fou(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$FOU_CMD_ADD(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)={0x14, r4, 0x1, 0x70bd29, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x24040050}, 0x20000000)

1.058627724s ago: executing program 4 (id=9900):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000280)='netlink_extack\x00', r0}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@gettaction={0x50, 0x32, 0x20, 0x70bd25, 0x25dfdbfe, {}, [@action_gd=@TCA_ACT_TAB={0x1c, 0x1, [{0xc, 0x1c, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}, {0xc, 0x1d, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}]}, @action_gd=@TCA_ACT_TAB={0x20, 0x1, [{0x10, 0x13, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}, {0xc, 0x17, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x40}}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xfff9}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b0001006272696467650000180002"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r1, &(0x7f00000002c0), 0x40000000000009f, 0x0)

977.804771ms ago: executing program 1 (id=9901):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={<r2=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x7a, &(0x7f0000000340)={r2, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84)
sendmmsg$inet_sctp(r0, &(0x7f0000000080)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="2000000000000000840000000200000000004102"], 0x20}], 0x1, 0x0)
setsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000400)={0x0, 0xe015}, 0x8)

930.550276ms ago: executing program 1 (id=9902):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000400)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc094, 0x2, @perf_config_ext={0x9, 0x6}, 0x0, 0x0, 0x10000, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
syz_open_dev$sg(0x0, 0x0, 0x8842)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r0 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPGETCONNLIST(r0, 0x800448d2, &(0x7f0000000080)={0x0, 0x0})

915.351598ms ago: executing program 4 (id=9903):
syz_open_dev$sg(0x0, 0x0, 0x22c43)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_opts(r0, 0x0, 0x4, 0x0, 0x0)
setsockopt$SO_BINDTODEVICE_wg(r0, 0x1, 0x19, &(0x7f00000003c0)='wg1\x00', 0x4)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x2, @multicast1}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)

870.729472ms ago: executing program 4 (id=9904):
r0 = epoll_create1(0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = epoll_create1(0x0)
r3 = fcntl$dupfd(r2, 0x0, r1)
r4 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r2, &(0x7f0000000000)={0x20000002})
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f0000000040)={0x20000001})
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r0, &(0x7f0000000080))

831.302516ms ago: executing program 4 (id=9905):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000000100000100000028"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x7}, 0x18)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa8442, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
openat$tun(0xffffffffffffff9c, 0x0, 0x1c1341, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000001080)=ANY=[@ANYBLOB="380000000314010000ff0100000000000900020001007a320000000008004100736977001400330073797a6b616c6c65723000"], 0x38}, 0x1, 0x0, 0x0, 0x4040000}, 0x100)

766.975493ms ago: executing program 1 (id=9917):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r0, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0x10007ffffffff}, 0x18)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x20d00, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
acct(&(0x7f0000000040)='./file0\x00')

726.305917ms ago: executing program 2 (id=9908):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r0}, 0x10)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[], 0x5c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@gettaction={0x50, 0x32, 0x20, 0x70bd25, 0x25dfdbfe, {}, [@action_gd=@TCA_ACT_TAB={0x1c, 0x1, [{0xc, 0x1c, 0x0, 0x0, @TCA_ACT_KIND={0x63, 0x1, 'bpf\x00'}}, {0xc, 0x1d, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}]}, @action_gd=@TCA_ACT_TAB={0x20, 0x1, [{0x10, 0x7, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}, {0x4, 0x17, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x40}}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x4048840)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b0001006272696467650000180002"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r1, &(0x7f00000002c0), 0x40000000000009f, 0x0)

725.720157ms ago: executing program 1 (id=9909):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000080)={[{@i_version}, {@nogrpid}, {@bh}]}, 0x1, 0x51d, &(0x7f0000000200)="$eJzs3c9vHFcdAPDvTLK2k7h1WnoABG1oCwFFWceb1qp6gHJCCFVC9AhSauyNZXnXa3nXpTaRcM9ckajECY78AZx74s4FwY1LOSDxwwLVSBwGzezY2di79uaHvZb385FG89688X7fizPvzbxd7wtgbN2IiJ2ImIiI9yNipjyelFu8093y8z7bfbC4t/tgMYkse++fSVGeH4uen8ldK19zKiJ+8J2IHydH47a3tlcXGo36Rpmf7TTXZ9tb27dXmgvL9eX6Wq02Pzd/5627b9YeozVTx5a+0pwoU1/+9A873/hpXq3p8khvO56lbtMrB3FylyPie6cRbAQule2ZGHVFeCJpRLwYEa8W1/9MXCp+mwDARZZlM5HN9OYBgIsuLebAkrRazgVMR5pWq905vJfiatpotTu37rc215a6c2XXo5LeX2nU75RzhdejkuT5uSL9MF87lL8bES9ExC8mrxT56mKrsTTKGx8AGGPXDo3//5nsjv8AwAV3/MdmAICLyPgPAOPH+A8A48f4DwDjpzv+X3ncH8uy7GenUR0A4Ax4/geA8WP8B4Cx8v133823bK/8/uulD7Y2V1sf3F6qt1erzc3F6mJrY7263GotF9/Z0zzp9Rqt1vrcG7H54fVvrrc7s+2t7XvN1uZa517xvd736pXirJ0zaBkAMMgLr3zy5yQfkd++UmzRs5ZDZaQ1A05bOuoKACNzadQVAEbGal8wvh4+4z/2hwBMD8AF0WeJ3kdM9fsDoSzLstOrEnDKbn7B/D+Mq575f58ChjFz0vx/sTawNwnhQjL/D+Mry5Jh1/yPYU8EAM63Y+b4r5/lfQgwOgPe/3+x3P+2fHPgR0uHz/j4NGsFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA59v++r/Vcpnf6UjTajXiuWIBoEpyf6VRvxMRz0fEnyYrk3l+bsR1BgCeVvq3pFz/6+bM69OPFL187SA5ERE/+dV7v/xwodPZ+GPERPKvyf3jnY/L47UTg02dRgsAgOPtj9PFvudB/rPdB4v721nW5+/f7t4V5HH3didi7yD+5bhc7KeiEhFX/52U+a6kZ+7iaex8FBGf79f+JKaLOZDuLcvh+Hns5840fvpI/LRcoDkt/y0+9wzqAuPmk7z/eaff9ZfGjWLf//qfKnqop1f2f/lLLe4VfeDD+Pv936UB/d+NYWO88fvvdlNXjpZ9FPHFyxH7sfd6+p/9+MmA+K8PGf8vX3r51UFl2a8jbkb/+L2xZjvN9dn21vbtlebCcn25vlarzc/N33nr7pu12WKOenbwaPCPt289P6gsb//VAfGnTmj/V4ds/2/+9/4Pv3JM/K+/1i9+Gi8dEz8fE782ZPyFq78b+Nydx1862v5kmN//rSHjf/rX7SPLhgMAo9Pe2l5daDTqGxIS5z+R/5c9B9Xom/jWWcWaiP5FP3+te00fKsqyJ4o1qMd4FrNuwHlwcNFHxH9HXRkAAAAAAAAAAAAAAKCvs/iLpVG3EQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIvr/wEAAP//Rb3T2A==")
r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x182)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x181242, 0x148)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x107b42, 0x32)
ftruncate(r2, 0x6000000)
copy_file_range(r2, 0x0, r2, &(0x7f00000004c0)=0x102, 0x9, 0x0)
fallocate(r0, 0x0, 0x0, 0x2000402)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000040)={0xc, r0, 0x0, 0x0, 0x0, 0xfffffffffdffffff})

723.991977ms ago: executing program 8 (id=9910):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0xfffffffffffffdbc, 0x2, {{0x1, 0xd, 0x0, 0x9, 0x8}, 0x6, 0x1, 0x1, 0x4, 0x8, 0xe, 0x7, 0x1d, 0x3, 0x9, {0xa2d6, 0x200, 0xb, 0x40, 0x2, 0x1ff}}}}]}, 0x78}}, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x88604, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x20000, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000005c0)=@newtfilter={0x30, 0x2c, 0xd27, 0x70bd24, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0xfff1, 0xa}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_bpf={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804)

665.138263ms ago: executing program 4 (id=9911):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB], 0x7c}}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r1 = syz_io_uring_setup(0x5c6, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x4}, &(0x7f0000000300)=<r2=>0x0, &(0x7f0000000580)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000004c0)=@IORING_OP_TIMEOUT={0xb, 0x18, 0x0, 0x0, 0x4, &(0x7f0000000280)={0x0, 0x989680}, 0x1, 0x4})
io_uring_enter(r1, 0x6e2, 0x3900, 0x1, 0x0, 0xe00)
rt_sigsuspend(&(0x7f00000002c0)={[0x225c17d03]}, 0x8)

401.855399ms ago: executing program 3 (id=9912):
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
r0 = creat(&(0x7f00000000c0)='./file0\x00', 0xf4)
r1 = dup2(r0, r0)
ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x200000a, 0x1, 0x8})
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000780)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xf, &(0x7f0000000400)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0xfffffffd}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
ioctl$BLKTRACESETUP(r1, 0x1276, 0x0)

399.59844ms ago: executing program 2 (id=9914):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x5, 0x0)
umount2(&(0x7f00000002c0)='./file0/../file0\x00', 0x0)

376.729902ms ago: executing program 2 (id=9915):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000002240)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000000700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x80)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000015c0)=ANY=[@ANYRES32=r2, @ANYRES32=r3, @ANYBLOB="05"], 0x10)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0xc)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r2}, &(0x7f00000006c0), &(0x7f0000000700)=r1}, 0x20)
sendmsg$inet(r0, &(0x7f0000000980)={0x0, 0x6000, &(0x7f0000000900)=[{&(0x7f0000000640)='U', 0xa00120}], 0x1}, 0x3)

324.025367ms ago: executing program 8 (id=9916):
syz_open_dev$sg(0x0, 0x0, 0x22c43)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_opts(r0, 0x0, 0x4, 0x0, 0x0)
setsockopt$SO_BINDTODEVICE_wg(r0, 0x1, 0x19, &(0x7f00000003c0)='wg1\x00', 0x4)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x2, @multicast1}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)

296.71947ms ago: executing program 8 (id=9918):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x7fffffff, 0x0, 0x1, 0x40, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3, 0x3}, 0x50)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd63"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b80)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x3}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

264.676713ms ago: executing program 2 (id=9919):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1, 0x0, 0x3}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x4004110)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101804bc9555e1affd5020000000900010001797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a300000000009000300737975320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x480d5}, 0x0)

185.191591ms ago: executing program 2 (id=9920):
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x5c831, 0xffffffffffffffff, 0x0)
r1 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000001440), 0x0, 0x0)
readv(r1, &(0x7f0000000000)=[{&(0x7f0000000340)=""/98, 0x62}], 0x1)
ioctl$IMADDTIMER(r1, 0x80044940, &(0x7f0000000040))

171.378852ms ago: executing program 1 (id=9921):
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xf, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000002000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000f00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='vm_unmapped_area\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='vm_unmapped_area\x00', r2}, 0x10)
io_setup(0x3, &(0x7f0000000340))

132.094157ms ago: executing program 3 (id=9922):
openat$ptmx(0xffffffffffffff9c, 0x0, 0x1002002, 0x0)
symlink(0x0, 0x0)
ftruncate(0xffffffffffffffff, 0xee72)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x8000fffffffe)
r0 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000040)={0x200000000000001}, 0x8)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @dev, 0x5}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000)

65.064533ms ago: executing program 3 (id=9923):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000000100000100000028"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x8914, &(0x7f0000000b80)='lo\x00\x96o\xd6Q\xb4Y\xa9\xc87,%\x81\xfe\x00\xd2\xd1|C\b\x00\x00\x00\x00\x00\x00\x00\xe3\xd8Yk\xdd\x85\xaac{\x8c\x8ffp`-\xcd\xf6jh\xbf\x9c\xd9\xd5\xf4\xe68\xe6O\xc2\xf1V0\x8b\xdd\xcc\xeeR\xf2/\xba\fE>k\a\xe7>t7\x8e(\xf0\x87d\xaf\x93\xfa`\xa6,o\x81.\x1cR\xa5\t\x00\x00\x00\x00\x00\x00\x00|pT\x15\xbc\f*d\x8b\xc2\xcd\x8f\x98\xdf\x00\x00\x1cM\x9c\xa5\xe0\xa8\x00\x00\x00\x80V\xf6\x80\x86\x1b\x05\xe6\"\x1d\f\xaey\x06\xd9$H!w\xa6m\xd8\x7f\xc6\x837\x83/\x9a\xdf\x01\xf2\x9e\xbb\xca^\xf9\x05\xeb\xb8{7[\xf9\xe9\x15\xdc0]\x89\x9b~\x04\xb4\xa5\xad\v.\xd0*%`\xb0\x96\x86\xdb\xa9\xd3\x01\xb2\xc7\xf8G\x069\x90,\xda\xf6\xc5\xcd\xec\xa3B\xc3\"4\xab\xf4\xa7\x83r\xa4\x80|\x03C\x9c\x00\xac\xba\xcb\xa4h\x86w_Eu\xbfy%,\xe5\n\xc1\xb3\xa4g\xa3P\x0f\x11\x93\xc7\x7f\xec\xb2\xc5E\x00\xdd\xf2e\xa8\xf1<\xb2\xc82\xbf=o\x00`\xc1A\'\xc6X\x92\x0e[\x19\xaa?\x06\xe5\x9d\xd1\x87\x92\xbb\xe3Y\x97\xc2')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x5}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="01000000"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x30, 0x10, 0x801, 0x0, 0x25dfdbfb, {}, [@IFLA_MASTER={0x8}, @IFLA_GROUP={0x8}]}, 0x30}}, 0x4)

61.960733ms ago: executing program 8 (id=9924):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
fcntl$lock(r0, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x3})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x92)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000400)='locks_get_lock_context\x00', r2}, 0x10)
fcntl$lock(r0, 0x7, &(0x7f0000000200)={0x2, 0x1, 0x660, 0x7fffffff, 0xffffffffffffffff})

30.920226ms ago: executing program 2 (id=9925):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = syz_io_uring_setup(0x4b5, 0x0, 0x0, &(0x7f0000000000))
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000004c0)='mm_page_free\x00', r2, 0x0, 0x1d6}, 0x18)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r1, 0x10, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x10)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000380)=@raw={'raw\x00', 0x64, 0x7fffffe, 0x218, 0x6e, 0xffffffad, 0x190, 0x190, 0x190, 0x268, 0x268, 0x268, 0x268, 0x268, 0x3, 0x0, {[{{@ip={@remote, @local={0xac, 0x14, 0xd}, 0x0, 0x0, 'caif0\x00', 'ip6tnl0\x00'}, 0x0, 0x70, 0xd0, 0xffffffc5}, @common=@SET={0x60}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1, 0x0, 0x0, 'team0\x00', 'team0\x00'}, 0x0, 0x70, 0xb0}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x278)

21.748758ms ago: executing program 3 (id=9926):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r0}, 0x10)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[], 0x5c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@gettaction={0x50, 0x32, 0x20, 0x70bd25, 0x25dfdbfe, {}, [@action_gd=@TCA_ACT_TAB={0x1c, 0x1, [{0xc, 0x1c, 0x0, 0x0, @TCA_ACT_KIND={0x63, 0x1, 'bpf\x00'}}, {0xc, 0x1d, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}]}, @action_gd=@TCA_ACT_TAB={0x20, 0x1, [{0x10, 0x7, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}, {0x4, 0x17, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x40}}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x4048840)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b0001006272696467650000180002"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r1, &(0x7f00000002c0), 0x40000000000009f, 0x0)

0s ago: executing program 8 (id=9927):
r0 = inotify_init()
pipe2$9p(&(0x7f0000000140)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x800)
r3 = epoll_create1(0x0)
write$P9_RREAD(r2, &(0x7f0000000500)={0xb, 0x75, 0x1}, 0xb)
ioctl$FS_IOC_SETFLAGS(r3, 0x40088a01, &(0x7f0000000000)=0x10)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r1, &(0x7f0000000340)={0x90000019})
fcntl$dupfd(r2, 0x406, r2)
close_range(r0, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

lid length.
[  244.054505][T21392] 8021q: adding VLAN 0 to HW filter on device bond2
[  244.082534][T21392] bond2: (slave veth7): Enslaving as an active interface with a down link
[  244.103056][T21392] 8021q: adding VLAN 0 to HW filter on device batadv2
[  244.110326][T21392] bond2: (slave batadv2): dev_set_mac_address on slave failed! ALB mode requires that the base driver support setting the hw address also when the network device's interface is open
[  244.150785][T21396] netlink: 188 bytes leftover after parsing attributes in process `syz.8.7363'.
[  244.349182][T21400] loop4: detected capacity change from 0 to 764
[  244.516468][T21428] netlink: 24 bytes leftover after parsing attributes in process `syz.3.7376'.
[  244.576337][T21439] lo speed is unknown, defaulting to 1000
[  244.585029][T21441] netlink: 'syz.3.7382': attribute type 4 has an invalid length.
[  244.594444][T21441] netlink: 'syz.3.7382': attribute type 4 has an invalid length.
[  244.760870][T21457] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=21457 comm=syz.4.7389
[  244.947829][T21472] loop8: detected capacity change from 0 to 764
[  244.959042][T21474] netlink: 12 bytes leftover after parsing attributes in process `syz.3.7396'.
[  245.028913][T21486] lo speed is unknown, defaulting to 1000
[  245.163564][T21504] sch_tbf: burst 19869 is lower than device lo mtu (11337746) !
[  245.372556][T21529] netlink: 131740 bytes leftover after parsing attributes in process `syz.2.7417'.
[  245.382021][T21529] netlink: zone id is out of range
[  245.387156][T21529] netlink: zone id is out of range
[  245.392362][T21529] netlink: zone id is out of range
[  245.397508][T21529] netlink: del zone limit has 8 unknown bytes
[  245.407465][T21531] ip6tnl1: entered promiscuous mode
[  245.412889][T21531] ip6tnl1: entered allmulticast mode
[  245.600637][T21549] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[  245.701436][T21560] netlink: 92 bytes leftover after parsing attributes in process `syz.2.7429'.
[  245.710458][T21560] netlink: 32 bytes leftover after parsing attributes in process `syz.2.7429'.
[  245.731977][T21562] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7430'.
[  245.741430][T21562] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7430'.
[  245.848356][T21580] loop8: detected capacity change from 0 to 1024
[  245.865170][T21580] EXT4-fs: Ignoring removed orlov option
[  245.871233][T21580] EXT4-fs (loop8): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  245.888599][T21586] pim6reg: entered allmulticast mode
[  245.890092][T21580] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  245.907931][T21586] pim6reg: left allmulticast mode
[  245.921493][T21580] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 63 with max blocks 65 with error 28
[  245.933917][T21580] EXT4-fs (loop8): This should not happen!! Data will be lost
[  245.933917][T21580] 
[  245.943565][T21580] EXT4-fs (loop8): Total free blocks count 0
[  245.949555][T21580] EXT4-fs (loop8): Free/Dirty block details
[  245.955483][T21580] EXT4-fs (loop8): free_blocks=0
[  245.960416][T21580] EXT4-fs (loop8): dirty_blocks=0
[  245.965414][T21580] EXT4-fs (loop8): Block reservation details
[  245.971475][T21580] EXT4-fs (loop8): i_reserved_data_blocks=0
[  245.988374][T13077] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  246.168562][T21595] netlink: 'syz.1.7444': attribute type 4 has an invalid length.
[  246.177901][T21595] netlink: 'syz.1.7444': attribute type 4 has an invalid length.
[  246.404347][T21629] bond0: (slave bond_slave_0): Releasing backup interface
[  246.413766][T21629] bond0: (slave bond_slave_1): Releasing backup interface
[  246.429182][T21629] batman_adv: batadv0: Removing interface: batadv_slave_0
[  246.439102][T21629] batman_adv: batadv0: Removing interface: batadv_slave_1
[  246.448666][T21629] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  246.471493][T21632] netlink: 12 bytes leftover after parsing attributes in process `syz.1.7462'.
[  246.571679][T21645] tipc: Started in network mode
[  246.576647][T21645] tipc: Node identity ac14140f, cluster identity 4711
[  246.599408][T21645] tipc: New replicast peer: 255.255.255.83
[  246.605273][T21645] tipc: Enabled bearer <udp:£>, priority 10
[  246.881131][T21679] loop8: detected capacity change from 0 to 1024
[  246.893845][T21679] EXT4-fs: Ignoring removed orlov option
[  246.931118][T21679] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  247.051181][T13077] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  247.492704][T21726] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 !
[  247.538234][T21728] loop4: detected capacity change from 0 to 128
[  247.656593][   T29] kauditd_printk_skb: 55 callbacks suppressed
[  247.656608][   T29] audit: type=1326 audit(247.648:10087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21715 comm="syz.8.7495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=424 compat=0 ip=0x7f87ed9df6c9 code=0x7ffc0000
[  247.686042][   T29] audit: type=1326 audit(247.678:10088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21715 comm="syz.8.7495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87ed9df6c9 code=0x7ffc0000
[  247.709060][   T29] audit: type=1326 audit(247.678:10089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21715 comm="syz.8.7495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87ed9df6c9 code=0x7ffc0000
[  247.732918][ T3399] tipc: Node number set to 2886997007
[  248.058015][T21730] wg2: entered promiscuous mode
[  248.062973][T21730] wg2: entered allmulticast mode
[  248.132506][T21736] loop4: detected capacity change from 0 to 8192
[  248.149283][   T29] audit: type=1326 audit(248.148:10090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21735 comm="syz.4.7505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91d236f6c9 code=0x7ffc0000
[  248.174611][   T29] audit: type=1326 audit(248.168:10091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21735 comm="syz.4.7505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f91d236f6c9 code=0x7ffc0000
[  248.197830][   T29] audit: type=1326 audit(248.168:10092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21735 comm="syz.4.7505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91d236f6c9 code=0x7ffc0000
[  248.220979][   T29] audit: type=1326 audit(248.168:10093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21735 comm="syz.4.7505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f91d236f6c9 code=0x7ffc0000
[  248.244074][   T29] audit: type=1326 audit(248.168:10094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21735 comm="syz.4.7505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91d236f6c9 code=0x7ffc0000
[  248.267058][   T29] audit: type=1326 audit(248.168:10095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21735 comm="syz.4.7505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f91d236f6c9 code=0x7ffc0000
[  248.289997][   T29] audit: type=1326 audit(248.168:10096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21735 comm="syz.4.7505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91d236f6c9 code=0x7ffc0000
[  248.415195][T21768] netlink: 'syz.3.7519': attribute type 6 has an invalid length.
[  248.514308][T21782] loop8: detected capacity change from 0 to 512
[  248.531183][T21782] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  248.550163][T21782] EXT4-fs (loop8): 1 truncate cleaned up
[  248.556147][T21782] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  248.617247][T13077] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  248.653734][ T3399] hid_parser_main: 19 callbacks suppressed
[  248.653757][ T3399] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  248.667293][ T3399] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  248.674980][ T3399] hid-generic 0000:0000:0000.000C: unknown main item tag 0x2
[  248.682590][ T3399] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  248.690165][ T3399] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  248.697736][ T3399] hid-generic 0000:0000:0000.000C: unknown main item tag 0x2
[  248.705206][ T3399] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  248.712593][ T3399] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  248.720158][ T3399] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  248.727754][ T3399] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  248.768835][ T3399] hid-generic 0000:0000:0000.000C: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  250.178468][ T3732] Bluetooth: hci0: command 0x1003 tx timeout
[  250.180317][ T3617] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  250.385275][T21892] __nla_validate_parse: 11 callbacks suppressed
[  250.385285][T21892] netlink: 24 bytes leftover after parsing attributes in process `syz.8.7570'.
[  250.406109][T21894] netlink: 96 bytes leftover after parsing attributes in process `syz.4.7571'.
[  250.431905][T21897] netlink: 60 bytes leftover after parsing attributes in process `syz.4.7572'.
[  250.441387][T21897] IPVS: Unknown mcast interface: ve
[  250.487593][T21900] loop2: detected capacity change from 0 to 8192
[  250.499301][   T31] Bluetooth: hci0: Frame reassembly failed (-84)
[  250.589289][T21908] netlink: 96 bytes leftover after parsing attributes in process `syz.3.7578'.
[  251.335163][T21970] netlink: 'syz.3.7596': attribute type 13 has an invalid length.
[  251.336691][T21967] loop4: detected capacity change from 0 to 1024
[  251.349623][T21967] EXT4-fs: Ignoring removed orlov option
[  251.357498][T21967] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  251.399096][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  251.569991][T21992] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7604'.
[  251.617433][T22000] 8021q: adding VLAN 0 to HW filter on device bond4
[  251.625191][T22000] bridge0: port 1(bond4) entered blocking state
[  251.631490][T22000] bridge0: port 1(bond4) entered disabled state
[  251.638018][T22000] bond4: entered allmulticast mode
[  251.644822][T22000] bond4: entered promiscuous mode
[  252.159228][T22040] netlink: 24 bytes leftover after parsing attributes in process `syz.1.7626'.
[  252.578463][ T3732] Bluetooth: hci0: command 0x1003 tx timeout
[  252.578497][ T3617] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  252.891896][   T29] kauditd_printk_skb: 95 callbacks suppressed
[  252.891908][   T29] audit: type=1326 audit(252.888:10192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22083 comm="syz.2.7657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdef576f6c9 code=0x7ffc0000
[  252.921131][   T29] audit: type=1326 audit(252.888:10193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22083 comm="syz.2.7657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdef576f6c9 code=0x7ffc0000
[  252.947836][   T29] audit: type=1326 audit(252.928:10194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22083 comm="syz.2.7657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fdef576f6c9 code=0x7ffc0000
[  252.970779][   T29] audit: type=1326 audit(252.928:10195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22083 comm="syz.2.7657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdef576f6c9 code=0x7ffc0000
[  252.993784][   T29] audit: type=1326 audit(252.928:10196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22083 comm="syz.2.7657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdef576f6c9 code=0x7ffc0000
[  253.016763][   T29] audit: type=1326 audit(252.928:10197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22083 comm="syz.2.7657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fdef576f6c9 code=0x7ffc0000
[  253.039635][   T29] audit: type=1400 audit(252.928:10198): avc:  denied  { bind } for  pid=22083 comm="syz.2.7657" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  253.058676][   T29] audit: type=1326 audit(252.928:10199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22083 comm="syz.2.7657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdef576f6c9 code=0x7ffc0000
[  253.081642][   T29] audit: type=1326 audit(252.928:10200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22083 comm="syz.2.7657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdef576f6c9 code=0x7ffc0000
[  253.104621][   T29] audit: type=1326 audit(252.928:10201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22083 comm="syz.2.7657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7fdef576f6c9 code=0x7ffc0000
[  253.143906][T22095] loop2: detected capacity change from 0 to 2048
[  253.190338][T22095]  loop2: p1 < > p4 < >
[  253.194521][T22095] loop2: partition table partially beyond EOD, truncated
[  253.210063][T22095] loop2: p4 start 42180 is beyond EOD, truncated
[  253.246866][T22116] loop4: detected capacity change from 0 to 512
[  253.254976][T22116] EXT4-fs: dax option not supported
[  253.290207][T22125] netlink: 24 bytes leftover after parsing attributes in process `syz.3.7662'.
[  253.929979][T22166] netlink: 24 bytes leftover after parsing attributes in process `syz.2.7679'.
[  253.970713][T22172] netlink: 7 bytes leftover after parsing attributes in process `syz.1.7684'.
[  254.035615][T22181] netlink: 'syz.1.7688': attribute type 13 has an invalid length.
[  254.237475][T22198] wg2: entered promiscuous mode
[  254.242432][T22198] wg2: entered allmulticast mode
[  254.276487][T22202] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7698'.
[  254.401417][T22206] netlink: 'syz.1.7700': attribute type 30 has an invalid length.
[  254.414948][ T4099] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  254.424578][ T4099] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  254.434898][ T4097] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  254.444023][ T4097] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  254.657298][T22227] loop8: detected capacity change from 0 to 128
[  254.665895][T22227] syz.8.7710: attempt to access beyond end of device
[  254.665895][T22227] loop8: rw=2049, sector=138, nr_sectors = 16 limit=128
[  254.687569][T22227] syz.8.7710: attempt to access beyond end of device
[  254.687569][T22227] loop8: rw=2049, sector=170, nr_sectors = 6 limit=128
[  254.703104][T22227] syz.8.7710: attempt to access beyond end of device
[  254.703104][T22227] loop8: rw=2049, sector=174, nr_sectors = 2 limit=128
[  254.716637][T22227] Buffer I/O error on dev loop8, logical block 87, lost async page write
[  254.725144][T22227] syz.8.7710: attempt to access beyond end of device
[  254.725144][T22227] loop8: rw=2049, sector=176, nr_sectors = 2 limit=128
[  254.738589][T22227] Buffer I/O error on dev loop8, logical block 88, lost async page write
[  254.747348][T22227] syz.8.7710: attempt to access beyond end of device
[  254.747348][T22227] loop8: rw=2049, sector=178, nr_sectors = 6 limit=128
[  254.761123][T22227] syz.8.7710: attempt to access beyond end of device
[  254.761123][T22227] loop8: rw=2049, sector=182, nr_sectors = 2 limit=128
[  254.774551][T22227] Buffer I/O error on dev loop8, logical block 91, lost async page write
[  254.783045][T22227] syz.8.7710: attempt to access beyond end of device
[  254.783045][T22227] loop8: rw=2049, sector=184, nr_sectors = 2 limit=128
[  254.796475][T22227] Buffer I/O error on dev loop8, logical block 92, lost async page write
[  254.805237][T22227] syz.8.7710: attempt to access beyond end of device
[  254.805237][T22227] loop8: rw=2049, sector=202, nr_sectors = 6 limit=128
[  254.818905][T22227] syz.8.7710: attempt to access beyond end of device
[  254.818905][T22227] loop8: rw=2049, sector=206, nr_sectors = 2 limit=128
[  254.832319][T22227] Buffer I/O error on dev loop8, logical block 103, lost async page write
[  254.846970][T22227] syz.8.7710: attempt to access beyond end of device
[  254.846970][T22227] loop8: rw=2049, sector=208, nr_sectors = 2 limit=128
[  254.860409][T22227] Buffer I/O error on dev loop8, logical block 104, lost async page write
[  254.869711][T22227] Buffer I/O error on dev loop8, logical block 107, lost async page write
[  254.878319][T22227] Buffer I/O error on dev loop8, logical block 108, lost async page write
[  254.907945][T22227] Buffer I/O error on dev loop8, logical block 119, lost async page write
[  254.912332][T22234] SELinux: ebitmap: truncated map
[  254.926128][T22227] Buffer I/O error on dev loop8, logical block 120, lost async page write
[  254.943695][T22234] SELinux: failed to load policy
[  254.982329][T22242] 8021q: adding VLAN 0 to HW filter on device bond5
[  254.991402][T22242] bond5 (unregistering): Released all slaves
[  255.003178][T22248] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 !
[  255.427712][T22281] bridge0: port 1(batadv1) entered blocking state
[  255.434380][T22281] bridge0: port 1(batadv1) entered disabled state
[  255.448646][T22281] batadv1: entered allmulticast mode
[  255.454541][T22281] batadv1: entered promiscuous mode
[  255.496846][T22286] wg2: left promiscuous mode
[  255.501509][T22286] wg2: left allmulticast mode
[  255.527768][T22286] ip6gre2: left allmulticast mode
[  255.539897][   T31] netdevsim netdevsim1 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  255.549028][   T31] netdevsim netdevsim1 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  255.589599][T22292] __nla_validate_parse: 2 callbacks suppressed
[  255.589615][T22292] netlink: 12 bytes leftover after parsing attributes in process `syz.1.7734'.
[  255.613479][T22277] 8021q: adding VLAN 0 to HW filter on device bond2
[  255.621296][T22277] bridge0: port 3(bond2) entered blocking state
[  255.627581][T22277] bridge0: port 3(bond2) entered disabled state
[  255.633961][T22277] bond2: entered allmulticast mode
[  255.640219][T22277] bond2: entered promiscuous mode
[  255.647503][   T31] netdevsim netdevsim1 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  255.698874][   T31] netdevsim netdevsim1 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  255.928942][ T4099] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled
[  255.938184][ T4099] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled
[  256.111007][T22309] SELinux: failed to load policy
[  256.234199][T22317] bridge0: port 3(batadv2) entered blocking state
[  256.240915][T22317] bridge0: port 3(batadv2) entered disabled state
[  256.257779][T22317] batadv2: entered allmulticast mode
[  256.270223][T22317] batadv2: entered promiscuous mode
[  256.404902][T22328] netlink: 12 bytes leftover after parsing attributes in process `syz.2.7749'.
[  256.491471][ T4790] hid_parser_main: 30 callbacks suppressed
[  256.491490][ T4790] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  256.504912][ T4790] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  256.512342][ T4790] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  256.540316][ T4790] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  256.547743][ T4790] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  256.555195][ T4790] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  256.562395][T22332] pim6reg: entered allmulticast mode
[  256.562583][ T4790] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  256.570842][T22332] pim6reg: left allmulticast mode
[  256.575235][ T4790] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  256.587561][ T4790] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  256.595003][ T4790] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  256.618601][ T4790] hid-generic 0000:0000:0000.000D: hidraw0: <UNKNOWN> HID v8.00 Device [syz0] on syz0
[  256.678271][T22349] netlink: 12 bytes leftover after parsing attributes in process `syz.3.7761'.
[  256.679669][T22347] bridge0: port 2(batadv0) entered blocking state
[  256.693748][T22347] bridge0: port 2(batadv0) entered disabled state
[  256.707735][T22349] netlink: 12 bytes leftover after parsing attributes in process `syz.3.7761'.
[  256.707850][T22347] batadv0: entered allmulticast mode
[  256.722848][T22347] batadv0: entered promiscuous mode
[  256.728562][ T4097] batman_adv: batadv2: No IGMP Querier present - multicast optimizations disabled
[  256.737846][ T4097] batman_adv: batadv2: No MLD Querier present - multicast optimizations disabled
[  256.755350][T22349] netlink: 12 bytes leftover after parsing attributes in process `syz.3.7761'.
[  256.767295][T22349] netlink: 12 bytes leftover after parsing attributes in process `syz.3.7761'.
[  256.787247][T22349] netlink: 12 bytes leftover after parsing attributes in process `syz.3.7761'.
[  256.822312][T22349] netlink: 12 bytes leftover after parsing attributes in process `syz.3.7761'.
[  256.883412][T22370] netlink: 'syz.4.7764': attribute type 13 has an invalid length.
[  256.912846][T22374] loop2: detected capacity change from 0 to 512
[  256.920091][T22374] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 1, start 00000101)
[  257.178562][ T4099] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  257.187933][ T4099] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  257.384067][T22411] netlink: 'syz.2.7778': attribute type 13 has an invalid length.
[  257.899770][T22442] netlink: 'syz.8.7794': attribute type 13 has an invalid length.
[  258.017216][T22453] loop8: detected capacity change from 0 to 512
[  258.030959][T22453] EXT4-fs (loop8): revision level too high, forcing read-only mode
[  258.039464][T22455] syzkaller1: entered promiscuous mode
[  258.044918][T22455] syzkaller1: entered allmulticast mode
[  258.063853][T22453] EXT4-fs (loop8): orphan cleanup on readonly fs
[  258.072758][T22453] EXT4-fs error (device loop8): ext4_do_update_inode:5632: inode #16: comm syz.8.7801: corrupted inode contents
[  258.087594][T22453] EXT4-fs (loop8): Remounting filesystem read-only
[  258.094548][T22453] EXT4-fs (loop8): 1 truncate cleaned up
[  258.100537][ T4093] EXT4-fs (loop8): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  258.111048][ T4093] __quota_error: 78 callbacks suppressed
[  258.111059][ T4093] Quota error (device loop8): write_blk: dquota write failed
[  258.124119][ T4093] Quota error (device loop8): remove_free_dqentry: Can't write block (5) with free entries
[  258.134114][ T4093] EXT4-fs (loop8): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  258.144627][ T4093] Quota error (device loop8): write_blk: dquota write failed
[  258.152050][ T4093] Quota error (device loop8): free_dqentry: Can't move quota data block (5) to free list
[  258.162224][ T4093] EXT4-fs (loop8): Quota write (off=8, len=24) cancelled because transaction is not started
[  258.172622][ T4093] Quota error (device loop8): v2_write_file_info: Can't write info structure
[  258.182328][ T4093] Quota error (device loop8): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  258.192643][T22453] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  258.255776][T22469] netlink: 96 bytes leftover after parsing attributes in process `syz.1.7808'.
[  258.265564][T13077] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  258.278683][T22477] netlink: 28 bytes leftover after parsing attributes in process `syz.2.7810'.
[  258.315479][   T29] audit: type=1326 audit(258.308:10280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22482 comm="syz.8.7813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87ed9df6c9 code=0x7ffc0000
[  258.335918][T22485] netlink: 'syz.1.7812': attribute type 13 has an invalid length.
[  258.338501][   T29] audit: type=1326 audit(258.308:10281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22482 comm="syz.8.7813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87ed9df6c9 code=0x7ffc0000
[  258.421925][T22487] loop4: detected capacity change from 0 to 8192
[  258.428311][   T29] audit: type=1326 audit(258.368:10282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22482 comm="syz.8.7813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f87ed9df6c9 code=0x7ffc0000
[  258.451221][   T29] audit: type=1326 audit(258.368:10283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22482 comm="syz.8.7813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87ed9df6c9 code=0x7ffc0000
[  258.509567][T22487]  loop4: p2 p3 p4
[  258.513350][T22487] loop4: p2 start 164919041 is beyond EOD, truncated
[  258.520048][T22487] loop4: p3 size 66846464 extends beyond EOD, truncated
[  258.538720][T22487] loop4: p4 size 37048832 extends beyond EOD, truncated
[  258.898972][ T4093] Bluetooth: hci0: Frame reassembly failed (-84)
[  259.545208][T22550] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 !
[  259.742763][T22575] loop4: detected capacity change from 0 to 1024
[  259.750159][T22575] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  259.761474][T22575] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #11: comm GPL: iget: bogus i_mode (1)
[  259.772481][T22575] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm GPL: couldn't read orphan inode 11 (err -117)
[  259.784804][T22575] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  259.801018][T22575] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  259.839287][T22581] loop4: detected capacity change from 0 to 1024
[  259.846004][T22581] EXT4-fs: Ignoring removed orlov option
[  259.877167][T22581] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  259.893621][T22581] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  259.931101][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  259.969312][T22588] netlink: zone id is out of range
[  259.974472][T22588] netlink: zone id is out of range
[  259.979741][T22588] netlink: zone id is out of range
[  259.984879][T22588] netlink: zone id is out of range
[  259.990094][T22588] netlink: zone id is out of range
[  259.995203][T22588] netlink: zone id is out of range
[  260.000353][T22588] netlink: zone id is out of range
[  260.005514][T22588] netlink: zone id is out of range
[  260.010796][T22588] netlink: zone id is out of range
[  260.015925][T22588] netlink: zone id is out of range
[  260.054871][T22592] loop4: detected capacity change from 0 to 2048
[  260.070012][T22592] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  260.094114][   T31] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm kworker/u8:1: bg 0: block 345: padding at end of block bitmap is not set
[  260.109772][   T31] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 79 with max blocks 1 with error 117
[  260.122193][   T31] EXT4-fs (loop4): This should not happen!! Data will be lost
[  260.122193][   T31] 
[  260.132594][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  260.194197][T22610] loop4: detected capacity change from 0 to 1024
[  260.203273][T22610] EXT4-fs: inline encryption not supported
[  260.209154][T22610] EXT4-fs: Ignoring removed orlov option
[  260.215784][T22610] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  260.239728][T22610] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a840c019, mo2=0002]
[  260.247906][T22610] System zones: 0-1, 3-12
[  260.252818][T22610] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  260.274649][T22610] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 63 with max blocks 65 with error 28
[  260.287131][T22610] EXT4-fs (loop4): This should not happen!! Data will be lost
[  260.287131][T22610] 
[  260.296815][T22610] EXT4-fs (loop4): Total free blocks count 0
[  260.302839][T22610] EXT4-fs (loop4): Free/Dirty block details
[  260.308782][T22610] EXT4-fs (loop4): free_blocks=0
[  260.313793][T22610] EXT4-fs (loop4): dirty_blocks=0
[  260.318866][T22610] EXT4-fs (loop4): Block reservation details
[  260.324849][T22610] EXT4-fs (loop4): i_reserved_data_blocks=0
[  260.344619][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  260.509424][T22656] netlink: 'syz.3.7884': attribute type 6 has an invalid length.
[  260.539409][T22660] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[  260.978442][ T3732] Bluetooth: hci0: command 0x1003 tx timeout
[  260.978460][ T3617] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  261.052337][T22711] loop2: detected capacity change from 0 to 1024
[  261.055992][T22709] ------------[ cut here ]------------
[  261.059429][T22711] EXT4-fs: Ignoring removed orlov option
[  261.064275][T22709] verifier bug: REG INVARIANTS VIOLATION (false_reg1): range bounds violation u64=[0x4000000, 0x0] s64=[0x4000000, 0x0] u32=[0x4000000, 0x0] s32=[0x4000000, 0x0] var_off=(0x0, 0x0)
[  261.087995][T22709] WARNING: CPU: 1 PID: 22709 at kernel/bpf/verifier.c:2721 reg_bounds_sanity_check+0x673/0x680
[  261.098522][T22709] Modules linked in:
[  261.102708][T22709] CPU: 1 UID: 0 PID: 22709 Comm: syz.3.7907 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  261.103331][T22714] __nla_validate_parse: 6 callbacks suppressed
[  261.103342][T22714] netlink: 32 bytes leftover after parsing attributes in process `syz.8.7910'.
[  261.114420][T22709] Tainted: [W]=WARN
[  261.133514][T22709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  261.143815][T22709] RIP: 0010:reg_bounds_sanity_check+0x673/0x680
[  261.150302][T22709] Code: 7c 24 18 41 ff 74 24 20 55 41 56 4d 89 ee 53 48 8b 5c 24 30 ff 74 24 40 ff 74 24 50 ff 74 24 30 e8 d2 f6 ba ff 48 83 c4 38 90 <0f> 0b 90 90 e9 02 fb ff ff 0f 1f 40 00 90 90 90 90 90 90 90 90 90
[  261.170037][T22709] RSP: 0018:ffffc9000480b408 EFLAGS: 00010282
[  261.176159][T22709] RAX: 8e4ad7160cdbd600 RBX: ffff88814af94ae0 RCX: 0000000000080000
[  261.184329][T22709] RDX: ffffc9000698a000 RSI: 0000000000046d0e RDI: 0000000000046d0f
[  261.192376][T22709] RBP: 0000000000000000 R08: 0001c9000480b257 R09: 0000000000000000
[  261.194151][T22711] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  261.200539][T22709] R10: 00000000ffffffff R11: 0000000000000002 R12: ffff88814af94aa0
[  261.221055][T22709] R13: ffff88813ee78000 R14: ffff88813ee78000 R15: ffff88814af94ad8
[  261.229280][T22709] FS:  00007fac843ef6c0(0000) GS:ffff8882aef11000(0000) knlGS:0000000000000000
[  261.238313][T22709] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  261.245052][T22709] CR2: 0000001b2dd1aff8 CR3: 000000014d1e4000 CR4: 00000000003506f0
[  261.253123][T22709] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  261.261245][T22709] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  261.269309][T22709] Call Trace:
[  261.272674][T22709]  <TASK>
[  261.275684][T22709]  reg_set_min_max+0x215/0x260
[  261.280704][T22709]  check_cond_jmp_op+0x130d/0x19e0
[  261.285913][T22709]  do_check+0x3363/0x8460
[  261.290361][T22709]  do_check_common+0xc5e/0x12b0
[  261.295428][T22709]  bpf_check+0xaaae/0xd9d0
[  261.300003][T22709]  ? __alloc_frozen_pages_noprof+0x188/0x360
[  261.306057][T22709]  ? __vmap_pages_range_noflush+0xbc4/0xcf0
[  261.312172][T22709]  ? pcpu_block_update+0x232/0x3b0
[  261.317341][T22709]  ? pcpu_block_refresh_hint+0x157/0x170
[  261.323186][T22709]  ? pcpu_block_update_hint_alloc+0x63d/0x660
[  261.329398][T22709]  ? sysvec_apic_timer_interrupt+0x44/0x80
[  261.335403][T22709]  ? css_rstat_updated+0xb7/0x240
[  261.340689][T22709]  ? __rcu_read_unlock+0x4f/0x70
[  261.345666][T22709]  ? pcpu_memcg_post_alloc_hook+0xf1/0x150
[  261.351688][T22709]  ? bpf_prog_alloc+0x5b/0x150
[  261.356520][T22709]  ? pcpu_alloc_noprof+0xd29/0x1250
[  261.361762][T22709]  ? should_fail_ex+0x30/0x280
[  261.366743][T22709]  ? should_failslab+0x8c/0xb0
[  261.371619][T22709]  ? __kmalloc_noprof+0x2a2/0x570
[  261.376829][T22709]  ? security_bpf_prog_load+0x60/0x140
[  261.382581][T22709]  ? selinux_bpf_prog_load+0xad/0xd0
[  261.388013][T22709]  ? security_bpf_prog_load+0x9e/0x140
[  261.393799][T22709]  bpf_prog_load+0xf6e/0x1100
[  261.398606][T22709]  ? security_bpf+0x2b/0x90
[  261.403197][T22709]  __sys_bpf+0x469/0x7c0
[  261.407674][T22709]  __x64_sys_bpf+0x41/0x50
[  261.412223][T22709]  x64_sys_call+0x2aee/0x3000
[  261.417101][T22709]  do_syscall_64+0xd2/0x200
[  261.421798][T22709]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  261.427723][T22709]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  261.433851][T22709] RIP: 0033:0x7fac8598f6c9
[  261.438437][T22709] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  261.458250][T22709] RSP: 002b:00007fac843ef038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  261.466760][T22709] RAX: ffffffffffffffda RBX: 00007fac85be5fa0 RCX: 00007fac8598f6c9
[  261.474973][T22709] RDX: 0000000000000048 RSI: 00002000000054c0 RDI: 0000000000000005
[  261.483131][T22709] RBP: 00007fac85a11f91 R08: 0000000000000000 R09: 0000000000000000
[  261.491172][T22709] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  261.499176][T22709] R13: 00007fac85be6038 R14: 00007fac85be5fa0 R15: 00007ffdc73e70f8
[  261.507179][T22709]  </TASK>
[  261.510228][T22709] ---[ end trace 0000000000000000 ]---
[  261.529184][T16343] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  262.317492][T22776] bridge0: port 4(macsec1) entered blocking state
[  262.324044][T22776] bridge0: port 4(macsec1) entered disabled state
[  262.331908][T22776] macsec1: entered allmulticast mode
[  262.337201][T22776] bridge0: entered allmulticast mode
[  262.346191][T22776] macsec1: left allmulticast mode
[  262.351295][T22776] bridge0: left allmulticast mode
[  262.470810][T22810] netlink: 'syz.8.7952': attribute type 17 has an invalid length.
[  262.478741][T22810] netlink: 148 bytes leftover after parsing attributes in process `syz.8.7952'.
[  262.570658][T22819] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7956'.
[  262.593625][T22819] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7956'.
[  262.704951][T22829] xt_hashlimit: max too large, truncated to 1048576
[  262.728878][T22804] loop4: detected capacity change from 0 to 32768
[  262.768802][T22804]  loop4: p1 p2 p3 < p5 p6 >
[  262.773465][T22804] loop4: p1 size 242222080 extends beyond EOD, truncated
[  262.793789][T22804] loop4: p2 start 4294967295 is beyond EOD, truncated
[  263.022690][T22868] pimreg: entered allmulticast mode
[  263.037008][T22870] netlink: 16 bytes leftover after parsing attributes in process `syz.4.7976'.
[  263.046012][T22870] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7976'.
[  263.065212][T22868] pimreg: left allmulticast mode
[  263.191049][T22887] netlink: 12 bytes leftover after parsing attributes in process `syz.4.7984'.
[  263.350666][   T29] kauditd_printk_skb: 134 callbacks suppressed
[  263.350726][   T29] audit: type=1326 audit(263.348:10418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22903 comm="syz.2.7992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdef576f6c9 code=0x7ffc0000
[  263.392977][   T29] audit: type=1326 audit(263.348:10419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22903 comm="syz.2.7992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdef576f6c9 code=0x7ffc0000
[  263.416025][   T29] audit: type=1326 audit(263.348:10420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22903 comm="syz.2.7992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdef576f6c9 code=0x7ffc0000
[  263.439148][   T29] audit: type=1326 audit(263.348:10421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22903 comm="syz.2.7992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdef576f6c9 code=0x7ffc0000
[  263.462245][   T29] audit: type=1326 audit(263.348:10422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22903 comm="syz.2.7992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdef576f6c9 code=0x7ffc0000
[  263.485241][   T29] audit: type=1326 audit(263.348:10423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22903 comm="syz.2.7992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdef576f6c9 code=0x7ffc0000
[  263.508359][   T29] audit: type=1326 audit(263.348:10424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22903 comm="syz.2.7992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdef576f6c9 code=0x7ffc0000
[  263.531391][   T29] audit: type=1326 audit(263.348:10425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22903 comm="syz.2.7992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdef576f6c9 code=0x7ffc0000
[  263.554376][   T29] audit: type=1326 audit(263.348:10426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22903 comm="syz.2.7992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdef576f6c9 code=0x7ffc0000
[  263.577523][   T29] audit: type=1326 audit(263.348:10427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22903 comm="syz.2.7992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdef576f6c9 code=0x7ffc0000
[  263.608113][T22911] macvtap0: refused to change device tx_queue_len
[  263.883399][T22936] vhci_hcd: default hub control req: 8013 v0000 i0000 l31125
[  264.004187][T22946] SELinux: failed to load policy
[  264.182469][T22970] netlink: 'syz.1.8020': attribute type 1 has an invalid length.
[  264.196027][T22970] 8021q: adding VLAN 0 to HW filter on device bond5
[  264.213673][T22970] bond5: (slave veth9): Enslaving as an active interface with a down link
[  264.224431][T22970] batman_adv: batadv0: Removing interface: dummy0
[  264.234463][T22970] bond5: (slave dummy0): making interface the new active one
[  264.243361][T22970] dummy0: entered promiscuous mode
[  264.248743][T22970] bond5: (slave dummy0): Enslaving as an active interface with an up link
[  264.312181][T22985] netlink: 24 bytes leftover after parsing attributes in process `syz.2.8027'.
[  264.433026][T22989] netlink: 'syz.2.8029': attribute type 4 has an invalid length.
[  264.629879][T23003] lo speed is unknown, defaulting to 1000
[  265.016569][T23021] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  265.023830][T23021] IPv6: NLM_F_CREATE should be set when creating new route
[  265.031119][T23021] IPv6: NLM_F_CREATE should be set when creating new route
[  265.038922][T23021] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  265.046460][T23021] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8044'.
[  265.055380][T23021] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8044'.
[  265.303788][T23059] veth1_to_batadv: entered promiscuous mode
[  265.328037][T23059] batadv_slave_0: entered promiscuous mode
[  265.334023][T23059] batadv_slave_0: left promiscuous mode
[  265.340823][T23059] veth1_to_batadv: left promiscuous mode
[  265.486507][T23085] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=23085 comm=syz.3.8072
[  265.865285][T23142] loop4: detected capacity change from 0 to 128
[  265.994796][T23161] loop4: detected capacity change from 0 to 512
[  266.001508][T23161] journal_path: Non-blockdev passed as './bus'
[  266.007691][T23161] EXT4-fs: error: could not find journal device path
[  266.390955][T23240] __nla_validate_parse: 10 callbacks suppressed
[  266.390971][T23240] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8118'.
[  266.706336][T23240] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8118'.
[  267.070629][T23351] lo speed is unknown, defaulting to 1000
[  267.168275][T23358] netlink: 52 bytes leftover after parsing attributes in process `syz.1.8131'.
[  267.740372][T23348] net_ratelimit: 4 callbacks suppressed
[  267.740387][T23348] Set syz1 is full, maxelem 65536 reached
[  267.900466][T23381] lo: left allmulticast mode
[  267.936004][T23383] pim6reg: entered allmulticast mode
[  267.979065][T23383] pim6reg: left allmulticast mode
[  267.986690][T23391] netlink: 76 bytes leftover after parsing attributes in process `syz.4.8146'.
[  268.110873][T23404] netlink: 96 bytes leftover after parsing attributes in process `syz.2.8151'.
[  268.138640][T23402] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=23402 comm=syz.4.8152
[  268.268998][T23416] loop4: detected capacity change from 0 to 256
[  268.309752][T23419] netlink: 76 bytes leftover after parsing attributes in process `syz.1.8158'.
[  268.455035][T23434] pim6reg: entered allmulticast mode
[  268.468505][T23434] pim6reg: left allmulticast mode
[  268.504861][T23431] SELinux: failed to load policy
[  268.963255][T23477] veth1_to_batadv: entered promiscuous mode
[  268.970274][T23477] batadv_slave_0: entered promiscuous mode
[  268.976683][T23477] hsr1: Slave A (veth1_to_batadv) is not up; please bring it up to get a fully working HSR network
[  268.987410][T23477] hsr1: Slave B (batadv_slave_0) is not up; please bring it up to get a fully working HSR network
[  268.998612][T23477] hsr1: entered promiscuous mode
[  269.508473][   T29] kauditd_printk_skb: 135 callbacks suppressed
[  269.508490][   T29] audit: type=1326 audit(269.495:10563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23497 comm="syz.2.8202" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fdef576f6c9 code=0x0
[  269.873886][T23513] veth1_to_batadv: entered promiscuous mode
[  269.887683][T23513] batadv_slave_0: entered promiscuous mode
[  269.893956][T23513] debugfs: 'hsr1' already exists in 'hsr'
[  269.899704][T23513] Cannot create hsr debugfs directory
[  269.905391][T23513] hsr1: Slave A (veth1_to_batadv) is not up; please bring it up to get a fully working HSR network
[  269.916100][T23513] hsr1: Slave B (batadv_slave_0) is not up; please bring it up to get a fully working HSR network
[  269.927197][T23513] hsr1: entered promiscuous mode
[  270.056460][   T29] audit: type=1326 audit(270.041:10564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23524 comm="syz.1.8201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb85942f6c9 code=0x7ffc0000
[  270.079566][   T29] audit: type=1326 audit(270.041:10565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23524 comm="syz.1.8201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb85942f6c9 code=0x7ffc0000
[  270.122086][   T29] audit: type=1326 audit(270.041:10566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23524 comm="syz.1.8201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7fb85942f6c9 code=0x7ffc0000
[  270.145022][   T29] audit: type=1326 audit(270.091:10567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23524 comm="syz.1.8201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb85942f6c9 code=0x7ffc0000
[  270.167996][   T29] audit: type=1326 audit(270.091:10568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23524 comm="syz.1.8201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb85942f6c9 code=0x7ffc0000
[  270.191087][   T29] audit: type=1326 audit(270.091:10569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23526 comm="syz.1.8201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fb859461f85 code=0x7ffc0000
[  270.214020][   T29] audit: type=1326 audit(270.111:10570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23524 comm="syz.1.8201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fb85942e32a code=0x7ffc0000
[  270.236872][   T29] audit: type=1326 audit(270.111:10571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23524 comm="syz.1.8201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fb859461f85 code=0x7ffc0000
[  270.259903][   T29] audit: type=1326 audit(270.241:10572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23526 comm="syz.1.8201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7fb85942f6c9 code=0x7ffc0000
[  270.596404][T23542] veth1_to_batadv: entered promiscuous mode
[  270.602945][T23542] batadv_slave_0: entered promiscuous mode
[  270.608831][T23542] batadv_slave_0: left promiscuous mode
[  270.614594][T23542] veth1_to_batadv: left promiscuous mode
[  270.855437][T23554] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8213'.
[  271.009523][T23568] loop4: detected capacity change from 0 to 512
[  271.028973][T23568] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  271.054415][T23568] lo speed is unknown, defaulting to 1000
[  271.845693][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  272.095216][T23594] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8228'.
[  272.113578][T23598] bridge0: port 4(batadv3) entered blocking state
[  272.120094][T23598] bridge0: port 4(batadv3) entered disabled state
[  272.137482][T23598] batadv3: entered allmulticast mode
[  272.143543][T23598] batadv3: entered promiscuous mode
[  272.169513][T23602] netlink: 24 bytes leftover after parsing attributes in process `syz.3.8230'.
[  272.181124][T23599] netlink: 'syz.1.8239': attribute type 3 has an invalid length.
[  272.211235][T23602] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8230'.
[  272.283642][T23622] netlink: 'syz.8.8251': attribute type 3 has an invalid length.
[  272.550220][T23645] bridge0: port 2(batadv2) entered blocking state
[  272.556694][T23645] bridge0: port 2(batadv2) entered disabled state
[  272.568514][T23645] batadv2: entered allmulticast mode
[  272.585255][T23649] netlink: 24 bytes leftover after parsing attributes in process `syz.1.8250'.
[  272.600983][T23647] loop2: detected capacity change from 0 to 1024
[  272.609065][T23645] batadv2: entered promiscuous mode
[  272.617868][T23647] EXT4-fs: Ignoring removed bh option
[  272.623302][ T4093] batman_adv: batadv3: No IGMP Querier present - multicast optimizations disabled
[  272.623315][ T4093] batman_adv: batadv3: No MLD Querier present - multicast optimizations disabled
[  272.658534][T23647] EXT4-fs: inline encryption not supported
[  272.658678][T23649] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8250'.
[  272.668111][T23647] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  272.688263][T23647] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[  272.708182][T23653] netlink: 4 bytes leftover after parsing attributes in process `syz.8.8252'.
[  272.709171][T23647] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 2: comm syz.2.8260: lblock 2 mapped to illegal pblock 2 (length 1)
[  272.733788][T23653] netlink: 12 bytes leftover after parsing attributes in process `syz.8.8252'.
[  272.748937][T23647] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 48: comm syz.2.8260: lblock 0 mapped to illegal pblock 48 (length 1)
[  272.778003][T23647] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.8260: Failed to acquire dquot type 0
[  272.779570][T23653] netlink: 12 bytes leftover after parsing attributes in process `syz.8.8252'.
[  272.798779][T23647] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  272.808205][T23647] EXT4-fs error (device loop2): ext4_evict_inode:254: inode #11: comm syz.2.8260: mark_inode_dirty error
[  272.819651][T23647] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  272.829897][T23647] EXT4-fs (loop2): 1 orphan inode deleted
[  272.835939][T23647] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  272.857464][T23661] netlink: 'syz.4.8255': attribute type 3 has an invalid length.
[  272.870315][   T31] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:1: lblock 1 mapped to illegal pblock 1 (length 1)
[  272.893048][   T31] EXT4-fs error (device loop2): ext4_release_dquot:6981: comm kworker/u8:1: Failed to release dquot type 0
[  272.950021][T16343] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  272.973762][T16343] EXT4-fs error (device loop2): __ext4_get_inode_loc:4832: comm syz-executor: Invalid inode table block 1 in block_group 0
[  273.002669][T16343] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  273.018822][T23681] loop8: detected capacity change from 0 to 1024
[  273.019988][T16343] EXT4-fs error (device loop2): ext4_quota_off:7229: inode #3: comm syz-executor: mark_inode_dirty error
[  273.036832][T23681] EXT4-fs: inline encryption not supported
[  273.042670][T23681] EXT4-fs: Ignoring removed orlov option
[  273.048631][ T4097] batman_adv: batadv2: No IGMP Querier present - multicast optimizations disabled
[  273.048935][T23681] EXT4-fs (loop8): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  273.057884][ T4097] batman_adv: batadv2: No MLD Querier present - multicast optimizations disabled
[  273.079205][T23681] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a840c019, mo2=0002]
[  273.087381][T23681] System zones: 0-1, 3-12
[  273.092585][T23681] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  273.139980][T23681] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 63 with max blocks 65 with error 28
[  273.152571][T23681] EXT4-fs (loop8): This should not happen!! Data will be lost
[  273.152571][T23681] 
[  273.162311][T23681] EXT4-fs (loop8): Total free blocks count 0
[  273.168292][T23681] EXT4-fs (loop8): Free/Dirty block details
[  273.174231][T23681] EXT4-fs (loop8): free_blocks=0
[  273.179249][T23681] EXT4-fs (loop8): dirty_blocks=0
[  273.184269][T23681] EXT4-fs (loop8): Block reservation details
[  273.190336][T23681] EXT4-fs (loop8): i_reserved_data_blocks=0
[  273.211551][T13077] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  273.605504][T23750] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8293'.
[  273.615207][T23750] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8293'.
[  273.723283][T23771] netlink: 'syz.1.8308': attribute type 6 has an invalid length.
[  275.057833][T23981] netlink: 'syz.3.8351': attribute type 17 has an invalid length.
[  275.157866][T23985] loop2: detected capacity change from 0 to 1024
[  275.164998][T23985] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  275.175971][T23985] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  275.186560][T23985] JBD2: no valid journal superblock found
[  275.192306][T23985] EXT4-fs (loop2): Could not load journal inode
[  275.203720][T23985] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[  275.290697][T23995] bridge0: port 3(macsec1) entered blocking state
[  275.297170][T23995] bridge0: port 3(macsec1) entered disabled state
[  275.303781][T23995] macsec1: entered allmulticast mode
[  275.309093][T23995] bridge0: entered allmulticast mode
[  275.314726][T23995] macsec1: left allmulticast mode
[  275.319836][T23995] bridge0: left allmulticast mode
[  275.378645][ T4055] dummy0: left promiscuous mode
[  275.445537][T24006] loop2: detected capacity change from 0 to 1024
[  275.452819][T24006] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  275.464758][T24006] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  275.473847][T24006] EXT4-fs (loop2): orphan cleanup on readonly fs
[  275.480574][T24006] EXT4-fs error (device loop2): ext4_free_blocks:6706: comm syz.2.8360: Freeing blocks not in datazone - block = 0, count = 4096
[  275.494401][T24006] EXT4-fs (loop2): 1 orphan inode deleted
[  275.500738][T24006] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  275.523090][T16343] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  275.614088][   T29] kauditd_printk_skb: 152 callbacks suppressed
[  275.614103][   T29] audit: type=1326 audit(275.601:10722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24026 comm="syz.8.8372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87ed9df6c9 code=0x7ffc0000
[  275.644284][   T29] audit: type=1326 audit(275.611:10723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24024 comm="syz.2.8371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdef576f6c9 code=0x7ffc0000
[  275.667267][   T29] audit: type=1326 audit(275.611:10724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24024 comm="syz.2.8371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdef576f6c9 code=0x7ffc0000
[  275.690334][   T29] audit: type=1326 audit(275.611:10725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24024 comm="syz.2.8371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdef576f6c9 code=0x7ffc0000
[  275.713387][   T29] audit: type=1326 audit(275.611:10726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24024 comm="syz.2.8371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdef576f6c9 code=0x7ffc0000
[  275.736451][   T29] audit: type=1326 audit(275.611:10727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24024 comm="syz.2.8371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdef576f6c9 code=0x7ffc0000
[  275.759403][   T29] audit: type=1326 audit(275.611:10728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24024 comm="syz.2.8371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdef576f6c9 code=0x7ffc0000
[  275.782360][   T29] audit: type=1326 audit(275.611:10729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24024 comm="syz.2.8371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdef576f6c9 code=0x7ffc0000
[  275.805386][   T29] audit: type=1326 audit(275.611:10730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24024 comm="syz.2.8371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdef576f6c9 code=0x7ffc0000
[  275.828393][   T29] audit: type=1326 audit(275.611:10731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24024 comm="syz.2.8371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdef576f6c9 code=0x7ffc0000
[  275.878136][T24034] loop8: detected capacity change from 0 to 512
[  275.884851][T24034] EXT4-fs: Ignoring removed nomblk_io_submit option
[  275.891580][T24034] EXT4-fs: Ignoring removed oldalloc option
[  275.899303][T24034] EXT4-fs error (device loop8): ext4_xattr_inode_iget:437: comm syz.8.8374: Parent and EA inode have the same ino 15
[  275.914815][T24034] EXT4-fs error (device loop8): ext4_xattr_inode_iget:437: comm syz.8.8374: Parent and EA inode have the same ino 15
[  275.927687][T24034] EXT4-fs (loop8): 1 orphan inode deleted
[  275.933921][T24034] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  275.973855][T13077] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  276.215035][T24067] loop8: detected capacity change from 0 to 512
[  276.221879][T24067] EXT4-fs: Ignoring removed orlov option
[  276.229085][T24067] EXT4-fs (loop8): mounting ext3 file system using the ext4 subsystem
[  276.238863][T24067] EXT4-fs error (device loop8): ext4_iget_extra_inode:5075: inode #15: comm syz.8.8388: corrupted in-inode xattr: e_value size too large
[  276.259406][T24067] EXT4-fs error (device loop8): ext4_orphan_get:1397: comm syz.8.8388: couldn't read orphan inode 15 (err -117)
[  276.271834][T24067] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  276.302023][T13077] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  276.763559][T24112] ÿÿÿÿÿÿ: renamed from vlan1
[  276.979344][ T3732] Bluetooth: hci0: command 0x1003 tx timeout
[  276.985366][ T3617] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  277.000736][T24147] netlink: 'syz.8.8427': attribute type 4 has an invalid length.
[  277.115389][T24151] wg2: entered promiscuous mode
[  277.120296][T24151] wg2: entered allmulticast mode
[  277.155570][T24159] __nla_validate_parse: 7 callbacks suppressed
[  277.155584][T24159] netlink: 24 bytes leftover after parsing attributes in process `syz.8.8432'.
[  277.222343][T24161] SELinux: failed to load policy
[  277.281093][T24171] netlink: 'syz.8.8436': attribute type 1 has an invalid length.
[  277.294620][T24171] 8021q: adding VLAN 0 to HW filter on device bond3
[  277.314614][T24171] bond3: (slave veth19): Enslaving as an active interface with a down link
[  277.333207][T24171] bond3: (slave dummy0): making interface the new active one
[  277.341849][T24171] dummy0: entered promiscuous mode
[  277.347194][T24171] bond3: (slave dummy0): Enslaving as an active interface with an up link
[  277.374594][T24178] loop2: detected capacity change from 0 to 164
[  277.389339][T24178] bio_check_eod: 27 callbacks suppressed
[  277.389422][T24178] syz.2.8438: attempt to access beyond end of device
[  277.389422][T24178] loop2: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  277.422231][T24178] syz.2.8438: attempt to access beyond end of device
[  277.422231][T24178] loop2: rw=0, sector=263328, nr_sectors = 4 limit=164
[  277.732044][T24208] netlink: 'syz.3.8453': attribute type 1 has an invalid length.
[  277.763647][T24208] 8021q: adding VLAN 0 to HW filter on device bond3
[  277.811555][T24216] loop8: detected capacity change from 0 to 164
[  277.821920][T24218] netlink: 'syz.4.8457': attribute type 4 has an invalid length.
[  277.833450][T24208] bond3: (slave veth25): Enslaving as an active interface with a down link
[  277.855064][T24216] syz.8.8456: attempt to access beyond end of device
[  277.855064][T24216] loop8: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  277.869466][T24216] syz.8.8456: attempt to access beyond end of device
[  277.869466][T24216] loop8: rw=0, sector=263328, nr_sectors = 4 limit=164
[  277.903053][T24208] bond3: (slave dummy0): making interface the new active one
[  277.911696][T24208] dummy0: entered promiscuous mode
[  277.916837][T24208] bond3: (slave dummy0): Enslaving as an active interface with an up link
[  279.008580][ T1051] IPVS: starting estimator thread 0...
[  279.070730][T24283] lo speed is unknown, defaulting to 1000
[  279.098889][T24275] IPVS: using max 2544 ests per chain, 127200 per kthread
[  279.183037][T24301] xt_HMARK: proto mask must be zero with L3 mode
[  279.351733][T24332] lo speed is unknown, defaulting to 1000
[  279.411317][T24334] lo speed is unknown, defaulting to 1000
[  279.807288][T24360] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8512'.
[  279.973230][T24388] netlink: 12 bytes leftover after parsing attributes in process `+}[@'.
[  280.002469][T24388] netlink: 12 bytes leftover after parsing attributes in process `+}[@'.
[  280.025229][T24397] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8525'.
[  280.046883][T24388] netlink: 12 bytes leftover after parsing attributes in process `+}[@'.
[  280.056296][T24397] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8525'.
[  280.082971][T24397] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8525'.
[  280.195484][T24423] -1: renamed from syzkaller0
[  280.272083][T24437] netlink: 12 bytes leftover after parsing attributes in process `+}[@'.
[  280.317738][T24437] netlink: 12 bytes leftover after parsing attributes in process `+}[@'.
[  280.433481][T24459] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=24459 comm=syz.4.8554
[  280.479470][T24457] loop8: detected capacity change from 0 to 8192
[  280.643809][T24471] loop2: detected capacity change from 0 to 164
[  280.652280][T24471] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  280.662182][T24471] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  280.690913][T24471] Symlink component flag not implemented
[  280.696564][T24471] Symlink component flag not implemented
[  280.716121][T24471] Symlink component flag not implemented (7)
[  280.722169][T24471] Symlink component flag not implemented (116)
[  280.824193][T24487] blktrace: Concurrent blktraces are not allowed on loop3
[  280.895575][   T29] kauditd_printk_skb: 275 callbacks suppressed
[  280.895589][   T29] audit: type=1326 audit(280.881:11007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24494 comm="syz.8.8568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87ed9df6c9 code=0x7ffc0000
[  280.924967][   T29] audit: type=1326 audit(280.881:11008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24494 comm="syz.8.8568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87ed9df6c9 code=0x7ffc0000
[  280.948698][   T29] audit: type=1326 audit(280.941:11009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24494 comm="syz.8.8568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7f87ed9df6c9 code=0x7ffc0000
[  280.971853][   T29] audit: type=1326 audit(280.941:11010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24494 comm="syz.8.8568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87ed9df6c9 code=0x7ffc0000
[  280.994827][   T29] audit: type=1326 audit(280.941:11011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24494 comm="syz.8.8568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87ed9df6c9 code=0x7ffc0000
[  281.024242][   T29] audit: type=1326 audit(281.011:11012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24494 comm="syz.8.8568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=276 compat=0 ip=0x7f87ed9df6c9 code=0x7ffc0000
[  281.047308][   T29] audit: type=1326 audit(281.011:11013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24494 comm="syz.8.8568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87ed9df6c9 code=0x7ffc0000
[  281.070496][   T29] audit: type=1326 audit(281.011:11014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24494 comm="syz.8.8568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87ed9df6c9 code=0x7ffc0000
[  281.156268][ T4790] hid_parser_main: 21 callbacks suppressed
[  281.156287][ T4790] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  281.178909][ T4790] hid-generic 0000:0000:0000.000E: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  281.352748][T24522] netlink: 'syz.8.8581': attribute type 11 has an invalid length.
[  281.427607][T24549] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=24549 comm=syz.8.8589
[  281.442923][T24547] pim6reg1: entered promiscuous mode
[  281.448238][T24547] pim6reg1: entered allmulticast mode
[  281.903166][T24589] loop8: detected capacity change from 0 to 512
[  281.920160][T24589] EXT4-fs: Ignoring removed nobh option
[  281.926094][T24589] EXT4-fs: old and new quota format mixing
[  281.950519][T24589] loop8: detected capacity change from 0 to 512
[  281.976710][T24589] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  282.005188][   T29] audit: type=1400 audit(281.991:11015): avc:  denied  { create } for  pid=24588 comm="syz.8.8610" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1
[  282.070504][   T29] audit: type=1400 audit(282.051:11016): avc:  denied  { read } for  pid=24588 comm="syz.8.8610" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop8" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1
[  282.114391][T13077] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  283.199190][T24707] __nla_validate_parse: 9 callbacks suppressed
[  283.199207][T24707] netlink: 24 bytes leftover after parsing attributes in process `syz.3.8658'.
[  283.290696][T24711] netlink: 64 bytes leftover after parsing attributes in process `syz.3.8659'.
[  283.743257][T24742] $Hÿ: renamed from bond0
[  283.749642][T24742] $Hÿ: entered promiscuous mode
[  283.754666][T24742] bond_slave_0: entered promiscuous mode
[  283.760354][T24742] bond_slave_1: entered promiscuous mode
[  284.091480][T24780] netlink: 32 bytes leftover after parsing attributes in process `syz.8.8692'.
[  284.208960][T24791] pim6reg1: entered promiscuous mode
[  284.214301][T24791] pim6reg1: entered allmulticast mode
[  284.338340][T24800] netlink: 96 bytes leftover after parsing attributes in process `syz.3.8701'.
[  284.368072][T24804] netlink: 20 bytes leftover after parsing attributes in process `syz.3.8703'.
[  284.385393][T24802] netlink: 4 bytes leftover after parsing attributes in process `syz.8.8702'.
[  284.406650][T24802] netlink: 12 bytes leftover after parsing attributes in process `syz.8.8702'.
[  284.451671][T24811] netlink: 20 bytes leftover after parsing attributes in process `syz.3.8703'.
[  284.493555][T24813] loop2: detected capacity change from 0 to 512
[  284.503430][T24813] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  284.515299][T24813] EXT4-fs (loop2): 1 truncate cleaned up
[  284.521439][T24813] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  284.540205][T24817] netlink: 'syz.1.8708': attribute type 12 has an invalid length.
[  284.562449][T16343] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  284.656621][T24830] loop8: detected capacity change from 0 to 512
[  284.664558][T24830] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  284.693981][T13077] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  284.763804][T24839] geneve3: entered promiscuous mode
[  284.769058][T24839] geneve3: entered allmulticast mode
[  284.845984][T24849] loop2: detected capacity change from 0 to 2048
[  284.880736][T24849] Alternate GPT is invalid, using primary GPT.
[  284.887064][T24849]  loop2: p2 p3 p7
[  284.927150][T24867] netlink: 16 bytes leftover after parsing attributes in process `syz.8.8732'.
[  284.946501][T24863] netlink: 96 bytes leftover after parsing attributes in process `syz.4.8730'.
[  285.481389][T24951] lo speed is unknown, defaulting to 1000
[  285.646089][T24959] loop8: detected capacity change from 0 to 128
[  285.665072][T24961] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 !
[  285.680729][T24959] syz.8.8770: attempt to access beyond end of device
[  285.680729][T24959] loop8: rw=2049, sector=138, nr_sectors = 8 limit=128
[  285.702819][T24959] syz.8.8770: attempt to access beyond end of device
[  285.702819][T24959] loop8: rw=2049, sector=146, nr_sectors = 6 limit=128
[  285.738855][T24959] syz.8.8770: attempt to access beyond end of device
[  285.738855][T24959] loop8: rw=2049, sector=150, nr_sectors = 2 limit=128
[  285.752341][T24959] buffer_io_error: 14 callbacks suppressed
[  285.752352][T24959] Buffer I/O error on dev loop8, logical block 75, lost async page write
[  285.772087][T24959] syz.8.8770: attempt to access beyond end of device
[  285.772087][T24959] loop8: rw=2049, sector=152, nr_sectors = 2 limit=128
[  285.785593][T24959] Buffer I/O error on dev loop8, logical block 76, lost async page write
[  285.797902][T24959] syz.8.8770: attempt to access beyond end of device
[  285.797902][T24959] loop8: rw=2049, sector=170, nr_sectors = 6 limit=128
[  285.814558][T24959] syz.8.8770: attempt to access beyond end of device
[  285.814558][T24959] loop8: rw=2049, sector=174, nr_sectors = 2 limit=128
[  285.828022][T24959] Buffer I/O error on dev loop8, logical block 87, lost async page write
[  285.836898][T24959] syz.8.8770: attempt to access beyond end of device
[  285.836898][T24959] loop8: rw=2049, sector=176, nr_sectors = 2 limit=128
[  285.850404][T24959] Buffer I/O error on dev loop8, logical block 88, lost async page write
[  285.859822][T24959] syz.8.8770: attempt to access beyond end of device
[  285.859822][T24959] loop8: rw=2049, sector=178, nr_sectors = 6 limit=128
[  285.880663][T24959] syz.8.8770: attempt to access beyond end of device
[  285.880663][T24959] loop8: rw=2049, sector=182, nr_sectors = 2 limit=128
[  285.894175][T24959] Buffer I/O error on dev loop8, logical block 91, lost async page write
[  285.909823][T24959] syz.8.8770: attempt to access beyond end of device
[  285.909823][T24959] loop8: rw=2049, sector=184, nr_sectors = 2 limit=128
[  285.923273][T24959] Buffer I/O error on dev loop8, logical block 92, lost async page write
[  285.989541][T24959] Buffer I/O error on dev loop8, logical block 103, lost async page write
[  286.005739][T24959] Buffer I/O error on dev loop8, logical block 104, lost async page write
[  286.055969][T24959] Buffer I/O error on dev loop8, logical block 107, lost async page write
[  286.074181][T24959] Buffer I/O error on dev loop8, logical block 108, lost async page write
[  286.312547][   T29] kauditd_printk_skb: 76 callbacks suppressed
[  286.312562][   T29] audit: type=1326 audit(286.301:11093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25021 comm="syz.8.8786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87ed9df6c9 code=0x7ffc0000
[  286.341742][   T29] audit: type=1326 audit(286.301:11094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25021 comm="syz.8.8786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87ed9df6c9 code=0x7ffc0000
[  286.678241][T25069] atomic_op ffff8881049d1128 conn xmit_atomic 0000000000000000
[  286.698608][   T29] audit: type=1326 audit(286.361:11095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25021 comm="syz.8.8786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f87ed9df6c9 code=0x7ffc0000
[  286.721684][   T29] audit: type=1326 audit(286.361:11096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25021 comm="syz.8.8786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87ed9df6c9 code=0x7ffc0000
[  286.744711][   T29] audit: type=1326 audit(286.361:11097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25021 comm="syz.8.8786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87ed9df6c9 code=0x7ffc0000
[  286.767783][   T29] audit: type=1326 audit(286.361:11098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25021 comm="syz.8.8786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f87ed9df6c9 code=0x7ffc0000
[  286.790760][   T29] audit: type=1326 audit(286.361:11099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25021 comm="syz.8.8786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87ed9df6c9 code=0x7ffc0000
[  286.813752][   T29] audit: type=1326 audit(286.361:11100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25021 comm="syz.8.8786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87ed9df6c9 code=0x7ffc0000
[  286.836786][   T29] audit: type=1326 audit(286.361:11101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25021 comm="syz.8.8786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f87ed9df6c9 code=0x7ffc0000
[  286.859742][   T29] audit: type=1326 audit(286.361:11102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25021 comm="syz.8.8786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87ed9df6c9 code=0x7ffc0000
[  286.999046][T25108] loop4: detected capacity change from 0 to 512
[  287.005622][T25108] EXT4-fs: Ignoring removed orlov option
[  287.018651][T25108] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  287.027471][T25108] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002]
[  287.050990][T25108] EXT4-fs error (device loop4): ext4_iget_extra_inode:5075: inode #15: comm syz.4.8800: corrupted in-inode xattr: e_value size too large
[  287.065617][T25108] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.8800: couldn't read orphan inode 15 (err -117)
[  287.078418][T25108] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  287.205837][T25108] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000.
[  287.242970][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  287.353829][T25170] netlink: 'syz.1.8813': attribute type 12 has an invalid length.
[  288.040518][T25232] netlink: 'syz.2.8833': attribute type 4 has an invalid length.
[  288.158107][T25236] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=25236 comm=syz.2.8835
[  288.175723][T25245] ip6gre2: entered promiscuous mode
[  288.295815][T25266] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  288.329240][T25270] __nla_validate_parse: 6 callbacks suppressed
[  288.329255][T25270] netlink: 24 bytes leftover after parsing attributes in process `syz.2.8848'.
[  288.549650][T25307] netlink: 24 bytes leftover after parsing attributes in process `syz.1.8862'.
[  288.586265][T25311] netlink: 96 bytes leftover after parsing attributes in process `syz.1.8864'.
[  288.648757][ T4071] dummy0: left promiscuous mode
[  288.851206][T25340] Set syz1 is full, maxelem 6117 reached
[  288.901606][T25344] batman_adv: batadv0: Removing interface: batadv_slave_0
[  288.909263][T25344] batman_adv: batadv0: Removing interface: batadv_slave_1
[  288.921560][T25348] ip6gre1: entered promiscuous mode
[  289.119215][T25354] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8894'.
[  289.147294][T25360] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8885'.
[  289.156409][T25360] netlink: 28 bytes leftover after parsing attributes in process `syz.3.8885'.
[  289.165392][T25360] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8885'.
[  289.183585][T25360] netlink: 28 bytes leftover after parsing attributes in process `syz.3.8885'.
[  289.192667][T25360] netlink: 'syz.3.8885': attribute type 6 has an invalid length.
[  289.200584][T25362] $Hÿ: renamed from .`
[  289.207148][T25362] $Hÿ: entered promiscuous mode
[  289.212255][T25362] bond_slave_0: entered promiscuous mode
[  289.217943][T25362] bond_slave_1: entered promiscuous mode
[  289.224192][ T4123] dummy0: left promiscuous mode
[  289.274160][T25374] veth1_to_batadv: entered promiscuous mode
[  289.295554][T25374] debugfs: 'hsr1' already exists in 'hsr'
[  289.301363][T25374] Cannot create hsr debugfs directory
[  289.310702][T25374] hsr1: Slave A (veth1_to_batadv) is not up; please bring it up to get a fully working HSR network
[  289.321486][T25374] hsr1: Slave B (batadv_slave_0) is not up; please bring it up to get a fully working HSR network
[  289.333836][T25374] hsr1: entered promiscuous mode
[  289.351692][T25386] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8899'.
[  289.367763][T25386] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8899'.
[  289.400700][T25388] loop8: detected capacity change from 0 to 2048
[  289.416779][T25392] netlink: 'syz.3.8902': attribute type 10 has an invalid length.
[  289.424633][T25392] netlink: 'syz.3.8902': attribute type 11 has an invalid length.
[  289.436208][T25388] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  289.474268][T25403] netlink: 'syz.3.8905': attribute type 1 has an invalid length.
[  289.492585][T25405] loop2: detected capacity change from 0 to 512
[  289.499198][T25405] EXT4-fs: Ignoring removed orlov option
[  289.512876][T13077] EXT4-fs error (device loop8): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[  289.527352][T25405] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  289.531905][T13077] EXT4-fs error (device loop8) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  289.552034][T25405] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002]
[  289.560329][T25405] EXT4-fs error (device loop2): ext4_iget_extra_inode:5075: inode #15: comm syz.2.8906: corrupted in-inode xattr: e_value size too large
[  289.560761][T13077] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  289.574581][T25405] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.8906: couldn't read orphan inode 15 (err -117)
[  289.595924][T25405] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  289.645265][T25420] netlink: 'syz.4.8914': attribute type 7 has an invalid length.
[  289.653188][T25420] netlink: 'syz.4.8914': attribute type 8 has an invalid length.
[  289.742244][T25405] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000.
[  289.770413][T16343] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  289.795788][T25432] lo speed is unknown, defaulting to 1000
[  290.061610][T25465] loop4: detected capacity change from 0 to 2048
[  290.091675][T25465] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  290.205999][ T3314] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[  290.222313][ T3314] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  290.261191][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  290.886447][T25553] veth0_to_team: entered promiscuous mode
[  291.255839][T25618] loop8: detected capacity change from 0 to 256
[  292.596854][T25817] loop4: detected capacity change from 0 to 2048
[  292.651604][T25817]  loop4: p1 < > p4
[  292.667763][T25817] loop4: p4 size 8388608 extends beyond EOD, truncated
[  292.887097][T25858] loop4: detected capacity change from 0 to 4096
[  292.893879][T25858] EXT4-fs: Ignoring removed nomblk_io_submit option
[  292.912697][T25858] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  293.154562][ T4071] Bluetooth: hci0: Frame reassembly failed (-84)
[  293.190600][   T29] kauditd_printk_skb: 306 callbacks suppressed
[  293.190614][   T29] audit: type=1326 audit(806.186:11409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25903 comm="syz.2.9042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdef576f6c9 code=0x7ffc0000
[  293.221547][   T29] audit: type=1326 audit(806.216:11410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25903 comm="syz.2.9042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdef576f6c9 code=0x7ffc0000
[  293.244745][   T29] audit: type=1326 audit(806.216:11411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25903 comm="syz.2.9042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fdef576f6c9 code=0x7ffc0000
[  293.267775][   T29] audit: type=1326 audit(806.216:11412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25903 comm="syz.2.9042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdef576f6c9 code=0x7ffc0000
[  293.290832][   T29] audit: type=1326 audit(806.216:11413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25903 comm="syz.2.9042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdef576f6c9 code=0x7ffc0000
[  293.313996][   T29] audit: type=1326 audit(806.216:11414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25903 comm="syz.2.9042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7fdef576f6c9 code=0x7ffc0000
[  293.337128][   T29] audit: type=1326 audit(806.216:11415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25903 comm="syz.2.9042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdef576f6c9 code=0x7ffc0000
[  293.360263][   T29] audit: type=1326 audit(806.216:11416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25903 comm="syz.2.9042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdef576f6c9 code=0x7ffc0000
[  293.383407][   T29] audit: type=1326 audit(806.216:11417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25903 comm="syz.2.9042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7fdef576f6c9 code=0x7ffc0000
[  293.406442][   T29] audit: type=1326 audit(806.216:11418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25903 comm="syz.2.9042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fdef5766567 code=0x7ffc0000
[  293.443388][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  293.489651][T25943] loop4: detected capacity change from 0 to 1024
[  293.498680][T25943] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  293.815812][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  293.894555][T26023] sch_tbf: burst 3298 is lower than device lo mtu (11337746) !
[  293.913489][T26026] __nla_validate_parse: 15 callbacks suppressed
[  293.913540][T26026] netlink: 24 bytes leftover after parsing attributes in process `syz.3.9058'.
[  294.417355][T26092] netlink: 72 bytes leftover after parsing attributes in process `syz.2.9075'.
[  295.117880][T26195] lo speed is unknown, defaulting to 1000
[  295.218489][ T3617] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  295.218461][ T3732] Bluetooth: hci0: command 0x1003 tx timeout
[  295.542904][T26227] netlink: 'syz.3.9086': attribute type 12 has an invalid length.
[  295.654823][T26237] netlink: 96 bytes leftover after parsing attributes in process `syz.3.9094'.
[  295.679384][T26239] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 !
[  295.754748][T26243] loop8: detected capacity change from 0 to 1024
[  295.761910][T26243] EXT4-fs: Ignoring removed orlov option
[  295.768129][T26243] EXT4-fs (loop8): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  295.797045][T26243] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  296.227046][T13077] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  296.380661][T26280] loop4: detected capacity change from 0 to 1024
[  296.394825][T26280] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  296.420807][T26280] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  296.439117][T26280] EXT4-fs (loop4): orphan cleanup on readonly fs
[  296.458725][T26280] EXT4-fs error (device loop4): ext4_free_blocks:6706: comm syz.4.9111: Freeing blocks not in datazone - block = 0, count = 4096
[  296.492688][T26280] EXT4-fs (loop4): 1 orphan inode deleted
[  296.512886][T26280] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  296.535208][T26280] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.9111: bg 0: block 10: padding at end of block bitmap is not set
[  296.598119][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  297.120640][T26297] loop4: detected capacity change from 0 to 32768
[  297.413738][T26348] loop8: detected capacity change from 0 to 512
[  297.423179][T26348] EXT4-fs warning (device loop8): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  297.434818][T26348] EXT4-fs warning (device loop8): dx_probe:849: Enable large directory feature to access it
[  297.444996][T26348] EXT4-fs warning (device loop8): dx_probe:934: inode #2: comm syz.8.9142: Corrupt directory, running e2fsck is recommended
[  297.458263][T26348] EXT4-fs (loop8): Cannot turn on journaled quota: type 1: error -117
[  297.467001][T26348] EXT4-fs error (device loop8): ext4_iget_extra_inode:5075: inode #15: comm syz.8.9142: corrupted in-inode xattr: invalid ea_ino
[  297.480776][T26348] EXT4-fs (loop8): Remounting filesystem read-only
[  297.487982][T26348] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  297.513362][T13077] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  297.580232][T26361] netlink: 72 bytes leftover after parsing attributes in process `syz.4.9147'.
[  297.635072][T26372] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  297.701557][T26379] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9155'.
[  297.892304][T26421] netlink: 24 bytes leftover after parsing attributes in process `syz.2.9174'.
[  298.057391][T26446] lo speed is unknown, defaulting to 1000
[  298.075648][T26449] bridge: RTM_NEWNEIGH with invalid ether address
[  298.195325][T26454] lo speed is unknown, defaulting to 1000
[  298.486134][T26476] netlink: 63503 bytes leftover after parsing attributes in process `syz.2.9205'.
[  298.724837][T26500] lo speed is unknown, defaulting to 1000
[  298.775812][T26514] netlink: 'syz.2.9215': attribute type 5 has an invalid length.
[  298.820740][   T29] kauditd_printk_skb: 255 callbacks suppressed
[  298.820753][   T29] audit: type=1326 audit(811.816:11674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26520 comm="syz.3.9217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac8598f6c9 code=0x7ffc0000
[  298.881949][T26504] lo speed is unknown, defaulting to 1000
[  298.906046][   T29] audit: type=1326 audit(811.846:11675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26520 comm="syz.3.9217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fac8598f6c9 code=0x7ffc0000
[  298.929028][   T29] audit: type=1326 audit(811.846:11676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26520 comm="syz.3.9217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac8598f6c9 code=0x7ffc0000
[  298.952109][   T29] audit: type=1326 audit(811.846:11677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26520 comm="syz.3.9217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac8598f6c9 code=0x7ffc0000
[  298.975066][   T29] audit: type=1326 audit(811.846:11678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26520 comm="syz.3.9217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fac8598f6c9 code=0x7ffc0000
[  298.998026][   T29] audit: type=1326 audit(811.846:11679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26520 comm="syz.3.9217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac8598f6c9 code=0x7ffc0000
[  299.021078][   T29] audit: type=1326 audit(811.846:11680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26520 comm="syz.3.9217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fac8598f6c9 code=0x7ffc0000
[  299.045120][   T29] audit: type=1326 audit(811.936:11681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26520 comm="syz.3.9217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac8598f6c9 code=0x7ffc0000
[  299.068160][   T29] audit: type=1326 audit(811.936:11682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26520 comm="syz.3.9217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac8598f6c9 code=0x7ffc0000
[  299.181764][T26540] syz_tun: entered allmulticast mode
[  299.187956][T26538] syz_tun: left allmulticast mode
[  299.208687][T26542] netlink: 20 bytes leftover after parsing attributes in process `syz.3.9226'.
[  299.251424][T26550] netlink: 'syz.4.9229': attribute type 83 has an invalid length.
[  299.270659][T26553] netlink: 20 bytes leftover after parsing attributes in process `syz.3.9226'.
[  299.583603][T26575] program syz.4.9238 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  299.797082][T26593] netlink: 'syz.4.9246': attribute type 3 has an invalid length.
[  299.837528][T26598] netlink: 24 bytes leftover after parsing attributes in process `syz.8.9248'.
[  299.908065][   T29] audit: type=1400 audit(812.896:11683): avc:  denied  { append } for  pid=26605 comm="syz.2.9252" name="mISDNtimer" dev="devtmpfs" ino=248 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  299.987462][T26619] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 !
[  300.012651][T26620] loop4: detected capacity change from 0 to 1024
[  300.029369][T26620] EXT4-fs: Ignoring removed orlov option
[  300.035826][T26620] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  300.099828][T26634] netlink: 64 bytes leftover after parsing attributes in process `syz.1.9264'.
[  300.125574][T26620] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  300.207003][T26645] veth0_to_team: entered promiscuous mode
[  300.242116][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  300.300564][T26658] netlink: 4 bytes leftover after parsing attributes in process `syz.8.9275'.
[  300.326789][T26658] netlink: 12 bytes leftover after parsing attributes in process `syz.8.9275'.
[  300.617600][T26677] loop2: detected capacity change from 0 to 1024
[  300.635496][T26677] EXT4-fs: Ignoring removed orlov option
[  300.641925][T26677] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  300.675036][T26677] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  300.739131][T26702] netlink: 12 bytes leftover after parsing attributes in process `syz.1.9294'.
[  300.748110][T26702] netlink: 12 bytes leftover after parsing attributes in process `syz.1.9294'.
[  300.761183][T26701] syzkaller1: entered promiscuous mode
[  300.766649][T26701] syzkaller1: entered allmulticast mode
[  300.792079][T16343] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  300.916791][T26727] loop8: detected capacity change from 0 to 2048
[  300.962002][T26727] Alternate GPT is invalid, using primary GPT.
[  300.968332][T26727]  loop8: p2 p3 p7
[  301.180909][T26752] netlink: 24 bytes leftover after parsing attributes in process `syz.3.9313'.
[  302.118252][T26793] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=26793 comm=syz.2.9333
[  302.146374][T26791] netlink: 12 bytes leftover after parsing attributes in process `syz.3.9331'.
[  302.204214][T26799] loop8: detected capacity change from 0 to 1024
[  302.212952][T26798] 8021q: adding VLAN 0 to HW filter on device bond0
[  302.218992][T26799] EXT4-fs: Ignoring removed orlov option
[  302.235857][T26799] EXT4-fs (loop8): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  302.246017][T26798] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  302.314737][T26799] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  302.335487][T26810] smc: net device bond0 applied user defined pnetid SYZ0
[  302.361394][T26810] smc: net device bond0 erased user defined pnetid SYZ0
[  302.394852][T13077] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  302.468270][T26828] loop8: detected capacity change from 0 to 2048
[  302.490695][T26828] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  302.537618][T26844] vlan1: entered allmulticast mode
[  302.542891][T26844] bridge_slave_0: entered allmulticast mode
[  302.557265][T13077] EXT4-fs error (device loop8): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[  302.592678][T13077] EXT4-fs error (device loop8) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  302.617175][T13077] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  302.666056][T26863] loop8: detected capacity change from 0 to 512
[  302.681620][T26865] netlink: 'syz.3.9367': attribute type 6 has an invalid length.
[  302.693400][T26863] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  302.720681][T26863] SELinux:  Context @ is not valid (left unmapped).
[  302.745050][T13077] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  302.788275][T26884] smc: net device bond0 applied user defined pnetid SYZ0
[  302.810003][T26884] smc: net device bond0 erased user defined pnetid SYZ0
[  302.853747][T26899] blktrace: Concurrent blktraces are not allowed on loop9
[  302.934455][T26909] lo speed is unknown, defaulting to 1000
[  303.588770][T26953] vlan2: entered allmulticast mode
[  303.722521][T26963] netlink: 'syz.8.9409': attribute type 6 has an invalid length.
[  303.875870][T26981] tipc: Bearer <udp:£>: already 2 bearers with priority 10
[  303.883197][T26981] tipc: Bearer <udp:£>: trying with adjusted priority
[  303.894029][   T29] kauditd_printk_skb: 89 callbacks suppressed
[  303.894041][   T29] audit: type=1400 audit(816.886:11773): avc:  denied  { create } for  pid=26982 comm="syz.1.9419" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  303.906175][   T29] audit: type=1400 audit(816.886:11774): avc:  denied  { write } for  pid=26982 comm="syz.1.9419" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  303.938855][T26981] tipc: New replicast peer: 255.255.255.83
[  303.944774][T26981] tipc: Enabled bearer <udp:£>, priority 9
[  304.292126][T27023] loop4: detected capacity change from 0 to 1024
[  304.302073][T27023] EXT4-fs: inline encryption not supported
[  304.325566][T27023] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  304.341689][T27023] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4193: comm syz.4.9437: Allocating blocks 385-513 which overlap fs metadata
[  304.359637][T27023] EXT4-fs (loop4): pa ffff8881071dacb0: logic 16, phys. 129, len 24
[  304.367652][T27023] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 8
[  304.379264][T27023] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 15: block 337:freeing already freed block (bit 21); block bitmap corrupt.
[  304.407273][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  304.423391][T27036] __nla_validate_parse: 17 callbacks suppressed
[  304.423400][T27036] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9440'.
[  304.572077][T27057] netlink: 2028 bytes leftover after parsing attributes in process `syz.2.9447'.
[  304.581350][T27057] netlink: 24 bytes leftover after parsing attributes in process `syz.2.9447'.
[  304.703050][T27071] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=27071 comm=syz.1.9457
[  305.230636][T27097] lo speed is unknown, defaulting to 1000
[  305.287099][   T29] audit: type=1326 audit(818.276:11775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27098 comm="syz.8.9467" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87ed9df6c9 code=0x7ffc0000
[  305.313003][   T29] audit: type=1326 audit(818.276:11776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27098 comm="syz.8.9467" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87ed9df6c9 code=0x7ffc0000
[  305.336046][   T29] audit: type=1326 audit(818.276:11777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27098 comm="syz.8.9467" exe="/root/syz-executor" sig=0 arch=c000003e syscall=447 compat=0 ip=0x7f87ed9df6c9 code=0x7ffc0000
[  305.359011][   T29] audit: type=1326 audit(818.276:11778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27098 comm="syz.8.9467" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87ed9df6c9 code=0x7ffc0000
[  305.382063][   T29] audit: type=1326 audit(818.306:11779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27098 comm="syz.8.9467" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87ed9df6c9 code=0x7ffc0000
[  305.561446][T27122] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9479'.
[  305.571184][T27122] netlink: 12 bytes leftover after parsing attributes in process `syz.3.9479'.
[  305.612751][T27124] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9480'.
[  305.647577][T27130] loop4: detected capacity change from 0 to 128
[  305.654398][T27130] FAT-fs (loop4): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  305.666121][ T4084] FAT-fs (loop4): error, invalid FAT chain (i_pos 548, last_block 8)
[  305.674212][ T4084] FAT-fs (loop4): Filesystem has been set read-only
[  305.680935][   T29] audit: type=1400 audit(818.656:11780): avc:  denied  { remount } for  pid=27127 comm="syz.4.9482" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[  305.701949][ T4084] FAT-fs (loop4): error, corrupted file size (i_pos 548, 522)
[  305.711110][T27130] FAT-fs (loop4): error, corrupted file size (i_pos 548, 522)
[  305.718683][T27130] FAT-fs (loop4): Filesystem has been set read-only
[  305.752211][T27139] loop4: detected capacity change from 0 to 1024
[  305.759547][T27139] EXT4-fs: Ignoring removed orlov option
[  305.769518][T27139] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  305.799196][T27139] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  305.825645][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  305.837429][T27153] netlink: 'syz.3.9493': attribute type 3 has an invalid length.
[  305.923380][T27161] loop4: detected capacity change from 0 to 8192
[  305.971764][   T29] audit: type=1326 audit(818.956:11781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27168 comm="syz.8.9501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87ed9df6c9 code=0x7ffc0000
[  305.994874][   T29] audit: type=1326 audit(818.956:11782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27168 comm="syz.8.9501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f87ed9df6c9 code=0x7ffc0000
[  305.999432][T27167] netlink: 'syz.1.9500': attribute type 12 has an invalid length.
[  306.074276][T27175] wg2: entered promiscuous mode
[  306.079258][T27175] wg2: entered allmulticast mode
[  306.140911][T27178] loop8: detected capacity change from 0 to 1024
[  306.158631][T27178] EXT4-fs: Ignoring removed orlov option
[  306.184860][T27178] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  306.236343][T27178] EXT4-fs (loop8): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  306.256923][T27188] netlink: 'syz.4.9508': attribute type 6 has an invalid length.
[  306.265242][T13077] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  306.307242][T27190] veth22: entered promiscuous mode
[  306.312488][T27190] veth22: entered allmulticast mode
[  306.509699][T27211] loop8: detected capacity change from 0 to 1024
[  306.518750][T27211] EXT4-fs: inline encryption not supported
[  306.523196][T27213] loop2: detected capacity change from 0 to 1024
[  306.560200][T27213] EXT4-fs: Ignoring removed orlov option
[  306.589454][T27211] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  306.610097][T27213] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  306.643249][T27211] EXT4-fs error (device loop8): ext4_mb_mark_diskspace_used:4193: comm syz.8.9520: Allocating blocks 385-513 which overlap fs metadata
[  306.677915][T27213] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  306.696899][T27211] EXT4-fs (loop8): pa ffff8881071dad20: logic 16, phys. 129, len 24
[  306.704940][T27211] EXT4-fs error (device loop8): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 8
[  306.725894][T27211] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 52 with error 28
[  306.738301][T27211] EXT4-fs (loop8): This should not happen!! Data will be lost
[  306.738301][T27211] 
[  306.747996][T27211] EXT4-fs (loop8): Total free blocks count 0
[  306.748579][T27229] lo speed is unknown, defaulting to 1000
[  306.754049][T27211] EXT4-fs (loop8): Free/Dirty block details
[  306.765635][T27211] EXT4-fs (loop8): free_blocks=128
[  306.770894][T27211] EXT4-fs (loop8): dirty_blocks=0
[  306.775908][T27211] EXT4-fs (loop8): Block reservation details
[  306.778898][T16343] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  306.781884][T27211] EXT4-fs (loop8): i_reserved_data_blocks=0
[  306.874603][T27241] loop8: detected capacity change from 0 to 128
[  307.002361][T27266] netlink: 'syz.8.9539': attribute type 10 has an invalid length.
[  307.010254][T27266] netlink: 40 bytes leftover after parsing attributes in process `syz.8.9539'.
[  307.019797][T27266] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  307.280814][T27296] netlink: 2028 bytes leftover after parsing attributes in process `syz.3.9550'.
[  307.290056][T27296] netlink: 24 bytes leftover after parsing attributes in process `syz.3.9550'.
[  307.713504][T27318] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9559'.
[  307.923976][T27336] netlink: 'syz.1.9567': attribute type 6 has an invalid length.
[  308.086683][T27349] team0: entered promiscuous mode
[  308.091784][T27349] team0: entered allmulticast mode
[  308.097118][T27349] 8021q: adding VLAN 0 to HW filter on device team0
[  308.185321][T27361] netlink: 'syz.3.9580': attribute type 6 has an invalid length.
[  308.428850][T27389] loop4: detected capacity change from 0 to 1024
[  308.460347][T27389] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  308.522164][T27389] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 18: block 241:freeing already freed block (bit 15); block bitmap corrupt.
[  308.585967][T27405] loop2: detected capacity change from 0 to 512
[  308.594296][T27405] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  308.607938][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  308.624987][T27405] EXT4-fs (loop2): 1 truncate cleaned up
[  308.631595][T27405] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  308.654745][T16343] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  308.679702][T27412] netlink: 'syz.3.9601': attribute type 1 has an invalid length.
[  308.697774][T27412] bond4: entered promiscuous mode
[  308.703121][T27412] 8021q: adding VLAN 0 to HW filter on device bond4
[  308.720535][T27412] 8021q: adding VLAN 0 to HW filter on device bond4
[  308.732868][T27412] bond4: (slave xfrm1): The slave device specified does not support setting the MAC address
[  308.743026][T27412] bond4: (slave xfrm1): Setting fail_over_mac to active for active-backup mode
[  308.755297][T27412] bond4: (slave xfrm1): making interface the new active one
[  308.762623][T27412] xfrm1: entered promiscuous mode
[  308.769999][T27412] bond4: (slave xfrm1): Enslaving as an active interface with an up link
[  308.810431][T27422] bridge: RTM_NEWNEIGH with invalid ether address
[  308.908901][T27419] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  308.956443][T27440] loop4: detected capacity change from 0 to 1024
[  308.963222][T27440] EXT4-fs: Ignoring removed orlov option
[  308.979802][T27440] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  309.004423][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  309.687671][   T29] kauditd_printk_skb: 66 callbacks suppressed
[  309.687685][   T29] audit: type=1400 audit(822.676:11849): avc:  denied  { associate } for  pid=27459 comm="syz.1.9618" name="cgroup.controllers" dev="tmpfs" ino=5366 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="@"
[  309.733479][   T29] audit: type=1400 audit(822.726:11850): avc:  denied  { unlink } for  pid=15083 comm="syz-executor" name="cgroup.controllers" dev="tmpfs" ino=5366 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="@"
[  310.033784][T27491] netlink: 'syz.8.9631': attribute type 3 has an invalid length.
[  310.116483][   T29] audit: type=1326 audit(823.106:11851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27515 comm="syz.2.9643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdef576f6c9 code=0x7ffc0000
[  310.151860][   T29] audit: type=1326 audit(823.136:11852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27515 comm="syz.2.9643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdef576f6c9 code=0x7ffc0000
[  310.174943][   T29] audit: type=1326 audit(823.136:11853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27515 comm="syz.2.9643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdef576f6c9 code=0x7ffc0000
[  310.198058][   T29] audit: type=1326 audit(823.136:11854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27515 comm="syz.2.9643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdef576f6c9 code=0x7ffc0000
[  310.221384][   T29] audit: type=1326 audit(823.136:11855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27515 comm="syz.2.9643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdef576f6c9 code=0x7ffc0000
[  310.244623][   T29] audit: type=1326 audit(823.136:11856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27515 comm="syz.2.9643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdef576f6c9 code=0x7ffc0000
[  310.267830][   T29] audit: type=1326 audit(823.136:11857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27515 comm="syz.2.9643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdef576f6c9 code=0x7ffc0000
[  310.290822][   T29] audit: type=1326 audit(823.136:11858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27515 comm="syz.2.9643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdef576f6c9 code=0x7ffc0000
[  310.431534][T27530] loop8: detected capacity change from 0 to 512
[  310.438195][T27530] EXT4-fs: Ignoring removed i_version option
[  310.444215][T27530] EXT4-fs: Ignoring removed bh option
[  310.461103][T27530] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  310.518472][T13077] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  310.662855][T27551] __nla_validate_parse: 2 callbacks suppressed
[  310.662870][T27551] netlink: 28 bytes leftover after parsing attributes in process `syz.8.9656'.
[  310.763124][T27557] loop8: detected capacity change from 0 to 1024
[  310.770139][T27557] EXT4-fs: Ignoring removed orlov option
[  310.779721][T27557] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  311.100558][T27571] loop2: detected capacity change from 0 to 1024
[  311.124833][T27571] EXT4-fs: inline encryption not supported
[  311.168038][T27571] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  311.297389][T13077] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  311.409974][T16343] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  311.530649][T27585] bridge: RTM_NEWNEIGH with invalid ether address
[  311.709784][T27597] netlink: 12 bytes leftover after parsing attributes in process `syz.1.9674'.
[  311.804820][T27602] pim6reg1: entered promiscuous mode
[  311.810188][T27602] pim6reg1: entered allmulticast mode
[  312.212093][T27637] 9pnet_fd: Insufficient options for proto=fd
[  312.234573][T27639] loop4: detected capacity change from 0 to 512
[  312.241368][T27639] EXT4-fs: Ignoring removed i_version option
[  312.247355][T27639] EXT4-fs: Ignoring removed bh option
[  312.348013][T27639] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  312.416269][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  312.473997][T27650] loop4: detected capacity change from 0 to 512
[  312.481055][T27650] EXT4-fs: Ignoring removed nomblk_io_submit option
[  312.508236][T27650] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  312.586432][T27650] EXT4-fs (loop4): 1 truncate cleaned up
[  312.592702][T27650] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  312.827473][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  312.870035][T27677] RDS: rds_bind could not find a transport for ::ffff:172.20.20.170, load rds_tcp or rds_rdma?
[  313.029135][T27697] loop4: detected capacity change from 0 to 1024
[  313.045441][T27697] EXT4-fs: inline encryption not supported
[  313.073728][T27697] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  313.097338][T27703] xt_hashlimit: max too large, truncated to 1048576
[  313.211918][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  313.726347][T27733] loop8: detected capacity change from 0 to 1024
[  313.726668][T27733] EXT4-fs: Ignoring removed mblk_io_submit option
[  313.739662][T27733] EXT4-fs: Ignoring removed nobh option
[  313.749619][T27733] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  314.136835][T27742] netlink: 96 bytes leftover after parsing attributes in process `syz.4.9731'.
[  314.379114][T27778] loop4: detected capacity change from 0 to 2048
[  314.400634][T27778] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  314.521282][T13077] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  314.645277][T27777] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  314.718702][T27777] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 64 with max blocks 16 with error 28
[  314.731116][T27777] EXT4-fs (loop4): This should not happen!! Data will be lost
[  314.731116][T27777] 
[  314.740893][T27777] EXT4-fs (loop4): Total free blocks count 0
[  314.746865][T27777] EXT4-fs (loop4): Free/Dirty block details
[  314.752829][T27777] EXT4-fs (loop4): free_blocks=2415919504
[  314.758563][T27777] EXT4-fs (loop4): dirty_blocks=16
[  314.763661][T27777] EXT4-fs (loop4): Block reservation details
[  314.769672][T27777] EXT4-fs (loop4): i_reserved_data_blocks=1
[  314.829807][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  315.023507][   T29] kauditd_printk_skb: 31 callbacks suppressed
[  315.023519][   T29] audit: type=1326 audit(828.016:11890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27809 comm="syz.3.9761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac8598f6c9 code=0x7ffc0000
[  315.092977][   T29] audit: type=1326 audit(828.016:11891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27809 comm="syz.3.9761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac8598f6c9 code=0x7ffc0000
[  315.116102][   T29] audit: type=1326 audit(828.016:11892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27809 comm="syz.3.9761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fac8598f6c9 code=0x7ffc0000
[  315.139260][   T29] audit: type=1326 audit(828.016:11893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27809 comm="syz.3.9761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac8598f6c9 code=0x7ffc0000
[  315.162259][   T29] audit: type=1326 audit(828.016:11894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27809 comm="syz.3.9761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7fac8598f6c9 code=0x7ffc0000
[  315.185196][   T29] audit: type=1326 audit(828.016:11895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27809 comm="syz.3.9761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac8598f6c9 code=0x7ffc0000
[  315.208163][   T29] audit: type=1326 audit(828.016:11896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27809 comm="syz.3.9761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=235 compat=0 ip=0x7fac8598f6c9 code=0x7ffc0000
[  315.231293][   T29] audit: type=1326 audit(828.016:11897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27809 comm="syz.3.9761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac8598f6c9 code=0x7ffc0000
[  315.254424][   T29] audit: type=1326 audit(828.026:11898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27809 comm="syz.3.9761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac8598f6c9 code=0x7ffc0000
[  315.318313][T27819] netlink: 12 bytes leftover after parsing attributes in process `syz.8.9763'.
[  315.327357][T27819] netlink: 12 bytes leftover after parsing attributes in process `syz.8.9763'.
[  315.430785][   T29] audit: type=1326 audit(828.426:11899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27827 comm="syz.1.9764" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb85942f6c9 code=0x7ffc0000
[  315.516327][T27837] loop8: detected capacity change from 0 to 1024
[  315.565072][T27837] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  315.607853][T13077] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  315.665671][T27853] loop8: detected capacity change from 0 to 512
[  315.672516][T27853] EXT4-fs: Ignoring removed nomblk_io_submit option
[  315.683217][T27853] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  315.697774][T27853] EXT4-fs (loop8): 1 truncate cleaned up
[  315.716315][T27853] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  316.072480][T27876] loop2: detected capacity change from 0 to 1024
[  316.101964][T27876] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  316.134569][T13077] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  316.208772][T16343] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  316.257760][T27892] netlink: 96 bytes leftover after parsing attributes in process `syz.1.9792'.
[  316.289821][T27898] sctp: [Deprecated]: syz.2.9789 (pid 27898) Use of int in max_burst socket option.
[  316.289821][T27898] Use struct sctp_assoc_value instead
[  316.364555][T27907] netlink: 96 bytes leftover after parsing attributes in process `syz.2.9800'.
[  316.434393][T27913] loop2: detected capacity change from 0 to 2048
[  316.472300][T27913] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  316.730613][T27912] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  316.758462][T27912] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 96 with max blocks 12 with error 28
[  316.770886][T27912] EXT4-fs (loop2): This should not happen!! Data will be lost
[  316.770886][T27912] 
[  316.780563][T27912] EXT4-fs (loop2): Total free blocks count 0
[  316.786633][T27912] EXT4-fs (loop2): Free/Dirty block details
[  316.792556][T27912] EXT4-fs (loop2): free_blocks=2415919504
[  316.798353][T27912] EXT4-fs (loop2): dirty_blocks=16
[  316.803528][T27912] EXT4-fs (loop2): Block reservation details
[  316.809692][T27912] EXT4-fs (loop2): i_reserved_data_blocks=1
[  316.846315][T16343] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  316.888182][T27948] lo speed is unknown, defaulting to 1000
[  316.957900][T27950] lo speed is unknown, defaulting to 1000
[  317.072861][T27948] netlink: 20 bytes leftover after parsing attributes in process `syz.8.9817'.
[  317.331102][T27972] bridge: RTM_NEWNEIGH with invalid ether address
[  317.338837][T27970] loop2: detected capacity change from 0 to 1024
[  317.362438][T27970] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  317.373358][T27970] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  317.396893][T27970] JBD2: no valid journal superblock found
[  317.402677][T27970] EXT4-fs (loop2): Could not load journal inode
[  317.446572][T27970] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[  317.612984][T27999] netlink: 'syz.8.9841': attribute type 1 has an invalid length.
[  317.630420][T28001] netlink: 12 bytes leftover after parsing attributes in process `syz.3.9842'.
[  317.639476][T28001] netlink: 12 bytes leftover after parsing attributes in process `syz.3.9842'.
[  317.676567][T28005] netlink: 'syz.8.9844': attribute type 19 has an invalid length.
[  317.684464][T28005] netlink: 4 bytes leftover after parsing attributes in process `syz.8.9844'.
[  317.701567][T28005] netlink: 'syz.8.9844': attribute type 19 has an invalid length.
[  317.701914][  T381] netdevsim netdevsim8 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  317.709477][T28005] netlink: 4 bytes leftover after parsing attributes in process `syz.8.9844'.
[  317.728061][  T381] netdevsim netdevsim8 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  317.749112][  T381] netdevsim netdevsim8 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  317.757343][  T381] netdevsim netdevsim8 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  318.471103][T28014] loop2: detected capacity change from 0 to 512
[  318.498788][T28014] EXT4-fs: Ignoring removed nomblk_io_submit option
[  318.518888][T28014] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  318.548732][T28014] EXT4-fs (loop2): 1 truncate cleaned up
[  318.563443][T28014] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  318.637784][T28026] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9851'.
[  318.674916][T28026] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9851'.
[  318.770861][T28044] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  318.779702][T28044] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  318.829893][T16343] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  318.867687][T28054] veth30: entered promiscuous mode
[  318.872925][T28054] veth30: entered allmulticast mode
[  318.914512][T28060] netlink: 176 bytes leftover after parsing attributes in process `syz.3.9868'.
[  318.960267][T28068] lo speed is unknown, defaulting to 1000
[  319.043872][T28073] lo speed is unknown, defaulting to 1000
[  319.088410][T28079] netlink: 'syz.3.9877': attribute type 10 has an invalid length.
[  319.120156][T28079] bond3: (slave dummy0): Releasing active interface
[  319.134168][T28079] netlink: 'syz.3.9877': attribute type 10 has an invalid length.
[  319.145902][T28079] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  319.432651][T28107] 9pnet: Could not find request transport: 0xffffffffffffffff
[  319.586360][T28122] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check.
[  319.736918][T28132] netlink: 'syz.4.9900': attribute type 19 has an invalid length.
[  319.778179][T28132] netlink: 'syz.4.9900': attribute type 19 has an invalid length.
[  319.837972][T28137] loop2: detected capacity change from 0 to 764
[  319.928703][T28144] infiniband 
: RDMA CMA: cma_listen_on_dev, error -98
[  320.002448][T28149] Process accounting resumed
[  320.037882][   T29] kauditd_printk_skb: 204 callbacks suppressed
[  320.037896][   T29] audit: type=1326 audit(833.026:12104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28158 comm="syz.4.9911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91d236f6c9 code=0x7ffc0000
[  320.105967][   T29] audit: type=1326 audit(833.066:12105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28158 comm="syz.4.9911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91d236f6c9 code=0x7ffc0000
[  320.129045][   T29] audit: type=1326 audit(833.066:12106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28158 comm="syz.4.9911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f91d236f6c9 code=0x7ffc0000
[  320.152139][   T29] audit: type=1326 audit(833.066:12107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28158 comm="syz.4.9911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f91d236f703 code=0x7ffc0000
[  320.174907][   T29] audit: type=1326 audit(833.066:12108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28158 comm="syz.4.9911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f91d236f703 code=0x7ffc0000
[  320.197827][   T29] audit: type=1326 audit(833.066:12109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28158 comm="syz.4.9911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91d236f6c9 code=0x7ffc0000
[  320.220877][   T29] audit: type=1326 audit(833.066:12110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28158 comm="syz.4.9911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91d236f6c9 code=0x7ffc0000
[  320.243922][   T29] audit: type=1326 audit(833.066:12111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28158 comm="syz.4.9911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91d236f6c9 code=0x7ffc0000
[  320.266941][   T29] audit: type=1326 audit(833.066:12112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28158 comm="syz.4.9911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91d236f6c9 code=0x7ffc0000
[  320.290042][   T29] audit: type=1326 audit(833.076:12113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28158 comm="syz.4.9911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91d236f6c9 code=0x7ffc0000
[  320.649110][T28181] bond0: (slave dummy0): Releasing backup interface
[  320.678708][T28181] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check.
[  320.741397][ T4078] ==================================================================
[  320.749485][ T4078] BUG: KCSAN: data-race in alloc_pid / copy_process
[  320.756061][ T4078] 
[  320.758364][ T4078] read-write to 0xffffffff8685ff98 of 4 bytes by task 28189 on cpu 0:
[  320.766488][ T4078]  alloc_pid+0x539/0x720
[  320.770709][ T4078]  copy_process+0xe25/0x2000
[  320.775282][ T4078]  kernel_clone+0x16c/0x5c0
[  320.779771][ T4078]  __se_sys_clone3+0x1c2/0x200
[  320.784525][ T4078]  __x64_sys_clone3+0x31/0x40
[  320.789196][ T4078]  x64_sys_call+0x1fc9/0x3000
[  320.793867][ T4078]  do_syscall_64+0xd2/0x200
[  320.798358][ T4078]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  320.804237][ T4078] 
[  320.806545][ T4078] read to 0xffffffff8685ff98 of 4 bytes by task 4078 on cpu 1:
[  320.814064][ T4078]  copy_process+0x17fc/0x2000
[  320.818729][ T4078]  kernel_clone+0x16c/0x5c0
[  320.823219][ T4078]  user_mode_thread+0x7d/0xb0
[  320.827881][ T4078]  call_usermodehelper_exec_work+0x7a/0x160
[  320.833765][ T4078]  process_scheduled_works+0x4ce/0x9d0
[  320.839226][ T4078]  worker_thread+0x582/0x770
[  320.843802][ T4078]  kthread+0x489/0x510
[  320.847855][ T4078]  ret_from_fork+0x122/0x1b0
[  320.852426][ T4078]  ret_from_fork_asm+0x1a/0x30
[  320.857173][ T4078] 
[  320.859475][ T4078] value changed: 0x8000016d -> 0x8000016e
[  320.865167][ T4078] 
[  320.867468][ T4078] Reported by Kernel Concurrency Sanitizer on:
[  320.873596][ T4078] CPU: 1 UID: 0 PID: 4078 Comm: kworker/u8:37 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  320.885121][ T4078] Tainted: [W]=WARN
[  320.888903][ T4078] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  320.898936][ T4078] Workqueue: events_unbound call_usermodehelper_exec_work
[  320.906030][ T4078] ==================================================================