last executing test programs:

2.111538711s ago: executing program 4 (id=444):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x18, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000c80)='kmem_cache_free\x00', r0}, 0x10)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r1, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r2}, 0x10)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x42073, 0xffffffffffffffff, 0x0)

1.936187094s ago: executing program 3 (id=449):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1, 0x0, 0x400007}, 0x18)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000)
r2 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r2, &(0x7f0000000200)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc)
r3 = syz_io_uring_setup(0x497, &(0x7f0000000540)={0x0, 0x4660, 0x400, 0x3, 0x285}, &(0x7f00000004c0)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r2, 0x0, 0x0})
io_uring_enter(r3, 0x40f9, 0x217, 0xa5, 0x0, 0xf5)

1.652064587s ago: executing program 4 (id=454):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x110e22fff6)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
ioctl$TUNSETOFFLOAD(r1, 0x4004743d, 0x110e22fff6)
r2 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, 0x0, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000001800)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
io_setup(0x81, &(0x7f0000001440)=<r3=>0x0)
close(0x3)
io_submit(r3, 0x1, &(0x7f00000008c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x5, 0x800, r1, 0x0, 0x0, 0x0, 0x0, 0x2}])

1.600803941s ago: executing program 3 (id=456):
mknod$loop(&(0x7f0000002180)='./file0\x00', 0x800, 0x0)
r0 = inotify_init()
inotify_add_watch(r0, &(0x7f0000000000)='./file0\x00', 0xa000032a)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x38, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r1}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
readv(r0, &(0x7f0000000100)=[{&(0x7f00000002c0)=""/256, 0x10}], 0x2)

1.554159635s ago: executing program 4 (id=458):
syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
setsockopt$SO_J1939_SEND_PRIO(0xffffffffffffffff, 0x6b, 0x3, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

1.553190745s ago: executing program 3 (id=468):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x8, 0x0, 0x0, 0x0, 0x51}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
syz_clone(0x4021400, 0x0, 0x9000, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$wireguard(&(0x7f0000000600), 0xffffffffffffffff)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x500, &(0x7f0000000180)={&(0x7f00000002c0)=@newlink={0x30, 0x10, 0x1, 0x70bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x4891a, 0xa}, [@IFLA_GROUP={0x8}, @IFLA_TXQLEN={0x8, 0xd, 0x10}]}, 0x30}, 0x1, 0x0, 0x0, 0x40801}, 0x6000000)

1.422566486s ago: executing program 3 (id=459):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
r1 = openat$rfkill(0xffffffffffffff9c, 0x0, 0x602, 0x0)
writev(r1, &(0x7f0000000440)=[{0x0}], 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x0, 0x1, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f00000000c0))
r2 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x700000, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r3}, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x1c, r4, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)

1.192902864s ago: executing program 3 (id=461):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100c, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000004c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$unix(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000180)="2f03", 0x2}], 0x1, 0x0, 0x0, 0x800}, 0x20004011)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180200000000000000000000000000001801000020646c4300000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000008500000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='hrtimer_start\x00', r2}, 0x3d)
recvmsg$unix(r0, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x10002)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={&(0x7f00000007c0)='skb_copy_datagram_iovec\x00', r3}, 0x10)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0)

1.139395959s ago: executing program 1 (id=462):
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x18, 0x25c, &(0x7f0000000440)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002064070000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000850000000700000095"], 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x7ecae788a6630e8, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000072"], 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r3}, 0x10)
r4 = dup(r1)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[], [], 0x6b}})

1.036370337s ago: executing program 0 (id=464):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="180100000100a7d9000000000020b208850000007b00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
write$selinux_access(0xffffffffffffffff, 0x0, 0x65)
syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000980)=ANY=[@ANYBLOB="84000000", @ANYRES16=r2, @ANYBLOB="010000000000fbdbdf250100000008000200000000000500050000000000080003000100000048000180050002002000000006000100020000000800060003000000080003"], 0x84}, 0x1, 0x0, 0x0, 0x4800}, 0x20000000)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x14, r2, 0x1, 0x70bd2c, 0x25dbdbff}, 0x14}, 0x1, 0x0, 0x0, 0x20000800}, 0x54)
socket$inet_sctp(0x2, 0x1, 0x84)

1.036050117s ago: executing program 1 (id=465):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50)
perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xf, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x5, 0x9, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r1, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1d, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000bc00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000400850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r3, 0x5, 0xe, 0x0, &(0x7f0000000000)="6121eed4cd50bb2b01e841acde1a", 0x0, 0x2a1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x20}, 0x50)

996.47856ms ago: executing program 0 (id=466):
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0xfffffffffffffdd0, 0x0, 0x41000}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x2c, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000400), 0x20280, 0x0)
ioctl$IMADDTIMER(r2, 0x80044940, &(0x7f0000000080)=0x14)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
r3 = syz_open_procfs(0x0, &(0x7f0000000440)='ns\x00')
getdents(r3, &(0x7f0000001f80)=""/4096, 0x1000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000000000000000000000000851000000600000018020000", @ANYRES32, @ANYBLOB="00000000000000006600020000000000180000000000000000000000000000009500040000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a00000000000085000000060000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x2, 0xff5c, &(0x7f0000000340)=""/222}, 0x78)
close(r2)

956.841443ms ago: executing program 1 (id=467):
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2b20038, 0x0, 0x10, 0x0, &(0x7f0000000100))
openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42202)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x200}, 0x1c)
listen(r1, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
accept(r1, 0x0, 0x0)

955.745203ms ago: executing program 0 (id=469):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000040000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r3 = dup(r2)
write$P9_RLERRORu(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r3, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
utime(&(0x7f0000000100)='./file0\x00', 0x0)

891.853868ms ago: executing program 0 (id=471):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000040)=[@in={0x2, 0x4e21, @empty}], 0x10)
sendmsg$inet_sctp(r0, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @loopback}, 0x10, &(0x7f0000000080)=[{&(0x7f0000000000)="fd", 0x1}], 0x1, 0x0, 0x0, 0x804c040}, 0x881)
r1 = dup(r0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x106, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r1, &(0x7f0000000180)={0x4, 0x8}, 0x10)
shutdown(r0, 0x1)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000140)={0x0, 0x10, &(0x7f0000000100)=[@in={0x2, 0x4e20, @private=0xa010100}]}, &(0x7f0000000180)=0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f0000000000)={0x1, [<r3=>0x0]}, &(0x7f0000000080)=0x8)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x85, &(0x7f0000000540)={r3, 0x88, "0200000000000000703fcd09bdf0b493d4323725cdcff2eae49f89843a5318d5ba093aa761132b512e8c4eb4eb76aa3f3069d1d5a64a2c75a2d59986feff48dc51b23de50b4c052630642b3348c700b558041310b18d364b87808f6ec3b597fae6ac116b5bc6c564f98676e592103c268225b716a73e58c8c8f8ec21e15e7a5d6743243dfde8a664"}, &(0x7f00000000c0)=0x90)

891.473728ms ago: executing program 1 (id=472):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x80)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001c80)={{r0}, &(0x7f0000001c00)=0x8000000, &(0x7f0000001c40)=r1}, 0x20)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000080)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
mount$tmpfs(0x0, &(0x7f0000000400)='./file0/../file0\x00', &(0x7f00000001c0), 0x0, 0x0)
umount2(&(0x7f00000002c0)='./file0\x00', 0x0)

890.832998ms ago: executing program 1 (id=473):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000300)={'#! ', '', [{0x20, 'memory.events\x00'}]}, 0x13)
perf_event_open(&(0x7f0000000140)={0x8, 0x80, 0x7, 0x0, 0x0, 0x3, 0x82, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0xf}, 0x8080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x10000000000007}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x82, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x2, @perf_bp={&(0x7f0000000080)}, 0x400, 0x200000000000, 0x0, 0x0, 0x0, 0x1fffffff, 0x0, 0x0, 0x40, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

848.186312ms ago: executing program 4 (id=474):
syz_open_procfs(0xffffffffffffffff, 0x0)
madvise(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x12)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0x64, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @empty}, {0x8, 0x2, @loopback}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_MARK={0x8, 0x8, 0x1, 0x0, 0x7f}]}, 0x64}}, 0x0)
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0x20)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f0000007fc0), 0x800001d, 0x0)
syz_clone(0x630c1100, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x8, 0x80, 0x0, 0x4, 0x0, 0x7, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x4}, 0x0, 0x0, 0x0, 0x0, 0xb}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

659.166667ms ago: executing program 1 (id=476):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d"], 0x0, 0x5d, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r0}, 0x10)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r2, &(0x7f0000004200)='t', 0x1)
sendfile(r2, r1, 0x0, 0x3ffff)
sendfile(r2, r1, 0x0, 0x7ffff000)

493.09057ms ago: executing program 2 (id=477):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$SO_TIMESTAMPING(r0, 0x1, 0x4a, 0x0, &(0x7f00000002c0))
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0xd9}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r1}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r2}, 0x18)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x10c}}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000000100000024000180060005004e230000060001000200000008000300ac1414aa0800060001"], 0x38}, 0x1, 0x0, 0x0, 0x4000011}, 0x0)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r3, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000c00)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="010028bd7000fcdbdf2504"], 0x14}}, 0x0)

458.854323ms ago: executing program 4 (id=478):
r0 = syz_io_uring_setup(0xbc3, &(0x7f0000001480)={0x0, 0x1064, 0x80, 0x200003, 0x1af}, &(0x7f0000000040)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x1, 0xffffffffffffffff, 0x0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000200)=[{0x0}, {0x0}], 0x2}, 0x0, 0x3, 0x0, {0x2}})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
io_uring_enter(r0, 0x47f8, 0x0, 0x0, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r3, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000bc0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4, 0x0, 0x3}, 0x18)
ioctl$EXT4_IOC_MIGRATE(0xffffffffffffffff, 0x6609)

372.1314ms ago: executing program 2 (id=479):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='sys_enter\x00', r1}, 0x18)
inotify_rm_watch(0xffffffffffffffff, 0x0)
bpf$BPF_PROG_ATTACH(0x8, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, 0x0, 0x0)
semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000140))
r2 = syz_open_pts(0xffffffffffffffff, 0x900)
dup3(r2, 0xffffffffffffffff, 0x80000)

371.71536ms ago: executing program 2 (id=480):
perf_event_open(&(0x7f0000000380)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8000000c8, 0x0, 0x0, 0x4, 0x8, 0x0, 0x0, 0x40, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x12)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x80000, 0x0, 0x0, 0x41100}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x800)
recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r4=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r4, &(0x7f0000000580)=ANY=[@ANYBLOB="8fedcb791f6f9875f37538e486dd6317ce81ea038800fe08000e40000200875a65969ff57b00ff020000000000000000000000000001e2607e15e697ab"], 0xfdef)

295.717306ms ago: executing program 2 (id=481):
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6(0xa, 0x80002, 0x0)
socket$key(0xf, 0x3, 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x1}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x3, 0x4, &(0x7f00000001c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x8}, [@generic={0x81, 0x1, 0x1, 0x83}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
setsockopt$inet6_IPV6_PKTINFO(0xffffffffffffffff, 0x29, 0x32, &(0x7f0000000740)={@private1={0xfc, 0x1, '\x00', 0xf3}}, 0x14)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x2}, 0x18)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000002d40)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = gettid()
sendmsg$unix(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000007c0)='>', 0x1}], 0x1, &(0x7f0000001040)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r2, @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="0000000030000000000000000100000001000000", @ANYRES32=r1, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r1, @ANYRES32=r0, @ANYRES32=r1, @ANYRES32=r0, @ANYRES32=r1, @ANYBLOB="1c000000000000000100000402000000", @ANYRES32, @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32=r0, @ANYBLOB="e5ffff6e18"], 0xa0}, 0x4004881)

295.314506ms ago: executing program 3 (id=482):
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x7, 0x2a, 0x5}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r1}, &(0x7f0000000280), &(0x7f00000002c0)=r2}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000540)='inet_sock_set_state\x00', r3}, 0x10)
listen(r0, 0x3)

245.12018ms ago: executing program 2 (id=483):
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001780)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r0}, 0x10)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
waitid(0x0, 0x0, 0x0, 0x4, 0x0)
r2 = syz_pidfd_open(r1, 0x0)
pidfd_send_signal(r2, 0x2, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x2, 0x5}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r4}, 0x10)

198.929434ms ago: executing program 4 (id=484):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
close_range(r1, r1, 0x2)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_opts(r1, 0x29, 0x39, &(0x7f0000000080)=ANY=[@ANYBLOB="3c1204"], 0x98)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e21, 0xcb84, @rand_addr=' \x01\x00', 0x8}, 0x1c)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)

31.276857ms ago: executing program 0 (id=485):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0xe, 0x4, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000020000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
gettid()
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="140100002800010004000000f8dbdf2503"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)

30.640827ms ago: executing program 2 (id=495):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = syz_io_uring_setup(0x3e, &(0x7f0000000640)={0x0, 0xaddb, 0x10100, 0x1, 0x92}, &(0x7f00000001c0)=<r1=>0x0, &(0x7f00000003c0)=<r2=>0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000400)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
syz_io_uring_submit(r1, r2, &(0x7f0000000600)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000019c0)=[{&(0x7f00000002c0)=""/183, 0xb7}], 0x1}, 0x0, 0x80002101})
io_uring_enter(r0, 0xd81, 0x0, 0x0, 0x0, 0x0)
r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCMIWAIT(r5, 0x545c, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000280), r4)

0s ago: executing program 0 (id=486):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='kmem_cache_free\x00'}, 0x18)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000280)=ANY=[@ANYRESHEX, @ANYRES8], 0x48)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000003b40)=ANY=[@ANYRES32=0x0, @ANYRESDEC, @ANYRES16=0x0, @ANYBLOB="b022fd84099290ab8ebe39cfc17f80bc2926131e9437a1dea9ca1756900531c14b67f7a9edd0d80c7c73649053153a8d8db6d3c0d3b3fa951f57d14071b61a27d968a0ae7bd580d2d9fd9034451c3ecffae80b234e72fb11e3a60c1208bd5262c5009e3e45582ed4203850292ed682fc5e26f5c2af47718ee5b4f2ed68f0b21b813ec22c4c61d3f22f5a01ebea6c484d8ef4ca90180b4587e0bee2f782fef574aa1e0ebc5d9e42452910d03c12feff7848f72ac5430476b9dc2457a09efdc6f181c408abe7b30cccd2c8fb85389e1cacd4f4b29a3d4a55941bf1bb416203732d6712d5a89470876ae6daec66f3fe1b39982c2781b115e20af7ce0a0c7c77db1073adc6e11597bd9f540f90f60b92dc84a5c764379c0b9426ff4f547182502633aa754dcfc63e46c7cef8e3a0c29bf5184ac150e90d884c59cba3dae7c531fb114534292629d8532c0f67ee37f2c349ea8f28199aff2aa335df5db411287a73adfbfff212cf7b6d277a361c55af160d98b5c3db84da37d80e07269c33f60f111ec3c09d8843e1f5499e71de9b48882b9415d45b20393888ec49f307d535580947b5a5b40b465382aa4a579f317d91792f8ed70e9401863bc0a21d7e15f828ae8f13c673a30cba6f10f89c8a018cc8bbe7072ffe1c5d4ef11f0f82cf967faef8608f8b289245f87607917b0c2578dbbe5186ac78b8cd9a5aff567aebe8a73dd547fdc503885a2df4953f3497688b7b1ede6a2e529b25ecc246a7bcb00077059d7e0100aa20cb4d1dbac6eec0a9f803601c799eddb9b271f0530842291167abffb982fe47a496e884ee3c17850f970cb3ac3342b832b8b984e2eb4836afb7727f7310a347add2a1094cfff7b44516593bbf15f3a9e0e2a788e99bdec6706ae9a39b4f8983ae38d4cdf866d9670de91036ea86646f195ec4b4ce462ea624b8875825262a301f9235496b935506109287bbcf4754e3fa637428a2e39a80cd07ffafd756839abddc721421754fcae705ab432fcdd6f3c004dfad9e6bfa87746dd41649dcd2bf1728a3d6d2ddf27a52957422a27f9e478530873d9f1861b71f2378540648b171bcbd44533723ae1a89e56e2f570c0571eb3c66fac65e3abad003a828f2d21cc990e57b80dd3762fe1204eb320591d6a93f9052b80494b2f52ad89d6374cf33040e2484c3384946450bb65835d65bebb4a91c0f82e598e5aa7ff9ba79f27bbd46240287721d2759fa24cec97658d8f17b3f424293f7253b74dae4b966c8089c546936953d8ce63463c26f1e296f56e17e7f890b6001ed5d9f739036842e989b40c02d3fe5227b1fb08a98f1b1f0c336346698e70171e74e40c5304a356b29c947672f8a0535b7ce3a66b276d09ca3d9fff030e41598649a310875f5b5801c471182c1f617c907f06b5f36a1f9294b0f4a95d0fc98682b1e38f2f94fb08f20c5e5c7afaa9fbbd84734a98dd9b33188f6b79334b09ca8e2de56457242f904b114a2c313b193fe421d7fa97da5ab77f363e83b4698bf903022d13826ded79a905f07f97dc0fc4cc290b969ee37075a4a80a0d86d0696eeea2048ebd1a97f8319b3342e515ae5c9e25ee933d926ae0f31af55aeb07da6508756ac9549ba8bbc0095a17cb647df12f926e595a531d7208ef75cfd6239f65a0584121c75e00f7c77990b90e6350b1a84eba4430979bb726ab02050573af29156bed8e243527593dc0c6de41d0b6775818a96ee97d153826a217e8d7e88c6c44baa781a495afeba3882a06f5b1a87b1e8ee1edf404ac3ade6f5af1f6cd22c01506b5f84befb55c86f79b56e4d5754be8f564f57852f991c2275cbf55937666e022c2b2f0d020156152377859b345f74fe66791421e5571a7900df89c9bef5c3cb19113fae5d524ae2edea5ca91baf096c02e1e860c9b5a97882da598ef1e39fcb61d83f997675a772ac37c0fbe65a9d379b9204a915fdb6a7c7cdbd14c0893cd5e8cfd56f4021756d6c6a25b258a69922a41f3c7bc43b69f46293b381a27ae5a3cfcf2526f8eadcb540ec87d6009d6a2939882140f9a447c5be4328a0681aa3002f6a9dfd836b362fb1d423d7c9571aeb50e2a6acb9ab4e85574baf27b1028db0f6647aa7fe995c1fbf8ab422bb15acf9ae6de73972c9549cb601297bbb1c740e8761af16c4785c4827b5dc5e52f4a82000f6f87670ec19fea4e04e564fc83c0ccf1b7fa2bb9ac3e56addfa7f5f6d1d3d3c92dea5de9fa42f1414a769b0cdc40e306fee0ad66573628b83a07fe087fcb3377848e1a7869e592c83bb594284da28a4f5db381059d56e5d4989042dadbbe6000b66184ca8fe9d293f6c70988f3d7b8ee00546a21aaeca498ae06fa7becc5a55914c7a1ab714d955a8b0bd72e8d6bbf4dd451b525fcbc9fb5c10747dee3c755d39be5c2d52345c56185a8d6cee878b72255acabf7dbefafaed94838532fd01ea6244c4ac929de6846084a07d19de7098e62b613775abe326d402f707c4fbb3968b0aac7f1f27537cbdecee19151b310bcbe2c848ef41eea747e85f87d5a160b2cb6b28d137e30c69770c1651e44a66f8e3394bec03c8256b89fd59bec449c6a2bdb351f53d05e463f75b834624b8c7b557dc38a398d726d0846fc2f062b5b32d10af38ce844c6811aaef73ace1d86813bc37433670f6180f9bd112ae00133077fc7a0bd12d7b4b3a53a3c16a9cb0e8112f18691aa3bd2215afdaa1d00c8ea4f4a302ea9ebc94afaad2549f646a8ae66b953fa9cd649a02c4b152cc6c7b55d99ddc3d0fd1fcd84da355eb02581dba9e4d9dd235d2d4c4e094161440e70926221d76ce70c8762485c8b801550cc208e5d1bfd184e622ff0950a912dd47163c838fd562f09ca1690e76da55a471ec67cb83bbb103975bd4683f0393ec8b843f55ba2c0bdc6c90b50031cfe751792bd5d0cb50c8ee93086794e18c4ed66d6bd09b499f8ff2f63a8920701ab0af5b4b75402b1d65b1eb515dc46e181a1699f21e67349c904f02f8358e28faff2ade65703d14dc2774b02acc731eee0941675502d95e0c32a7304f6e9af85ef220daea0de24cf79e35a59412e62835d3032f88d9ed7befd4f708bfd2d236bd188b6f951bbe13e3add84f111e20324a523426611ec15fb376e7306cbec6867f0b945047a4facf78154e68a66a36972d5a18af1403baa9b4b51fddd072ee1f0087add02485b40323bd708b76406e10a927a913d91c5d771d3aeb3cfafb54b1016785c61ed13060d5f1b550676a656b874fd392ae61c5044218df55cbb72b819990ffdb130fb17a14f7cb5a2a8aafedc6526d83762dbf320f15758030eeecf5652dccf04cdc68827400c768a21daff47212b87357ff0bcb36cae4d113a5d9815b07332cb42329321664d93e43e6dcd6115987007fc623088004f8ac943736eb2a045a25b1bbfbbc97571eabf875d924f6b7b0e524b1afa0ff499473aa7976de83b91928e84f8e445728778fe0e5a356a57f09ed254848cec31b7c5c9c7a2fca21befe15ffc9317e96f7ad582684ce625791b99563781bf64983e77be4f1a5893beec4b560fc15e9c21dd0c29bf2879dfaa257ba5ec97957050d5b2c1f25eb4064488c139dbf88f3b7c70850d6fdbf0603cdd4011bf76e0d9ee5c2b128b50dba5689a8f04d4caf62d777eab31aab4b4195da780901352d284885bf417eb05367ee1b5f2f8c5cfe7f0394fb977f3a3f96084375e22ccf6c3ee4659d68d2b1948a4a1783a4db2282c67d39613fa67be4dd144793b76c09dd563ef3d169f34318acbd62d3b2d64f9173d16e9801132918c3390172c6f64d049b4c894d593419e5f4d5a513fc5a64ddcd05b034e6d16fe88ff89a520c464f842ad5a62a6fc46f0e9d56d05d6f5e625d25f537cca62910981dd463255318d8273db13d27fdc6c17c2c54776ba3a246c413957f297b8ecb1adb5c3f1d4d8e4d7705bdb9268f956d2845b68511edd51cdc5d05de5d6d4b3f573592986fed325f1f3c6a9ef7740f9d843e11981d1ca515c7e722ec4d691c5e4d3a146e39bcf407f66418f754bb2508cb4cc843aa9d8eb63850e5b9103682ecc1fc8f972f394be9d31cb9efd0f693d4ec41fe8d0993b45d2f422f9ab604d3371c1bda1daa3206a027c4de5c8f2cf6d1fc7e6d1423a6c71e84f24e0a4dfbf4a331deff2ae649df9681a08846efc9f0001e7ef106f1bfa25ee2799b13f1f076e30e58078d186afb65301497e982478babf143972cc7072f70829b8faee46e56a1451ff7ddd0dd35816bfa29eee361de60fbc3222e89d70f1495be94d0e82072a0e572e3055c905552e6c45d2af3d4f505a99d947667059c1c92ce2d3549077539c4cec4c07337361eeb9f78813bf9e77b0a79f391ae6eb663deb53317f61ef8ddffdbd0ca2d8095c10c106b0968325bc1e88829d92399b809f1b881e9b9f0aeada5c5ee20fd0866070e3d5d41e62f5b6d2d25441babcdf9d3dc8ae3c140a6f352daf00ed38e248b236acd27f24bdebae0f272a5820ef77fb603fe3cc910a9d842129259e61d25dcf546cd770e4cccab470b20fa5f5972a6dd15853483de6e032f9726c166e81e8e0f9db4df397cc4a10b6e58708a31f48d7d2bae4ef92828c37088068b2ae433110dc7c08e6017d8b26e4e0382ca8fa62dc6f53c4cc2f0f78af72335c494f57f2414afe247e2291c395895bb18f701b6f4331feb759110c543dd94a238e782ad552047677558a50e7683d71a9e222fd19a9343e1d64528640a8099dedd19e4c747dda18ff25b15bddf750a54533b6ecfc75ad4a2909485f7fd759d45c74727b2e7300eae71a8784f5dd7f25b4b000ed3254264131cbbae316fb3a3bfbeb309dd2d18104629db354f447791eb882bf0333a520b8dba745b673d071b07e1de3e02fe751a1cf5908435b1a38edbd60483abdb15452c868844ceb96c449ab72999a55c79f9ce7405797142ef7095b4caf99d7bbe51cd4e963e4ffbbd2648761abd3894b5420a0add261ff9c0eff61aafd1ac5195ff15cadb5b0c7ce34d4d2d68146f3dae677e833b8be0f8a876153bb65398def38e4bf539d3a00047b19c483062fc1c2547b7d4f7d99b7035212ccfffeeb21ed7bbd6165ac7fbafbca3cef86fff655305706dd0baa607c50543bb0d66f0f4dbdd9c365fdb7b875dc5e7ee59afccc321ad1e31cc84687afda71231bb2e4dc3ce79ff3ce4bbafed8821a5b71bbf3844f110e2dd9557b596ac792d97506d22c0410bce435e20fa2e2d435361b5b6ac85f44763769723a7b629258f45e10578f70bef2e9c05af8032e357697dfcd30de9b3e953a36d6cb7a03ce69288b663f692793904dd8fb4ab6dc31ddf7f6942ef84c1e68c78bf9974f830ee2fccca84113cee98b47ed41a87fe610c5348dc38d4ada19862772317a70754870347ad87dbbb4c52349b0261aa8e108fcf387b24d4e2a77ba76e8472fd74ab6fa021277a24ef7a48d395b0fd1f9c0cf83bac56b433ffbfe5984a362e337969febf259988162c2b4842bd2fc0b230fee93a085003e615088abfe41889f7b5e0f380ffe55b66c1f7419993c3dd4aac5891494a183ddca2e415e1749489c925715f3c44d94b90d2d735f2b923bdbbbf1646580ab135356a9ee29bc19e73ded9a33798a69d248574e0c9e9f40a1c1ba52bc66a578d08b75f271a9e9f447efede09d6b3b57e0aa6322c18fd6f5e1c9d2753e0a6513cc04124ab89802eb9c504f0e5550868ab597629d7cc7447ed1b01b2ff4cf511aa098710b208b5aa0f595039a2f0e7294c5fe3b0c3e6c40000000000000000000000000000000002588beb10115f4b22f4ac997c86c49201ee9dceb2142ae61555bbbc4ef8cdd468a8ffbe6cbfc8877dd87292c70e10669bc99d8d5710f7719cc2cffc86cd529b6da2511d07aef4a1d9533ab58a76f80ad7fe91a17397d3c83481", @ANYBLOB="fe2ecf20a9a17bd2ed7e803f830375c150a1f848f604c2c1f932d2b7163be4b2b9a5bd521d185cfbee555b27608594beba6325923aaf5db74cff01000053db92c6c5fcbba0abd975fc76bea49b00513afc856ed89d3fadeda307ca587354322803b0983cc65725ae7f45fb95e7cdb28c6b886959b7dde2c87c73f6008cf6eed7861f24b7423704b95f3d05b92d3d7ff9d392833ecd02443320b60131a350360fcc1d659e2a03cb469caf0498bacae0735a161345b3d71a55f14ef636b6f832c7a6071fce83904dfd871b6d8e03648dbaa3a039eb5673792cae80335732030f9aeabaf3bb3cc4ca5fe75271d69b2e78beb2b81fc3cf3a18a7ae93a3cdbe6599b99408275e2b4b4477c6fcf4806134e839e13533ec000000000000006a1c000000000000000000000000000000000000000000000000000069c3288311b7414705e975eb3f1b77a120", @ANYRES64], 0x8, 0x2eb, &(0x7f00000004c0)="$eJzs3E1PE10UwPHTF0pbAmXx5DGaGG50o5sJVNdKYyAxNpEgNb4kJgNMtenYkpkGU2NEV26NH8IFYcmORPkCbNzpxo07NiYuZGEc0+kMhTKAlNIi/H8JmcPce6b3zgzk3AnD+r23T4t5W8vrFQnHlYRERDZEBiUsvpC3DbtxTLZ6JZf7fnw+f+f+g1uZbHZsUqnxzNSVtFJqYOjDsxcJr9tKr6wNPlr/nv629v/a2fXfU08KtirYqlSuKF1Nl79W9GnTULMFu6gpNWEaum2oQsk2rHp7ud6eN8tzc1Wll2b7k3OWYdtKL1VV0aiqSllVrKqKPNYLJaVpmupPCvaTW5yc1DMtJs+0eTA4IpaV0SMiktjRklvsyoAAAEBXNdf/YVHtrP+XLqxW+u4uD3j1/0osqP6/+qV+rG31f1xEAut///MD63/9YPX/zorodDlU/Y/jYSi2Y1eoEdYarYye9H5+Xa8fLg27AfU/AAAAAAAAAAAAAAAAAAAAAAD/gg3HSTmOk/K3/leviMRFxP8+IDUiIte7MGS00SGuP06Axot70QER8818bj5X33odVkXEFEOGJSW/3PvBU4v9N49UzaB8NBe8/IX5XMRtyeSl4OaPSKpHmvMdZ/xmdmxE1W3P75Hk1vy0pOS/4Px0YH5MLl3ckq9JSj7NSFlMmXXH0ch/OaLUjdvZpvyE2w8AAAAAgJNAU5sC1++atlt7PX9zfd38fCDSWF8PB67Po3Iu2t25AwAAAABwWtjV50XdNA1rjyAh+/dpPYge0ZH9Gf5tlv+3DEc30z0C/8O3NcW9nW0/LaEDnJZdgrC0kjVUm4067Cz8x0a79ZGJ0c5fQTc48+79z/Yd8NpyfJ+Zth5E9r4Bejr2CwgAAABAxzSKfn/PaHcHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAKdSJ/47W7TkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAx8WfAAAA//+SWQVN")
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)
fdatasync(r1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.234' (ED25519) to the list of known hosts.
[   24.899871][   T29] audit: type=1400 audit(1755612019.361:62): avc:  denied  { mounton } for  pid=3289 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   24.900729][ T3289] cgroup: Unknown subsys name 'net'
[   24.922928][   T29] audit: type=1400 audit(1755612019.361:63): avc:  denied  { mount } for  pid=3289 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   24.950647][   T29] audit: type=1400 audit(1755612019.391:64): avc:  denied  { unmount } for  pid=3289 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   25.124150][ T3289] cgroup: Unknown subsys name 'cpuset'
[   25.130358][ T3289] cgroup: Unknown subsys name 'rlimit'
[   25.279578][   T29] audit: type=1400 audit(1755612019.741:65): avc:  denied  { setattr } for  pid=3289 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=142 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   25.305945][   T29] audit: type=1400 audit(1755612019.741:66): avc:  denied  { create } for  pid=3289 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   25.326514][   T29] audit: type=1400 audit(1755612019.741:67): avc:  denied  { write } for  pid=3289 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   25.332963][ T3292] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[   25.346941][   T29] audit: type=1400 audit(1755612019.741:68): avc:  denied  { read } for  pid=3289 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
Setting up swapspace version 1, size = 127995904 bytes
[   25.375937][   T29] audit: type=1400 audit(1755612019.751:69): avc:  denied  { mounton } for  pid=3289 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[   25.382516][ T3289] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   25.400964][   T29] audit: type=1400 audit(1755612019.751:70): avc:  denied  { mount } for  pid=3289 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[   25.433978][   T29] audit: type=1400 audit(1755612019.821:71): avc:  denied  { relabelto } for  pid=3292 comm="mkswap" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   27.175457][ T3306] chnl_net:caif_netlink_parms(): no params data found
[   27.193951][ T3302] chnl_net:caif_netlink_parms(): no params data found
[   27.234912][ T3309] chnl_net:caif_netlink_parms(): no params data found
[   27.266066][ T3306] bridge0: port 1(bridge_slave_0) entered blocking state
[   27.273128][ T3306] bridge0: port 1(bridge_slave_0) entered disabled state
[   27.280679][ T3306] bridge_slave_0: entered allmulticast mode
[   27.287033][ T3306] bridge_slave_0: entered promiscuous mode
[   27.295827][ T3306] bridge0: port 2(bridge_slave_1) entered blocking state
[   27.302919][ T3306] bridge0: port 2(bridge_slave_1) entered disabled state
[   27.310091][ T3306] bridge_slave_1: entered allmulticast mode
[   27.316642][ T3306] bridge_slave_1: entered promiscuous mode
[   27.347892][ T3306] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   27.362595][ T3302] bridge0: port 1(bridge_slave_0) entered blocking state
[   27.369749][ T3302] bridge0: port 1(bridge_slave_0) entered disabled state
[   27.377139][ T3302] bridge_slave_0: entered allmulticast mode
[   27.383555][ T3302] bridge_slave_0: entered promiscuous mode
[   27.391141][ T3302] bridge0: port 2(bridge_slave_1) entered blocking state
[   27.398284][ T3302] bridge0: port 2(bridge_slave_1) entered disabled state
[   27.405466][ T3302] bridge_slave_1: entered allmulticast mode
[   27.411913][ T3302] bridge_slave_1: entered promiscuous mode
[   27.419254][ T3306] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   27.457351][ T3300] chnl_net:caif_netlink_parms(): no params data found
[   27.479928][ T3306] team0: Port device team_slave_0 added
[   27.496641][ T3302] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   27.506419][ T3306] team0: Port device team_slave_1 added
[   27.515868][ T3302] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   27.525050][ T3309] bridge0: port 1(bridge_slave_0) entered blocking state
[   27.532298][ T3309] bridge0: port 1(bridge_slave_0) entered disabled state
[   27.540000][ T3309] bridge_slave_0: entered allmulticast mode
[   27.546590][ T3309] bridge_slave_0: entered promiscuous mode
[   27.569494][ T3309] bridge0: port 2(bridge_slave_1) entered blocking state
[   27.576741][ T3309] bridge0: port 2(bridge_slave_1) entered disabled state
[   27.585333][ T3309] bridge_slave_1: entered allmulticast mode
[   27.591899][ T3309] bridge_slave_1: entered promiscuous mode
[   27.603035][ T3299] chnl_net:caif_netlink_parms(): no params data found
[   27.631932][ T3309] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   27.648854][ T3306] batman_adv: batadv0: Adding interface: batadv_slave_0
[   27.656002][ T3306] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   27.682039][ T3306] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   27.693741][ T3302] team0: Port device team_slave_0 added
[   27.700346][ T3309] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   27.720875][ T3306] batman_adv: batadv0: Adding interface: batadv_slave_1
[   27.727894][ T3306] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   27.754897][ T3306] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   27.766206][ T3302] team0: Port device team_slave_1 added
[   27.792587][ T3309] team0: Port device team_slave_0 added
[   27.809152][ T3300] bridge0: port 1(bridge_slave_0) entered blocking state
[   27.816348][ T3300] bridge0: port 1(bridge_slave_0) entered disabled state
[   27.823663][ T3300] bridge_slave_0: entered allmulticast mode
[   27.830225][ T3300] bridge_slave_0: entered promiscuous mode
[   27.841558][ T3309] team0: Port device team_slave_1 added
[   27.852328][ T3300] bridge0: port 2(bridge_slave_1) entered blocking state
[   27.859452][ T3300] bridge0: port 2(bridge_slave_1) entered disabled state
[   27.867453][ T3300] bridge_slave_1: entered allmulticast mode
[   27.873829][ T3300] bridge_slave_1: entered promiscuous mode
[   27.880053][ T3302] batman_adv: batadv0: Adding interface: batadv_slave_0
[   27.887091][ T3302] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   27.913079][ T3302] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   27.924793][ T3302] batman_adv: batadv0: Adding interface: batadv_slave_1
[   27.931858][ T3302] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   27.957892][ T3302] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   27.982045][ T3299] bridge0: port 1(bridge_slave_0) entered blocking state
[   27.989215][ T3299] bridge0: port 1(bridge_slave_0) entered disabled state
[   27.996409][ T3299] bridge_slave_0: entered allmulticast mode
[   28.002853][ T3299] bridge_slave_0: entered promiscuous mode
[   28.022518][ T3306] hsr_slave_0: entered promiscuous mode
[   28.028540][ T3306] hsr_slave_1: entered promiscuous mode
[   28.034965][ T3299] bridge0: port 2(bridge_slave_1) entered blocking state
[   28.042095][ T3299] bridge0: port 2(bridge_slave_1) entered disabled state
[   28.050203][ T3299] bridge_slave_1: entered allmulticast mode
[   28.056855][ T3299] bridge_slave_1: entered promiscuous mode
[   28.073009][ T3309] batman_adv: batadv0: Adding interface: batadv_slave_0
[   28.080098][ T3309] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   28.106193][ T3309] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   28.122531][ T3300] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   28.136440][ T3309] batman_adv: batadv0: Adding interface: batadv_slave_1
[   28.143386][ T3309] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   28.169614][ T3309] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   28.186773][ T3300] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   28.202789][ T3302] hsr_slave_0: entered promiscuous mode
[   28.208751][ T3302] hsr_slave_1: entered promiscuous mode
[   28.214646][ T3302] debugfs: 'hsr0' already exists in 'hsr'
[   28.220462][ T3302] Cannot create hsr debugfs directory
[   28.236385][ T3299] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   28.246602][ T3299] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   28.266256][ T3300] team0: Port device team_slave_0 added
[   28.292859][ T3300] team0: Port device team_slave_1 added
[   28.316197][ T3309] hsr_slave_0: entered promiscuous mode
[   28.322274][ T3309] hsr_slave_1: entered promiscuous mode
[   28.328119][ T3309] debugfs: 'hsr0' already exists in 'hsr'
[   28.333893][ T3309] Cannot create hsr debugfs directory
[   28.345465][ T3299] team0: Port device team_slave_0 added
[   28.362580][ T3299] team0: Port device team_slave_1 added
[   28.376144][ T3300] batman_adv: batadv0: Adding interface: batadv_slave_0
[   28.383168][ T3300] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   28.409437][ T3300] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   28.437930][ T3300] batman_adv: batadv0: Adding interface: batadv_slave_1
[   28.445447][ T3300] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   28.471463][ T3300] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   28.503873][ T3299] batman_adv: batadv0: Adding interface: batadv_slave_0
[   28.510920][ T3299] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   28.537534][ T3299] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   28.560710][ T3299] batman_adv: batadv0: Adding interface: batadv_slave_1
[   28.567972][ T3299] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   28.594386][ T3299] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   28.628916][ T3300] hsr_slave_0: entered promiscuous mode
[   28.635557][ T3300] hsr_slave_1: entered promiscuous mode
[   28.641449][ T3300] debugfs: 'hsr0' already exists in 'hsr'
[   28.647432][ T3300] Cannot create hsr debugfs directory
[   28.713384][ T3299] hsr_slave_0: entered promiscuous mode
[   28.719370][ T3299] hsr_slave_1: entered promiscuous mode
[   28.725346][ T3299] debugfs: 'hsr0' already exists in 'hsr'
[   28.731064][ T3299] Cannot create hsr debugfs directory
[   28.750813][ T3306] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   28.771261][ T3306] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   28.790930][ T3306] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   28.808450][ T3306] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   28.838752][ T3302] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   28.857855][ T3302] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   28.866823][ T3302] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   28.876230][ T3302] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   28.908271][ T3309] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   28.925151][ T3309] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   28.934268][ T3309] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   28.950494][ T3309] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   28.966201][ T3300] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   28.975377][ T3300] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   28.986388][ T3300] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   29.000303][ T3300] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   29.020157][ T3299] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   29.034027][ T3299] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   29.050028][ T3299] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   29.058538][ T3299] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   29.068552][ T3306] 8021q: adding VLAN 0 to HW filter on device bond0
[   29.094346][ T3306] 8021q: adding VLAN 0 to HW filter on device team0
[   29.109603][ T3302] 8021q: adding VLAN 0 to HW filter on device bond0
[   29.125565][   T41] bridge0: port 1(bridge_slave_0) entered blocking state
[   29.132616][   T41] bridge0: port 1(bridge_slave_0) entered forwarding state
[   29.146743][   T31] bridge0: port 2(bridge_slave_1) entered blocking state
[   29.153941][   T31] bridge0: port 2(bridge_slave_1) entered forwarding state
[   29.165260][ T3302] 8021q: adding VLAN 0 to HW filter on device team0
[   29.180749][   T31] bridge0: port 1(bridge_slave_0) entered blocking state
[   29.187912][   T31] bridge0: port 1(bridge_slave_0) entered forwarding state
[   29.196985][   T31] bridge0: port 2(bridge_slave_1) entered blocking state
[   29.204042][   T31] bridge0: port 2(bridge_slave_1) entered forwarding state
[   29.251468][ T3300] 8021q: adding VLAN 0 to HW filter on device bond0
[   29.269266][ T3309] 8021q: adding VLAN 0 to HW filter on device bond0
[   29.280017][ T3300] 8021q: adding VLAN 0 to HW filter on device team0
[   29.295862][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   29.302976][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   29.322751][  T158] bridge0: port 2(bridge_slave_1) entered blocking state
[   29.329854][  T158] bridge0: port 2(bridge_slave_1) entered forwarding state
[   29.350688][ T3309] 8021q: adding VLAN 0 to HW filter on device team0
[   29.369029][ T3299] 8021q: adding VLAN 0 to HW filter on device bond0
[   29.377835][   T58] bridge0: port 1(bridge_slave_0) entered blocking state
[   29.385034][   T58] bridge0: port 1(bridge_slave_0) entered forwarding state
[   29.394577][   T58] bridge0: port 2(bridge_slave_1) entered blocking state
[   29.401910][   T58] bridge0: port 2(bridge_slave_1) entered forwarding state
[   29.411893][ T3306] 8021q: adding VLAN 0 to HW filter on device batadv0
[   29.441205][ T3300] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   29.451757][ T3300] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   29.474338][ T3299] 8021q: adding VLAN 0 to HW filter on device team0
[   29.483591][ T3302] 8021q: adding VLAN 0 to HW filter on device batadv0
[   29.506901][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   29.514080][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   29.554557][   T51] bridge0: port 2(bridge_slave_1) entered blocking state
[   29.561638][   T51] bridge0: port 2(bridge_slave_1) entered forwarding state
[   29.601212][ T3300] 8021q: adding VLAN 0 to HW filter on device batadv0
[   29.613394][ T3299] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   29.630412][ T3309] 8021q: adding VLAN 0 to HW filter on device batadv0
[   29.665892][ T3302] veth0_vlan: entered promiscuous mode
[   29.696060][ T3302] veth1_vlan: entered promiscuous mode
[   29.718926][ T3299] 8021q: adding VLAN 0 to HW filter on device batadv0
[   29.747230][ T3302] veth0_macvtap: entered promiscuous mode
[   29.772281][ T3302] veth1_macvtap: entered promiscuous mode
[   29.796143][ T3302] batman_adv: batadv0: Interface activated: batadv_slave_0
[   29.807366][ T3300] veth0_vlan: entered promiscuous mode
[   29.816470][ T3302] batman_adv: batadv0: Interface activated: batadv_slave_1
[   29.831231][ T3309] veth0_vlan: entered promiscuous mode
[   29.840556][ T3300] veth1_vlan: entered promiscuous mode
[   29.850639][ T3306] veth0_vlan: entered promiscuous mode
[   29.860947][ T3309] veth1_vlan: entered promiscuous mode
[   29.868126][   T41] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   29.884936][   T41] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   29.894191][   T41] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   29.903703][ T3306] veth1_vlan: entered promiscuous mode
[   29.912877][   T41] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   29.927273][   T29] kauditd_printk_skb: 9 callbacks suppressed
[   29.927287][   T29] audit: type=1400 audit(1755612024.391:81): avc:  denied  { mounton } for  pid=3302 comm="syz-executor" path="/root/syzkaller.jVA6Fv/syz-tmp" dev="sda1" ino=2041 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[   29.937071][ T3309] veth0_macvtap: entered promiscuous mode
[   29.964726][   T29] audit: type=1400 audit(1755612024.391:82): avc:  denied  { mount } for  pid=3302 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   29.984840][ T3306] veth0_macvtap: entered promiscuous mode
[   29.986758][   T29] audit: type=1400 audit(1755612024.391:83): avc:  denied  { mounton } for  pid=3302 comm="syz-executor" path="/root/syzkaller.jVA6Fv/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[   29.994348][ T3306] veth1_macvtap: entered promiscuous mode
[   30.017983][   T29] audit: type=1400 audit(1755612024.391:84): avc:  denied  { mount } for  pid=3302 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[   30.030269][ T3300] veth0_macvtap: entered promiscuous mode
[   30.045669][   T29] audit: type=1400 audit(1755612024.391:85): avc:  denied  { mounton } for  pid=3302 comm="syz-executor" path="/root/syzkaller.jVA6Fv/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[   30.055799][ T3299] veth0_vlan: entered promiscuous mode
[   30.078061][   T29] audit: type=1400 audit(1755612024.391:86): avc:  denied  { mounton } for  pid=3302 comm="syz-executor" path="/root/syzkaller.jVA6Fv/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3741 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[   30.097447][ T3309] veth1_macvtap: entered promiscuous mode
[   30.110975][   T29] audit: type=1400 audit(1755612024.391:87): avc:  denied  { unmount } for  pid=3302 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   30.127370][ T3306] batman_adv: batadv0: Interface activated: batadv_slave_0
[   30.137832][   T29] audit: type=1400 audit(1755612024.431:88): avc:  denied  { mounton } for  pid=3302 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=536 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[   30.148519][ T3300] veth1_macvtap: entered promiscuous mode
[   30.166763][   T29] audit: type=1400 audit(1755612024.431:89): avc:  denied  { mount } for  pid=3302 comm="syz-executor" name="/" dev="gadgetfs" ino=3755 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[   30.196684][ T3302] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   30.197479][ T3299] veth1_vlan: entered promiscuous mode
[   30.225332][ T3306] batman_adv: batadv0: Interface activated: batadv_slave_1
[   30.235449][ T3299] veth0_macvtap: entered promiscuous mode
[   30.247399][ T3309] batman_adv: batadv0: Interface activated: batadv_slave_0
[   30.255326][   T29] audit: type=1400 audit(1755612024.711:90): avc:  denied  { read write } for  pid=3302 comm="syz-executor" name="loop1" dev="devtmpfs" ino=101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   30.282156][ T3299] veth1_macvtap: entered promiscuous mode
[   30.290671][   T58] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   30.305019][ T3309] batman_adv: batadv0: Interface activated: batadv_slave_1
[   30.314122][   T58] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   30.324361][ T3299] batman_adv: batadv0: Interface activated: batadv_slave_0
[   30.335275][ T3300] batman_adv: batadv0: Interface activated: batadv_slave_0
[   30.342869][   T58] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   30.356498][ T3299] batman_adv: batadv0: Interface activated: batadv_slave_1
[   30.381315][ T3300] batman_adv: batadv0: Interface activated: batadv_slave_1
[   30.389574][   T41] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   30.414171][   T41] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   30.459887][   T41] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   30.493294][ T3479] loop3: detected capacity change from 0 to 128
[   30.505791][   T41] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   30.523354][ T3479] FAT-fs (loop3): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[   30.546548][   T41] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   30.572492][ T3485] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1'.
[   30.584021][   T41] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   30.607668][   T41] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   30.627814][ T3489] loop9: detected capacity change from 0 to 7
[   30.656609][ T3489] Buffer I/O error on dev loop9, logical block 0, async page read
[   30.659769][   T41] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   30.692126][ T3493] loop2: detected capacity change from 0 to 512
[   30.701753][   T41] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   30.711543][ T3493] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   30.715010][ T3489] Buffer I/O error on dev loop9, logical block 0, async page read
[   30.733090][ T3489]  loop9: unable to read partition table
[   30.735235][   T41] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   30.775486][   T41] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   30.795396][ T3493] EXT4-fs (loop2): 1 orphan inode deleted
[   30.813603][ T3489] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[   30.813603][ T3489] 
) failed (rc=-5)
[   30.814809][ T3486] Buffer I/O error on dev loop9, logical block 0, async page read
[   30.844311][   T12] EXT4-fs error (device loop2): ext4_release_dquot:6973: comm kworker/u8:0: Failed to release dquot type 1
[   30.849684][ T3493] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   30.868886][   T41] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   30.878684][   T41] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   30.890270][ T3493] ext4 filesystem being mounted at /1/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   30.909013][ T3507] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   30.944246][ T3507] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[   30.964288][ T3486] Buffer I/O error on dev loop9, logical block 0, async page read
[   30.986716][ T3486] Buffer I/O error on dev loop9, logical block 0, async page read
[   30.997154][ T3486] Buffer I/O error on dev loop9, logical block 0, async page read
[   31.011149][   T58] EXT4-fs error (device loop2): ext4_release_dquot:6973: comm kworker/u8:4: Failed to release dquot type 1
[   31.011368][ T3486] Buffer I/O error on dev loop9, logical block 0, async page read
[   31.042368][ T3493] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   31.059014][ T3513] bridge0: port 2(bridge_slave_1) entered disabled state
[   31.066417][ T3513] bridge0: port 1(bridge_slave_0) entered disabled state
[   31.076954][ T3517] netlink: 24 bytes leftover after parsing attributes in process `syz.3.12'.
[   31.183813][ T3513] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   31.193138][ T3513] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   31.256602][   T12] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   31.281153][   T12] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   31.315842][   T12] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   31.322628][ T3528] loop2: detected capacity change from 0 to 764
[   31.330509][   T12] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   31.392251][ T3513] syz.0.14 (3513) used greatest stack depth: 10960 bytes left
[   31.510354][ T3534] netlink: 12 bytes leftover after parsing attributes in process `syz.0.22'.
[   31.522366][ T3536] netlink: 8 bytes leftover after parsing attributes in process `syz.2.23'.
[   31.579730][ T3536] netlink: 4 bytes leftover after parsing attributes in process `syz.2.23'.
[   31.615626][ T3536] team0 (unregistering): Port device team_slave_0 removed
[   31.625860][ T3536] team0 (unregistering): Port device team_slave_1 removed
[   31.711897][ T3507] syz.4.11 (3507) used greatest stack depth: 10712 bytes left
[   31.777073][ T3546] loop1: detected capacity change from 0 to 512
[   31.824520][ T3546] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   31.842357][ T3546] EXT4-fs (loop1): orphan cleanup on readonly fs
[   31.856279][ T3546] EXT4-fs warning (device loop1): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   31.871672][ T3546] EXT4-fs (loop1): Cannot turn on quotas: error -117
[   31.880458][ T3546] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.27: bg 0: block 40: padding at end of block bitmap is not set
[   31.896312][ T3546] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6657: Corrupt filesystem
[   31.924345][ T3546] EXT4-fs (loop1): 1 truncate cleaned up
[   31.930410][ T3546] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   31.970046][ T3546] netlink: 'syz.1.27': attribute type 39 has an invalid length.
[   32.096783][ T3554] loop4: detected capacity change from 0 to 2048
[   32.124787][ T3486]  loop4: p1 < > p4
[   32.131178][ T3486] loop4: p4 size 8388608 extends beyond EOD, truncated
[   32.144587][ T3554]  loop4: p1 < > p4
[   32.149111][ T3554] loop4: p4 size 8388608 extends beyond EOD, truncated
[   32.216789][ T3556] veth0_to_team: entered promiscuous mode
[   32.247381][ T3558] loop0: detected capacity change from 0 to 1024
[   32.265552][ T3558] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   32.270451][ T3560] vlan2: entered allmulticast mode
[   32.311474][ T3299] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   32.335763][ T3564] netlink: 12 bytes leftover after parsing attributes in process `syz.0.34'.
[   32.372228][ T3566] process 'syz.0.35' launched './file0' with NULL argv: empty string added
[   32.423385][ T3572] loop3: detected capacity change from 0 to 512
[   32.438332][ T3572] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   32.483741][ T3572] ext4 filesystem being mounted at /4/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   32.626206][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   32.854517][ T3597] wg1 speed is unknown, defaulting to 1000
[   32.861225][ T3597] wg1 speed is unknown, defaulting to 1000
[   32.869131][ T3597] wg1 speed is unknown, defaulting to 1000
[   32.932563][ T3597] infiniband syz0: set active
[   32.937352][ T3597] infiniband syz0: added wg1
[   32.942029][   T23] wg1 speed is unknown, defaulting to 1000
[   32.974909][ T3597] RDS/IB: syz0: added
[   32.979535][ T3597] smc: adding ib device syz0 with port count 1
[   32.987332][ T3597] smc:    ib device syz0 port 1 has pnetid 
[   32.993558][   T23] wg1 speed is unknown, defaulting to 1000
[   33.000971][ T3597] wg1 speed is unknown, defaulting to 1000
[   33.068235][ T3597] wg1 speed is unknown, defaulting to 1000
[   33.100244][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   33.225749][ T3597] wg1 speed is unknown, defaulting to 1000
[   33.269838][ T3597] wg1 speed is unknown, defaulting to 1000
[   33.303604][ T3597] wg1 speed is unknown, defaulting to 1000
[   33.338241][ T3609] netlink: 'syz.2.51': attribute type 4 has an invalid length.
[   33.409656][ T3597] syz.3.46 (3597) used greatest stack depth: 10616 bytes left
[   33.449166][ T3613] wg1 speed is unknown, defaulting to 1000
[   33.660550][ T3626] random: crng reseeded on system resumption
[   33.679551][ T3626] netlink: 24 bytes leftover after parsing attributes in process `syz.0.57'.
[   33.691350][ T3626] netlink: 32 bytes leftover after parsing attributes in process `syz.0.57'.
[   33.702715][   T36] IPVS: starting estimator thread 0...
[   33.762483][ T3632] loop0: detected capacity change from 0 to 2048
[   33.795875][ T3632] EXT4-fs error (device loop0): ext4_orphan_get:1418: comm syz.0.59: bad orphan inode 61
[   33.809853][ T3627] IPVS: using max 4464 ests per chain, 223200 per kthread
[   33.828576][ T3632] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   33.841156][ T3637] loop3: detected capacity change from 0 to 1024
[   33.849207][ T3637] =======================================================
[   33.849207][ T3637] WARNING: The mand mount option has been deprecated and
[   33.849207][ T3637]          and is ignored by this kernel. Remove the mand
[   33.849207][ T3637]          option from the mount to silence this warning.
[   33.849207][ T3637] =======================================================
[   33.886698][ T3637] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   33.898330][ T3637] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   33.908081][ T3637] EXT4-fs (loop3): orphan cleanup on readonly fs
[   33.915044][ T3637] EXT4-fs warning (device loop3): ext4_enable_quotas:7172: Failed to enable quota tracking (type=0, err=-5, ino=3). Please run e2fsck to fix.
[   33.929756][ T3637] EXT4-fs (loop3): Cannot turn on quotas: error -5
[   33.938712][ T3637] EXT4-fs (loop3): 1 truncate cleaned up
[   33.944988][ T3637] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   33.959722][ T3299] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   33.985445][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   34.017642][ T3640] loop0: detected capacity change from 0 to 512
[   34.035815][ T3640] EXT4-fs (loop0): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   34.056052][ T3642] ref_ctr increment failed for inode: 0x47 offset: 0x0 ref_ctr_offset: 0x82 of mm: 0xffff88810c472280
[   34.069157][ T3642] uprobe: syz.3.62:3642 failed to unregister, leaking uprobe
[   34.084621][ T3640] EXT4-fs warning (device loop0): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   34.109238][ T3299] EXT4-fs (loop0): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[   34.118804][ T3649] loop1: detected capacity change from 0 to 512
[   34.127599][ T3649] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[   34.137517][ T3649] EXT4-fs (loop1): group descriptors corrupted!
[   34.174512][ T3651] netlink: 8 bytes leftover after parsing attributes in process `syz.3.66'.
[   34.191281][    C0] hrtimer: interrupt took 22512 ns
[   34.237562][ T3653] can0: slcan on ttyS3.
[   34.306286][ T3653] can0 (unregistered): slcan off ttyS3.
[   34.624972][ T3694] wg1 speed is unknown, defaulting to 1000
[   34.765491][ T3703] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   34.778752][ T3703] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   34.948799][   T29] kauditd_printk_skb: 600 callbacks suppressed
[   34.948813][   T29] audit: type=1326 audit(1755612029.411:686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3711 comm="syz.4.79" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9415fdebe9 code=0x0
[   34.978517][ T3710] loop1: detected capacity change from 0 to 8192
[   35.098865][   T29] audit: type=1400 audit(1755612029.561:687): avc:  denied  { setopt } for  pid=3724 comm="syz.3.82" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   35.120133][   T29] audit: type=1400 audit(1755612029.581:688): avc:  denied  { write } for  pid=3724 comm="syz.3.82" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[   35.139793][   T29] audit: type=1400 audit(1755612029.581:689): avc:  denied  { write } for  pid=3724 comm="syz.3.82" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   35.159199][   T29] audit: type=1400 audit(1755612029.581:690): avc:  denied  { connect } for  pid=3724 comm="syz.3.82" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   35.178960][   T29] audit: type=1400 audit(1755612029.581:691): avc:  denied  { name_connect } for  pid=3724 comm="syz.3.82" dest=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[   35.204140][ T3727] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   35.220022][   T29] audit: type=1326 audit(1755612029.681:692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3728 comm="syz.3.84" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf55b8ebe9 code=0x7ffc0000
[   35.245746][   T29] audit: type=1326 audit(1755612029.681:693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3728 comm="syz.3.84" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf55b8ebe9 code=0x7ffc0000
[   35.269682][   T29] audit: type=1326 audit(1755612029.681:694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3728 comm="syz.3.84" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdf55b8ebe9 code=0x7ffc0000
[   35.293122][   T29] audit: type=1326 audit(1755612029.681:695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3728 comm="syz.3.84" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf55b8ebe9 code=0x7ffc0000
[   35.338716][ T3727] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   35.397276][ T3727] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   35.456667][ T3727] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   35.526109][ T3441] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   35.539593][ T3441] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   35.552451][ T3441] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   35.561885][ T3746] loop0: detected capacity change from 0 to 512
[   35.564867][ T3441] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   35.585116][ T3746] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   35.598048][ T3746] ext4 filesystem being mounted at /27/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   35.640400][ T3750] syz.1.92 uses obsolete (PF_INET,SOCK_PACKET)
[   35.707697][ T3754] loop3: detected capacity change from 0 to 512
[   35.714776][ T3755] syz.1.94 (3755) used greatest stack depth: 10064 bytes left
[   35.731817][ T3754] EXT4-fs: Ignoring removed mblk_io_submit option
[   35.745474][ T3754] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   35.757619][ T3754] EXT4-fs (loop3): 1 truncate cleaned up
[   35.763921][ T3754] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   35.811804][ T3764] netlink: 'syz.1.98': attribute type 1 has an invalid length.
[   35.842632][ T3299] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   35.929090][ T3769] wg1 speed is unknown, defaulting to 1000
[   36.195386][ T3796] netlink: 24 bytes leftover after parsing attributes in process `syz.1.110'.
[   36.212642][ T3796] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=3796 comm=syz.1.110
[   36.294145][ T3805] Zero length message leads to an empty skb
[   36.312748][ T3806] loop2: detected capacity change from 0 to 2048
[   36.320430][ T3805] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=3805 comm=syz.1.114
[   36.434419][ T3486] Alternate GPT is invalid, using primary GPT.
[   36.440856][ T3486]  loop2: p2 p3 p7
[   36.461573][ T3806] Alternate GPT is invalid, using primary GPT.
[   36.468012][ T3806]  loop2: p2 p3 p7
[   36.582430][ T3813] loop1: detected capacity change from 0 to 128
[   36.625120][ T3813] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   36.637965][ T3813] ext4 filesystem being mounted at /19/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   36.701143][ T3302] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   36.742828][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   36.771314][ T3816] wg1 speed is unknown, defaulting to 1000
[   36.810945][ T3818] wg1 speed is unknown, defaulting to 1000
[   36.820006][ T3819] loop1: detected capacity change from 0 to 128
[   37.030628][ T3827] netlink: 5348 bytes leftover after parsing attributes in process `syz.3.120'.
[   37.107500][ T3829] IPv6: Can't replace route, no match found
[   37.667746][ T3851] loop2: detected capacity change from 0 to 128
[   37.783788][ T3856] netlink: 'syz.0.129': attribute type 10 has an invalid length.
[   37.799076][ T3856] team0: Port device dummy0 added
[   37.828352][ T3856] netlink: 'syz.0.129': attribute type 10 has an invalid length.
[   37.852078][ T3856] team0: Failed to send port change of device dummy0 via netlink (err -105)
[   37.879289][ T3856] team0: Failed to send options change via netlink (err -105)
[   37.887138][ T3856] team0: Failed to send port change of device dummy0 via netlink (err -105)
[   37.898431][ T3856] team0: Port device dummy0 removed
[   37.905370][ T3856] bond0: (slave dummy0): Enslaving as an active interface with an up link
[   38.027753][ T3864] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   38.081801][ T3864] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   38.169191][ T3864] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   38.227485][ T3864] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   38.244153][ T3836] syz.4.125 (3836) used greatest stack depth: 6224 bytes left
[   38.290815][   T12] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   38.302705][   T12] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   38.331639][   T12] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   38.343543][   T12] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   38.988292][ T3888] ------------[ cut here ]------------
[   38.993865][ T3888] verifier bug: REG INVARIANTS VIOLATION (false_reg1): range bounds violation u64=[0x4000000, 0x0] s64=[0x4000000, 0x0] u32=[0x4000000, 0x0] s32=[0x4000000, 0x0] var_off=(0x0, 0x0)(1)
[   39.012374][ T3888] WARNING: CPU: 0 PID: 3888 at kernel/bpf/verifier.c:2728 reg_bounds_sanity_check+0x673/0x680
[   39.022803][ T3888] Modules linked in:
[   39.026765][ T3888] CPU: 0 UID: 0 PID: 3888 Comm: syz.0.141 Not tainted 6.17.0-rc2-syzkaller-00028-gbe48bcf004f9 #0 PREEMPT(voluntary) 
[   39.039164][ T3888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   39.049518][ T3888] RIP: 0010:reg_bounds_sanity_check+0x673/0x680
[   39.055958][ T3888] Code: 7c 24 18 41 ff 74 24 20 55 41 56 4d 89 ee 53 48 8b 5c 24 30 ff 74 24 40 ff 74 24 50 ff 74 24 30 e8 e2 80 ba ff 48 83 c4 38 90 <0f> 0b 90 90 e9 02 fb ff ff 0f 1f 40 00 90 90 90 90 90 90 90 90 90
[   39.075635][ T3888] RSP: 0018:ffffc90000f03440 EFLAGS: 00010292
[   39.081741][ T3888] RAX: 7b99f7823dcc3200 RBX: ffff888119554b10 RCX: 0000000000080000
[   39.089808][ T3888] RDX: ffffc90001c69000 RSI: 00000000000057fe RDI: 00000000000057ff
[   39.097844][ T3888] RBP: 0000000000000000 R08: 0001c90000f0327f R09: 0000000000000000
[   39.105880][ T3888] R10: 00000000ffffffff R11: 0000000000000002 R12: ffff888119554ad0
[   39.113886][ T3888] R13: ffff88811a140000 R14: ffff88811a140000 R15: ffff888119554b08
[   39.121866][ T3888] FS:  00007f962c5cf6c0(0000) GS:ffff8882aee44000(0000) knlGS:0000000000000000
[   39.130840][ T3888] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   39.137457][ T3888] CR2: 00002000000011a0 CR3: 0000000122c96000 CR4: 00000000003506f0
[   39.145875][ T3888] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   39.153869][ T3888] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[   39.161851][ T3888] Call Trace:
[   39.165249][ T3888]  <TASK>
[   39.168224][ T3888]  reg_set_min_max+0x215/0x260
[   39.173015][ T3888]  check_cond_jmp_op+0x1013/0x16e0
[   39.178312][ T3888]  do_check+0x332a/0x7a10
[   39.182795][ T3888]  do_check_common+0xc3a/0x12a0
[   39.187714][ T3888]  bpf_check+0x942b/0xd9e0
[   39.192141][ T3888]  ? __rcu_read_unlock+0x4f/0x70
[   39.197249][ T3888]  ? __alloc_frozen_pages_noprof+0x188/0x360
[   39.203352][ T3888]  ? alloc_pages_bulk_noprof+0x4b8/0x540
[   39.209202][ T3888]  ? __vmap_pages_range_noflush+0xbb3/0xbd0
[   39.215193][ T3888]  ? pcpu_block_update+0x377/0x3b0
[   39.220304][ T3888]  ? _find_next_zero_bit+0x64/0xa0
[   39.225580][ T3888]  ? pcpu_block_update+0x24e/0x3b0
[   39.230719][ T3888]  ? _find_next_zero_bit+0x64/0xa0
[   39.235881][ T3888]  ? pcpu_block_refresh_hint+0x157/0x170
[   39.241529][ T3888]  ? pcpu_block_update_hint_alloc+0x63d/0x660
[   39.247626][ T3888]  ? css_rstat_updated+0xb7/0x240
[   39.252661][ T3888]  ? __rcu_read_unlock+0x4f/0x70
[   39.257724][ T3888]  ? pcpu_memcg_post_alloc_hook+0xf1/0x150
[   39.263552][ T3888]  ? should_fail_ex+0x30/0x280
[   39.268369][ T3888]  ? selinux_bpf_prog_load+0x36/0xf0
[   39.273751][ T3888]  ? should_failslab+0x8c/0xb0
[   39.278537][ T3888]  ? __kmalloc_cache_noprof+0x189/0x320
[   39.284293][ T3888]  ? selinux_bpf_prog_load+0xbf/0xf0
[   39.289601][ T3888]  ? security_bpf_prog_load+0x2c/0xa0
[   39.295019][ T3888]  bpf_prog_load+0xedd/0x1070
[   39.299718][ T3888]  ? security_bpf+0x2b/0x90
[   39.304322][ T3888]  __sys_bpf+0x462/0x7b0
[   39.308584][ T3888]  __x64_sys_bpf+0x41/0x50
[   39.313007][ T3888]  x64_sys_call+0x2aea/0x2ff0
[   39.317706][ T3888]  do_syscall_64+0xd2/0x200
[   39.322215][ T3888]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   39.328608][ T3888]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   39.334383][ T3888]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   39.340303][ T3888] RIP: 0033:0x7f962db6ebe9
[   39.344822][ T3888] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   39.364474][ T3888] RSP: 002b:00007f962c5cf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   39.373017][ T3888] RAX: ffffffffffffffda RBX: 00007f962dd95fa0 RCX: 00007f962db6ebe9
[   39.381075][ T3888] RDX: 0000000000000048 RSI: 00002000000054c0 RDI: 0000000000000005
[   39.389150][ T3888] RBP: 00007f962dbf1e19 R08: 0000000000000000 R09: 0000000000000000
[   39.397439][ T3888] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   39.405617][ T3888] R13: 00007f962dd96038 R14: 00007f962dd95fa0 R15: 00007ffccde39668
[   39.413629][ T3888]  </TASK>
[   39.416731][ T3888] ---[ end trace 0000000000000000 ]---
[   39.709833][ T3900] loop3: detected capacity change from 0 to 512
[   39.730811][ T3900] EXT4-fs: Ignoring removed orlov option
[   39.760605][ T3900] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   39.803676][ T3900] ext4 filesystem being mounted at /27/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   39.828966][ T3900] EXT4-fs error (device loop3): ext4_lookup:1787: inode #12: comm syz.3.145: iget: bad i_size value: 2533274857506816
[   39.876587][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.203372][ T3925] netlink: 4 bytes leftover after parsing attributes in process `syz.4.154'.
[   40.426606][   T29] kauditd_printk_skb: 276 callbacks suppressed
[   40.426621][   T29] audit: type=1326 audit(1755612034.891:972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3932 comm="syz.2.157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4225bcebe9 code=0x7ffc0000
[   40.442904][ T3935] loop0: detected capacity change from 0 to 1024
[   40.475929][   T29] audit: type=1326 audit(1755612034.891:973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3932 comm="syz.2.157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4225bcebe9 code=0x7ffc0000
[   40.494250][ T3935] EXT4-fs: inline encryption not supported
[   40.499368][   T29] audit: type=1326 audit(1755612034.891:974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3934 comm="syz.0.158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f962db6ebe9 code=0x7ffc0000
[   40.528708][   T29] audit: type=1326 audit(1755612034.891:975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3934 comm="syz.0.158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f962db6ebe9 code=0x7ffc0000
[   40.552574][   T29] audit: type=1326 audit(1755612034.891:976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3934 comm="syz.0.158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f962db6ebe9 code=0x7ffc0000
[   40.576045][   T29] audit: type=1326 audit(1755612034.891:977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3934 comm="syz.0.158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f962db6ebe9 code=0x7ffc0000
[   40.599406][   T29] audit: type=1326 audit(1755612034.891:978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3934 comm="syz.0.158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f962db6ebe9 code=0x7ffc0000
[   40.622728][   T29] audit: type=1326 audit(1755612034.891:979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3934 comm="syz.0.158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f962db6ebe9 code=0x7ffc0000
[   40.646339][   T29] audit: type=1400 audit(1755612034.891:980): avc:  denied  { write } for  pid=3934 comm="syz.0.158" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[   40.666082][   T29] audit: type=1326 audit(1755612034.891:981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3934 comm="syz.0.158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f962db6ebe9 code=0x7ffc0000
[   40.785492][ T3935] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   40.828234][ T3299] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.895532][ T3953] netlink: 12 bytes leftover after parsing attributes in process `syz.4.164'.
[   41.124320][ T3969] loop1: detected capacity change from 0 to 128
[   41.143385][ T3969] syz.1.169: attempt to access beyond end of device
[   41.143385][ T3969] loop1: rw=2049, sector=145, nr_sectors = 8 limit=128
[   41.166900][ T3969] syz.1.169: attempt to access beyond end of device
[   41.166900][ T3969] loop1: rw=2049, sector=161, nr_sectors = 8 limit=128
[   41.191485][ T3970] syz.1.169: attempt to access beyond end of device
[   41.191485][ T3970] loop1: rw=2049, sector=305, nr_sectors = 1 limit=128
[   41.205191][ T3969] syz.1.169: attempt to access beyond end of device
[   41.205191][ T3969] loop1: rw=2049, sector=177, nr_sectors = 24 limit=128
[   41.224560][ T3970] syz.1.169: attempt to access beyond end of device
[   41.224560][ T3970] loop1: rw=524288, sector=305, nr_sectors = 1 limit=128
[   41.245877][ T3970] syz.1.169: attempt to access beyond end of device
[   41.245877][ T3970] loop1: rw=0, sector=305, nr_sectors = 1 limit=128
[   41.272290][ T3970] syz.1.169: attempt to access beyond end of device
[   41.272290][ T3970] loop1: rw=0, sector=305, nr_sectors = 1 limit=128
[   41.275143][ T3969] syz.1.169: attempt to access beyond end of device
[   41.275143][ T3969] loop1: rw=2049, sector=209, nr_sectors = 8 limit=128
[   41.302992][ T3970] syz.1.169: attempt to access beyond end of device
[   41.302992][ T3970] loop1: rw=0, sector=305, nr_sectors = 1 limit=128
[   41.326919][ T3969] syz.1.169: attempt to access beyond end of device
[   41.326919][ T3969] loop1: rw=2049, sector=225, nr_sectors = 8 limit=128
[   41.402822][ T3976] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   41.467896][ T3976] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   41.518218][ T3976] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   41.566636][ T3976] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   41.621093][   T41] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   41.647327][ T3441] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   41.668873][ T3441] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   41.682911][ T3441] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   41.836099][ T4000] loop3: detected capacity change from 0 to 128
[   41.889221][ T4001] loop0: detected capacity change from 0 to 2048
[   41.946441][ T4001] Alternate GPT is invalid, using primary GPT.
[   41.952890][ T4001]  loop0: p2 p3 p7
[   42.072161][ T4006] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   42.151740][ T4006] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   42.189748][ T4008] netlink: 28 bytes leftover after parsing attributes in process `syz.1.184'.
[   42.210650][ T4009] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 0, id = 0
[   42.222950][ T4006] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   42.313113][ T4006] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   42.403198][ T3441] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   42.421039][ T3441] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   42.432157][ T3441] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   42.444974][ T3441] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   42.651288][ T4028] netlink: 48 bytes leftover after parsing attributes in process `syz.4.190'.
[   42.763654][ T4030] loop9: detected capacity change from 0 to 7
[   42.785890][ T4030] Buffer I/O error on dev loop9, logical block 0, async page read
[   42.819151][ T4030] Buffer I/O error on dev loop9, logical block 0, async page read
[   42.827124][ T4030]  loop9: unable to read partition table
[   42.837134][ T4040] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   42.844390][ T4040] IPv6: NLM_F_CREATE should be set when creating new route
[   42.893899][ T4030] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[   42.893899][ T4030] 
) failed (rc=-5)
[   42.909052][ T3486] Buffer I/O error on dev loop9, logical block 0, async page read
[   42.925425][ T3486] Buffer I/O error on dev loop9, logical block 0, async page read
[   42.934509][ T3486] Buffer I/O error on dev loop9, logical block 0, async page read
[   42.943033][ T3486] Buffer I/O error on dev loop9, logical block 0, async page read
[   42.955179][ T3486] Buffer I/O error on dev loop9, logical block 0, async page read
[   42.977015][ T4046] loop1: detected capacity change from 0 to 512
[   42.994857][ T4046] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.199: bg 0: block 16: invalid block bitmap
[   43.013183][ T4046] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6657: Corrupt filesystem
[   43.022605][ T4046] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.199: invalid indirect mapped block 5 (level 0)
[   43.045077][ T4046] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.199: invalid indirect mapped block 4294967295 (level 1)
[   43.076010][ T4054] netlink: 8 bytes leftover after parsing attributes in process `syz.2.201'.
[   43.084913][ T4054] netlink: 4 bytes leftover after parsing attributes in process `syz.2.201'.
[   43.095396][ T4046] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.199: invalid indirect mapped block 4294967295 (level 2)
[   43.127752][ T4046] EXT4-fs (loop1): 1 truncate cleaned up
[   43.135665][ T4046] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   43.254988][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.272670][ T4064] pim6reg1: entered promiscuous mode
[   43.278200][ T4064] pim6reg1: entered allmulticast mode
[   43.496909][ T4078] loop1: detected capacity change from 0 to 512
[   43.530654][ T4078] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[   43.555256][ T4078] EXT4-fs (loop1): orphan cleanup on readonly fs
[   43.598484][ T4078] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:517: comm syz.1.212: Block bitmap for bg 0 marked uninitialized
[   43.612313][ T4078] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6657: Corrupt filesystem
[   43.621428][ T4078] EXT4-fs (loop1): 1 orphan inode deleted
[   43.628742][ T4078] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   43.652110][ T4090] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   43.661426][ T4090] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   43.676105][ T4092] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   43.698968][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.734985][ T4092] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   43.793445][ T4099] capability: warning: `syz.2.220' uses deprecated v2 capabilities in a way that may be insecure
[   43.806520][ T4092] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   43.854945][ T4092] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   43.893775][ T4105] netlink: 'syz.1.222': attribute type 1 has an invalid length.
[   43.907948][ T4105] 8021q: adding VLAN 0 to HW filter on device bond1
[   43.921552][ T4105] netlink: 4 bytes leftover after parsing attributes in process `syz.1.222'.
[   43.932978][ T4105] bond1 (unregistering): Released all slaves
[   44.062872][ T4110] netlink: 24 bytes leftover after parsing attributes in process `syz.1.223'.
[   44.091245][ T4110] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=4110 comm=syz.1.223
[   44.149642][ T4114] loop3: detected capacity change from 0 to 128
[   44.206956][ T4118] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   44.219804][ T4116] netlink: 96 bytes leftover after parsing attributes in process `syz.0.226'.
[   44.240992][ T4118] bond_slave_1: entered promiscuous mode
[   44.249872][ T4122] netlink: 12 bytes leftover after parsing attributes in process `syz.3.228'.
[   44.252401][ T4118] netlink: 4 bytes leftover after parsing attributes in process `syz.1.227'.
[   44.307386][ T4118] bond0: (slave bond_slave_1): Releasing backup interface
[   44.317222][ T4126] 9pnet: p9_errstr2errno: server reported unknown error 
[   44.324998][ T4118] bond_slave_1 (unregistering): left promiscuous mode
[   44.410462][ T4128] netlink: 8 bytes leftover after parsing attributes in process `syz.3.232'.
[   44.419980][ T4128] IPVS: Error joining to the multicast group
[   44.795532][ T4142] loop1: detected capacity change from 0 to 128
[   45.151696][ T4153] ipvlan2: entered promiscuous mode
[   45.160017][ T4153] bridge0: port 3(ipvlan2) entered blocking state
[   45.166776][ T4153] bridge0: port 3(ipvlan2) entered disabled state
[   45.173929][ T4153] ipvlan2: entered allmulticast mode
[   45.179229][ T4153] bridge0: entered allmulticast mode
[   45.253563][ T4153] ipvlan2: left allmulticast mode
[   45.258652][ T4153] bridge0: left allmulticast mode
[   45.469188][ T4160] hsr_slave_0: left promiscuous mode
[   45.491165][ T4160] hsr_slave_1: left promiscuous mode
[   45.753960][ T4173] netlink: 'syz.2.248': attribute type 1 has an invalid length.
[   45.769230][ T4173] 8021q: adding VLAN 0 to HW filter on device bond1
[   45.832416][ T4173] bond1 (unregistering): Released all slaves
[   45.942024][   T29] kauditd_printk_skb: 197 callbacks suppressed
[   45.942037][   T29] audit: type=1400 audit(1755612040.401:1179): avc:  denied  { read } for  pid=4184 comm="syz.2.253" dev="nsfs" ino=4026532709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   45.969701][   T29] audit: type=1400 audit(1755612040.401:1180): avc:  denied  { open } for  pid=4184 comm="syz.2.253" path="net:[4026532709]" dev="nsfs" ino=4026532709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   45.996295][   T29] audit: type=1400 audit(1755612040.431:1181): avc:  denied  { read } for  pid=4186 comm="syz.0.254" name="usbmon7" dev="devtmpfs" ino=163 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   46.020017][   T29] audit: type=1400 audit(1755612040.431:1182): avc:  denied  { open } for  pid=4186 comm="syz.0.254" path="/dev/usbmon7" dev="devtmpfs" ino=163 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   46.044220][   T29] audit: type=1400 audit(1755612040.431:1183): avc:  denied  { ioctl } for  pid=4186 comm="syz.0.254" path="/dev/usbmon7" dev="devtmpfs" ino=163 ioctlcmd=0x9207 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   46.086827][   T29] audit: type=1400 audit(1755612040.551:1184): avc:  denied  { getopt } for  pid=4190 comm="syz.2.255" lport=46450 faddr=::ffff:100.1.1.0 fport=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[   46.164517][   T29] audit: type=1400 audit(1755612040.631:1185): avc:  denied  { create } for  pid=4196 comm="syz.3.258" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   46.185590][   T29] audit: type=1400 audit(1755612040.631:1186): avc:  denied  { write } for  pid=4196 comm="syz.3.258" name="file0" dev="tmpfs" ino=326 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   46.208504][   T29] audit: type=1400 audit(1755612040.631:1187): avc:  denied  { open } for  pid=4196 comm="syz.3.258" path="/58/file0" dev="tmpfs" ino=326 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   46.234195][   T29] audit: type=1400 audit(1755612040.631:1188): avc:  denied  { ioctl } for  pid=4196 comm="syz.3.258" path="/58/file0" dev="tmpfs" ino=326 ioctlcmd=0x1273 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   46.359938][ T4207] netlink: 'syz.2.262': attribute type 39 has an invalid length.
[   46.395760][ T4209] wg1 speed is unknown, defaulting to 1000
[   46.695074][ T4220] loop3: detected capacity change from 0 to 32768
[   46.755060][ T4220]  loop3: p1 p3 < >
[   46.825683][ T3441] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   46.862399][ T3441] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   46.921984][ T3441] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   46.974618][ T3441] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   46.995048][ T3486] udevd[3486]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[   47.017666][ T3502] udevd[3502]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[   47.050601][ T4242] vlan2: entered promiscuous mode
[   47.055786][ T4242] syz_tun: entered promiscuous mode
[   47.273052][ T4262] team0 (unregistering): Port device team_slave_0 removed
[   47.281869][ T4262] team0 (unregistering): Port device team_slave_1 removed
[   47.405538][ T4273] veth0: entered promiscuous mode
[   47.411542][ T4273] __nla_validate_parse: 5 callbacks suppressed
[   47.411558][ T4273] netlink: 4 bytes leftover after parsing attributes in process `syz.0.288'.
[   47.430337][ T4273] veth0 (unregistering): left promiscuous mode
[   47.738735][ T4305] Driver unsupported XDP return value 0 on prog  (id 240) dev N/A, expect packet loss!
[   47.864939][ T4370] netlink: 'syz.3.306': attribute type 1 has an invalid length.
[   47.934010][ T4370] 8021q: adding VLAN 0 to HW filter on device bond1
[   47.975603][ T4380] netlink: 4 bytes leftover after parsing attributes in process `syz.3.306'.
[   48.002905][ T4380] bond1 (unregistering): Released all slaves
[   48.552536][ T4412] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   48.655567][ T4412] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   48.706886][ T4412] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   48.767963][ T4412] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   48.863665][ T4329] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   48.899735][ T4329] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   48.912151][ T4329] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   48.921138][ T4329] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   48.932118][ T4431] ipvlan2: entered promiscuous mode
[   48.955736][ T4431] bridge0: port 3(ipvlan2) entered blocking state
[   48.962354][ T4431] bridge0: port 3(ipvlan2) entered disabled state
[   48.972008][ T4431] ipvlan2: entered allmulticast mode
[   48.977473][ T4431] bridge0: entered allmulticast mode
[   48.984485][ T4431] ipvlan2: left allmulticast mode
[   48.989562][ T4431] bridge0: left allmulticast mode
[   49.010444][ T4438] loop2: detected capacity change from 0 to 512
[   49.017953][ T4438] msdos: Bad value for 'uid'
[   49.022684][ T4438] msdos: Bad value for 'uid'
[   49.046831][ T4441] netlink: 'syz.0.332': attribute type 3 has an invalid length.
[   49.088083][ T4445] loop3: detected capacity change from 0 to 512
[   49.135121][ T4450] netlink: 4 bytes leftover after parsing attributes in process `syz.0.336'.
[   49.146558][ T4445] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.334: Failed to acquire dquot type 1
[   49.185884][ T4445] EXT4-fs (loop3): 1 truncate cleaned up
[   49.192545][ T4445] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   49.205652][ T4445] ext4 filesystem being mounted at /81/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   49.205947][ T4458] loop2: detected capacity change from 0 to 128
[   49.223845][ T4454] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 248: padding at end of block bitmap is not set
[   49.275116][ T4458] FAT-fs (loop2): Directory bread(block 32) failed
[   49.284845][ T4458] FAT-fs (loop2): Directory bread(block 33) failed
[   49.291485][ T4458] FAT-fs (loop2): Directory bread(block 34) failed
[   49.298292][ T4458] FAT-fs (loop2): Directory bread(block 35) failed
[   49.305352][ T4458] FAT-fs (loop2): Directory bread(block 36) failed
[   49.311935][ T4458] FAT-fs (loop2): Directory bread(block 37) failed
[   49.318797][ T4458] FAT-fs (loop2): Directory bread(block 38) failed
[   49.325820][ T4458] FAT-fs (loop2): Directory bread(block 39) failed
[   49.332563][ T4458] FAT-fs (loop2): Directory bread(block 40) failed
[   49.344301][ T4464] netlink: zone id is out of range
[   49.349446][ T4464] netlink: zone id is out of range
[   49.359090][ T4458] FAT-fs (loop2): Directory bread(block 41) failed
[   49.366812][ T4464] netlink: zone id is out of range
[   49.371930][ T4464] netlink: zone id is out of range
[   49.377407][ T4464] netlink: zone id is out of range
[   49.383008][ T4464] netlink: zone id is out of range
[   49.388434][ T4464] netlink: zone id is out of range
[   49.393780][ T4464] netlink: zone id is out of range
[   49.399190][ T4464] netlink: zone id is out of range
[   49.404438][ T4464] netlink: zone id is out of range
[   49.449975][ T4475] netlink: 'syz.4.347': attribute type 1 has an invalid length.
[   49.467020][ T4475] 8021q: adding VLAN 0 to HW filter on device bond1
[   49.484644][ T4475] 8021q: adding VLAN 0 to HW filter on device bond1
[   49.491824][ T4475] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[   49.504267][ T4475] bond1: (slave vxcan3): Error -95 calling set_mac_address
[   49.570527][ T4481] netlink: 12 bytes leftover after parsing attributes in process `syz.2.349'.
[   49.656416][ T4491] netlink: 4 bytes leftover after parsing attributes in process `syz.4.354'.
[   49.688798][ T4495] bridge0: port 2(bridge_slave_1) entered disabled state
[   49.696222][ T4495] bridge0: port 1(bridge_slave_0) entered disabled state
[   49.928868][ T4511] netlink: 12 bytes leftover after parsing attributes in process `syz.4.361'.
[   49.952893][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.042542][ T4515] SELinux: failed to load policy
[   50.283053][ T4529] bridge0: port 3(bond0) entered blocking state
[   50.289467][ T4529] bridge0: port 3(bond0) entered disabled state
[   50.319795][ T4529] bond0: entered allmulticast mode
[   50.324984][ T4529] bond_slave_0: entered allmulticast mode
[   50.331169][ T4529] bond_slave_1: entered allmulticast mode
[   50.353509][ T4529] dummy0: entered allmulticast mode
[   50.359807][ T4529] bond0: entered promiscuous mode
[   50.365093][ T4529] bond_slave_0: entered promiscuous mode
[   50.370808][ T4529] bond_slave_1: entered promiscuous mode
[   50.377991][ T4529] dummy0: entered promiscuous mode
[   50.383775][ T4530] bond0: left allmulticast mode
[   50.388666][ T4530] bond_slave_0: left allmulticast mode
[   50.394167][ T4530] bond_slave_1: left allmulticast mode
[   50.399826][ T4530] dummy0: left allmulticast mode
[   50.405126][ T4530] bond0: left promiscuous mode
[   50.409908][ T4530] bond_slave_0: left promiscuous mode
[   50.415521][ T4530] bond_slave_1: left promiscuous mode
[   50.421103][ T4530] dummy0: left promiscuous mode
[   50.426183][ T4530] bridge0: port 3(bond0) entered disabled state
[   50.472830][ T4532] bond1: entered promiscuous mode
[   50.478085][ T4532] bond1: entered allmulticast mode
[   50.483433][ T4532] 8021q: adding VLAN 0 to HW filter on device bond1
[   50.492855][ T4532] bond1 (unregistering): Released all slaves
[   50.611183][ T4541] netlink: 'syz.2.373': attribute type 10 has an invalid length.
[   50.619794][ T4541] netlink: 40 bytes leftover after parsing attributes in process `syz.2.373'.
[   50.630751][ T4541] dummy0: entered promiscuous mode
[   50.640791][ T4541] bridge0: port 3(dummy0) entered blocking state
[   50.648193][ T4541] bridge0: port 3(dummy0) entered disabled state
[   50.656242][ T4541] dummy0: entered allmulticast mode
[   50.667660][ T4541] bridge0: port 3(dummy0) entered blocking state
[   50.674649][ T4541] bridge0: port 3(dummy0) entered forwarding state
[   50.706937][ T4545] netlink: 24 bytes leftover after parsing attributes in process `syz.2.375'.
[   50.729827][ T4545] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=4545 comm=syz.2.375
[   50.752367][ T4549] netlink: 277 bytes leftover after parsing attributes in process `syz.0.377'.
[   50.783735][ T4553] netlink: 'syz.0.378': attribute type 1 has an invalid length.
[   50.799900][ T4553] 8021q: adding VLAN 0 to HW filter on device bond1
[   50.816365][ T4553] netlink: 4 bytes leftover after parsing attributes in process `syz.0.378'.
[   50.827016][ T4553] bond1 (unregistering): Released all slaves
[   50.911868][ T4556] loop2: detected capacity change from 0 to 128
[   50.983294][ T4565] bio_check_eod: 14692 callbacks suppressed
[   50.983310][ T4565] syz.2.380: attempt to access beyond end of device
[   50.983310][ T4565] loop2: rw=2049, sector=145, nr_sectors = 16 limit=128
[   51.017064][ T4565] syz.2.380: attempt to access beyond end of device
[   51.017064][ T4565] loop2: rw=2049, sector=169, nr_sectors = 8 limit=128
[   51.041916][ T4565] syz.2.380: attempt to access beyond end of device
[   51.041916][ T4565] loop2: rw=2049, sector=185, nr_sectors = 8 limit=128
[   51.041960][ T4565] syz.2.380: attempt to access beyond end of device
[   51.041960][ T4565] loop2: rw=2049, sector=201, nr_sectors = 8 limit=128
[   51.042003][ T4565] syz.2.380: attempt to access beyond end of device
[   51.042003][ T4565] loop2: rw=2049, sector=217, nr_sectors = 8 limit=128
[   51.042053][ T4565] syz.2.380: attempt to access beyond end of device
[   51.042053][ T4565] loop2: rw=2049, sector=233, nr_sectors = 8 limit=128
[   51.042084][ T4565] syz.2.380: attempt to access beyond end of device
[   51.042084][ T4565] loop2: rw=2049, sector=249, nr_sectors = 8 limit=128
[   51.042155][ T4565] syz.2.380: attempt to access beyond end of device
[   51.042155][ T4565] loop2: rw=2049, sector=265, nr_sectors = 8 limit=128
[   51.042187][ T4565] syz.2.380: attempt to access beyond end of device
[   51.042187][ T4565] loop2: rw=2049, sector=281, nr_sectors = 8 limit=128
[   51.042220][ T4565] syz.2.380: attempt to access beyond end of device
[   51.042220][ T4565] loop2: rw=2049, sector=297, nr_sectors = 8 limit=128
[   51.428380][ T4589] netlink: 'syz.2.403': attribute type 1 has an invalid length.
[   51.462810][   T29] kauditd_printk_skb: 305 callbacks suppressed
[   51.462825][   T29] audit: type=1400 audit(1755612045.921:1492): avc:  denied  { create } for  pid=4595 comm="syz.3.396" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[   51.484210][ T4589] 8021q: adding VLAN 0 to HW filter on device bond1
[   51.488820][   T29] audit: type=1400 audit(1755612045.921:1493): avc:  denied  { bind } for  pid=4595 comm="syz.3.396" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[   51.679813][ T4599] 8021q: adding VLAN 0 to HW filter on device bond1
[   51.687109][ T4599] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[   51.732086][ T4599] bond1: (slave vxcan3): Error -95 calling set_mac_address
[   51.769222][ T4596] lo speed is unknown, defaulting to 1000
[   51.776365][ T4596] lo speed is unknown, defaulting to 1000
[   51.782332][ T4596] lo speed is unknown, defaulting to 1000
[   51.826051][   T29] audit: type=1326 audit(1755612046.291:1494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4604 comm="syz.0.399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f962db6ebe9 code=0x7ffc0000
[   51.849619][   T29] audit: type=1326 audit(1755612046.291:1495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4604 comm="syz.0.399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f962db6ebe9 code=0x7ffc0000
[   51.873324][   T29] audit: type=1326 audit(1755612046.291:1496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4604 comm="syz.0.399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f962db6ebe9 code=0x7ffc0000
[   51.921492][ T4596] infiniband syz2: set active
[   51.926430][ T4596] infiniband syz2: added lo
[   51.930961][   T10] lo speed is unknown, defaulting to 1000
[   52.097002][   T29] audit: type=1326 audit(1755612046.291:1497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4604 comm="syz.0.399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7f962db6ebe9 code=0x7ffc0000
[   52.103864][ T4596] RDS/IB: syz2: added
[   52.120468][   T29] audit: type=1326 audit(1755612046.301:1498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4604 comm="syz.0.399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f962db6ebe9 code=0x7ffc0000
[   52.147834][   T29] audit: type=1326 audit(1755612046.301:1499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4604 comm="syz.0.399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f962db6ebe9 code=0x7ffc0000
[   52.156634][ T4596] smc: adding ib device syz2 with port count 1
[   52.171361][   T29] audit: type=1326 audit(1755612046.301:1500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4604 comm="syz.0.399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f962db6ebe9 code=0x7ffc0000
[   52.181518][ T4596] smc:    ib device syz2 port 1 has pnetid 
[   52.201335][   T29] audit: type=1326 audit(1755612046.301:1501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4604 comm="syz.0.399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f962db6ebe9 code=0x7ffc0000
[   52.207342][   T10] lo speed is unknown, defaulting to 1000
[   52.262334][ T4596] lo speed is unknown, defaulting to 1000
[   52.300968][ T4596] lo speed is unknown, defaulting to 1000
[   52.353120][ T4620] netlink: 'syz.1.406': attribute type 3 has an invalid length.
[   52.362503][ T4596] lo speed is unknown, defaulting to 1000
[   52.391389][ T4624] loop2: detected capacity change from 0 to 1024
[   52.391568][ T4596] lo speed is unknown, defaulting to 1000
[   52.404543][ T4624] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869)
[   52.414550][ T4624] EXT4-fs (loop2): stripe (3) is not aligned with cluster size (16), stripe is disabled
[   52.432102][ T4624] EXT4-fs error (device loop2): ext4_get_journal_inode:5800: inode #3: comm syz.2.417: iget: special inode unallocated
[   52.451022][ T4596] lo speed is unknown, defaulting to 1000
[   52.457046][ T4624] EXT4-fs (loop2): no journal found
[   52.462725][ T4624] EXT4-fs (loop2): can't get journal size
[   52.474085][ T4624] EXT4-fs error (device loop2): ext4_protect_reserved_inode:160: inode #3: comm syz.2.417: iget: special inode unallocated
[   52.503676][ T4624] EXT4-fs (loop2): failed to initialize system zone (-117)
[   52.516655][ T4624] EXT4-fs (loop2): mount failed
[   52.521710][ T4614] siw: device registration error -23
[   53.077796][ T4661] __nla_validate_parse: 3 callbacks suppressed
[   53.077812][ T4661] netlink: 8 bytes leftover after parsing attributes in process `syz.2.421'.
[   53.273272][ T4673] netlink: 36 bytes leftover after parsing attributes in process `syz.1.437'.
[   53.282237][ T4673] netlink: 16 bytes leftover after parsing attributes in process `syz.1.437'.
[   53.291146][ T4673] netlink: 36 bytes leftover after parsing attributes in process `syz.1.437'.
[   53.301111][ T4673] netlink: 36 bytes leftover after parsing attributes in process `syz.1.437'.
[   53.493322][ T4679] netlink: 256 bytes leftover after parsing attributes in process `syz.2.429'.
[   53.750483][ T4690] netlink: 'syz.1.432': attribute type 10 has an invalid length.
[   53.781346][ T4690] team0: Port device dummy0 added
[   53.817120][ T4691] netlink: 'syz.1.432': attribute type 10 has an invalid length.
[   53.848983][ T4691] team0: Failed to send port change of device dummy0 via netlink (err -105)
[   53.885641][ T4691] team0: Failed to send options change via netlink (err -105)
[   53.912160][ T4691] team0: Failed to send port change of device dummy0 via netlink (err -105)
[   53.939885][ T4691] team0: Port device dummy0 removed
[   53.980224][ T4691] bond0: (slave dummy0): Enslaving as an active interface with an up link
[   54.036944][ T4695] bridge: RTM_NEWNEIGH with invalid ether address
[   54.117560][ T4700] loop2: detected capacity change from 0 to 1024
[   54.125083][ T4702] ref_ctr increment failed for inode: 0x189 offset: 0x0 ref_ctr_offset: 0x82 of mm: 0xffff88810c7e4ac0
[   54.137560][ T4702] uprobe: syz.1.440:4702 failed to unregister, leaking uprobe
[   54.157081][ T4704] netlink: 4 bytes leftover after parsing attributes in process `syz.4.438'.
[   54.205187][ T4700] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   54.231483][ T4707] netlink: 24 bytes leftover after parsing attributes in process `syz.0.441'.
[   54.309769][ T4707] netlink: 4 bytes leftover after parsing attributes in process `syz.0.441'.
[   54.546005][ T4727] netlink: 12 bytes leftover after parsing attributes in process `syz.1.448'.
[   54.560116][ T4725] loop0: detected capacity change from 0 to 8192
[   54.659303][ T4700] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4700 comm=syz.2.436
[   54.680957][ T4700] EXT4-fs error (device loop2): mb_free_blocks:2017: group 0, inode 18: block 369:freeing already freed block (bit 23); block bitmap corrupt.
[   54.730257][ T4736] vlan2: entered allmulticast mode
[   54.785641][ T4739] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   54.817643][ T4745] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   54.832713][ T3300] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.845231][ T4739] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   54.875208][ T4739] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   54.999801][ T1080] lo speed is unknown, defaulting to 1000
[   55.005702][   T36] wg1 speed is unknown, defaulting to 1000
[   55.012625][ T4739] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   55.077429][ T4762] syzkaller0: entered promiscuous mode
[   55.083095][ T4762] syzkaller0: entered allmulticast mode
[   55.104884][ T4349] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   55.121866][ T4349] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   55.143175][ T4349] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   55.174386][ T4349] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   55.214464][ T4765] loop1: detected capacity change from 0 to 4096
[   55.230544][ T4765] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   55.314378][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.636006][ T4796] wg1 speed is unknown, defaulting to 1000
[   55.673414][ T4796] lo speed is unknown, defaulting to 1000
[   55.750642][ T4800] loop2: detected capacity change from 0 to 512
[   55.770725][ T4800] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   55.820515][ T4800] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   55.846949][ T4800] EXT4-fs (loop2): 1 truncate cleaned up
[   55.868317][ T4800] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   55.901588][ T4804] loop1: detected capacity change from 0 to 1024
[   55.936209][ T4804] EXT4-fs: Ignoring removed orlov option
[   55.957631][ T4804] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   55.972338][ T3300] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.470773][ T4838] loop0: detected capacity change from 0 to 128
[   56.479349][   T29] kauditd_printk_skb: 495 callbacks suppressed
[   56.479363][   T29] audit: type=1400 audit(1755612050.941:1997): avc:  denied  { mount } for  pid=4837 comm="syz.0.486" name="/" dev="loop0" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[   56.515076][ T4804] ==================================================================
[   56.523266][ T4804] BUG: KCSAN: data-race in xas_find_marked / xas_set_mark
[   56.530490][ T4804] 
[   56.532818][ T4804] write to 0xffff888119850b3c of 4 bytes by task 4810 on cpu 0:
[   56.540445][ T4804]  xas_set_mark+0x12b/0x140
[   56.544956][ T4804]  __folio_start_writeback+0x1dd/0x440
[   56.550510][ T4804]  ext4_bio_write_folio+0x5ad/0x9f0
[   56.555734][ T4804]  mpage_process_page_bufs+0x4a1/0x620
[   56.561220][ T4804]  mpage_prepare_extent_to_map+0x786/0xc00
[   56.567032][ T4804]  ext4_do_writepages+0xa05/0x2750
[   56.572143][ T4804]  ext4_writepages+0x176/0x300
[   56.576894][ T4804]  do_writepages+0x1c3/0x310
[   56.581475][ T4804]  file_write_and_wait_range+0x156/0x2c0
[   56.587103][ T4804]  generic_buffers_fsync_noflush+0x45/0x120
[   56.592986][ T4804]  ext4_sync_file+0x1ab/0x690
[   56.597662][ T4804]  vfs_fsync_range+0x10d/0x130
[   56.602413][ T4804]  ext4_buffered_write_iter+0x34f/0x3c0
[   56.607955][ T4804]  ext4_file_write_iter+0x383/0xf00
[   56.613153][ T4804]  iter_file_splice_write+0x666/0x9e0
[   56.618513][ T4804]  direct_splice_actor+0x153/0x2a0
[   56.623611][ T4804]  splice_direct_to_actor+0x30f/0x680
[   56.628968][ T4804]  do_splice_direct+0xda/0x150
[   56.633719][ T4804]  do_sendfile+0x380/0x650
[   56.638142][ T4804]  __x64_sys_sendfile64+0x105/0x150
[   56.643437][ T4804]  x64_sys_call+0x2bb0/0x2ff0
[   56.648117][ T4804]  do_syscall_64+0xd2/0x200
[   56.652702][ T4804]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   56.658682][ T4804] 
[   56.660988][ T4804] read to 0xffff888119850b3c of 4 bytes by task 4804 on cpu 1:
[   56.668517][ T4804]  xas_find_marked+0x5dc/0x620
[   56.673282][ T4804]  find_get_entry+0x5d/0x380
[   56.677868][ T4804]  filemap_get_folios_tag+0x92/0x210
[   56.683141][ T4804]  mpage_prepare_extent_to_map+0x320/0xc00
[   56.688936][ T4804]  ext4_do_writepages+0x708/0x2750
[   56.694044][ T4804]  ext4_writepages+0x176/0x300
[   56.698797][ T4804]  do_writepages+0x1c3/0x310
[   56.703393][ T4804]  file_write_and_wait_range+0x156/0x2c0
[   56.709125][ T4804]  generic_buffers_fsync_noflush+0x45/0x120
[   56.715272][ T4804]  ext4_sync_file+0x1ab/0x690
[   56.719947][ T4804]  vfs_fsync_range+0x10d/0x130
[   56.724732][ T4804]  ext4_buffered_write_iter+0x34f/0x3c0
[   56.730312][ T4804]  ext4_file_write_iter+0x383/0xf00
[   56.735509][ T4804]  iter_file_splice_write+0x666/0x9e0
[   56.740867][ T4804]  direct_splice_actor+0x153/0x2a0
[   56.745963][ T4804]  splice_direct_to_actor+0x30f/0x680
[   56.751320][ T4804]  do_splice_direct+0xda/0x150
[   56.756151][ T4804]  do_sendfile+0x380/0x650
[   56.760560][ T4804]  __x64_sys_sendfile64+0x105/0x150
[   56.765748][ T4804]  x64_sys_call+0x2bb0/0x2ff0
[   56.770413][ T4804]  do_syscall_64+0xd2/0x200
[   56.774907][ T4804]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   56.780784][ T4804] 
[   56.783090][ T4804] value changed: 0x0a000021 -> 0x04000021
[   56.789233][ T4804] 
[   56.791546][ T4804] Reported by Kernel Concurrency Sanitizer on:
[   56.797708][ T4804] CPU: 1 UID: 0 PID: 4804 Comm: syz.1.476 Tainted: G        W           6.17.0-rc2-syzkaller-00028-gbe48bcf004f9 #0 PREEMPT(voluntary) 
[   56.811590][ T4804] Tainted: [W]=WARN
[   56.815381][ T4804] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   56.825423][ T4804] ==================================================================
[   56.835136][ T4841] bio_check_eod: 70 callbacks suppressed
[   56.835151][ T4841] syz.0.486: attempt to access beyond end of device
[   56.835151][ T4841] loop0: rw=2049, sector=145, nr_sectors = 16 limit=128
[   56.883280][ T4841] syz.0.486: attempt to access beyond end of device
[   56.883280][ T4841] loop0: rw=2049, sector=169, nr_sectors = 8 limit=128
[   56.923657][ T4841] syz.0.486: attempt to access beyond end of device
[   56.923657][ T4841] loop0: rw=2049, sector=185, nr_sectors = 8 limit=128
[   56.988884][ T4841] syz.0.486: attempt to access beyond end of device
[   56.988884][ T4841] loop0: rw=2049, sector=201, nr_sectors = 8 limit=128
[   57.016567][ T4841] syz.0.486: attempt to access beyond end of device
[   57.016567][ T4841] loop0: rw=2049, sector=217, nr_sectors = 8 limit=128
[   57.063567][ T4841] syz.0.486: attempt to access beyond end of device
[   57.063567][ T4841] loop0: rw=2049, sector=233, nr_sectors = 8 limit=128
[   57.087174][ T4841] syz.0.486: attempt to access beyond end of device
[   57.087174][ T4841] loop0: rw=2049, sector=249, nr_sectors = 8 limit=128
[   57.100881][ T4841] syz.0.486: attempt to access beyond end of device
[   57.100881][ T4841] loop0: rw=2049, sector=265, nr_sectors = 8 limit=128
[   57.101597][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   57.115057][ T4841] syz.0.486: attempt to access beyond end of device
[   57.115057][ T4841] loop0: rw=2049, sector=281, nr_sectors = 8 limit=128
[   57.137660][ T4841] syz.0.486: attempt to access beyond end of device
[   57.137660][ T4841] loop0: rw=2049, sector=297, nr_sectors = 8 limit=128
[   57.170142][   T29] audit: type=1400 audit(1755612051.631:1998): avc:  denied  { unmount } for  pid=3299 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1