last executing test programs:

2m3.496790574s ago: executing program 32 (id=2064):
r0 = epoll_create(0x3ff)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10)
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r3, &(0x7f0000000240)={0xa0000000, 0x1b54c8})
epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r3, &(0x7f0000000440)={0x2000000})

1m18.070022853s ago: executing program 2 (id=3721):
socket$kcm(0xa, 0x3, 0x87)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
pselect6(0x40, &(0x7f0000000040)={0x3, 0x100000000, 0x10d, 0x401, 0x40, 0xa, 0x2800000000000009, 0x7}, 0x0, 0x0, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="034886dd010000000000140000006000000003088700fe88a43de1a400000000000000007d01ff020000000000000000000000000001"], 0xfdef)

1m17.151918696s ago: executing program 2 (id=3755):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r2, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x3}, 0x8)
sendto$inet6(r2, &(0x7f0000000400)="aa", 0xfffd, 0x0, &(0x7f0000000080)={0xa, 0x0, 0x3f66400, @dev={0xfe, 0x80, '\x00', 0x6}, 0x3}, 0x1c)
shutdown(r2, 0x1)

1m17.086759663s ago: executing program 2 (id=3756):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@multicast1, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x4f}}, {{@in6=@mcast2, 0x404d3, 0x2b}, 0x0, @in=@empty}}, 0xe4)
r1 = socket$key(0xf, 0x3, 0x2)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00000001c0), 0x4)
sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="020b000102"], 0x10}}, 0x0)
sendmsg$key(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x15, 0xcb23c9c9931e99e9, 0x0, 0x25dfdbfc, {{@in6=@private0, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x40, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0xaa3, 0xfffffffffffffff8, 0x4}, {0x0, 0x8}}}, 0xb8}}, 0x0)

1m17.025236079s ago: executing program 2 (id=3757):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280), 0x0, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='mountinfo\x00')
sendfile(r1, r1, &(0x7f0000000000)=0x2eb4, 0x2000007ff)

1m17.024978829s ago: executing program 2 (id=3758):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x20081e, &(0x7f0000000840)={[{@grpjquota}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0xa30}}, {@grpquota}]}, 0x1, 0x52a, &(0x7f0000001440)="$eJzs3c9vHFcdAPDvjL22k7h1WnoABG1oCwFFWcebNqp6gHJCCFVC9AhSauyNFWXXa3nXpTaRcM9ckajECY78AZx74s4FwY1LOSDxwwLVSBwGzezY2di7tpPYXmv385FG+9688XzfizPvzbxd7wtgbF2LiO2ImIqI9yNirtyflFu8093y4z7bebi0u/NwKYkse++fSVGe74uen8ldKc85ExE/+E7Ej5PDcdubWw8WG436epmf7zTX5tubWzfvNxdX6iv11VrtzsKdW2/dfrP2BK2ZObL0leZUmfryp3/Y/sZP82rNlnt623Gauk2v7MfJTUbE984i2BBMlO2ZGnZFeCppRLwYEa8W1/9cTBS/TQBglGXZXGRzvXkAYNSlxRxYklbLuYDZSNNqtTuH91JcThutdufGvdbG6nJ3ruxqVNJ79xv1W+Vc4dWoJHl+oUg/ytcO5G9HxAsR8YvpS0W+utRqLA/zxgcAxtiVA+P/f6a74z8AMOKO/tgMADCKjP8AMH6M/wAwfoz/ADB+uuP/pSf9sSzLfnYW1QEAzoHnfwAYP8Z/ABgr33/33XzLdsvvv17+YHPjQeuDm8v19oNqc2OputRaX6uutForxXf2NI87X6PVWlt4IzY+vPrNtXZnvr25dbfZ2ljt3C2+1/tuvVIctX0OLQMABnnhlU/+nOQj8tuXii161nKoDLVmwFlLh10BYGgmhl0BYGi6q331WaAPGHmPnvGf+EMApgdgRBx3BzDT7w+EsizLzq5KwBm7/gXz/zCuyvn/SZ8ChvFz3Px/sTawNwlhJE0OuwLA0GRZctI1/+OkBwIAF9sRc/xXz/M+BBieAe//v1i+/rZ8c+BHyweP+PgsawUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAX2976v9Vymd/ZSNNqNeK5YgGgSnLvfqN+KyKej4g/TVem8/zCkOsMADyr9G9Juf7X9bnXZx8revnKfnIqIn7yq/d++eFip7P+x4ip5F/Te/s7H5f7a8cGmzmLFgAAR9sbp4vXngf5z3YeLu1t51mfv3+7e1eQx93dmYrd/fiTMVm8zkQlIi7/OynzXUnP3MWz2P4oIj7fr/1JzBZzIN1bloPx89jPnVL8iRPFTx+Ln5YLNKflv8XnTqEuMG4+yfufd/pdf2lcK177X/8zRQ/17Mr+Lz/V0m7RBz6Kv9f/TQzo/66dNMYbv/9uN3XpcNlHEV+cjNiLvdvT/+zFTwbEf/2E8f/ypZdfHVSW/TrievSP3xtrvtNcm29vbt2831xcqa/UV2u1Owt3br11+83afDFHPT94NPjH2zeeH1SWt//ygPgzx7T/q4NOeuAp9zf/e/+HXzki/tdf6xc/jZeOiJ+PiV8b2OLHLV7+3cDn7jz+8uH2Jyf5/d84YfxP/7p1aNlwAGB42ptbDxYbjfq6hMTFT+T/ZS9ANfomvnVesaaif9HPX+te0weKsuypYg3qMU5j1g24CPYv+oj477ArAwAAAAAAAAAAAAAA9HUef7E07DYCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwuv4fAAD//9VG0+g=")
creat(0x0, 0x1a2)
r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
write$cgroup_int(r1, &(0x7f0000000540), 0xfffffdd8)

1m16.651116287s ago: executing program 2 (id=3769):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='rxrpc_local\x00', r0, 0x0, 0x80000001}, 0x18)
r1 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r1, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001a00)=ANY=[], 0x10b8}, 0x106)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r2, 0xffffffffffffffff, 0x0)

1m16.650876377s ago: executing program 33 (id=3769):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='rxrpc_local\x00', r0, 0x0, 0x80000001}, 0x18)
r1 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r1, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001a00)=ANY=[], 0x10b8}, 0x106)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r2, 0xffffffffffffffff, 0x0)

1m12.237079783s ago: executing program 5 (id=3885):
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000000001"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0x8, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ec0)={&(0x7f0000000bc0)='kfree\x00', r1, 0x0, 0xfffffffffffffff4}, 0x18)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7012fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b0001006272696467"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000160a030200020000000000000200000009000200"], 0x80}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a30000000006c000000160a01000000000000000000010000000900010073797a30000000000900020073797a3000000000400003800800014000000000080002400000fbff2b0003801400010067656e6576653000000000000000000014000100776732000000000000000000c6e49c0f5c000000180a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c000380140001"], 0x110}}, 0x0)

1m12.206423335s ago: executing program 5 (id=3888):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x7, 0x8000, 0x1}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f0000000180)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000d0039000000000000b4a518110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='mm_page_free\x00', r2, 0x0, 0x4}, 0x18)
setrlimit(0x9, &(0x7f0000000080)={0x8606, 0xffff})
io_setup(0x8f0, &(0x7f0000002400))

1m12.183382258s ago: executing program 5 (id=3889):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2, 0x4}, 0x1c)
connect$pppl2tp(r0, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r1, 0x8, 0x0, 0x1003, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}, 0x32)
writev(r0, &(0x7f0000000180)=[{&(0x7f0000000080)='v', 0x180204}], 0x1)

1m12.151011341s ago: executing program 5 (id=3892):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x100)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x2151090, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b1098, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2925099, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)='tracefs\x00', 0x5, 0x0)

1m12.126440824s ago: executing program 5 (id=3893):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x1a, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @tracing=0xbf99ba52bde1f31f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x1, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x961}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000540), r0)
sendmsg$NL80211_CMD_VENDOR(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="bbfb2bbd7000fddbdf25670000000800c400020000000800c3"], 0x24}, 0x1, 0x0, 0x0, 0x801}, 0x0)

1m12.030022244s ago: executing program 5 (id=3898):
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000340)=@name={0x1e, 0x2, 0x0, {{0x43, 0x4}, 0x1}}, 0x10)
r1 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r1, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x4, 0x3, 0x3}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000380)={0x43, 0x4, 0x3, 0x3}, 0x10)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r2, 0xffffffffffffffff, 0x0)

1m11.984160698s ago: executing program 34 (id=3898):
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000340)=@name={0x1e, 0x2, 0x0, {{0x43, 0x4}, 0x1}}, 0x10)
r1 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r1, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x4, 0x3, 0x3}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000380)={0x43, 0x4, 0x3, 0x3}, 0x10)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r2, 0xffffffffffffffff, 0x0)

58.128998748s ago: executing program 7 (id=4303):
prctl$PR_SET_NAME(0xf, &(0x7f0000000640)='LX[X\x00.]%Jk\xe8\xd4M\xd7\xf9m\xa7%\xe5)J81`.\x7f7\xa6\'\x1f4\x06_0\xf3\x05\xc8\xcc\xf8\r:\r*w\x8d\xbd\x02\xd3F\x83\x82u3\xc7\x1bp\xa1=\xdb\x9e8H\a\xdc(\xb9\x84\f%\xb8\xd8\xd9\xa2`2\xc6V\xda\x14@\x12-\x94e\xca\xb8\xf8\x0e\xf4\xb2\x87J3\x9eucSYT\x81\xb2t\x13*\x8c\x8d\xdf\x17\xcc\xa7nO\xbb\x05\x95;\xcd\x10\x80\xfdx$\xc6CLk.\xe4Nin\xdaXH(\x97\xd1\x03\xe6\xec\x1d)\x98\xca\x83hy\x11\a\xda\xac\xfb{\xa6\xdd\x7f\xe2\xf5\xc4p=\x14v\x91\x92Hhd42\xbb\x00\x00\x00')
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
r0 = syz_io_uring_setup(0x116c, &(0x7f0000000000)={0x0, 0x7f36, 0x0, 0x1, 0x34f}, &(0x7f00000000c0)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000002c0)={0x1, &(0x7f0000000200)=[{0x32, 0x0, 0x0, 0x4}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x8})
io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0)

58.086274252s ago: executing program 7 (id=4304):
r0 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r0, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
listen(r0, 0x0)
r1 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r1, &(0x7f0000000080)={0x28, 0x0, 0x0, @local}, 0x10)
write$binfmt_elf64(r1, &(0x7f0000000240)=ANY=[], 0x40000)
r2 = accept4$unix(r0, 0x0, 0x0, 0x800)
recvmmsg(r2, &(0x7f0000000c00)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x5a}, 0x807}, {{0x0, 0x0, &(0x7f0000000b00)=[{&(0x7f0000000300)=""/255, 0xf0}], 0x2c, 0x0, 0x4e}, 0x1ff}], 0x2, 0x40000100, 0x0)

58.062559005s ago: executing program 7 (id=4305):
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(0xffffffffffffffff, 0x10e, 0x8, 0x0, 0x0)
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000200), 0x100)
r1 = syz_io_uring_setup(0x5c2, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x4}, &(0x7f0000000300)=<r2=>0x0, &(0x7f0000000580)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000004c0)=@IORING_OP_TIMEOUT={0xb, 0x49, 0x0, 0x0, 0x4, &(0x7f0000000280)={0x0, 0x989680}, 0x1, 0x8, 0x1})
io_uring_enter(r1, 0x6e2, 0x3900, 0x43, 0x0, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x441e, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8a, 0x6}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
readv(r0, &(0x7f0000000300)=[{&(0x7f0000000000)=""/47, 0x2f}], 0x1)

57.131159438s ago: executing program 7 (id=4315):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xd, &(0x7f0000000f80)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000e40)={&(0x7f0000001040)='kfree\x00', r1}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000700)={{r0}, &(0x7f0000000680), &(0x7f00000006c0)}, 0x20)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r4=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000880)={0x24, r3, 0x1, 0x4070bd28, 0x1, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r4}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}]}, 0x24}}, 0x18)

57.113223951s ago: executing program 7 (id=4316):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000008b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x8}, 0x18)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1/file3\x00', 0x11e)
renameat2(0xffffffffffffff9c, &(0x7f0000000400)='./file1/file3\x00', 0xffffffffffffff9c, &(0x7f0000000600)='./file0\x00', 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30)
mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0)

57.096407162s ago: executing program 7 (id=4317):
openat(0xffffffffffffff9c, 0x0, 0x2060, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f0000000080)})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f00000004c0)={[{@resuid}, {@init_itable}, {@stripe}, {@noblock_validity}]}, 0x3, 0x451, &(0x7f0000000f80)="$eJzs3M2PU1UbAPDn3k6HlxdwRsQPPtRRNE78mGEAlYULNZq4wMREF7qczAwEKYxhxkQIUTAGV8aYuDcu/Rdc6cYYVyZudW9IiGEDuKq57b1MW9rCdFqq098vuXDOvedyztNzT3vuPS0BjKyp7I8kYntE/B4RE/Vsc4Gp+l/Xr55fuHH1/EIS1erbfyW1cteunl8oihbnbcsz02lE+lkSe9vUu3L23Mn5SmXpTJ6fXT31wezK2XPPnTg1f3zp+NLpg0eOHD409+ILB5/vS5xZm67t+Xh53+433vvqzaNfNMXfEkefTHU7+GS12ufqhmtHQzoZG2JDWJdSRGTdVa6N/4koxVrnTcTrnw61ccBAVavV6rbOhy9UgU0siea8IQ+jovigz+5/i611EvDy4KYfQ3fllfoNUBb39XyrHxmLNC9Tbrm/7aepiHj3wt/fZFsM5jkEAECTH7L5z7Pt5n9pPNBQ7p58bWgyIu6NiJ0RcV9E7IqI+yNqZR+MiIfWWX/rIsmt85/0ck+B3aFs/vdSvrbVPP8rZn8xWcpzO2rxl5NjJypLB/LXZDrKW7L8XJc6fnztty87HWuc/2VbVn8xF8zbcXlsS/M5i/Or8xuJudGVixF7xtrFn9xcCUgiYndE7OmxjhNPf7ev07Hbx99FH9aZqt9GPFXv/wvREn8h6b4+Ofu/qCwdmC2uilv98uultzrVv6H4+yDr//+3vf5vxj+ZNK7Xrqy/jkt/fN7xnqbX6388eaeWHs/3fTS/unpmLmI8OVpvdOP+g2vnFvmifBb/9P72439nrL0SeyMiu4gfjohHIuLRvO2PRcTjEbG/S/w/v/rE+73HP1hZ/Ivr6v+1xHi07mmfKJ386fumSidvif9G9/4/XEtN53vu5P3vTtrV29UMAAAA/z1pRGyPJJ25mU7TmZn69+V3RaSV5ZXVZ44tf3h6sf4bgckop8WTromG56Fz+W19PX8xIupfLSiOH8qfG39d2lrLzywsVxaHHTyMuG0dxn/mz9KwWwcMnN9rwegy/mF0Gf8wuox/GF1txv/WYbQDuPvaff5/MoR2AHdfy/i37AcjxP0/jK6O438z/88/QI3PfxhJK1vj9j+S75oo/qUeT9+0iSj/K5qx8UQ1adu5kQ67YRKDTAz3fQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBf/gkAAP//qmHgTw==")
creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
symlink(&(0x7f0000000dc0)='./file0\x00', &(0x7f0000000cc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)

41.026795726s ago: executing program 35 (id=4317):
openat(0xffffffffffffff9c, 0x0, 0x2060, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f0000000080)})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f00000004c0)={[{@resuid}, {@init_itable}, {@stripe}, {@noblock_validity}]}, 0x3, 0x451, &(0x7f0000000f80)="$eJzs3M2PU1UbAPDn3k6HlxdwRsQPPtRRNE78mGEAlYULNZq4wMREF7qczAwEKYxhxkQIUTAGV8aYuDcu/Rdc6cYYVyZudW9IiGEDuKq57b1MW9rCdFqq098vuXDOvedyztNzT3vuPS0BjKyp7I8kYntE/B4RE/Vsc4Gp+l/Xr55fuHH1/EIS1erbfyW1cteunl8oihbnbcsz02lE+lkSe9vUu3L23Mn5SmXpTJ6fXT31wezK2XPPnTg1f3zp+NLpg0eOHD409+ILB5/vS5xZm67t+Xh53+433vvqzaNfNMXfEkefTHU7+GS12ufqhmtHQzoZG2JDWJdSRGTdVa6N/4koxVrnTcTrnw61ccBAVavV6rbOhy9UgU0siea8IQ+jovigz+5/i611EvDy4KYfQ3fllfoNUBb39XyrHxmLNC9Tbrm/7aepiHj3wt/fZFsM5jkEAECTH7L5z7Pt5n9pPNBQ7p58bWgyIu6NiJ0RcV9E7IqI+yNqZR+MiIfWWX/rIsmt85/0ck+B3aFs/vdSvrbVPP8rZn8xWcpzO2rxl5NjJypLB/LXZDrKW7L8XJc6fnztty87HWuc/2VbVn8xF8zbcXlsS/M5i/Or8xuJudGVixF7xtrFn9xcCUgiYndE7OmxjhNPf7ev07Hbx99FH9aZqt9GPFXv/wvREn8h6b4+Ofu/qCwdmC2uilv98uultzrVv6H4+yDr//+3vf5vxj+ZNK7Xrqy/jkt/fN7xnqbX6388eaeWHs/3fTS/unpmLmI8OVpvdOP+g2vnFvmifBb/9P72439nrL0SeyMiu4gfjohHIuLRvO2PRcTjEbG/S/w/v/rE+73HP1hZ/Ivr6v+1xHi07mmfKJ386fumSidvif9G9/4/XEtN53vu5P3vTtrV29UMAAAA/z1pRGyPJJ25mU7TmZn69+V3RaSV5ZXVZ44tf3h6sf4bgckop8WTromG56Fz+W19PX8xIupfLSiOH8qfG39d2lrLzywsVxaHHTyMuG0dxn/mz9KwWwcMnN9rwegy/mF0Gf8wuox/GF1txv/WYbQDuPvaff5/MoR2AHdfy/i37AcjxP0/jK6O438z/88/QI3PfxhJK1vj9j+S75oo/qUeT9+0iSj/K5qx8UQ1adu5kQ67YRKDTAz3fQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBf/gkAAP//qmHgTw==")
creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
symlink(&(0x7f0000000dc0)='./file0\x00', &(0x7f0000000cc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)

15.432765441s ago: executing program 6 (id=5360):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x78)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140))
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}})

15.312625433s ago: executing program 6 (id=5364):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffd9b, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000240), &(0x7f0000000280)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='attr/exec\x00')
r2 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000400), 0x121201, 0x0)
ioctl$IMADDTIMER(r2, 0x80044940, &(0x7f0000000600)=0x14)
ioctl$IMADDTIMER(r2, 0x80044940, &(0x7f0000000080)=0x14)
close(r2)

15.295347915s ago: executing program 6 (id=5365):
r0 = socket(0x10, 0x3, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB='\x00'/18], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x1b, 0xf, &(0x7f0000000340)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x89f1, &(0x7f0000000080))
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0xffffff81, {0x0, 0x0, 0x0, r2, {0xe, 0x3}, {}, {0x9, 0xfff1}}}, 0x24}}, 0x40004)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)

15.218268553s ago: executing program 6 (id=5367):
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x2151090, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000280)='./file0\x00', 0x0, 0x2301091, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
umount2(&(0x7f0000000080)='./file0\x00', 0x2)

15.200702274s ago: executing program 6 (id=5369):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000007d000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10)
r1 = socket(0x2a, 0x2, 0x0)
sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x20040845}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000580)=@newtfilter={0x88, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0xfffa}, {}, {0x1c, 0xfff9}}, [@filter_kind_options=@f_flower={{0xb}, {0x58, 0x2, [@TCA_FLOWER_ACT={0x54, 0x3, [@m_connmark={0x50, 0x1, 0x0, 0x0, {{0xd}, {0x20, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0xfffffff8, 0xfff, 0x0, 0x200, 0xa}, 0x3}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x3}}}}]}]}}]}, 0x88}, 0x1, 0x0, 0x0, 0x20000004}, 0x24000000)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)

15.008785364s ago: executing program 6 (id=5374):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0xffffffff}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x80800, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x8042, 0x0)
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x18010, &(0x7f0000000000)={[{@minixdf}, {@dioread_nolock}]}, 0x3, 0x738, &(0x7f0000000780)="$eJzs3V9rW2UYAPDnnDambtVWUPEPyMSh4li61snYlduV3gwHA2+30malNl1qk8wl7GK78lZEURBBv4P3itd+AL+Cgn9GvZhXkZN/29qki1vbQPP7wUne55wTnvddxvtA30PeAMbWsewljXgxIi4mETOd80lE5FqtyYhz7fu27txcyo4kms1LfyWte7I47vtM5mhE3IqIFyLi51zEiXRn3kq9sbZYKhU3O/FcdX1jrlJvnFxdX1wprhSvnT19euH0mXfOnt27sb71wYfPF7qdnP/thyTOxXQnvH8ce6mdLpf9Ez7gvf1INkLJqDvAI5mMiInO+3MxExOtFgBwmDXzEU0AYMwk6j8AjJnu3wG6a3v7tQ42yB/nI2KqX/7JzprZVGsd8shW8sDKRBIRswfZUQ6lW7cj4srssZ3//5Ida7b/16m96CD76qds/jnXb/5Je/NP9Jl/prrPTjymwfPfvfwTA+a/i0PmeP/lWnlg/tsRLyWTffInvfzJgPxXhsz/493lfwdda34f8fr2+jMRDzxRkOz6fMjc1dVS8VT7tX+OY7WbH+02/iN961/SeoZlt/FvDDn+6c9f/eXWLvnffG337z+J+PN8Z42+K6uJnw2Z/9Pcu18OupblX+6O/9vj9115+Pf/3ZD5z7zycWPIWwEAAAAAAAAAAAAAAAAAAAAAAAAAAOBQSCNiOpK00GunaaHQ3sP72TiSlsqV6omr5dq15WjtlT0bubT7U8sz7TjJ4vnO7/F344VWe6sXvx0Rz0TEF/knW3FhqVxaHvXgAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDj6Lb9///Jt/f/BwAOualRdwAAOHDqPwCMH/UfAMaP+g8A40f9B4Dxo/4DwPh5hPqf349+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA2Ll64kB3NrTs3l7J4+Xq9tla+fnK5WFkrrNeWCkvlzY3CSrm8UioWlsrr2z+fbItL5fLGwkLUbsxVi5XqXKXeuLxerl2rXl5dX1wpXi7mDmxkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADC86daRpIWISFvtNC0UIp6KiNnIJVdXS8VTEfF0RPyaz+WzeH7UnQYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAPVapN9YWS6XipoaGhkavMeqZCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7evU2/R90TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABil9PckIrLjjZnj09uvPpHczbfeI+KTby59dWOxWt2cz87/3Ttf/bpzfmEU/QcAHqZbp7t1HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD6qdQba4ulUnGzUk8i4m6zrX2md+nxGqMeIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAe+e/AAAA//829Mx2")

14.964476918s ago: executing program 36 (id=5374):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0xffffffff}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x80800, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x8042, 0x0)
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x18010, &(0x7f0000000000)={[{@minixdf}, {@dioread_nolock}]}, 0x3, 0x738, &(0x7f0000000780)="$eJzs3V9rW2UYAPDnnDambtVWUPEPyMSh4li61snYlduV3gwHA2+30malNl1qk8wl7GK78lZEURBBv4P3itd+AL+Cgn9GvZhXkZN/29qki1vbQPP7wUne55wTnvddxvtA30PeAMbWsewljXgxIi4mETOd80lE5FqtyYhz7fu27txcyo4kms1LfyWte7I47vtM5mhE3IqIFyLi51zEiXRn3kq9sbZYKhU3O/FcdX1jrlJvnFxdX1wprhSvnT19euH0mXfOnt27sb71wYfPF7qdnP/thyTOxXQnvH8ce6mdLpf9Ez7gvf1INkLJqDvAI5mMiInO+3MxExOtFgBwmDXzEU0AYMwk6j8AjJnu3wG6a3v7tQ42yB/nI2KqX/7JzprZVGsd8shW8sDKRBIRswfZUQ6lW7cj4srssZ3//5Ida7b/16m96CD76qds/jnXb/5Je/NP9Jl/prrPTjymwfPfvfwTA+a/i0PmeP/lWnlg/tsRLyWTffInvfzJgPxXhsz/493lfwdda34f8fr2+jMRDzxRkOz6fMjc1dVS8VT7tX+OY7WbH+02/iN961/SeoZlt/FvDDn+6c9f/eXWLvnffG337z+J+PN8Z42+K6uJnw2Z/9Pcu18OupblX+6O/9vj9115+Pf/3ZD5z7zycWPIWwEAAAAAAAAAAAAAAAAAAAAAAAAAAOBQSCNiOpK00GunaaHQ3sP72TiSlsqV6omr5dq15WjtlT0bubT7U8sz7TjJ4vnO7/F344VWe6sXvx0Rz0TEF/knW3FhqVxaHvXgAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDj6Lb9///Jt/f/BwAOualRdwAAOHDqPwCMH/UfAMaP+g8A40f9B4Dxo/4DwPh5hPqf349+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA2Ll64kB3NrTs3l7J4+Xq9tla+fnK5WFkrrNeWCkvlzY3CSrm8UioWlsrr2z+fbItL5fLGwkLUbsxVi5XqXKXeuLxerl2rXl5dX1wpXi7mDmxkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADC86daRpIWISFvtNC0UIp6KiNnIJVdXS8VTEfF0RPyaz+WzeH7UnQYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAPVapN9YWS6XipoaGhkavMeqZCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7evU2/R90TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABil9PckIrLjjZnj09uvPpHczbfeI+KTby59dWOxWt2cz87/3Ttf/bpzfmEU/QcAHqZbp7t1HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD6qdQba4ulUnGzUk8i4m6zrX2md+nxGqMeIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAe+e/AAAA//829Mx2")

11.466548332s ago: executing program 8 (id=5443):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec8500000050000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000240)=0x100000001, 0x59)
connect$inet6(r1, &(0x7f0000000200)={0xa, 0xffff, 0xb7, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f0000000040), 0x1e)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x1, &(0x7f00000000c0)=@gcm_128={{0x303}, "2d432d74c04f228a", "d71d9a1e03558545115509e1c34caab9", "018000"}, 0x28)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x2, &(0x7f0000000080)=@gcm_128={{0x303}, "ba28597967d1b54c", "9712b0d86846b5ecc522bc6f13a6e30c", "ea0292da", "9e87dc79f4c04982"}, 0x28)
sendto$inet6(r1, &(0x7f0000000740)='S', 0x1, 0x8000, 0x0, 0x0)
close(r1)

11.466122272s ago: executing program 8 (id=5444):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000480)="5c00000012006bab9a3fe3d86e17aa0b046b876c1d0048380019001931a0e69ee517d34460bc06000000a701251e6182949a3651f60a84c9f4d4938037e70e4509c51c268811000000000000000000002571cd53b9851b30599980bc", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000003980)=""/156, 0x9c}, {&(0x7f0000000c80)=""/220, 0xdc}, {&(0x7f0000004a40)=""/4081, 0xff1}, {&(0x7f0000001880)=""/4105, 0x1009}, {&(0x7f0000000500)=""/108, 0x6c}, {0x0}], 0x6}, 0x40002000)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xfffffffd, 0x1, @perf_config_ext={0x3fffffffc}, 0x0, 0x0, 0x0, 0x3, 0xfff, 0x8001, 0x7fff}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x1)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000010000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d83923dd29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e1a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2ca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080e71113610e10d858e8327edb1fb6c86adac12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18c65ae1bd4f4390af9a9ceafd07ed00b0000002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a2a71bc85018e5ff2c910496f18afc9ffc2cc788bee1b47683db01a469398685211bbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72c7ead0509d380578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9624d37c10223fdae7ed04935c3c9068000000bc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b40000000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f3ca1664fe2f3ced8416dc180604b60c2499d16d7d9158ffffffff00000000ef069dc42749289f854797f2f900c2a12d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a9e90d7676074a0bde4471414c99d4894ee7f8139dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8070000001fa83ee830548f11e1038debd64cbe359454a3f2239cfe35f81b7aded448859968ff0e90500d0b07c0dd00490f167e6d5c1109681739dc33f75b2042b8ff8c21ad702cca54728acad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd20785f653b621491d04aaee0d409731091f4fb94c06006e3c1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e1590bab105b0cb578af7dc7d5e87d48d376444e2de02f47c61e8e84ff828de453f34c2b08660b080efc707e676e1fb4d5865c0ca177a4c7fbb4e829ab0894a1062b445c00f576b2b5cc7f819abd0f885cc4806f47ffb966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d3676329bb8cda690d192a070886df42b2708398773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169cdfaa4252d4ea6b8f6216ff202b5b5a182cb5e8380100632d03a7ca6f6d0339f9953c30930804fdc3690d10ecb65dc5b47481edbf1eee2e8893e903054d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026def743f1213bf817becd9e5a225d67521d1128eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979030000007081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f324661351df747aa6a65872dfdcfa68f65bd06b4082d43e121861b5cc09b986bf56c747d9a1cc5b506892c3a16ff10feea20bdac89bfb758cf3500000000000000000000000000000098e6db5a96055e764a3bfd4ccb20d2e800994f4b602d25b2c076f21c7102687e054bb93b2d013be6227fd99902b074c0de00733128c81c48c5e140b17d71ac48f137d10798c4272826d2ba55bbda0059636528c132ed06759d880d1bc291a76456ed7ee8bcb392fdf886dbc74879ec4b831904d7c101ebbaef3c0ae6d0cf0000000000000000000000000000000011cb735f66a559ef0cdb5163a15c0bb986474bf5d9542e3e48805ce53127e4c076d69d868df543717aaaa07d7aca056f7f036c2bcba0795d1a64868a29ac5321b3cd6ef5b1a741afc7124ee3df3a35e8014d6cb5fd6c054a10bb2146174c1d68b45fcfd7e531090ceae2f05536a4d5d6a4081e743827fb9c031d1fc9f195c2da189c49eaed6c30c71da0452e502ef393efeb02ebe82b1851cae5fa7c958ba23110b5e0e5b890803f28a356b2920e74564e0f8377b0ba5187fed2882b4780a1bcb583f1cb1470003ef9b592b9461328cfc01ebfce0ecdcea714a517dc40000000000000000000000000006bd0561e1cc72880cc3ec1bdf35eb670a9040e3b53cd826b94ad8aeb014e74787fe89fb3247a87d8bfb6d400142369f88964708d1d4db5a5df9d62ea6d805dfce568b885a50ed8e2eaf8a932287a1d3bfac17774e58875a63b77e07298e4b4f515189c6fcac3cd35dac9240e633219bb6a5a25865e6ed8e16caa5406b56702afe0befcabbc9a2a772a1a087f0d633d457bceb695b2cba3a1a2daa2dda796373cc0fe0a53236d028fc1076bb746b2717c8b6052f58c91bb8cc19474ab9d4d2160773829f078727f6c684ca749136a7f46ca28b00bb4237695b409859a3cb7dbf298c7802264387811e20a0d78489eab0b0e"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x2e0, 0x12c, 0x60000004, &(0x7f0000000100)="b9ff03076044238cb89e0cf086dd0de0ffff00184000630677fbac141414e000000162079f4b4d2f87e5feca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000, 0x0, 0x25, &(0x7f0000000040)="ded6e0966ec1cf6ba4b897a54e4e062b311453dcbb62932a01105d0a8066ca8e5e1f2f575d0d6e996b57fd408d420abb7337934e59815d75b4eb3e7206afce", &(0x7f0000000380)="af5fa441b438b5156d8a9fcc090f586e979858f64170cde36889dcc8539ffcca62621a4c3ea3f7acee366e6fb0b94314f90931dec60fed6c9fee64af416c29f65e47110b81f6b4da06db5e1aad1f627acb", 0x0, 0x3}, 0x2c)

10.909842208s ago: executing program 8 (id=5447):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c"], 0x48)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000200)={{0x1, 0x1, 0x18, r0}, './file0\x00'})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000300000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454da, &(0x7f00000001c0)={'bond_slave_0\x00'})
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'dvmrp1\x00', 0x1})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x80400, 0x0)
ioctl$TUNSETIFF(r3, 0x400454da, &(0x7f00000002c0)={'bond0\x00', 0x4000})
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000100)={'nicvf0\x00', 0x1432})

10.769218302s ago: executing program 8 (id=5449):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000440)='./file0/../file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(&(0x7f0000000140)='./file0/../file0\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x2a05004, 0x0)

10.746018805s ago: executing program 8 (id=5451):
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000040)=0x8, 0x4)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x5e21, @local}, 0x10)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @local}, 0x10)
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000040)=0x8, 0x4)
bind$inet(r1, &(0x7f0000000280)={0x2, 0x5e21, @empty}, 0x10)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x4e24, @local}, 0x10)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r2, 0xffffffffffffffff, 0x0)

10.340801725s ago: executing program 8 (id=5458):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000380), r0)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x30, r1, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1=0xac1414aa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}]}]}, 0x30}}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000000001"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0x8, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ec0)={&(0x7f0000000bc0)='kfree\x00', r5, 0x0, 0xfffffffffffffff4}, 0x18)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)={0x14, r3, 0x1, 0x70bd2c, 0x25dfdbff}, 0x14}}, 0x800)

10.315227258s ago: executing program 37 (id=5458):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000380), r0)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x30, r1, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1=0xac1414aa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}]}]}, 0x30}}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000000001"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0x8, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ec0)={&(0x7f0000000bc0)='kfree\x00', r5, 0x0, 0xfffffffffffffff4}, 0x18)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)={0x14, r3, 0x1, 0x70bd2c, 0x25dfdbff}, 0x14}}, 0x800)

4.266605069s ago: executing program 4 (id=5601):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000080000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x94)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x4c02})
readv(r1, &(0x7f0000000080)=[{&(0x7f0000002140)=""/4096, 0x1000}], 0x1)
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000000)={'syzkaller1\x00', @link_local})
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r3}, 0x10)

3.306778286s ago: executing program 4 (id=5629):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TCFLSH(r0, 0x400455c8, 0x0)
syz_usb_connect(0x2, 0xfffffffffffffe86, 0x0, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x800)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x240040c0)

1.496199629s ago: executing program 1 (id=5664):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x80078b, &(0x7f0000000000)={[{@i_version}, {@journal_dev={'journal_dev', 0x3d, 0xff}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@nouid32}, {@errors_remount}, {@acl}, {@init_itable_val={'init_itable', 0x3d, 0x8d55}}]}, 0x0, 0x470, &(0x7f0000000bc0)="$eJzs281rHGUYAPBnJh9t7UdirR+tVaNFCIpJk1btwYui4KGioId6jMm2hG4baaLYUmwqUi+CFPQsHgX/Am8iiHoSvOrFkxSK9tLqKTKzM+1mm02N2WRi9veDzb7vzrs7z5P5eud9dwPoWkPZnyRiR0T8EhEDjeriBkONpxvXzk/+de38ZBILC6//keTtrl87P1k2Ld+3vagMpxHph0mxksVmz547OVGv184U9dG5U2+Pzp4999S7pyZO1E7UTo8fOXL40Nizz4w/3ZE8s7yu73t/Zv/el9+8/Mrksctv/fBVFu+OYnlzHp0ylCX+50KuddnjnV5ZxXY2lZPeCgNhRXoiIttcffnxPxA9cWvjDcRLH1QaHLCmsmvTlvaL5xeATSyJqiMAqlFe6LP73/KxTl2PDeHq840boCzvG8WjsaQ30qJNX8v9bScNRcSx+b8/zx6xRuMQAADNPp787Gh/U7/jVv8jjfvy59/yv7uKOZTBiLg7InZHxD0RsSci7o3I294fEQ+sMp7b+z/plVV+5LKy/t9zxdzW4v5f2fuLwZ6itjPPvy85Pl2vHSz+J8PRtyWrjy2zjm9e/PmTdsua+3/ZI1t/2Rcs4rjS2zJANzUxN5F3Sjvg6sWIfb1L5Z/cnAlIImJvROxb2UfvKgvTT3y5v12jO+e/jA7MMy18kaU3n+U/Hy35l5Lm+cnp2+YnR7dGvXZwtNwrbvfjT5dea7f+VeXfAVdrjeem7d/aZDBpnq+dXfk6Lv36Udt7mv+4/6f9yRv5PHN/8dp7E3NzZ8Yi+pOjeX3R6+O33lvWy/bZ/j98YOnjf3fxniz/ByMi24kfioiHI+KRIvZHI+KxiDiwTP7fv9B+WZl/pBVt/4sRU0ue/27u/y3bf+WFnpPffd1u/f9u+x/OS8PFK/n57w6WCic7XbQGuJr/HQAAAPxfpPl34JN05GY5TUdGGt/h3xN3pfWZ2bknj8+8c3qq8V35wehLy5GugWI8tD5dr40l88UnNsZHx4ux4nK89FAxbvxpz7a8PjI5U5+qOHfodtvbHP+Z33uqjg5YY9uWfHW8f90DASrQOo+eLq5eeDWcDGCz8ntt6F53OP7T9YoDWH+u/9C9ljr+L7TUzQXA5uT6D93L8Q9dKv226giACrn+Q1daze/617CwdWOEUU1ho26UvBBRFtINEY/CGhWqPjMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB0xj8BAAD//02e6R0=")
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff0000000002000000"], 0x7c}}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r1}, &(0x7f0000000000), &(0x7f00000005c0)}, 0x20)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000004c0)=ANY=[], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000510700140000000000000001b7080000000000007b8af8ff00000000b7080000fcffffff7b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7020000080000001823", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, &(0x7f00000001c0)={'veth0_virt_wifi\x00', 0x400})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x82001, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000000)={'syzkaller0\x00', 0x7101})

1.420828246s ago: executing program 1 (id=5667):
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
write$P9_RGETLOCK(r0, &(0x7f00000002c0)=ANY=[], 0x200002e6)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x18, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="1800"/13, @ANYBLOB], &(0x7f0000001b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000008c0)={{r0}, 0x0, &(0x7f0000000880)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000054850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x7, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29}, './file0\x00'})
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000440)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffe0}, {0xf}, {0xe, 0xd}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x3}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x491, 0x0, 0x0, 0x0, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x4000c00)

1.348141513s ago: executing program 9 (id=5672):
setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x11a, 0x2, 0x0, 0x0)
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r1=>0x0})
bind$can_j1939(r0, &(0x7f00000000c0)={0x1d, r1}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r4=>0x0})
bind$can_j1939(r3, &(0x7f0000000340)={0x1d, r4, 0x0, {0x1, 0xff, 0x4}, 0xfe}, 0x18)
setsockopt$sock_int(r3, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
sendmsg$inet(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000540)="81b641f1f3843704b6", 0x9}], 0x1}, 0x4048081)
sendmsg$nl_route_sched(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000480)=@newtfilter={0x24, 0x11, 0x1, 0x70bd2c, 0x25dfdbfc, {0x0, 0x0, 0x74, r4, {0xfff1, 0x10}, {0xfff1, 0x9}, {0x2, 0x10}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x48040}, 0x20000050)

1.294159329s ago: executing program 3 (id=5675):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2000007d, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
fsmount(0xffffffffffffffff, 0x1, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x2e, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffc0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000540)='kfree\x00', r2, 0x0, 0x4}, 0x18)
r3 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x4e, 0x1, 0x0, 0x0, 0x0, 0x210e, 0x2040e, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x2, @perf_bp={0x0, 0x8}, 0x11aa0, 0x30, 0x10000, 0x0, 0x18bb, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f0000000000)='cpu>00||!')

1.19119629s ago: executing program 9 (id=5676):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0x62181)
bpf$OBJ_PIN_MAP(0x6, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000010000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r2, 0x0, 0x1}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
shmget$private(0x0, 0x2000, 0x54003f00, &(0x7f0000ffc000/0x2000)=nil)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
socket$packet(0x11, 0x2, 0x300)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})

1.19089284s ago: executing program 3 (id=5677):
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = syz_io_uring_setup(0x49a, &(0x7f0000000400)={0x0, 0x79af, 0x3380, 0x1, 0x40024e}, &(0x7f0000000340)=<r2=>0x0, &(0x7f0000000040)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_setup(0x10a, &(0x7f0000000680)={0x0, 0x80334c, 0x10, 0x3, 0x3d3}, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000300))
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x1, 0x7})
write$UHID_CREATE2(r5, &(0x7f00000001c0)=ANY=[@ANYBLOB="06"], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r5, 0x0)
syz_io_uring_submit(r4, r3, &(0x7f0000000000)=@IORING_OP_OPENAT={0x12, 0x20, 0x0, 0xffffffffffffff9c, 0x0, 0x0, 0x40, 0x185100, 0x12345})
io_uring_enter(r1, 0x627, 0xc1040000, 0x43, 0x0, 0x0)
sendmsg$tipc(r0, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)

1.144826144s ago: executing program 9 (id=5678):
bind$inet(0xffffffffffffffff, 0x0, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r0 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000100)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffc)
r1 = add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000140)=';', 0x1, r0)
r2 = add_key$keyring(&(0x7f0000000540), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x80, 0x4, 0x28}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0x8, &(0x7f0000000080)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r3}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x18)
mount$nfs4(&(0x7f0000000580)='\x00', &(0x7f0000000500)='.\x00', &(0x7f00000003c0), 0x0, 0x0)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r2, &(0x7f0000000200)='asymmetric\x00', &(0x7f0000000340)=@chain={'key_or_keyring:', r1})

1.0922632s ago: executing program 9 (id=5679):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000002000000000000000100000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000100000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000010000008500000085000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x210000, &(0x7f0000000180), 0xfa, 0x58f, &(0x7f0000002d00)="$eJzs3U1rXFUfAPD/nUzSNu3zNIVS1IUUurBSO2kSXyoI1pWIFgu6r0MyDSWTTslMShMLtgu7cSNFELEgfgD3LotfwE9R0EKREnQhQuRO7qTTZCavE2fS+f3gtufMuTfn/nPuOTln7gw3gL51Mv0nF/FiRHydRBxtKstHVnhyZb+lJ7cm0y2J5eVP/kgiyV5r7J9k/x/OMi9ExC9fRpzJra+3urA4UyyXS3NZfrQ2e320urB49upscbo0Xbo2PjFx/o2J8bfferNjsb566a/vPn7wwfmvTi19+9OjY/eSuBBHsrLmOHbhdnPmZPGfLDUYF9bsONaBynpJ0u0TYEcGsn4+GOkYcDQGsl4PPP++iIhloE8l+j/0qcY8oLG279A6eN94/N7KAqge+1Bz/PmV90biYH1tNLyUPLMySte7Ix2oP63j59/v30u32Ph9iEOb5AG25fadiDiXz68f/5Ns/Nu5c/U3jze2to5++/sD3fQgnf+81mr+l1ud/0SL+c/hFn13Jzbv/7lHHaimrXT+907L+e/q0DUykOX+V5/zDSZXrpZL5yLi/xFxOgYPpPmN7uecX3q43K6sef6Xbmn9jblgdh6P8geePWaqWCtGxNBu4m54fCfipXyr+JPV9k9atH/6+7i0xTpOlO6/3K5s8/j31vKPEa+0bP+nd7SSje9Pjtavh9HGVbHen3dP/Nqu/m7Hn7b/8MbxjyTN92ur26/jh4N/l9qVpfEP7+D6H0o+racbneBmsVabG4sYSj5a//r402Mb+cb+afynT63E/+xkJbfh9Z8uvj7bYvx3j99tu2svtP/Uttp/+4mHH37+fbv6tzb+vV5Pnc5eyca/1rJrZasnuNvfHwAAAAAAAPSSXEQciSRXWE3ncoXCyuc7jsdwrlyp1s5cqcxfm4r6d2VHYjDXuNN9tOnzEGPZ52Eb+fE1+YmIOBYR3wwcqucLk5XyVLeDBwAAAAAAAAAAAAAAAAAAgB5xuM33/1O/DXT77IA9V3+wwYFunwXQDZs+8r8TT3oCetKm/R94bun/0L/0f+hfa/t/R54sDOwL/v5D/9L/oX/p/9C/9H8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqEsXL6bb8tKTW5NpfurGwvxM5cbZqVJ1pjA7P1mYrMxdL0xXKtPlUmGyMrvZzytXKtfHxmP+5mitVK2NVhcWL89W5q/VLl+dLU6XLpcG/5OoAAAAAAAAAAAAAAAAAAAAYH+pLizOFMvl0txqIp+VzK0v6tPEu9ETp7GXAa7Y0eH5XolibxLvD/TEaewmcSdr3u0d1aUBCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABa+DcAAP//Rm0oPg==")
r2 = creat(&(0x7f0000000000)='./file1\x00', 0x14c)
fallocate(r2, 0x0, 0x9, 0x2000403)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x64)
pwritev2(r3, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5412, 0x0, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r3, 0x40305829, &(0x7f0000000140)={0x17c04, r3, 0xc000, 0x973f, 0x81, 0x1})

1.031540006s ago: executing program 3 (id=5680):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000001ec0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000000)={'vxcan0\x00', <r2=>0x0})
bind$can_j1939(r1, &(0x7f0000000380)={0x1d, r2, 0x1, {0x0, 0x1, 0x3}, 0xfe}, 0x18)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r1)
sendmsg$NL80211_CMD_DEAUTHENTICATE(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)={0x1c, r3, 0x1, 0x70bd29, 0x25dfdbfb, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x4004000)

1.007227568s ago: executing program 3 (id=5681):
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8458, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x0, 0x1, 0x401, 0x20004, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYRES32], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000007c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc4c0000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000020000380100000800c01018006000100d10300000c00008008000340000000022c0000000e0a010200000000000000000a0000000900010073797a31000000000900020073797a3100000000140000001100010000000000000000000100000afb64565a5431c6bf898262e618651881ec1d717f0b39445e2c2c0d0926c11e5e5c099b6580f66de5de7b68906758bcce525ac7e4be1a1e632985b2d0eb9865967e42e34eecdb534196c64fbf0877b7d98aeb62426b7bb15a161408"], 0xdc}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={0x0, r1, 0x0, 0x4}, 0x18)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
socket$kcm(0x10, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000580)={0x20000000000003b7})

880.800141ms ago: executing program 3 (id=5682):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x1}, 0x1c)
listen(r1, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
socket$inet6_sctp(0xa, 0x5, 0x84)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r3 = accept(r0, 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[], 0xfffffdef}}, 0x10)
recvfrom(r2, &(0x7f0000000180)=""/60, 0xfffffffffffffecb, 0x4112, 0x0, 0x0)

880.423511ms ago: executing program 9 (id=5683):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000e40)=@newtfilter={0x38, 0x2c, 0xd27, 0x70bd2d, 0x25dfdc00, {0x0, 0x0, 0x0, r3, {0x0, 0x3}, {}, {0xfff3, 0xffe0}}, [@filter_kind_options=@f_matchall={{0xd}, {0x4}}]}, 0x38}, 0x1, 0x0, 0x0, 0x851}, 0x0)
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=@delchain={0x24, 0x66, 0x1, 0x70bd2c, 0x25dfdbff, {0x0, 0x0, 0x0, r6, {0x0, 0xd}, {}, {0xb, 0xfff3}}}, 0x24}, 0x1, 0x0, 0x0, 0x8848}, 0x20004800)

879.664781ms ago: executing program 0 (id=5684):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e21, @broadcast}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x201, 0x0, 0x0)
io_uring_setup(0x56ab, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f00000006c0)='kmem_cache_free\x00', r2}, 0x10)
pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

821.100007ms ago: executing program 0 (id=5685):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
getsockname$packet(r4, &(0x7f00000002c0)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYRES32=r5, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}, 0x1, 0x0, 0x0, 0x4c840}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}, 0x1, 0xfffc, 0x0, 0x4}, 0x4000810)
sendmsg$nl_route_sched(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000c40)=@delchain={0x3c, 0x64, 0xf31, 0x7ffffffb, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0x3}, {0xfff3, 0xffff}, {0x0, 0x1b}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x8, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0x4}]}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x10}, 0x0)

820.563137ms ago: executing program 0 (id=5686):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$tipc(&(0x7f0000000180), r1)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010005"], 0x3c}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$ifreq_SIOCGIFINDEX_team(r6, 0x8933, &(0x7f0000000600)={'team0\x00', <r7=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x300}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r5}, @IFLA_MASTER={0x8, 0xa, r7}]}, 0x44}}, 0x0)

762.599233ms ago: executing program 0 (id=5687):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000020000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000006c0)='kfree\x00', r1}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
getsockname$packet(r4, &(0x7f00000002c0)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r5, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}, 0x1, 0x0, 0x0, 0x4c840}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}, 0x1, 0xfffc, 0x0, 0x4}, 0x4000810)
sendmsg$nl_route_sched(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000c40)=@delchain={0x34, 0x64, 0xf31, 0xfffffffb, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0xfff3}, {0xfff3, 0xffff}, {0x0, 0x1b}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x0)

730.946166ms ago: executing program 0 (id=5688):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = fsopen(&(0x7f00000004c0)='mqueue\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000001d40)='\xd0\x9e^\xa0\xee\xc8\x17T\xb1GI\x90\xe2Q1\xb0\x8f\xe1\xa8\x95\xa0\xcd\fL\xaei\xb6\xb7\xc1Y\xd5YG\xf9\xc2\xf1\xa4\xdb$\xf6]\xab\x1a\xdaY\xfb\x03dhS\x97nZ\xf8\xc6\x1f\x03\x00\x00\x00\x00\x00\x00\x00\x9bg-D#g\x16\xf4\xd9\x00\x00\x00\x00\x00eA\x9f\xc3\x11\x18\xe6\xc5\x95\x9e!^W\xf6\xacE\xa3\xc8\xe7\xec\xd6\xbd\x1c+\n\xc7Q( \xba\xff\x17N\x1fB\x91\x15\x83\xec(B\xc5\x05\x9d\xd6\x02|6\xdc\xee$\xb5\x1deC\xfb\xa2\xaa\xe0#\xcb\xde;sA\xad\xa6\xb6P\xa3\xf7\xc3q\xd4\xb6\x95\x02\xd8*\xa8\xd2\x94\xa3\x89\xa9\xa0\xc5\xc9=\xa5^\x00\x00\x00\x00\x00\x00\x00\x00\x00\xef\xcd\xd3\t\x01A\xd5\x81\xc1;9\xeez\xba\x00\x00\x00\xdc\x94\xff)\xa4\xe6\xfb]\x90bG\x11\b\x98#\xaa99ez|\x8b5\x92\xa5\xba\x96\xb3\xb26I\xbb\xdeb\x95?\xc0\x81', &(0x7f0000000200)='sockfs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='\xc0\xf1FN\x91\x9e|\x00j\xc1c\a\x0e\xef~J\xa7\x92L\x9e\xe9E<>\x13\x13q\ft`\x88\xd8\x8eb\xe9\x95\xdeg4\xa0\xbap\v\x99+\x9c\xfc-\xaf\xfaZ\xc2\xaa\xffcpd\xbc\xc7\x01\n\"\xcb6\xa2\x043\x13\xc8A\x11\x87\xa7Nh\xb1\x05\x00\xda)\x06\xc8\xef3.l\xa5\xa7D\x06\x85\xc4\r[\x9d\x7fA\xae:\xae+`\x84\xe9\x99\xa8\xc3\xb5n\x90\x9b\xb4\xf360=\xabz\xcdq\x10', &(0x7f00000001c0)='\b\x01A', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000280)='\xd0\x9e^\xa0\xee\xc8\x17T\xb1GI\x90\xe2Q1\xb0\x8f\xe1\xa8\x95\xa0\xcd\fL\xf1<e\a\xa5\x8f\xab\x1a\xdaY\xfb\x03dhS\x97nZ\xf8\xc6\x1f\xd3K\xfa\xc8\x8d#\xce)\x9bg-D#g\x16\xf4\xd9\x00\x00\x00\x00\x00eA\x9f\xc3\x11\x18\xe6\xc5\x95\x9e!^\x97\b\x14\xc5\xad\t\f\xdeg\x8d\x16wW\xf6\xacE\xa3\xc8\xe7\xec\xd6\xbd\x1c+\n\xc7Q( \xba\xff\x17N\x1fB\x91\x15\x83\xec(B4/#W\xc5\x05\x9d\xd6\x02\x8cU!a\xdc|6\xdc\xee$\xb5\x1deC\xfb\xa2\xaa\xe0#\xcb\xde;sA\xad\xa6\xb6P\xa3\xf7\xc3\x93\xd4\xb6\x95\x02\xd8*\xa8\xd2\x94\xa3\x89\xa9\xa0\xc5\xc9=\xa5^', &(0x7f00000000c0)='dE\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000780)='\\$#[\\/\x00\xd5\xd4^\xa7\xe4\xd4\x1f.yh\x18\xb8s\xe6\f\xaf*4\xe1\xa1e\x04%f\x8f\xde\x91\x04\xbb\xc8\x17\x15\xa4\xf0\x00\x15w\x00\x00\xed\xdd}\x00\x18\xf3\xde\n\xbe\x91\xc4\xc5\xe6\xd3o\xaau\xf34\t\x9d\x80rg\xbc\xee\x96p\x18\x9e(h\xeb\xd9\xde\xa6\xfc\x8e\xe3,\xae\xa8\xf0\x82y\x91\x1c{\x85 \xc7P\xa3\x9c\x06\xc1\xd3\x92\xcd\xcc\x17\xb2}\x13:\xbbh\"%;\b\x7f\x91\x8a\xa5Z\x92~<\xfe3\x19\xdcVJ\f\xd1\x89d\xf9N\xbd\x92\x86\xa2\xa8\xc0:\x1f\n\xc9\x8eUO\x8e\xea\x99\xe1\xbe%Y\x9eH#\xa4\x9d5\xa88m6\x89kE\xce\xc3\aBW\xec_\xea_\x81\xbe\x86~\x84F\xa9\xcd\xba\xfb\xd8\x8f\x01\x81~\x9c#\r\x87\xcf\x19\xb9\xbd \xcb\xff\x88io\xb0\xb1\xa0B\x8cI\x82+\xc4\xcf\xf4!+\x16v\xb6\x8a\xb7k}\x1d\xf2\x1c\x00\x8f\xd7\x84R\x12\xed){SM[\xe6g6\xfeF\x1dJ\x83', &(0x7f0000000540)='\xd0\x9e^\xa0\xee\xc8\x17T\xb1GI\x90\xe2Q1\xb0\x8f\xe1\xa8\x95\xa0\xcd\fL\xf1<e\a\xa5\x8f\xab\x1a\xdaY\xfb\x03dhS\x97nZ\xf8\xc6\x1f\xd3K\xfa\xc8\x8d#\xce)\x9bg-D#g\x16\xf4\xd9\x00\x00\x00\x00\x00eA\x9f\xc3\x11\x18\xe6\xc5\x95\x9e!^\x97\b\x14\xc5\xad\t\f\xdeg\x8d\x16wW\xf6\xacE\xa3\xc8\xe7\xec\xd6\xbd\x1c+\n\xc7Q( \xba\xff\x17N\x1fB\x91\x15\x83\xec(B4/#W\xc5\x05\x9d\xd6\x02\x8cU!a\xdc|6\xdc\xee$\xb5\x1deC\xfb\xa2\xaa\xe0#\xcb\xde;sA\xad\xa6\xb6P\xa3\xf7\xc3\x93\xd4\xb6\x95\x02\xd8*\xa8\xd2\x94\xa3\x89\xa9\xa0\xc5\xc9=\xa5^', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000640)='\x00\x00\x00\x00\x00\x00\x00\x80\x04', &(0x7f0000000600)='dU|\xcbM\xe6\x91q\b', 0x0)
close(r0)

728.245016ms ago: executing program 9 (id=5689):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x94)
syz_emit_ethernet(0x32, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x10, 0x0, @gue={{0x2, 0x0, 0x2, 0x9c, 0x0, @val=0x80}}}}}}}, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x50)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x5, &(0x7f00000000c0)=@framed={{0x18, 0x2}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000000)='GPL\x00'}, 0x94)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000280)=ANY=[@ANYRES32=r1, @ANYRES32=r2, @ANYBLOB="05"], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000440)={r1, &(0x7f0000000440), &(0x7f0000000040)=@udp=r0}, 0x20)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x21)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
recvmmsg(r0, &(0x7f00000047c0)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000780)=""/232, 0xe8}], 0x1}, 0x1ff}], 0x1, 0x2, 0x0)

669.177652ms ago: executing program 0 (id=5690):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0xfffffffffffffe42, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000400000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x82044, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r2, &(0x7f0000004200)='t', 0x1)
sendfile(r2, r1, 0x0, 0x3ffff)
sendfile(r2, r1, 0x0, 0x7ffff000)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0xce56fe61a68fc369, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)

493.70004ms ago: executing program 1 (id=5691):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x21081e, &(0x7f0000000380)={[{@noblock_validity}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x4}}, {@jqfmt_vfsv0}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x10}}, {@journal_dev={'journal_dev', 0x3d, 0x7}}, {@usrjquota}]}, 0x1, 0x4f2, &(0x7f0000000600)="$eJzs3U1vG1sZAODXzpeTm97kXu4CENBSCgVVdRK3jaouoKwQQpUQXYLUhsSNothxFDulCV2k/wGJSqxgyQ9g3RV7Ngh2bMoCiY8I1FRiYTTjSeomdpOSNI7i55FGM+eMM+85ieec+nXtE0DfuhQRWxExHBEPI2Iiq89lW9xtbcnjXm0/nd/Zfjqfi2bz/j9z6fmkLtp+JvFRds1CRPzoexE/zR2MW9/YXJ6rVMprWXmqUV2dqm9sXl+qzi2WF8srpdLszOz07Ru3SifW14vV4ezoyy//sPWtnyfNGs9q2vtxklpdH9qLE9nv/AcfIlgPDETEYPb8yVzoZXt4P/mI+DQiLqf3/0QMpH9NAOA8azYnojnRXgYAzrt8mgPL5YtZLmA88vlisZXD+yzG8pVavXHtUW19ZaGVK5uMofyjpUp5OssVTsZQLinPpMdvyqV95RsR8UlE/GJkNC0X52uVhV7+wwcA+thH++b//4y05n8A4Jwr9LoBAMCpM/8DQP8x/wNA/zH/A0D/Mf8DQP8x/wNA/zH/A0Bf+eG9e8nW3Mm+/3rh8cb6cu3x9YVyfblYXZ8vztfWVouLtdpi+p091cOuV6nVVmduxvqTyW+v1htT9Y3NB9Xa+krjQfq93g/KQ6fSKwDgXT65+OLPuYjYujOabtG2loO5Gs63fK8bAPTMQK8bAPSM1b6gfx3jNb70AJwTHZbofUshIkb3VzabzeaHaxLwgV39gvw/9Ku2/L//BQx9Rv4f+lfX/P+BF/vAedNs5o665n8c9YEAwNkmxw90ef//02z/2+zNgZ8s7H/E8/0VPlEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/9hd/7eYrdwxHvl8sRhxISImYyj3aKlSno6IjyPiTyNDI0l5psdtBgCOK/+3XLb+19WJK+P7zw7nXo+k+4j42a/u//LJXKOx9sek/l979Y3nWX2pF+0HAA6zO0+n+7YX8q+2n87vbqfZnr9/NyIKrfg728Oxsxd/MAbTfSGGImLs37ms3JJry10cx9aziPh8p/7nYjzNgbRWPt0fP4l94VTj59+Kn0/PtfbJ7+JzJ9AW6DcvkvHnbqf7Lx+X0n3n+7+QjlDHl41/yaXmd9Ix8E383fFvoMv4d+moMW7+/vuto9GD555FfHEwYjf2Ttv4sxs/1yX+lYOX6+gvX/rK5W7nmr+OuBqd47fHmmpUV6fqG5vXl6pzi+XF8kqpNDszO337xq3SVJqjnuo+G/zjzrWPu51L+j/WJX7hkP5//Wjdj9/89+GPv/qO+N/8Wqf4+fjsHfGTOfEbR4w/N/a7QrdzSfyFLv0/7O9/7YjxX/5188Cy4QBA79Q3NpfnKpXymgMHZ/8gecqegWZ0PPjOacUajvf6qWbz/4rVbcQ4iawbcBbs3fQR8brXjQEAAAAAAAAAAAAAADo6jU8s9bqPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnF//CwAA//8wuNJ1")
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x1)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[@ANYBLOB="0500000004000000080000000b"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000380)='kfree\x00', r1, 0x0, 0x4}, 0x18)
r2 = socket$inet6(0xa, 0x1, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000004c0)={'ip6_vti0\x00', &(0x7f0000000740)={'syztnl1\x00', 0x0, 0x29, 0xfa, 0x3, 0x2, 0x5c, @local, @empty, 0x7800, 0x40, 0x4, 0x4}})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r2, 0x89f2, &(0x7f0000000680)={'syztnl1\x00', 0x0})

485.689341ms ago: executing program 4 (id=5692):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, 0x0, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$team(&(0x7f00000044c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000004700)={'team0\x00', <r3=>0x0})
r4 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r4, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r4, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4)
sendmsg$TEAM_CMD_OPTIONS_SET(r1, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f0000000100)={0x60, r2, 0x405, 0x70bd27, 0x25dfdbfe, {}, [{{0x8, 0x1, r3}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @name={{0x24}, {0x5}, {0x10, 0x4, 'loadbalance\x00'}}}]}}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000431}, 0x4040084)

413.052948ms ago: executing program 4 (id=5693):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002080)={&(0x7f0000000300)='kfree\x00', r0}, 0x10)
r1 = socket(0x10, 0x3, 0x6)
r2 = socket(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000040)={'team0\x00', <r3=>0x0})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x90, 0x24, 0xf0b, 0x70bd26, 0x25dfdbfb, {0x0, 0x0, 0x0, r3, {0x0, 0xffff}, {0xffff, 0xffff}, {0x0, 0xb}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x2, [], 0x0, [0x1, 0x2, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c4, 0x0, 0x0, 0x2, 0x2], [0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x1000]}}}}, @TCA_RATE={0x6, 0x5, {0x0, 0x1}}]}, 0x90}, 0x1, 0x0, 0x0, 0x1}, 0x20008010)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

412.613188ms ago: executing program 4 (id=5694):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket(0x10, 0x803, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'team_slave_1\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x5}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000013c0)=@newtfilter={0x4e8, 0x2c, 0xd2b, 0x70bd2b, 0x35dfdbfb, {0x0, 0x0, 0x0, r4, {0xf}, {}, {0xa, 0xfff3}}, [@filter_kind_options=@f_u32={{0x8}, {0x4bc, 0x2, [@TCA_U32_POLICE={0x444, 0x6, [@TCA_POLICE_RATE={0x404, 0x2, [0x2dbc04b6, 0x1, 0x50, 0xa, 0x4, 0x800, 0x3, 0x10, 0x7, 0x9, 0x0, 0xd, 0x8, 0x5, 0x7f, 0x9, 0x9, 0x4, 0x81, 0x5, 0x537d, 0x0, 0xfffffffa, 0x12000000, 0x6, 0x3, 0x4, 0x0, 0xffffffff, 0x8, 0x0, 0x1, 0x7, 0x7fff, 0x0, 0xffffffff, 0x10, 0x258, 0x5, 0x8, 0x4, 0x1d, 0x5, 0x1, 0xfffff173, 0x1, 0x401, 0x7, 0x8000, 0x10000, 0xe, 0x3, 0x1, 0xd, 0x8, 0x0, 0x0, 0x4, 0xa79, 0x5, 0xc, 0x2, 0x0, 0x30000, 0xd, 0x6, 0xffd, 0x40, 0xfffeffff, 0x7fff, 0x6b81102, 0x7f, 0xfffdfffe, 0x800000, 0x6, 0x8, 0x0, 0xe, 0x20000, 0xffff, 0x80000001, 0x1, 0x9a0, 0x4, 0x8, 0x6, 0x7, 0xfffffffb, 0x1ff, 0x3ff, 0x0, 0x40, 0xfc5, 0x810000, 0xb422, 0x1, 0x1, 0x8, 0x1, 0xa0bd, 0x200, 0x400, 0x1, 0xc, 0xff, 0x3, 0x2, 0xffffffc0, 0x8, 0x8001, 0x3f3, 0x8, 0x9, 0xf, 0x4, 0x3, 0x0, 0x6, 0xd, 0x8, 0x62, 0x800, 0x0, 0x9, 0x3, 0x8, 0x2, 0xf4, 0x81, 0x0, 0x6, 0x200, 0xad07, 0x8001, 0x8, 0x9, 0x101, 0x44, 0xb10, 0x8, 0x7, 0xfff, 0xa, 0x4e, 0x80, 0xfec300, 0xe815, 0x1, 0xfffffff9, 0xfffff801, 0x9, 0x1, 0xff, 0x7, 0x7, 0x7, 0x8001, 0x7, 0x1ff, 0x401, 0x5, 0x2, 0x1ff, 0x4, 0x2, 0x5f, 0x2, 0x1, 0x1, 0xb, 0x7, 0xb, 0x7, 0xc, 0x9, 0x68, 0x8, 0x6, 0x4, 0x9ca, 0x100, 0x9, 0xfff, 0xfffffffd, 0x1, 0xf, 0x2, 0xfffffff8, 0x80000001, 0x4, 0x9, 0x8, 0x8, 0x9, 0x3, 0x1, 0x7, 0x8, 0x5, 0x4, 0xc, 0x0, 0xffffff68, 0x80000000, 0x5, 0x4, 0xfffffff7, 0xd6f, 0x4, 0x38, 0x1, 0x6, 0x9bb, 0xd31d, 0xfff, 0xfff, 0x40, 0x101, 0x3, 0x4, 0x0, 0x1ff, 0x6, 0x0, 0x9, 0x1, 0x4, 0x0, 0x1000, 0x5, 0x1c000000, 0x1, 0x8006, 0x9, 0x6, 0x3, 0x1, 0x0, 0x10000, 0x2, 0x7, 0x7, 0x6, 0xfffff7f0, 0x2, 0x3, 0x8090, 0x7, 0x6d8, 0xfffffffb, 0x6, 0x400, 0x800, 0x8, 0x6, 0x6]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x6e8ccd9d, 0x8, 0x9, 0x9, 0x7fffffff, {0x8, 0x0, 0x92fd, 0x0, 0x1, 0x100}, {0x1, 0x2, 0xab11, 0x7, 0x8}, 0x3, 0x2, 0x6}}]}, @TCA_U32_SEL={0x74, 0x5, {0x10, 0x9, 0x6, 0x10da, 0xa760, 0x0, 0x10, 0x100, [{0x1000, 0xe, 0xfffff000, 0x9f6}, {0xdeb2, 0x3, 0x6, 0x3}, {0x1, 0xfffffffb, 0xde, 0x3ff}, {0x200, 0x3ff, 0x7, 0x4}, {0x9, 0x7, 0x40, 0x80}, {0x3ff, 0xb, 0x3, 0xa6d}]}}]}}]}, 0x4e8}, 0x1, 0x0, 0x0, 0xccd4ddef28bd690b}, 0x40094)

412.343338ms ago: executing program 1 (id=5695):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0xfad, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000043c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800"], 0x64}}, 0x10)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001300)=ANY=[@ANYBLOB="38010000000101040000000000000000020000002c0001801400018008000100ac14143208000200ac1414000c00028005000100000000000600034000020000240002801400018008000100e000000108000200e00000010c0002800500010000000000080007"], 0x138}}, 0x4)
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)={0x38, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x4040800}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYRES8=0x0], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x45, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)

402.060219ms ago: executing program 4 (id=5696):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfa, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r0, &(0x7f0000000f40)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000640)="985e44efeabe001cabcf3d8673c3a254a9a2d3197970cb347b70a243bf77139a94bc3ae91684aaf7b7dff691deb8f8aef2d915fb3a0794a9a9b431a819bca6122c350637808dde804a048fd8696e524b2934126c443ce93d82e931eb9918e6c0827686e59209d2e02c9210fd8048f04ad6c42200fd9232f5aa6a361816bf21afb8473a064f1988536d4b5888807b3aaafaf59f53121782a0a9370dc0feae13c8c2a1dcc8a3122aaa3dcd5b9247a915378e6492e5b94073dcdc87e7c794fb262a7e9ee0b9432f74331c6e9412ac6557c54c6ac72bc24f300ca2f8ef53773c5cbdf4a583f81fdc8719dbe967b0690a3ed3f314c3e2ceebb3e29d00c29b1ac1053d1e8b32d8a8be1bb9786746e0ee564306c80d7045747165005fa3528b5ac1e35e03b69cb54111dfcebc6d585aacdd57c351ef1aa8050274b122a21b47432f17a0cacfd9524d9cb09029e4daefaea47f8cd5a4f1dee71093ebc076363e14f78dd3b129b4b3ae5a7a085297416f05111e9cedf5e0f21f1a8aeefa517ed1705ec76469b8b469851cc56c6016d9067dac3de3818856014c98ce8f36dac4d8cdb1f25e3c5de754596e9a07c7718adf0cbdab78066d2418c12e0acde73c05fc80a0658c7fbc52812a8423323a80e8a968e0ace13290fe8f862c1e7233c26f73ca24e5e441dd406e136df3a3996865e069f42e87939d653b2c76eb3002d554d24190d68e57a1a67cecf713bfca56b970022e5b08413ead8d96c38ed7dd4ed1b3dd4b80134c", 0x221}], 0x1}}, {{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000340)="bae4e6c90e2c25", 0x7}, {&(0x7f0000000380)="863df713b27092133340e455", 0xc}, {&(0x7f0000000900)="5e9a96da6c96c227926d725c264c8db1743e2a714194d97fd4a96b32f3a0cc57ff3d188ab8257403ab87aac73eb1db3cffb4c9b525154c45716736588985037d1390ae2dfd39", 0x46}, {&(0x7f0000001000)="5e48212599327704ccc5ca940f85ce93d081835a8f8ce527ba414eeb2fac35952374361fa3fe455eae90ef6636e089eeae608c4bb2a0cae5f3d8ebe5294f272023815eacab65c0a92cd792cae6645dcef01758183b1dab679fc8bccc9b2a7c95efda137f6f80e4159ff6295a35f2516454afb609ce2bc852ece0d2234e63a4cfcceb2f628f6425b0b5dd6ba4c20e250c72f658b059079271c6f206a758e87784fd6256d1ee6cd55ea723631572ba4729109fa114f7240bb6776054d1fa9b5c3114debca30e4196223e3f6fcbf715c61e62f3702e1a43c72c114587e1eb727a458aba50fe0da0523b0f243482e33c7af73d072374f04ec75bd199e7357d8d37a60c4b225c0ebb8e8fde86484871015eb8ccda35183959fccdbe3cc8f9f018c70c405d1847d8666a34f86d1f996b42f9ce536100b8d6080f472d2a87a277a0c45baca157f0d578b6ca0e8627819d4d8e5226494474ff573c36caf000e9c52f206013851f2702c83224a7ac58fef0a2f337174f79900af0899ad371ebc5759d1f48b01c962be95456341e280de8aa4e5b46f2ac3256254cdec803cbfe597bc771b49cb0806048a441f1ba825d92b59140afcf59c7d7c6359b5c729da3480946575f681243faefac01e76ccd447d6035744375fd08e491aa597b3fb77874b0f3818331a895375d7602eb1676f853d2b1e058d5", 0x1f1}], 0x4}}], 0x2, 0x4004)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)

386.8491ms ago: executing program 1 (id=5697):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x7, 0x6, 0xc}, 0x48)
perf_event_open$cgroup(&(0x7f0000001980)={0x3, 0x80, 0x3, 0x1, 0x9, 0x7, 0x0, 0x8, 0x81808, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x6, 0x0, @perf_bp={0x0, 0xd}, 0x18610, 0x9, 0x9, 0x7, 0xf, 0x5bfd, 0x8, 0x0, 0x8, 0x0, 0x7}, 0xffffffffffffffff, 0x2, 0xffffffffffffffff, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0}, &(0x7f0000000080), &(0x7f0000000180)}, 0x20)
syz_read_part_table(0x5fb, &(0x7f0000000600)="$eJzs2zFoVHccB/DfnTkOlOLi5KQOUloXxdGjVbk7FQvhNEuRYkAR8aYThJMeRHTQoyjeIOmWJQ3ckqZTLjdkSkigU4cSMqQEMmRpaZZAlr5yl1dokhZSeqUInw8HP/7/93vv+37Hf33Bey0bvyRJkomI5IeII//w7pF2sXT91PDlyu2ITNyJiC++/vCb3pVM2pHkd+uZdL2WricnjnZfbV3LtVdvbZ+9u9DM/vHIsf4vjk11RgYwHv+x6cLi8ecvauXX9cLDlXJj4+WP33/27a/FSudmszVzI3f1Xtq3lNahtD6OejyNRzEaQ/Es7kftrx//6Vf9M3r4/PH2+vncyXJ79sGlnVL3zfyFftfBc539+N9MvTe/f2Ajopf/5PTbz1uNK+e+O/HuYn1uubKZRlfz++8cHcwLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwULlYPP78Ra38ul54uFJubLzM9XaLlc7NZmvmRu7qvbRvKa1DaX0c9Xgaj2I0qlGN+1Hb3T5yMOGDPy/y+69OF/bmj7fXz/92styefXBpp9R9M38h7Rse3Mh/l5/08p+cfvtJq3HlXP7Eu4v1ueXKZjpR9cCbR//fAwAAAAAAAAAAAAAAAAAAgEEolq6fGr5cuR2RiTsR8dHPX2Z7+0l+92v+TNp3JiKeRcRa+h385MTR7quta7n26q3ts3cXmj/lI0mSJMYiE2MRcWyqM/I/jsUh/R4AAP//omWTPA==")
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000280)='./bus\x00', 0x3c9c9b, 0x0, 0x0, 0x0, &(0x7f0000000140))
r1 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
getpgid(0xffffffffffffffff)
write$UHID_CREATE(r1, &(0x7f0000000a00)={0x0, {'syz0\x00', 'syz1\x00', 'syz0\x00', &(0x7f0000000940)=""/3, 0x3, 0x2, 0x4, 0x1000000, 0x0, 0xc08}}, 0x120)
readv(r1, &(0x7f00000007c0)=[{&(0x7f0000000080)=""/149, 0x95}, {0x0}], 0x2)

309.181988ms ago: executing program 1 (id=5698):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x4}, 0x18)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
pipe(&(0x7f0000000d00)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$inet_udp(0x2, 0x2, 0x0)
close(r3)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r3, &(0x7f0000000140)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r4, &(0x7f00000005c0)=[{{&(0x7f0000000080)={0x2, 0x4e20, @multicast1}, 0x10, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='p'], 0x70}}], 0x1, 0x2000c044)
write$binfmt_misc(r2, &(0x7f0000000000), 0xfffffecc)
splice(r1, 0x0, r3, 0x0, 0x7151, 0x0)

0s ago: executing program 3 (id=5699):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe2(&(0x7f0000000300)={<r2=>0xffffffffffffffff}, 0x0)
pipe2$9p(&(0x7f0000000180)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
tee(r2, r3, 0x4e, 0x0)
sendto$inet(r0, &(0x7f0000000c80)="e8", 0x6200, 0x12000000, 0x0, 0x0)

kernel console output (not intermixed with test programs):

not up; please bring it up to get a fully working HSR network
[  175.243777][T14187] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  175.273641][ T8209] bridge0: port 2(bridge_slave_1) entered blocking state
[  175.280812][ T8209] bridge0: port 2(bridge_slave_1) entered forwarding state
[  175.342742][T14187] 8021q: adding VLAN 0 to HW filter on device batadv0
[  175.445544][T14187] veth0_vlan: entered promiscuous mode
[  175.453541][T14187] veth1_vlan: entered promiscuous mode
[  175.476682][T14187] veth0_macvtap: entered promiscuous mode
[  175.483858][T14187] veth1_macvtap: entered promiscuous mode
[  175.497336][T14187] batman_adv: batadv0: Interface activated: batadv_slave_0
[  175.514677][T14187] batman_adv: batadv0: Interface activated: batadv_slave_1
[  175.533057][ T8195] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  175.551193][ T8216] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  175.563554][ T8216] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  175.579256][ T8216] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  175.608318][ T3558] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  175.681709][ T8216] netdevsim netdevsim6 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.758736][T14279] netlink: 'syz.0.4326': attribute type 3 has an invalid length.
[  175.769157][ T8216] netdevsim netdevsim6 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.830159][ T8216] netdevsim netdevsim6 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.857602][   T29] kauditd_printk_skb: 108 callbacks suppressed
[  175.857666][   T29] audit: type=1326 audit(1768088499.426:28394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14283 comm="syz.0.4330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe03d9ff749 code=0x7ffc0000
[  175.887645][   T29] audit: type=1326 audit(1768088499.426:28395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14283 comm="syz.0.4330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7fe03d9ff749 code=0x7ffc0000
[  175.911254][   T29] audit: type=1326 audit(1768088499.426:28396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14283 comm="syz.0.4330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe03d9ff749 code=0x7ffc0000
[  175.934876][   T29] audit: type=1326 audit(1768088499.426:28397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14283 comm="syz.0.4330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=286 compat=0 ip=0x7fe03d9ff749 code=0x7ffc0000
[  175.958487][   T29] audit: type=1326 audit(1768088499.426:28398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14283 comm="syz.0.4330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe03d9ff749 code=0x7ffc0000
[  176.033452][ T8216] netdevsim netdevsim6 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  176.100050][ T8216] bridge_slave_1: left allmulticast mode
[  176.105748][ T8216] bridge_slave_1: left promiscuous mode
[  176.111568][ T8216] bridge0: port 2(bridge_slave_1) entered disabled state
[  176.135872][   T29] audit: type=1326 audit(1768088499.697:28399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14306 comm="syz.0.4336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe03d9ff749 code=0x7ffc0000
[  176.177424][   T29] audit: type=1326 audit(1768088499.697:28400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14306 comm="syz.0.4336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe03d9ff749 code=0x7ffc0000
[  176.201146][   T29] audit: type=1326 audit(1768088499.697:28401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14306 comm="syz.0.4336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe03d9ff749 code=0x7ffc0000
[  176.224906][   T29] audit: type=1326 audit(1768088499.697:28402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14306 comm="syz.0.4336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=121 compat=0 ip=0x7fe03d9ff749 code=0x7ffc0000
[  176.248593][   T29] audit: type=1326 audit(1768088499.697:28403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14306 comm="syz.0.4336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe03d9ff749 code=0x7ffc0000
[  176.272614][ T8216] bridge_slave_0: left allmulticast mode
[  176.278433][ T8216] bridge_slave_0: left promiscuous mode
[  176.284228][ T8216] bridge0: port 1(bridge_slave_0) entered disabled state
[  176.561925][ T8216] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  176.578053][ T8216] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  176.588758][ T8216] bond0 (unregistering): Released all slaves
[  176.610646][T14321] Cannot find add_set index 0 as target
[  176.650217][ T8216] hsr_slave_0: left promiscuous mode
[  176.656221][ T8216] hsr_slave_1: left promiscuous mode
[  176.661944][ T8216] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  176.669471][ T8216] batman_adv: batadv0: Removing interface: batadv_slave_0
[  176.685128][ T8216] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  176.692557][ T8216] batman_adv: batadv0: Removing interface: batadv_slave_1
[  176.714753][ T8216] veth1_macvtap: left promiscuous mode
[  176.726356][ T8216] veth0_macvtap: left promiscuous mode
[  176.731974][ T8216] veth1_vlan: left promiscuous mode
[  176.747939][ T8216] veth0_vlan: left promiscuous mode
[  176.927570][ T8216] team0 (unregistering): Port device team_slave_1 removed
[  176.948582][ T8216] team0 (unregistering): Port device team_slave_0 removed
[  177.227461][T14282] chnl_net:caif_netlink_parms(): no params data found
[  177.325968][T14282] bridge0: port 1(bridge_slave_0) entered blocking state
[  177.333160][T14282] bridge0: port 1(bridge_slave_0) entered disabled state
[  177.371837][T14282] bridge_slave_0: entered allmulticast mode
[  177.383125][T14282] bridge_slave_0: entered promiscuous mode
[  177.401338][T14282] bridge0: port 2(bridge_slave_1) entered blocking state
[  177.408450][T14282] bridge0: port 2(bridge_slave_1) entered disabled state
[  177.451444][T14282] bridge_slave_1: entered allmulticast mode
[  177.467518][T14282] bridge_slave_1: entered promiscuous mode
[  177.510848][T14282] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  177.542350][T14282] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  177.585353][T14282] team0: Port device team_slave_0 added
[  177.599122][T14282] team0: Port device team_slave_1 added
[  177.635973][T14282] batman_adv: batadv0: Adding interface: batadv_slave_0
[  177.643039][T14282] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  177.668998][T14282] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  177.725896][T14282] batman_adv: batadv0: Adding interface: batadv_slave_1
[  177.732912][T14282] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  177.758899][T14282] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  177.824875][T14381] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4363'.
[  177.834406][T14381] netlink: 312 bytes leftover after parsing attributes in process `syz.3.4363'.
[  177.843518][T14381] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4363'.
[  177.900685][T14282] hsr_slave_0: entered promiscuous mode
[  177.917965][T14282] hsr_slave_1: entered promiscuous mode
[  177.934629][T14282] debugfs: 'hsr0' already exists in 'hsr'
[  177.940398][T14282] Cannot create hsr debugfs directory
[  178.326201][T14395] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4368'.
[  178.358495][T14282] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  178.376744][T14282] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  178.406848][T14282] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  178.416589][T14282] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  178.494958][T14282] 8021q: adding VLAN 0 to HW filter on device bond0
[  178.512261][T14282] 8021q: adding VLAN 0 to HW filter on device team0
[  178.540941][ T8195] bridge0: port 1(bridge_slave_0) entered blocking state
[  178.548089][ T8195] bridge0: port 1(bridge_slave_0) entered forwarding state
[  178.589274][ T8210] bridge0: port 2(bridge_slave_1) entered blocking state
[  178.596488][ T8210] bridge0: port 2(bridge_slave_1) entered forwarding state
[  178.646059][T14413] lo: entered promiscuous mode
[  178.651079][T14413] lo: entered allmulticast mode
[  178.657436][T14413] tunl0: entered promiscuous mode
[  178.662550][T14413] tunl0: entered allmulticast mode
[  178.679914][T14413] gre0: entered promiscuous mode
[  178.684950][T14413] gre0: entered allmulticast mode
[  178.702868][T14413] gretap0: entered promiscuous mode
[  178.708204][T14413] gretap0: entered allmulticast mode
[  178.715633][T14413] erspan0: entered promiscuous mode
[  178.720914][T14413] erspan0: entered allmulticast mode
[  178.748090][T14413] ip_vti0: entered promiscuous mode
[  178.753399][T14413] ip_vti0: entered allmulticast mode
[  178.761118][T14413] ip6_vti0: entered promiscuous mode
[  178.766454][T14413] ip6_vti0: entered allmulticast mode
[  178.774281][T14413] sit0: entered promiscuous mode
[  178.779294][T14413] sit0: entered allmulticast mode
[  178.787478][T14413] ip6tnl0: entered promiscuous mode
[  178.792920][T14413] ip6tnl0: entered allmulticast mode
[  178.800089][T14413] ip6gre0: entered promiscuous mode
[  178.805321][T14413] ip6gre0: entered allmulticast mode
[  178.812083][T14413] syz_tun: entered promiscuous mode
[  178.817318][T14413] syz_tun: entered allmulticast mode
[  178.824374][T14413] ip6gretap0: entered promiscuous mode
[  178.829872][T14413] ip6gretap0: entered allmulticast mode
[  178.837143][T14413] bridge0: entered promiscuous mode
[  178.842386][T14413] bridge0: entered allmulticast mode
[  178.848800][T14413] bond0: entered promiscuous mode
[  178.853914][T14413] bond_slave_0: entered promiscuous mode
[  178.859680][T14413] bond_slave_1: entered promiscuous mode
[  178.865519][T14413] bond0: entered allmulticast mode
[  178.870656][T14413] bond_slave_0: entered allmulticast mode
[  178.876505][T14413] bond_slave_1: entered allmulticast mode
[  178.883493][T14413] 8021q: adding VLAN 0 to HW filter on device bond0
[  178.892313][T14413] team0: entered promiscuous mode
[  178.897517][T14413] team_slave_0: entered promiscuous mode
[  178.903328][T14413] team_slave_1: entered promiscuous mode
[  178.909054][T14413] team0: entered allmulticast mode
[  178.914245][T14413] team_slave_0: entered allmulticast mode
[  178.920106][T14413] team_slave_1: entered allmulticast mode
[  178.926765][T14413] 8021q: adding VLAN 0 to HW filter on device team0
[  178.935050][T14413] dummy0: entered promiscuous mode
[  178.940270][T14413] dummy0: entered allmulticast mode
[  178.946591][T14413] nlmon0: entered promiscuous mode
[  178.951798][T14413] nlmon0: entered allmulticast mode
[  178.959041][T14413] caif0: entered promiscuous mode
[  178.964285][T14413] caif0: entered allmulticast mode
[  178.969421][T14413] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  179.038323][T14282] 8021q: adding VLAN 0 to HW filter on device batadv0
[  179.062488][T14431] IPVS: sync thread started: state = BACKUP, mcast_ifn = macvlan0, syncid = 0, id = 0
[  179.082965][T14430] IPVS: stopping backup sync thread 14431 ...
[  179.269481][T14282] veth0_vlan: entered promiscuous mode
[  179.290026][T14282] veth1_vlan: entered promiscuous mode
[  179.325307][T14282] veth0_macvtap: entered promiscuous mode
[  179.342232][T14282] veth1_macvtap: entered promiscuous mode
[  179.357895][T14282] batman_adv: batadv0: Interface activated: batadv_slave_0
[  179.375174][T14282] batman_adv: batadv0: Interface activated: batadv_slave_1
[  179.406150][ T8224] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  179.421190][ T8224] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  179.436857][ T8224] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  179.455232][ T8224] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  179.656104][T14486] netlink: 'syz.4.4396': attribute type 3 has an invalid length.
[  179.664210][T14486] netlink: 'syz.4.4396': attribute type 3 has an invalid length.
[  179.832520][T14501] netlink: 'syz.6.4403': attribute type 3 has an invalid length.
[  179.997873][T14514] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4407'.
[  180.177188][T14529] ªªªªªª: renamed from vlan0
[  180.300125][T14541] netlink: 96 bytes leftover after parsing attributes in process `syz.4.4420'.
[  180.437203][T14548] tipc: Started in network mode
[  180.443114][T14548] tipc: Node identity ac14140f, cluster identity 4711
[  180.473503][T14548] tipc: New replicast peer: 255.255.255.255
[  180.482730][T14548] tipc: Enabled bearer <udp:syz2>, priority 10
[  181.243546][T14587] loop4: detected capacity change from 0 to 164
[  181.257921][T14587] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  181.285511][T14587] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  181.309312][T14587] Symlink component flag not implemented
[  181.315153][T14587] Symlink component flag not implemented
[  181.322561][T14593] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4442'.
[  181.331562][T14593] batman_adv: batadv0: Removing interface: batadv_slave_0
[  181.340939][T14593] batman_adv: batadv0: Removing interface: batadv_slave_1
[  181.349197][T14587] Symlink component flag not implemented (7)
[  181.355408][T14587] Symlink component flag not implemented (116)
[  181.390180][T14597] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4445'.
[  181.400702][T14597] netlink: 'syz.6.4445': attribute type 1 has an invalid length.
[  181.559511][   T29] kauditd_printk_skb: 88 callbacks suppressed
[  181.559529][   T29] audit: type=1400 audit(1768088504.777:28492): avc:  denied  { setopt } for  pid=14608 comm="syz.0.4450" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  181.675543][ T3695] tipc: Node number set to 2886997007
[  181.785742][T14625] Invalid argument reading file caps for ./file0
[  181.863606][T14631] netlink: 188 bytes leftover after parsing attributes in process `syz.6.4461'.
[  181.872809][T14631] netlink: 188 bytes leftover after parsing attributes in process `syz.6.4461'.
[  182.165244][   T29] audit: type=1400 audit(1768088505.338:28493): avc:  denied  { associate } for  pid=14642 comm="syz.0.4466" name="cgroup.controllers" dev="tmpfs" ino=4487 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="@"
[  182.229053][   T29] audit: type=1400 audit(1768088505.385:28494): avc:  denied  { unlink } for  pid=3319 comm="syz-executor" name="cgroup.controllers" dev="tmpfs" ino=4487 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="@"
[  182.298861][T14656] 9p: Bad value for 'rfdno'
[  182.307237][   T29] audit: type=1326 audit(1768088505.479:28495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14655 comm="syz.0.4472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe03d9ff749 code=0x7ffc0000
[  182.331289][   T29] audit: type=1326 audit(1768088505.479:28496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14655 comm="syz.0.4472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe03d9ff749 code=0x7ffc0000
[  182.354971][   T29] audit: type=1326 audit(1768088505.479:28497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14655 comm="syz.0.4472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fe03d9ff749 code=0x7ffc0000
[  182.378566][   T29] audit: type=1326 audit(1768088505.479:28498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14655 comm="syz.0.4472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe03d9ff749 code=0x7ffc0000
[  182.402237][   T29] audit: type=1326 audit(1768088505.479:28499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14655 comm="syz.0.4472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7fe03d9ff749 code=0x7ffc0000
[  182.425878][   T29] audit: type=1326 audit(1768088505.479:28500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14655 comm="syz.0.4472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe03d9ff749 code=0x7ffc0000
[  182.449474][   T29] audit: type=1326 audit(1768088505.479:28501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14655 comm="syz.0.4472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe03d9ff749 code=0x7ffc0000
[  182.768856][T14665] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  182.836742][T14665] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  182.861757][T14662] syz.3.4475 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  182.873089][T14662] CPU: 0 UID: 0 PID: 14662 Comm: syz.3.4475 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  182.873123][T14662] Tainted: [W]=WARN
[  182.873131][T14662] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  182.873169][T14662] Call Trace:
[  182.873177][T14662]  <TASK>
[  182.873186][T14662]  __dump_stack+0x1d/0x30
[  182.873216][T14662]  dump_stack_lvl+0x95/0xd0
[  182.873240][T14662]  dump_stack+0x15/0x1b
[  182.873257][T14662]  dump_header+0x81/0x240
[  182.873348][T14662]  oom_kill_process+0x295/0x350
[  182.873442][T14662]  out_of_memory+0x97b/0xb80
[  182.873497][T14662]  try_charge_memcg+0x610/0xa10
[  182.873550][T14662]  charge_memcg+0x51/0xc0
[  182.873587][T14662]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  182.873674][T14662]  __read_swap_cache_async+0x17b/0x2d0
[  182.873719][T14662]  swap_cluster_readahead+0x362/0x3c0
[  182.873759][T14662]  swapin_readahead+0xde/0x820
[  182.873877][T14662]  ? mod_memcg_lruvec_state+0x1a1/0x280
[  182.873909][T14662]  ? lruvec_stat_mod_folio+0xd6/0x120
[  182.873932][T14662]  ? __rcu_read_unlock+0x4f/0x70
[  182.873949][T14662]  ? swap_cache_get_folio+0x277/0x280
[  182.873973][T14662]  do_swap_page+0x2b4/0x21e0
[  182.874026][T14662]  ? __pfx_default_wake_function+0x10/0x10
[  182.874057][T14662]  handle_mm_fault+0x9d8/0x2c60
[  182.874138][T14662]  do_user_addr_fault+0x630/0x1080
[  182.874171][T14662]  exc_page_fault+0x62/0xa0
[  182.874204][T14662]  asm_exc_page_fault+0x26/0x30
[  182.874298][T14662] RIP: 0033:0x7ff835621fb3
[  182.874341][T14662] Code: 0d 09 00 48 8d 3d 36 0d 09 00 e8 e8 47 f6 ff 0f 1f 84 00 00 00 00 00 83 ff 03 74 7b 83 ff 02 b8 fa ff ff ff 49 89 ca 0f 44 f8 <80> 3d 9e 95 1f 00 00 74 14 b8 e6 00 00 00 0f 05 f7 d8 c3 66 2e 0f
[  182.874361][T14662] RSP: 002b:00007ffdd74f9088 EFLAGS: 00010293
[  182.874379][T14662] RAX: 00000000fffffffa RBX: 00007ff835845fa0 RCX: 0000000000000000
[  182.874393][T14662] RDX: 00007ffdd74f90a0 RSI: 0000000000000000 RDI: 0000000000000000
[  182.874407][T14662] RBP: 00007ff835847da0 R08: 000000001a619631 R09: 7fffffffffffffff
[  182.874474][T14662] R10: 0000000000000000 R11: 0000000000000293 R12: 000000000002afc6
[  182.874484][T14662] R13: 00007ffdd74f91c0 R14: ffffffffffffffff R15: 00007ffdd74f91e0
[  182.874504][T14662]  </TASK>
[  182.874511][T14662] memory: usage 307200kB, limit 307200kB, failcnt 2736
[  183.095147][T14662] memory+swap: usage 299560kB, limit 9007199254740988kB, failcnt 0
[  183.103264][T14662] kmem: usage 296628kB, limit 9007199254740988kB, failcnt 0
[  183.110626][T14662] Memory cgroup stats for /syz3:
[  183.147498][T14662] cache 0
[  183.155546][T14662] rss 24576
[  183.158716][T14662] shmem 0
[  183.161701][T14662] mapped_file 0
[  183.165179][T14662] dirty 0
[  183.168127][T14662] writeback 0
[  183.171499][T14662] workingset_refault_anon 15
[  183.176121][T14662] workingset_refault_file 47
[  183.180724][T14662] swap 163840
[  183.184046][T14662] swapcached 12288
[  183.187781][T14662] pgpgin 154228
[  183.191279][T14662] pgpgout 154221
[  183.194860][T14662] pgfault 196598
[  183.198414][T14662] pgmajfault 19
[  183.201880][T14662] inactive_anon 0
[  183.205545][T14662] active_anon 24576
[  183.209375][T14662] inactive_file 0
[  183.213020][T14662] active_file 4096
[  183.216810][T14662] unevictable 0
[  183.220281][T14662] hierarchical_memory_limit 314572800
[  183.225717][T14662] hierarchical_memsw_limit 9223372036854771712
[  183.231888][T14662] total_cache 0
[  183.235369][T14662] total_rss 24576
[  183.239088][T14662] total_shmem 0
[  183.242569][T14662] total_mapped_file 0
[  183.246576][T14662] total_dirty 0
[  183.250084][T14662] total_writeback 0
[  183.253984][T14662] total_workingset_refault_anon 15
[  183.259155][T14662] total_workingset_refault_file 47
[  183.264272][T14662] total_swap 163840
[  183.268192][T14662] total_swapcached 12288
[  183.272459][T14662] total_pgpgin 154319
[  183.276459][T14662] total_pgpgout 154312
[  183.280626][T14662] total_pgfault 196682
[  183.284727][T14662] total_pgmajfault 19
[  183.288742][T14662] total_inactive_anon 0
[  183.292967][T14662] total_active_anon 24576
[  183.297319][T14662] total_inactive_file 0
[  183.301529][T14662] total_active_file 4096
[  183.305809][T14662] total_unevictable 0
[  183.309856][T14662] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.4475,pid=14662,uid=0
[  183.324662][T14662] Memory cgroup out of memory: Killed process 14662 (syz.3.4475) total-vm:93764kB, anon-rss:1184kB, file-rss:22184kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[  183.347149][T14665] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  183.432879][T14665] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  183.567573][ T8216] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  183.637119][ T8195] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  183.698924][ T8216] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  183.738562][ T8195] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  183.804250][T14693] netlink: 'syz.3.4487': attribute type 1 has an invalid length.
[  184.522797][ T3515] IPVS: starting estimator thread 0...
[  184.626401][T14754] IPVS: using max 2592 ests per chain, 129600 per kthread
[  184.703492][T14763] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  184.844151][T14777] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  184.905007][T14777] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  186.044340][T14839] __nla_validate_parse: 1 callbacks suppressed
[  186.044360][T14839] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4551'.
[  186.045545][T14839] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4551'.
[  186.162156][T14847] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[  186.446045][T14866] netlink: 'syz.0.4562': attribute type 3 has an invalid length.
[  186.503793][T14282] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  186.514787][T14282] CPU: 0 UID: 0 PID: 14282 Comm: syz-executor Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  186.514821][T14282] Tainted: [W]=WARN
[  186.514827][T14282] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  186.514838][T14282] Call Trace:
[  186.514843][T14282]  <TASK>
[  186.514849][T14282]  __dump_stack+0x1d/0x30
[  186.514876][T14282]  dump_stack_lvl+0x95/0xd0
[  186.515001][T14282]  dump_stack+0x15/0x1b
[  186.515025][T14282]  dump_header+0x81/0x240
[  186.515048][T14282]  oom_kill_process+0x295/0x350
[  186.515068][T14282]  out_of_memory+0x97b/0xb80
[  186.515109][T14282]  try_charge_memcg+0x610/0xa10
[  186.515146][T14282]  charge_memcg+0x51/0xc0
[  186.515199][T14282]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  186.515284][T14282]  __read_swap_cache_async+0x17b/0x2d0
[  186.515343][T14282]  swap_cluster_readahead+0x262/0x3c0
[  186.515374][T14282]  swapin_readahead+0xde/0x820
[  186.515404][T14282]  ? sized_strscpy+0x121/0x1a0
[  186.515426][T14282]  ? __rcu_read_unlock+0x4f/0x70
[  186.515456][T14282]  ? __perf_event_task_sched_in+0xa5b/0xac0
[  186.515527][T14282]  ? __rcu_read_unlock+0x4f/0x70
[  186.515548][T14282]  ? __rcu_read_unlock+0x4f/0x70
[  186.515572][T14282]  ? swap_cache_get_folio+0x277/0x280
[  186.515652][T14282]  do_swap_page+0x2b4/0x21e0
[  186.515681][T14282]  ? _raw_spin_unlock+0x26/0x50
[  186.515712][T14282]  ? __schedule+0x85f/0xcd0
[  186.515798][T14282]  ? __pfx_default_wake_function+0x10/0x10
[  186.515842][T14282]  handle_mm_fault+0x9d8/0x2c60
[  186.515891][T14282]  do_user_addr_fault+0x630/0x1080
[  186.515960][T14282]  exc_page_fault+0x62/0xa0
[  186.515986][T14282]  asm_exc_page_fault+0x26/0x30
[  186.516004][T14282] RIP: 0033:0x7f72f7691fc5
[  186.516088][T14282] Code: 00 00 00 00 00 83 ff 03 74 7b 83 ff 02 b8 fa ff ff ff 49 89 ca 0f 44 f8 80 3d 9e 95 1f 00 00 74 14 b8 e6 00 00 00 0f 05 f7 d8 <c3> 66 2e 0f 1f 84 00 00 00 00 00 48 83 ec 28 48 89 54 24 10 89 74
[  186.516111][T14282] RSP: 002b:00007ffec705f618 EFLAGS: 00010246
[  186.516131][T14282] RAX: 0000000000000000 RBX: 0000000000000053 RCX: 00007f72f7691fc3
[  186.516218][T14282] RDX: 00007ffec705f630 RSI: 0000000000000000 RDI: 0000000000000000
[  186.516231][T14282] RBP: 00007ffec705f69c R08: 00000000335c62e3 R09: 0000000000000000
[  186.516246][T14282] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000001388
[  186.516308][T14282] R13: 00000000000927c0 R14: 000000000002ba66 R15: 00007ffec705f6f0
[  186.516332][T14282]  </TASK>
[  186.516341][T14282] memory: usage 307200kB, limit 307200kB, failcnt 162
[  186.682209][T14871] 9p: Bad value for 'rfdno'
[  186.701100][T14282] memory+swap: usage 285772kB, limit 9007199254740988kB, failcnt 0
[  186.701120][T14282] kmem: usage 285372kB, limit 9007199254740988kB, failcnt 0
[  186.701134][T14282] Memory cgroup stats for /syz6:
[  186.803602][T14870] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4564'.
[  186.922688][   T29] kauditd_printk_skb: 447 callbacks suppressed
[  186.922701][   T29] audit: type=1326 audit(1768088509.791:28949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14869 comm="syz.4.4564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb3739165e7 code=0x7ffc0000
[  186.990600][   T29] audit: type=1326 audit(1768088509.829:28950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14869 comm="syz.4.4564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb3738bb829 code=0x7ffc0000
[  187.014363][   T29] audit: type=1326 audit(1768088509.829:28951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14869 comm="syz.4.4564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb3739165e7 code=0x7ffc0000
[  187.037984][   T29] audit: type=1326 audit(1768088509.829:28952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14869 comm="syz.4.4564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb3738bb829 code=0x7ffc0000
[  187.061505][   T29] audit: type=1326 audit(1768088509.829:28953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14869 comm="syz.4.4564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7fb37391f749 code=0x7ffc0000
[  187.085313][   T29] audit: type=1326 audit(1768088509.829:28954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14869 comm="syz.4.4564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb3739165e7 code=0x7ffc0000
[  187.108857][   T29] audit: type=1326 audit(1768088509.829:28955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14869 comm="syz.4.4564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb3738bb829 code=0x7ffc0000
[  187.132480][   T29] audit: type=1326 audit(1768088509.829:28956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14869 comm="syz.4.4564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7fb37391f749 code=0x7ffc0000
[  187.144183][T14282] cache 0
[  187.156223][   T29] audit: type=1326 audit(1768088509.829:28957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14869 comm="syz.4.4564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb3739165e7 code=0x7ffc0000
[  187.159256][T14282] rss 16384
[  187.182712][   T29] audit: type=1326 audit(1768088509.829:28958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14869 comm="syz.4.4564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb3738bb829 code=0x7ffc0000
[  187.185824][T14282] shmem 0
[  187.185834][T14282] mapped_file 0
[  187.215715][T14282] dirty 0
[  187.218702][T14282] writeback 12288
[  187.222336][T14282] workingset_refault_anon 10
[  187.226968][T14282] workingset_refault_file 0
[  187.231492][T14282] swap 155648
[  187.234917][T14282] swapcached 28672
[  187.238652][T14282] pgpgin 55702
[  187.242055][T14282] pgpgout 55694
[  187.245693][T14282] pgfault 34303
[  187.249267][T14282] pgmajfault 2
[  187.252692][T14282] inactive_anon 12288
[  187.256691][T14282] active_anon 20480
[  187.260540][T14282] inactive_file 0
[  187.264200][T14282] active_file 0
[  187.267690][T14282] unevictable 0
[  187.271164][T14282] hierarchical_memory_limit 314572800
[  187.276545][T14282] hierarchical_memsw_limit 9223372036854771712
[  187.282849][T14282] total_cache 0
[  187.286406][T14282] total_rss 16384
[  187.290107][T14282] total_shmem 0
[  187.293592][T14282] total_mapped_file 0
[  187.297639][T14282] total_dirty 0
[  187.301238][T14282] total_writeback 12288
[  187.305415][T14282] total_workingset_refault_anon 10
[  187.310597][T14282] total_workingset_refault_file 0
[  187.315640][T14282] total_swap 155648
[  187.319493][T14282] total_swapcached 28672
[  187.323902][T14282] total_pgpgin 55702
[  187.327815][T14282] total_pgpgout 55694
[  187.331841][T14282] total_pgfault 34303
[  187.335878][T14282] total_pgmajfault 2
[  187.339839][T14282] total_inactive_anon 12288
[  187.344372][T14282] total_active_anon 20480
[  187.348711][T14282] total_inactive_file 0
[  187.352900][T14282] total_active_file 0
[  187.356902][T14282] total_unevictable 0
[  187.360901][T14282] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz6,task_memcg=/syz6,task=syz.6.4561,pid=14863,uid=0
[  187.375670][T14282] Memory cgroup out of memory: Killed process 14863 (syz.6.4561) total-vm:95812kB, anon-rss:1132kB, file-rss:22180kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  187.948039][T14915] sg_read: process 96 (syz.6.4582) changed security contexts after opening file descriptor, this is not allowed.
[  188.064579][T14921] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4584'.
[  188.076961][T14921] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4584'.
[  188.122846][T14927] netlink: 105116 bytes leftover after parsing attributes in process `syz.4.4587'.
[  188.384125][T14953] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14953 comm=syz.4.4600
[  188.436889][T14957] serio: Serial port ptm0
[  188.455030][T14960] bridge0: entered promiscuous mode
[  188.470415][T14960] macsec1: entered promiscuous mode
[  188.485476][T14960] bridge0: port 3(macsec1) entered blocking state
[  188.492093][T14960] bridge0: port 3(macsec1) entered disabled state
[  188.499714][T14960] macsec1: entered allmulticast mode
[  188.505198][T14960] bridge0: entered allmulticast mode
[  188.513298][T14960] macsec1: left allmulticast mode
[  188.518442][T14960] bridge0: left allmulticast mode
[  188.524572][T14960] bridge0: left promiscuous mode
[  188.743778][T14986] team0 (unregistering): Port device team_slave_0 removed
[  188.754084][T14986] team0 (unregistering): Port device team_slave_1 removed
[  188.767743][T14983] infiniband !yz!: set down
[  188.772378][T14983] infiniband !yz!: added team_slave_0
[  188.798410][T14983] RDS/IB: !yz!: added
[  188.809597][T14983] smc: adding ib device !yz! with port count 1
[  188.826628][T14983] smc:    ib device !yz! port 1 has no pnetid
[  189.338912][T15022] netlink: 'syz.3.4630': attribute type 29 has an invalid length.
[  189.381064][T15022] netlink: 'syz.3.4630': attribute type 29 has an invalid length.
[  189.415359][T15022] netlink: 500 bytes leftover after parsing attributes in process `syz.3.4630'.
[  190.189268][T15054] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  190.258389][T15054] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  190.291985][T15047] chnl_net:caif_netlink_parms(): no params data found
[  190.347571][T15054] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  190.419819][T15047] bridge0: port 1(bridge_slave_0) entered blocking state
[  190.426997][T15047] bridge0: port 1(bridge_slave_0) entered disabled state
[  190.544207][T15047] bridge_slave_0: entered allmulticast mode
[  190.680513][T15047] bridge_slave_0: entered promiscuous mode
[  190.708812][T15054] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  190.745574][T15047] bridge0: port 2(bridge_slave_1) entered blocking state
[  190.752876][T15047] bridge0: port 2(bridge_slave_1) entered disabled state
[  190.787768][T15047] bridge_slave_1: entered allmulticast mode
[  190.794562][T15047] bridge_slave_1: entered promiscuous mode
[  190.817201][T15047] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  190.828244][T15047] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  190.852233][T15079] netlink: 'syz.0.4648': attribute type 4 has an invalid length.
[  190.886236][T15047] team0: Port device team_slave_0 added
[  190.903869][T15047] team0: Port device team_slave_1 added
[  190.923410][T15054] bridge_slave_1: left allmulticast mode
[  190.929094][T15054] bridge_slave_1: left promiscuous mode
[  190.934934][T15054] bridge0: port 2(bridge_slave_1) entered disabled state
[  190.946397][T15054] bridge_slave_0: left allmulticast mode
[  190.952086][T15054] bridge_slave_0: left promiscuous mode
[  190.958116][T15054] bridge0: port 1(bridge_slave_0) entered disabled state
[  191.014080][T15090] netlink: 87 bytes leftover after parsing attributes in process `syz.4.4652'.
[  191.116420][T15054] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  191.126777][T15054] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  191.137020][T15054] bond0 (unregistering): Released all slaves
[  191.152425][T15047] batman_adv: batadv0: Adding interface: batadv_slave_0
[  191.159562][T15047] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  191.185531][T15047] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  191.208531][T15047] batman_adv: batadv0: Adding interface: batadv_slave_1
[  191.215552][T15047] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  191.241568][T15047] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  191.295896][T15047] hsr_slave_0: entered promiscuous mode
[  191.302408][T15047] hsr_slave_1: entered promiscuous mode
[  191.308720][T15047] debugfs: 'hsr0' already exists in 'hsr'
[  191.314473][T15047] Cannot create hsr debugfs directory
[  191.322681][T15054] hsr_slave_0: left promiscuous mode
[  191.328571][T15054] hsr_slave_1: left promiscuous mode
[  191.334258][T15054] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  191.342134][T15054] batman_adv: batadv0: Removing interface: batadv_slave_0
[  191.350100][T15054] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  191.357531][T15054] batman_adv: batadv0: Removing interface: batadv_slave_1
[  191.367675][T15096] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=15096 comm=syz.4.4655
[  191.380280][T15096] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=15096 comm=syz.4.4655
[  191.394464][T15054] veth1_macvtap: left promiscuous mode
[  191.399990][T15054] veth0_macvtap: left promiscuous mode
[  191.405671][T15054] veth1_vlan: left promiscuous mode
[  191.410916][T15054] veth0_vlan: left promiscuous mode
[  191.513022][T15054] team0 (unregistering): Port device team_slave_1 removed
[  191.524270][T15054] team0 (unregistering): Port device team_slave_0 removed
[  191.571797][T15099] SELinux: failed to load policy
[  191.652256][T15047] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  191.669142][T15047] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  191.674552][T15111] Falling back ldisc for ptm0.
[  191.685989][T15047] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  191.695583][T15047] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  191.720949][T15120] netlink: 'syz.6.4663': attribute type 1 has an invalid length.
[  191.737344][T15120] bond1: entered promiscuous mode
[  191.742429][T15120] bond1: entered allmulticast mode
[  191.747829][T15120] 8021q: adding VLAN 0 to HW filter on device bond1
[  191.780435][T15047] 8021q: adding VLAN 0 to HW filter on device bond0
[  191.797506][T15047] 8021q: adding VLAN 0 to HW filter on device team0
[  191.807931][  T321] bridge0: port 1(bridge_slave_0) entered blocking state
[  191.815100][  T321] bridge0: port 1(bridge_slave_0) entered forwarding state
[  191.833168][ T8238] bridge0: port 2(bridge_slave_1) entered blocking state
[  191.840374][ T8238] bridge0: port 2(bridge_slave_1) entered forwarding state
[  191.863860][T15047] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  191.874413][T15047] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  191.937865][T15138] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4668'.
[  191.963209][T15047] 8021q: adding VLAN 0 to HW filter on device batadv0
[  192.224999][T15047] veth0_vlan: entered promiscuous mode
[  192.248920][T15176] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4679'.
[  192.269764][T15047] veth1_vlan: entered promiscuous mode
[  192.299951][T15047] veth0_macvtap: entered promiscuous mode
[  192.311850][T15047] veth1_macvtap: entered promiscuous mode
[  192.324110][T15047] batman_adv: batadv0: Interface activated: batadv_slave_0
[  192.337799][T15047] batman_adv: batadv0: Interface activated: batadv_slave_1
[  192.352002][  T335] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  192.371154][  T335] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  192.394198][  T335] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  192.413127][  T335] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  192.464450][T15189] loop8: detected capacity change from 0 to 256
[  192.471403][T15189] FAT-fs (loop8): bogus number of FAT sectors
[  192.477582][T15189] FAT-fs (loop8): Can't find a valid FAT filesystem
[  192.512295][T15191] netlink: 'syz.4.4684': attribute type 1 has an invalid length.
[  192.522121][T15194] netlink: 44 bytes leftover after parsing attributes in process `syz.3.4685'.
[  192.532339][T15194] bridge0: port 2(bridge_slave_1) entered disabled state
[  192.539512][T15194] bridge0: port 1(bridge_slave_0) entered disabled state
[  192.555994][T15191] 8021q: adding VLAN 0 to HW filter on device bond2
[  192.564395][T15194] netlink: 44 bytes leftover after parsing attributes in process `syz.3.4685'.
[  192.582816][T15191] 8021q: adding VLAN 0 to HW filter on device bond2
[  192.590171][T15191] bond2: (slave vxcan3): The slave device specified does not support setting the MAC address
[  192.611846][T15191] bond2: (slave vxcan3): Error -95 calling set_mac_address
[  192.687211][T15205] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  192.875628][   T29] kauditd_printk_skb: 240 callbacks suppressed
[  192.875672][   T29] audit: type=1326 audit(1768088515.358:29199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15222 comm="syz.0.4698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe03d9ff749 code=0x7ffc0000
[  192.908327][   T29] audit: type=1326 audit(1768088515.358:29200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15222 comm="syz.0.4698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe03d9ff749 code=0x7ffc0000
[  192.932006][   T29] audit: type=1326 audit(1768088515.395:29201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15222 comm="syz.0.4698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe03d9ff749 code=0x7ffc0000
[  192.955666][   T29] audit: type=1326 audit(1768088515.395:29202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15222 comm="syz.0.4698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe03d9ff749 code=0x7ffc0000
[  192.979437][   T29] audit: type=1326 audit(1768088515.395:29203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15222 comm="syz.0.4698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe03d9ff749 code=0x7ffc0000
[  193.003671][   T29] audit: type=1326 audit(1768088515.395:29204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15222 comm="syz.0.4698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe03d9ff749 code=0x7ffc0000
[  193.027633][   T29] audit: type=1326 audit(1768088515.395:29205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15222 comm="syz.0.4698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=459 compat=0 ip=0x7fe03d9ff749 code=0x7ffc0000
[  193.051293][   T29] audit: type=1326 audit(1768088515.395:29206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15222 comm="syz.0.4698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe03d9ff749 code=0x7ffc0000
[  193.074903][   T29] audit: type=1326 audit(1768088515.395:29207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15222 comm="syz.0.4698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe03d9ff749 code=0x7ffc0000
[  193.098472][   T29] audit: type=1326 audit(1768088515.395:29208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15222 comm="syz.0.4698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe03d9ff749 code=0x7ffc0000
[  193.136858][T15223] loop8: detected capacity change from 0 to 8192
[  193.177723][T15223]  loop8: p1 p2 p4 < >
[  193.181840][T15223] loop8: partition table partially beyond EOD, truncated
[  193.225534][T15223] loop8: p1 start 16777216 is beyond EOD, truncated
[  193.232252][T15223] loop8: p2 size 515840 extends beyond EOD, truncated
[  193.273041][T15223] loop8: p4 start 16777216 is beyond EOD, truncated
[  193.291765][T15239] netlink: 24 bytes leftover after parsing attributes in process `syz.6.4704'.
[  193.302806][T15239] IPVS: Error connecting to the multicast addr
[  193.348707][T15243] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4707'.
[  193.542249][T15266] loop6: detected capacity change from 0 to 1024
[  193.549006][T15266] EXT4-fs: Ignoring removed mblk_io_submit option
[  193.557271][T15269] netlink: 'syz.0.4717': attribute type 1 has an invalid length.
[  193.580433][T15266] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  193.711321][T15279] loop8: detected capacity change from 0 to 128
[  193.845072][T14282] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.898321][T15291] loop6: detected capacity change from 0 to 1024
[  193.937664][T15291] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  193.983071][T15291] EXT4-fs error (device loop6): mb_free_blocks:2037: group 0, inode 18: block 241:freeing already freed block (bit 15); block bitmap corrupt.
[  194.008336][T15291] EXT4-fs (loop6): Remounting filesystem read-only
[  194.083006][T14282] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.137644][T15309] netlink: 'syz.4.4731': attribute type 4 has an invalid length.
[  194.145483][T15309] netlink: 152 bytes leftover after parsing attributes in process `syz.4.4731'.
[  194.173763][T15309] .`: renamed from bond0 (while UP)
[  194.349338][T15329] sctp: [Deprecated]: syz.3.4739 (pid 15329) Use of int in max_burst socket option.
[  194.349338][T15329] Use struct sctp_assoc_value instead
[  195.136382][T15404] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4771'.
[  195.172222][T15407] 9p: Bad value for 'rfdno'
[  196.258048][T15456] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4789'.
[  196.287730][T15432] syz.0.4782 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  196.302087][T15432] CPU: 1 UID: 0 PID: 15432 Comm: syz.0.4782 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  196.302156][T15432] Tainted: [W]=WARN
[  196.302165][T15432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  196.302204][T15432] Call Trace:
[  196.302211][T15432]  <TASK>
[  196.302281][T15432]  __dump_stack+0x1d/0x30
[  196.302360][T15432]  dump_stack_lvl+0x95/0xd0
[  196.302379][T15432]  dump_stack+0x15/0x1b
[  196.302396][T15432]  dump_header+0x81/0x240
[  196.302416][T15432]  oom_kill_process+0x295/0x350
[  196.302470][T15432]  out_of_memory+0x97b/0xb80
[  196.302544][T15432]  try_charge_memcg+0x610/0xa10
[  196.302588][T15432]  obj_cgroup_charge_pages+0xa6/0x150
[  196.302661][T15432]  __memcg_kmem_charge_page+0x9f/0x170
[  196.302697][T15432]  __alloc_frozen_pages_noprof+0x18f/0x360
[  196.302735][T15432]  alloc_pages_mpol+0xb3/0x260
[  196.302910][T15432]  alloc_pages_noprof+0x90/0x130
[  196.302938][T15432]  __vmalloc_node_range_noprof+0xa7b/0x1310
[  196.302986][T15432]  __kvmalloc_node_noprof+0x492/0x6b0
[  196.303017][T15432]  ? ip_set_alloc+0x24/0x30
[  196.303121][T15432]  ? ip_set_alloc+0x24/0x30
[  196.303174][T15432]  ip_set_alloc+0x24/0x30
[  196.303333][T15432]  hash_netiface_create+0x282/0x740
[  196.303400][T15432]  ? __pfx_hash_netiface_create+0x10/0x10
[  196.303511][T15432]  ip_set_create+0x3cc/0x970
[  196.303579][T15432]  ? __nla_parse+0x40/0x60
[  196.303617][T15432]  nfnetlink_rcv_msg+0x4c6/0x590
[  196.303752][T15432]  netlink_rcv_skb+0x123/0x220
[  196.303853][T15432]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  196.303902][T15432]  nfnetlink_rcv+0x167/0x16c0
[  196.303931][T15432]  ? inat_get_opcode_attribute+0xc/0x20
[  196.303964][T15432]  ? insn_get_opcode+0x7dd/0x890
[  196.303999][T15432]  ? __free_frozen_pages+0x288/0x510
[  196.304054][T15432]  ? insn_get_modrm+0x367/0x390
[  196.304141][T15432]  ? _raw_spin_lock+0x52/0xa0
[  196.304167][T15432]  ? __pte_offset_map_lock+0x1d9/0x240
[  196.304251][T15432]  ? do_sync_core+0x39/0x60
[  196.304277][T15432]  ? smp_call_function_many_cond+0x7f8/0xc40
[  196.304306][T15432]  ? ___slab_alloc+0xb6/0xb00
[  196.304388][T15432]  ? kmalloc_reserve+0x84/0x190
[  196.304417][T15432]  ? should_fail_ex+0x30/0x280
[  196.304443][T15432]  ? selinux_nlmsg_lookup+0x99/0x890
[  196.304475][T15432]  ? __rcu_read_unlock+0x34/0x70
[  196.304492][T15432]  ? __netlink_lookup+0x266/0x2a0
[  196.304534][T15432]  netlink_unicast+0x5c0/0x690
[  196.304566][T15432]  netlink_sendmsg+0x58b/0x6b0
[  196.304757][T15432]  ? __pfx_netlink_sendmsg+0x10/0x10
[  196.304846][T15432]  __sock_sendmsg+0x145/0x180
[  196.304871][T15432]  ____sys_sendmsg+0x31e/0x4a0
[  196.304968][T15432]  ___sys_sendmsg+0x17b/0x1d0
[  196.305019][T15432]  __x64_sys_sendmsg+0xd4/0x160
[  196.305127][T15432]  x64_sys_call+0x17ba/0x3000
[  196.305156][T15432]  do_syscall_64+0xca/0x2b0
[  196.305260][T15432]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  196.305326][T15432] RIP: 0033:0x7fe03d9ff749
[  196.305410][T15432] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  196.305505][T15432] RSP: 002b:00007fe03c467038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  196.305529][T15432] RAX: ffffffffffffffda RBX: 00007fe03dc55fa0 RCX: 00007fe03d9ff749
[  196.305543][T15432] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000008
[  196.305555][T15432] RBP: 00007fe03da83f91 R08: 0000000000000000 R09: 0000000000000000
[  196.305567][T15432] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  196.305581][T15432] R13: 00007fe03dc56038 R14: 00007fe03dc55fa0 R15: 00007ffee2552d78
[  196.305612][T15432]  </TASK>
[  196.305621][T15432] memory: usage 307200kB, limit 307200kB, failcnt 807
[  196.663016][T15432] memory+swap: usage 307772kB, limit 9007199254740988kB, failcnt 0
[  196.670984][T15432] kmem: usage 307192kB, limit 9007199254740988kB, failcnt 0
[  196.678299][T15432] Memory cgroup stats for /syz0:
[  196.682720][T15432] cache 0
[  196.690827][T15432] rss 0
[  196.693619][T15432] shmem 0
[  196.696730][T15432] mapped_file 0
[  196.700219][T15432] dirty 0
[  196.703172][T15432] writeback 0
[  196.706492][T15432] workingset_refault_anon 53
[  196.711096][T15432] workingset_refault_file 270
[  196.715806][T15432] swap 585728
[  196.719104][T15432] swapcached 4096
[  196.722745][T15432] pgpgin 229813
[  196.726289][T15432] pgpgout 229811
[  196.729920][T15432] pgfault 247088
[  196.733483][T15432] pgmajfault 36
[  196.736973][T15432] inactive_anon 0
[  196.740625][T15432] active_anon 4096
[  196.744363][T15432] inactive_file 0
[  196.748112][T15432] active_file 4096
[  196.751871][T15432] unevictable 0
[  196.755416][T15432] hierarchical_memory_limit 314572800
[  196.760854][T15432] hierarchical_memsw_limit 9223372036854771712
[  196.767025][T15432] total_cache 0
[  196.770547][T15432] total_rss 0
[  196.773872][T15432] total_shmem 0
[  196.777366][T15432] total_mapped_file 0
[  196.781431][T15432] total_dirty 0
[  196.784923][T15432] total_writeback 0
[  196.788742][T15432] total_workingset_refault_anon 53
[  196.793932][T15432] total_workingset_refault_file 270
[  196.799159][T15432] total_swap 585728
[  196.803200][T15432] total_swapcached 4096
[  196.807506][T15432] total_pgpgin 229813
[  196.811560][T15432] total_pgpgout 229811
[  196.815644][T15432] total_pgfault 247088
[  196.819791][T15432] total_pgmajfault 36
[  196.823804][T15432] total_inactive_anon 0
[  196.827964][T15432] total_active_anon 4096
[  196.832221][T15432] total_inactive_file 0
[  196.836527][T15432] total_active_file 4096
[  196.840808][T15432] total_unevictable 0
[  196.844909][T15432] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.4782,pid=15431,uid=0
[  196.859731][T15432] Memory cgroup out of memory: Killed process 15431 (syz.0.4782) total-vm:95884kB, anon-rss:1136kB, file-rss:22184kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[  197.254866][T15475] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  197.347449][T15475] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  197.449099][T15475] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  197.549857][T15475] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  197.556848][T15502] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4811'.
[  197.570463][T15502] netlink: 56 bytes leftover after parsing attributes in process `syz.4.4811'.
[  197.654043][ T8228] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  197.666284][ T8228] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  197.681392][T15511] loop8: detected capacity change from 0 to 2048
[  197.687855][ T8228] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  197.698928][ T8191] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  197.712318][T15511] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  197.757133][T15047] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[  197.783632][T15519] loop8: detected capacity change from 0 to 1024
[  197.799286][T15519] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  197.834000][T15519] EXT4-fs error (device loop8): mb_free_blocks:2037: group 0, inode 18: block 241:freeing already freed block (bit 15); block bitmap corrupt.
[  197.849773][T15519] EXT4-fs (loop8): Remounting filesystem read-only
[  197.873071][T15047] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.903988][T15533] loop4: detected capacity change from 0 to 512
[  197.911122][T15533] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  197.926551][T15533] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  197.939180][T15533] ext4 filesystem being mounted at /1063/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  197.975831][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  198.101304][T15554] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4832'.
[  198.193063][T15564] loop4: detected capacity change from 0 to 1024
[  198.199875][T15564] EXT4-fs: Ignoring removed orlov option
[  198.231951][T15564] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  198.307409][T15577] Invalid ELF header magic: != ELF
[  198.323497][   T29] kauditd_printk_skb: 406 callbacks suppressed
[  198.323514][   T29] audit: type=1400 audit(1768088520.456:29615): avc:  denied  { setopt } for  pid=15574 comm="syz.8.4839" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  198.404870][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.539119][   T29] audit: type=1326 audit(1768088520.662:29616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15591 comm="syz.6.4847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72f765f749 code=0x7ffc0000
[  198.563000][   T29] audit: type=1326 audit(1768088520.662:29617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15591 comm="syz.6.4847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72f765f749 code=0x7ffc0000
[  198.586825][   T29] audit: type=1326 audit(1768088520.662:29618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15591 comm="syz.6.4847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f72f765f749 code=0x7ffc0000
[  198.610496][   T29] audit: type=1326 audit(1768088520.662:29619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15591 comm="syz.6.4847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72f765f749 code=0x7ffc0000
[  198.634170][   T29] audit: type=1326 audit(1768088520.662:29620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15591 comm="syz.6.4847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72f765f749 code=0x7ffc0000
[  198.657942][   T29] audit: type=1326 audit(1768088520.662:29621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15591 comm="syz.6.4847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f72f765f749 code=0x7ffc0000
[  198.681597][   T29] audit: type=1326 audit(1768088520.662:29622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15591 comm="syz.6.4847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72f765f749 code=0x7ffc0000
[  198.705461][   T29] audit: type=1326 audit(1768088520.662:29623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15591 comm="syz.6.4847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=35 compat=0 ip=0x7f72f765f749 code=0x7ffc0000
[  198.777035][T15601] netlink: 'syz.8.4850': attribute type 3 has an invalid length.
[  198.784927][T15601] netlink: 'syz.8.4850': attribute type 1 has an invalid length.
[  198.792862][T15601] netlink: 181400 bytes leftover after parsing attributes in process `syz.8.4850'.
[  198.810876][   T29] audit: type=1326 audit(1768088520.793:29624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15591 comm="syz.6.4847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72f765f749 code=0x7ffc0000
[  198.879618][T15609] netlink: 12 bytes leftover after parsing attributes in process `syz.8.4855'.
[  198.892326][T15609] netlink: 12 bytes leftover after parsing attributes in process `syz.8.4855'.
[  198.907691][T15612] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4856'.
[  198.926084][T15613] netlink: 'syz.0.4857': attribute type 2 has an invalid length.
[  198.935672][T15612] bridge_slave_1: left allmulticast mode
[  198.941787][T15612] bridge_slave_1: left promiscuous mode
[  198.947692][T15612] bridge0: port 2(bridge_slave_1) entered disabled state
[  198.978772][T15612] bridge_slave_0: left allmulticast mode
[  198.984585][T15612] bridge_slave_0: left promiscuous mode
[  198.990378][T15612] bridge0: port 1(bridge_slave_0) entered disabled state
[  199.153717][T15629] rdma_op ffff88811d908180 conn xmit_rdma 0000000000000000
[  199.183435][T15631] loop4: detected capacity change from 0 to 512
[  199.196886][T15631] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 1, start 00000101)
[  199.288711][T15645] loop4: detected capacity change from 0 to 2048
[  199.314707][T15645] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  199.388624][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[  199.432217][T15664] 9p: Bad value for 'rfdno'
[  199.459409][T15664] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4878'.
[  199.510634][T15676] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4886'.
[  199.519867][T15676] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4886'.
[  199.531231][T15676] netlink: 'syz.0.4886': attribute type 6 has an invalid length.
[  199.557822][T15678] 0ªî{X¹¦: renamed from gretap0 (while UP)
[  199.566343][T15678] 0ªî{X¹¦: entered allmulticast mode
[  199.572483][T15678] A link change request failed with some changes committed already. Interface 
30ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[  199.606519][T15682] Invalid ELF header magic: != ELF
[  199.614971][T15682] loop8: detected capacity change from 0 to 512
[  199.628097][T15682] EXT4-fs (loop8): orphan cleanup on readonly fs
[  199.635429][T15682] EXT4-fs error (device loop8): ext4_orphan_get:1417: comm syz.8.4888: bad orphan inode 13
[  199.652811][T15682] ext4_test_bit(bit=12, block=18) = 1
[  199.658298][T15682] is_bad_inode(inode)=0
[  199.662459][T15682] NEXT_ORPHAN(inode)=2130706432
[  199.667913][T15682] max_ino=32
[  199.671186][T15682] i_nlink=1
[  199.675196][T15682] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  199.690704][T15682] EXT4-fs (loop8): warning: mounting fs with errors, running e2fsck is recommended
[  199.798569][T15682] EXT4-fs (loop8): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  199.807928][T15690] EXT4-fs error (device loop8): ext4_validate_block_bitmap:441: comm syz.8.4888: bg 0: block 248: padding at end of block bitmap is not set
[  199.825739][T15690] EXT4-fs error (device loop8): ext4_acquire_dquot:6986: comm syz.8.4888: Failed to acquire dquot type 1
[  199.851892][T15047] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  200.421718][T15727] netlink: 'syz.4.4906': attribute type 10 has an invalid length.
[  200.435495][T15727] veth1_vlan: left promiscuous mode
[  200.446690][T15727] batman_adv: batadv0: Adding interface: veth1_vlan
[  200.453321][T15727] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  200.500633][T15727] batman_adv: batadv0: Interface activated: veth1_vlan
[  201.088269][T15757] loop6: detected capacity change from 0 to 512
[  201.097936][T15757] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  201.120676][T15757] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=200ec018, mo2=0002]
[  201.140615][T15757] System zones: 1-12
[  201.155691][T15757] EXT4-fs (loop6): 1 truncate cleaned up
[  201.184436][T15757] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  201.296520][T14282] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  201.474606][T15772] loop6: detected capacity change from 0 to 512
[  201.481686][T15772] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  201.496429][T15772] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  201.509209][T15772] ext4 filesystem being mounted at /114/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  201.561997][T14282] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  201.725316][T15785] loop4: detected capacity change from 0 to 2048
[  201.741338][T15785] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  201.761563][T15787] vhci_hcd vhci_hcd.3: default hub control req: 2312 v0002 i0000 l0
[  202.352089][T15812] netlink: zone id is out of range
[  202.357278][T15812] netlink: zone id is out of range
[  202.363706][T15812] netlink: zone id is out of range
[  202.368971][T15812] netlink: zone id is out of range
[  202.374174][T15812] netlink: zone id is out of range
[  202.379352][T15812] netlink: zone id is out of range
[  202.384504][T15812] netlink: zone id is out of range
[  202.389629][T15812] netlink: zone id is out of range
[  202.394774][T15812] netlink: zone id is out of range
[  202.435689][ T8231] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  202.466513][ T8231] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 2048 with error 28
[  202.479137][ T8231] EXT4-fs (loop4): This should not happen!! Data will be lost
[  202.479137][ T8231] 
[  202.488825][ T8231] EXT4-fs (loop4): Total free blocks count 0
[  202.494911][ T8231] EXT4-fs (loop4): Free/Dirty block details
[  202.500862][ T8231] EXT4-fs (loop4): free_blocks=2415919104
[  202.506611][ T8231] EXT4-fs (loop4): dirty_blocks=8208
[  202.512099][ T8231] EXT4-fs (loop4): Block reservation details
[  202.518250][ T8231] EXT4-fs (loop4): i_reserved_data_blocks=513
[  202.567410][T15825] loop8: detected capacity change from 0 to 512
[  202.569717][ T8231] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 2048 with error 28
[  202.597900][T15825] EXT4-fs error (device loop8): ext4_orphan_get:1417: comm syz.8.4947: bad orphan inode 11862016
[  202.610914][T15825] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  202.623593][T15825] ext4 filesystem being mounted at /66/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  202.679236][T15047] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  202.705351][T15835] loop4: detected capacity change from 0 to 512
[  202.724016][T15835] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  202.736804][T15835] ext4 filesystem being mounted at /1084/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  202.789869][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  202.951659][T15867] netlink: 'syz.8.4963': attribute type 1 has an invalid length.
[  203.009715][T15871] bridge: RTM_NEWNEIGH with invalid ether address
[  203.186948][T15891] SELinux: failed to load policy
[  203.278527][T15896] loop8: detected capacity change from 0 to 128
[  203.292630][T15896] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  203.321490][T15896] ext4 filesystem being mounted at /76/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  203.515514][T15047] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  203.758407][T15941] pim6reg1: entered promiscuous mode
[  203.763822][T15941] pim6reg1: entered allmulticast mode
[  203.950452][   T29] kauditd_printk_skb: 433 callbacks suppressed
[  203.950478][   T29] audit: type=1326 audit(1768088525.714:30056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15964 comm="syz.0.5008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe03d9ff749 code=0x7ffc0000
[  203.982695][   T29] audit: type=1326 audit(1768088525.751:30057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15964 comm="syz.0.5008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe03d9ff749 code=0x7ffc0000
[  204.006453][   T29] audit: type=1326 audit(1768088525.751:30058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15964 comm="syz.0.5008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe03d9ff749 code=0x7ffc0000
[  204.030590][   T29] audit: type=1326 audit(1768088525.751:30059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15964 comm="syz.0.5008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe03d9ff749 code=0x7ffc0000
[  204.054439][   T29] audit: type=1326 audit(1768088525.751:30060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15964 comm="syz.0.5008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe03d9ff749 code=0x7ffc0000
[  204.078231][   T29] audit: type=1326 audit(1768088525.751:30061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15964 comm="syz.0.5008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe03d9ff749 code=0x7ffc0000
[  204.101973][   T29] audit: type=1326 audit(1768088525.751:30062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15964 comm="syz.0.5008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe03d9ff749 code=0x7ffc0000
[  204.125566][   T29] audit: type=1326 audit(1768088525.751:30063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15964 comm="syz.0.5008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe03d9ff749 code=0x7ffc0000
[  204.149183][   T29] audit: type=1326 audit(1768088525.751:30064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15964 comm="syz.0.5008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe03d9ff749 code=0x7ffc0000
[  204.172972][   T29] audit: type=1326 audit(1768088525.751:30065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15964 comm="syz.0.5008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe03d9ff749 code=0x7ffc0000
[  204.214118][T15972] __nla_validate_parse: 12 callbacks suppressed
[  204.214154][T15972] netlink: 36 bytes leftover after parsing attributes in process `syz.3.5011'.
[  204.314228][T15986] netlink: 4 bytes leftover after parsing attributes in process `syz.8.5017'.
[  204.344141][T15986] netlink: 12 bytes leftover after parsing attributes in process `syz.8.5017'.
[  204.411207][T15992] netlink: 96 bytes leftover after parsing attributes in process `syz.8.5020'.
[  204.539340][T16007] netlink: 84 bytes leftover after parsing attributes in process `syz.8.5026'.
[  204.641902][T16016] tipc: Started in network mode
[  204.646998][T16016] tipc: Node identity ac14140f, cluster identity 4711
[  204.663016][T16016] tipc: New replicast peer: 255.255.255.255
[  204.669090][T16016] tipc: Enabled bearer <udp:syz2>, priority 10
[  204.677079][T16016] netlink: 12 bytes leftover after parsing attributes in process `LX[X'.
[  204.685646][T16016] tipc: Disabling bearer <udp:syz2>
[  204.694195][T16022] netlink: 24 bytes leftover after parsing attributes in process `syz.8.5034'.
[  204.729758][T16026] tipc: Started in network mode
[  204.734912][T16026] tipc: Node identity ac14140f, cluster identity 4711
[  204.743777][T16028] raw_sendmsg: syz.8.5037 forgot to set AF_INET. Fix it!
[  204.764568][T16026] tipc: New replicast peer: 255.255.255.255
[  204.770622][T16026] tipc: Enabled bearer <udp:syz2>, priority 10
[  204.779137][T16026] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5036'.
[  204.788152][T16026] tipc: Disabling bearer <udp:syz2>
[  204.914546][T16049] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5044'.
[  204.926718][T16050] netlink: 20 bytes leftover after parsing attributes in process `syz.3.5045'.
[  205.237380][T16035] net_ratelimit: 3 callbacks suppressed
[  205.237396][T16035] Set syz1 is full, maxelem 65536 reached
[  205.269319][T16071] netlink: 'syz.0.5057': attribute type 1 has an invalid length.
[  205.285759][T16071] 8021q: adding VLAN 0 to HW filter on device bond2
[  205.299234][T16071] bond2: entered promiscuous mode
[  205.304294][T16071] bond2: entered allmulticast mode
[  205.506503][T16104] tipc: New replicast peer: 255.255.255.255
[  205.512732][T16104] tipc: Enabled bearer <udp:syz2>, priority 10
[  205.530669][T16104] tipc: Disabling bearer <udp:syz2>
[  205.638228][T16118] ip6tnl1: entered promiscuous mode
[  205.695887][T16116] SELinux: failed to load policy
[  205.813761][T16124] netlink: 'syz.4.5081': attribute type 12 has an invalid length.
[  206.011126][T16126] Falling back ldisc for ptm0.
[  206.242132][T16110] Set syz1 is full, maxelem 65536 reached
[  206.440405][T16150] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  206.462697][T16150] tipc: Disabling bearer <udp:syz2>
[  206.579257][T16168] SELinux: failed to load policy
[  206.718327][T16189] xt_hashlimit: max too large, truncated to 1048576
[  206.921301][T16223] Invalid argument reading file caps for ./file0
[  207.457299][T16283] veth0_to_team: entered promiscuous mode
[  207.491767][T16289] netem: change failed
[  207.733750][T16322] syz.0.5169 (16322) used obsolete PPPIOCDETACH ioctl
[  207.817653][T16343] tipc: New replicast peer: 255.255.255.255
[  207.823747][T16343] tipc: Enabled bearer <udp:syz2>, priority 10
[  207.855488][T16343] tipc: Disabling bearer <udp:syz2>
[  207.867299][T16346] xt_hashlimit: max too large, truncated to 1048576
[  208.024132][T16351] pimreg: entered allmulticast mode
[  208.030337][T16351] pimreg: left allmulticast mode
[  208.170511][T16372] netem: change failed
[  208.260395][T16381] Invalid argument reading file caps for ./file0
[  208.296648][ T3398] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  208.304134][ T3398] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  208.311562][ T3398] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  208.319111][ T3398] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  208.326632][ T3398] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  208.334045][ T3398] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  208.341624][ T3398] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  208.349288][ T3398] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  208.356813][ T3398] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  208.364366][ T3398] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  208.368906][T16388] loop6: detected capacity change from 0 to 128
[  208.373524][ T3398] hid-generic 0000:0000:0000.000D: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  208.505163][ T8198] kworker/u8:26: attempt to access beyond end of device
[  208.505163][ T8198] loop6: rw=1, sector=145, nr_sectors = 8 limit=128
[  208.521017][ T8198] kworker/u8:26: attempt to access beyond end of device
[  208.521017][ T8198] loop6: rw=1, sector=161, nr_sectors = 8 limit=128
[  208.536461][ T8198] kworker/u8:26: attempt to access beyond end of device
[  208.536461][ T8198] loop6: rw=1, sector=177, nr_sectors = 8 limit=128
[  208.550223][ T8198] kworker/u8:26: attempt to access beyond end of device
[  208.550223][ T8198] loop6: rw=1, sector=193, nr_sectors = 8 limit=128
[  208.568609][T16403] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  208.573623][ T8198] kworker/u8:26: attempt to access beyond end of device
[  208.573623][ T8198] loop6: rw=1, sector=209, nr_sectors = 8 limit=128
[  208.577579][T16403] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  208.601602][ T8198] kworker/u8:26: attempt to access beyond end of device
[  208.601602][ T8198] loop6: rw=1, sector=225, nr_sectors = 8 limit=128
[  208.617320][ T8198] kworker/u8:26: attempt to access beyond end of device
[  208.617320][ T8198] loop6: rw=1, sector=241, nr_sectors = 8 limit=128
[  208.631336][ T8198] kworker/u8:26: attempt to access beyond end of device
[  208.631336][ T8198] loop6: rw=1, sector=257, nr_sectors = 8 limit=128
[  208.645005][ T8198] kworker/u8:26: attempt to access beyond end of device
[  208.645005][ T8198] loop6: rw=1, sector=273, nr_sectors = 8 limit=128
[  208.658859][ T8198] kworker/u8:26: attempt to access beyond end of device
[  208.658859][ T8198] loop6: rw=1, sector=289, nr_sectors = 8 limit=128
[  208.694142][T16412] loop6: detected capacity change from 0 to 1024
[  208.701114][T16412] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[  209.190282][T16440] smc: net device bond0 applied user defined pnetid SYZ0
[  209.208410][T16440] smc: net device bond0 erased user defined pnetid SYZ0
[  209.246959][T16448] netlink: 'syz.4.5222': attribute type 15 has an invalid length.
[  209.613131][T16485] __nla_validate_parse: 29 callbacks suppressed
[  209.613148][T16485] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5238'.
[  209.642685][T16485] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5238'.
[  209.731170][T16480] loop8: detected capacity change from 0 to 1024
[  209.747914][T16480] EXT4-fs: inline encryption not supported
[  209.753808][T16480] EXT4-fs: Ignoring removed orlov option
[  209.774673][T16480] EXT4-fs (loop8): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  209.815765][T16480] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  209.867688][T15047] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  209.977090][T16506] 9pnet: p9_errstr2errno: server reported unknown error 
[  210.138102][   T29] kauditd_printk_skb: 203 callbacks suppressed
[  210.138119][   T29] audit: type=1326 audit(1768088531.505:30269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16516 comm="syz.0.5248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe03d9ff749 code=0x7ffc0000
[  210.186044][   T29] audit: type=1326 audit(1768088531.505:30270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16516 comm="syz.0.5248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe03d9ff749 code=0x7ffc0000
[  210.209684][   T29] audit: type=1326 audit(1768088531.505:30271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16516 comm="syz.0.5248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe03d9ff749 code=0x7ffc0000
[  210.233391][   T29] audit: type=1326 audit(1768088531.505:30272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16516 comm="syz.0.5248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe03d9ff749 code=0x7ffc0000
[  210.257190][   T29] audit: type=1326 audit(1768088531.505:30273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16516 comm="syz.0.5248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe03d9ff749 code=0x7ffc0000
[  210.280940][   T29] audit: type=1326 audit(1768088531.505:30274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16516 comm="syz.0.5248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe03d9ff749 code=0x7ffc0000
[  210.304582][   T29] audit: type=1326 audit(1768088531.505:30275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16516 comm="syz.0.5248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe03d9ff749 code=0x7ffc0000
[  210.328293][   T29] audit: type=1326 audit(1768088531.505:30276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16516 comm="syz.0.5248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe03d9ff749 code=0x7ffc0000
[  210.345863][T16522] loop6: detected capacity change from 0 to 128
[  210.352453][   T29] audit: type=1326 audit(1768088531.505:30277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16516 comm="syz.0.5248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe03d9ff749 code=0x7ffc0000
[  210.381877][   T29] audit: type=1326 audit(1768088531.505:30278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16516 comm="syz.0.5248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe03d9ff749 code=0x7ffc0000
[  210.547037][T16540] loop6: detected capacity change from 0 to 2048
[  210.627596][T16540] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  210.686363][T16554] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=16554 comm=syz.0.5258
[  210.776833][ T8228] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  210.813136][ T8228] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 46 with error 28
[  210.825620][ T8228] EXT4-fs (loop6): This should not happen!! Data will be lost
[  210.825620][ T8228] 
[  210.835334][ T8228] EXT4-fs (loop6): Total free blocks count 0
[  210.841399][ T8228] EXT4-fs (loop6): Free/Dirty block details
[  210.847354][ T8228] EXT4-fs (loop6): free_blocks=2415919104
[  210.853252][ T8228] EXT4-fs (loop6): dirty_blocks=48
[  210.858407][ T8228] EXT4-fs (loop6): Block reservation details
[  210.864414][ T8228] EXT4-fs (loop6): i_reserved_data_blocks=3
[  210.899491][T16556] syz.6.5255 invoked oom-killer: gfp_mask=0x101cca(GFP_HIGHUSER_MOVABLE|__GFP_WRITE), order=0, oom_score_adj=1000
[  210.911664][T16556] CPU: 1 UID: 0 PID: 16556 Comm: syz.6.5255 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  210.911704][T16556] Tainted: [W]=WARN
[  210.911736][T16556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  210.911760][T16556] Call Trace:
[  210.911768][T16556]  <TASK>
[  210.911777][T16556]  __dump_stack+0x1d/0x30
[  210.911799][T16556]  dump_stack_lvl+0x95/0xd0
[  210.911860][T16556]  dump_stack+0x15/0x1b
[  210.911884][T16556]  dump_header+0x81/0x240
[  210.911909][T16556]  oom_kill_process+0x295/0x350
[  210.911934][T16556]  out_of_memory+0x97b/0xb80
[  210.912025][T16556]  try_charge_memcg+0x610/0xa10
[  210.912077][T16556]  charge_memcg+0x51/0xc0
[  210.912109][T16556]  __mem_cgroup_charge+0x28/0xb0
[  210.912212][T16556]  filemap_add_folio+0x111/0x360
[  210.912257][T16556]  __filemap_get_folio_mpol+0x326/0x650
[  210.912285][T16556]  ? mark_buffer_dirty+0xf8/0x210
[  210.912316][T16556]  ext4_da_write_begin+0x39a/0x6b0
[  210.912396][T16556]  generic_perform_write+0x184/0x490
[  210.912433][T16556]  ext4_buffered_write_iter+0x1ee/0x3c0
[  210.912471][T16556]  ? ext4_file_write_iter+0xfe/0xf60
[  210.912581][T16556]  ext4_file_write_iter+0x387/0xf60
[  210.912619][T16556]  ? __rcu_read_unlock+0x34/0x70
[  210.912645][T16556]  ? count_memcg_events+0x11f/0x200
[  210.912744][T16556]  ? avc_policy_seqno+0x15/0x30
[  210.912770][T16556]  ? selinux_file_permission+0x1e2/0x320
[  210.912805][T16556]  ? __pfx_ext4_file_write_iter+0x10/0x10
[  210.912833][T16556]  vfs_write+0x52a/0x960
[  210.912863][T16556]  ksys_write+0xda/0x1a0
[  210.912891][T16556]  __x64_sys_write+0x40/0x50
[  210.912908][T16556]  x64_sys_call+0x2847/0x3000
[  210.912930][T16556]  do_syscall_64+0xca/0x2b0
[  210.912968][T16556]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.913060][T16556] RIP: 0033:0x7f72f765f749
[  210.913076][T16556] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  210.913096][T16556] RSP: 002b:00007f72f60a6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  210.913183][T16556] RAX: ffffffffffffffda RBX: 00007f72f78b6090 RCX: 00007f72f765f749
[  210.913201][T16556] RDX: 000000000208e24b RSI: 0000200000000040 RDI: 0000000000000004
[  210.913217][T16556] RBP: 00007f72f76e3f91 R08: 0000000000000000 R09: 0000000000000000
[  210.913233][T16556] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  210.913277][T16556] R13: 00007f72f78b6128 R14: 00007f72f78b6090 R15: 00007ffec705f2d8
[  210.913364][T16556]  </TASK>
[  210.913373][T16556] memory: usage 307200kB, limit 307200kB, failcnt 552
[  210.974878][T16565] netlink: 96 bytes leftover after parsing attributes in process `syz.0.5262'.
[  210.977426][T16556] memory+swap: usage 308424kB, limit 9007199254740988kB, failcnt 0
[  211.183630][T16556] kmem: usage 293300kB, limit 9007199254740988kB, failcnt 0
[  211.191059][T16556] Memory cgroup stats for /syz6:
[  211.193185][ T8228] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 46 with max blocks 6 with error 28
[  211.221008][T16556] cache 135168
[  211.224671][T16556] rss 12288
[  211.227822][T16556] shmem 0
[  211.230781][T16556] mapped_file 0
[  211.234284][T16556] dirty 0
[  211.237306][T16556] writeback 0
[  211.240607][T16556] workingset_refault_anon 48
[  211.245255][T16556] workingset_refault_file 0
[  211.249764][T16556] swap 1236992
[  211.253209][T16556] swapcached 8192
[  211.256899][T16556] pgpgin 80070
[  211.260287][T16556] pgpgout 80033
[  211.263773][T16556] pgfault 67253
[  211.267256][T16556] pgmajfault 22
[  211.270728][T16556] inactive_anon 0
[  211.274499][T16556] active_anon 16384
[  211.278313][T16556] inactive_file 135168
[  211.282412][T16556] active_file 0
[  211.285924][T16556] unevictable 0
[  211.289421][T16556] hierarchical_memory_limit 314572800
[  211.294812][T16556] hierarchical_memsw_limit 9223372036854771712
[  211.301017][T16556] total_cache 135168
[  211.304921][T16556] total_rss 12288
[  211.308612][T16556] total_shmem 0
[  211.312146][T16556] total_mapped_file 0
[  211.316196][T16556] total_dirty 0
[  211.319706][T16556] total_writeback 0
[  211.323586][T16556] total_workingset_refault_anon 48
[  211.328733][T16556] total_workingset_refault_file 0
[  211.333768][T16556] total_swap 1236992
[  211.337700][T16556] total_swapcached 8192
[  211.341879][T16556] total_pgpgin 80070
[  211.345780][T16556] total_pgpgout 80033
[  211.349844][T16556] total_pgfault 67253
[  211.353828][T16556] total_pgmajfault 22
[  211.357837][T16556] total_inactive_anon 0
[  211.362226][T16556] total_active_anon 16384
[  211.366589][T16556] total_inactive_file 135168
[  211.371213][T16556] total_active_file 0
[  211.375269][T16556] total_unevictable 0
[  211.379264][T16556] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz6,task_memcg=/syz6,task=syz.6.5255,pid=16539,uid=0
[  211.394009][T16556] Memory cgroup out of memory: Killed process 16539 (syz.6.5255) total-vm:93968kB, anon-rss:1136kB, file-rss:22312kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  211.684495][T16588] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.767531][T16588] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.874587][T16588] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.952194][T16602] TCP: tcp_parse_options: Illegal window scaling value 254 > 14 received
[  211.962235][T16588] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.988322][T16604] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5278'.
[  212.000139][T16604] ip6gre1: entered allmulticast mode
[  212.052173][ T8231] netdevsim netdevsim8 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  212.065499][ T8231] netdevsim netdevsim8 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  212.081062][ T8231] netdevsim netdevsim8 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  212.089720][ T8231] netdevsim netdevsim8 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  212.158353][T16611] syzkaller1: entered promiscuous mode
[  212.163911][T16611] syzkaller1: entered allmulticast mode
[  212.438396][T16627] netlink: 'syz.4.5288': attribute type 7 has an invalid length.
[  212.446208][T16627] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5288'.
[  212.488747][T16635] syz_tun: entered allmulticast mode
[  212.498318][T16635] dvmrp8: entered allmulticast mode
[  212.506082][T16634] syz_tun: left allmulticast mode
[  213.370342][T16676] loop6: detected capacity change from 0 to 512
[  213.392155][T16676] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  213.441218][T14282] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  213.642981][T16702] netlink: 204 bytes leftover after parsing attributes in process `syz.6.5318'.
[  213.652126][T16702] netlink: 72 bytes leftover after parsing attributes in process `syz.6.5318'.
[  213.861808][T16710] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5322'.
[  214.057247][T16716] 9p: Bad value for 'rfdno'
[  214.070663][T16716] netlink: 24 bytes leftover after parsing attributes in process `syz.6.5326'.
[  214.294649][T16729] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5330'.
[  214.531517][T16749] loop4: detected capacity change from 0 to 1024
[  214.760749][T16757] dvmrp6: entered allmulticast mode
[  215.056488][T16769] loop6: detected capacity change from 0 to 1024
[  215.072363][T16769] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  215.101610][T16769] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4215: comm syz.6.5347: Allocating blocks 449-513 which overlap fs metadata
[  215.126235][T16768] EXT4-fs (loop6): pa ffff8881079f43f0: logic 48, phys. 177, len 21
[  215.134310][T16768] EXT4-fs error (device loop6): ext4_mb_release_inode_pa:5466: group 0, free 0, pa_free 4
[  215.156637][T14282] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  215.179960][T16779] __nla_validate_parse: 2 callbacks suppressed
[  215.179978][T16779] netlink: 96 bytes leftover after parsing attributes in process `syz.6.5351'.
[  215.372101][T16788] netlink: 'syz.3.5356': attribute type 7 has an invalid length.
[  215.380134][T16788] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5356'.
[  215.543977][T16806] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5362'.
[  215.562045][T16806] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  215.569496][T16806] batman_adv: batadv0: Removing interface: batadv_slave_0
[  215.577430][T16806] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  215.585051][T16806] batman_adv: batadv0: Removing interface: batadv_slave_1
[  215.715255][T16820] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5368'.
[  215.887880][T16831] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5373'.
[  215.900004][ T8236] netdevsim netdevsim6 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  215.938486][ T8236] netdevsim netdevsim6 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  216.001547][ T8236] netdevsim netdevsim6 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  216.065445][ T8236] netdevsim netdevsim6 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  216.184224][ T8236] bridge_slave_1: left allmulticast mode
[  216.189991][ T8236] bridge_slave_1: left promiscuous mode
[  216.195820][ T8236] bridge0: port 2(bridge_slave_1) entered disabled state
[  216.224851][ T8236] bridge_slave_0: left allmulticast mode
[  216.230539][ T8236] bridge_slave_0: left promiscuous mode
[  216.236362][ T8236] bridge0: port 1(bridge_slave_0) entered disabled state
[  216.261832][T16855] SELinux: failed to load policy
[  216.494091][ T8236] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  216.513580][ T8236] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  216.534467][ T8236] bond0 (unregistering): Released all slaves
[  216.543783][ T8236] bond1 (unregistering): Released all slaves
[  216.625665][ T8236] tipc: Left network mode
[  216.685782][T16841] chnl_net:caif_netlink_parms(): no params data found
[  216.725623][ T8236] hsr_slave_0: left promiscuous mode
[  216.744430][ T8236] hsr_slave_1: left promiscuous mode
[  216.750359][ T8236] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  216.757764][ T8236] batman_adv: batadv0: Removing interface: batadv_slave_0
[  216.776420][ T8236] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  216.783872][ T8236] batman_adv: batadv0: Removing interface: batadv_slave_1
[  216.799889][ T8236] veth1_macvtap: left promiscuous mode
[  216.805485][ T8236] veth0_macvtap: left promiscuous mode
[  216.811145][ T8236] veth1_vlan: left promiscuous mode
[  216.816567][ T8236] veth0_vlan: left promiscuous mode
[  216.963184][T16841] bridge0: port 1(bridge_slave_0) entered blocking state
[  216.970268][T16841] bridge0: port 1(bridge_slave_0) entered disabled state
[  216.977600][T16841] bridge_slave_0: entered allmulticast mode
[  216.984190][T16841] bridge_slave_0: entered promiscuous mode
[  216.990942][T16841] bridge0: port 2(bridge_slave_1) entered blocking state
[  216.998091][T16841] bridge0: port 2(bridge_slave_1) entered disabled state
[  217.005816][T16841] bridge_slave_1: entered allmulticast mode
[  217.012341][T16841] bridge_slave_1: entered promiscuous mode
[  217.035545][T16841] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  217.046141][T16841] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  217.066483][T16841] team0: Port device team_slave_0 added
[  217.073154][T16841] team0: Port device team_slave_1 added
[  217.100509][T16841] batman_adv: batadv0: Adding interface: batadv_slave_0
[  217.107520][T16841] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  217.133652][T16841] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  217.147192][T16841] batman_adv: batadv0: Adding interface: batadv_slave_1
[  217.154324][T16841] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  217.180615][T16841] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  217.219585][T16841] hsr_slave_0: entered promiscuous mode
[  217.225902][T16841] hsr_slave_1: entered promiscuous mode
[  217.232045][T16841] debugfs: 'hsr0' already exists in 'hsr'
[  217.237796][T16841] Cannot create hsr debugfs directory
[  217.326105][T16841] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  217.335293][T16841] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  217.344647][T16841] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  217.354095][T16841] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  217.371971][T16841] bridge0: port 2(bridge_slave_1) entered blocking state
[  217.379100][T16841] bridge0: port 2(bridge_slave_1) entered forwarding state
[  217.386502][T16841] bridge0: port 1(bridge_slave_0) entered blocking state
[  217.393589][T16841] bridge0: port 1(bridge_slave_0) entered forwarding state
[  217.424928][T16841] 8021q: adding VLAN 0 to HW filter on device bond0
[  217.445165][ T8236] bridge0: port 1(bridge_slave_0) entered disabled state
[  217.453397][ T8236] bridge0: port 2(bridge_slave_1) entered disabled state
[  217.481291][T16841] 8021q: adding VLAN 0 to HW filter on device team0
[  217.498727][ T8236] bridge0: port 1(bridge_slave_0) entered blocking state
[  217.505904][ T8236] bridge0: port 1(bridge_slave_0) entered forwarding state
[  217.532741][  T321] bridge0: port 2(bridge_slave_1) entered blocking state
[  217.539849][  T321] bridge0: port 2(bridge_slave_1) entered forwarding state
[  217.675164][T16841] 8021q: adding VLAN 0 to HW filter on device batadv0
[  217.709029][T16925] netlink: 12 bytes leftover after parsing attributes in process `syz.8.5403'.
[  217.733136][T16925] vlan3: entered promiscuous mode
[  217.738296][T16925] syz_tun: entered promiscuous mode
[  217.897807][T16841] veth0_vlan: entered promiscuous mode
[  217.906613][T16841] veth1_vlan: entered promiscuous mode
[  217.925215][T16841] veth0_macvtap: entered promiscuous mode
[  217.933092][T16841] veth1_macvtap: entered promiscuous mode
[  217.939042][T16942] loop8: detected capacity change from 0 to 8192
[  217.954041][T16841] batman_adv: batadv0: Interface activated: batadv_slave_0
[  217.977072][T16841] batman_adv: batadv0: Interface activated: batadv_slave_1
[  218.009072][ T8228] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  218.040749][ T8228] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  218.056028][T16950] loop8: detected capacity change from 0 to 128
[  218.057918][ T8228] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  218.078782][ T8228] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  218.206679][T16950] bio_check_eod: 102 callbacks suppressed
[  218.206697][T16950] syz.8.5409: attempt to access beyond end of device
[  218.206697][T16950] loop8: rw=2049, sector=169, nr_sectors = 8 limit=128
[  218.229074][T16950] syz.8.5409: attempt to access beyond end of device
[  218.229074][T16950] loop8: rw=2049, sector=185, nr_sectors = 16 limit=128
[  218.242855][T16950] syz.8.5409: attempt to access beyond end of device
[  218.242855][T16950] loop8: rw=2049, sector=209, nr_sectors = 8 limit=128
[  218.256898][T16950] syz.8.5409: attempt to access beyond end of device
[  218.256898][T16950] loop8: rw=2049, sector=225, nr_sectors = 8 limit=128
[  218.258491][T16964] netlink: 4 bytes leftover after parsing attributes in process `syz.9.5414'.
[  218.270792][T16950] syz.8.5409: attempt to access beyond end of device
[  218.270792][T16950] loop8: rw=2049, sector=241, nr_sectors = 8 limit=128
[  218.301549][T16967] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5413'.
[  218.311221][T16950] syz.8.5409: attempt to access beyond end of device
[  218.311221][T16950] loop8: rw=2049, sector=257, nr_sectors = 8 limit=128
[  218.325431][T16950] syz.8.5409: attempt to access beyond end of device
[  218.325431][T16950] loop8: rw=2049, sector=273, nr_sectors = 8 limit=128
[  218.325458][T16964] hsr_slave_0: left promiscuous mode
[  218.339542][T16950] syz.8.5409: attempt to access beyond end of device
[  218.339542][T16950] loop8: rw=2049, sector=289, nr_sectors = 8 limit=128
[  218.358061][T16950] syz.8.5409: attempt to access beyond end of device
[  218.358061][T16950] loop8: rw=2049, sector=305, nr_sectors = 8 limit=128
[  218.375826][T16950] syz.8.5409: attempt to access beyond end of device
[  218.375826][T16950] loop8: rw=2049, sector=321, nr_sectors = 8 limit=128
[  218.389424][T16964] hsr_slave_1: left promiscuous mode
[  218.416070][T16972] netlink: 3704 bytes leftover after parsing attributes in process `syz.0.5416'.
[  218.610225][T16984] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  218.617828][T16983] tipc: Resetting bearer <eth:syzkaller0>
[  218.644172][T16983] tipc: Disabling bearer <eth:syzkaller0>
[  218.735329][   T29] kauditd_printk_skb: 295 callbacks suppressed
[  218.735346][   T29] audit: type=1326 audit(209.064:30574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16987 comm="syz.0.5423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe03d9ff749 code=0x7ffc0000
[  218.764980][   T29] audit: type=1326 audit(209.064:30575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16987 comm="syz.0.5423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe03d9fdf90 code=0x7ffc0000
[  218.788350][   T29] audit: type=1326 audit(209.092:30576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16987 comm="syz.0.5423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe03d9ff749 code=0x7ffc0000
[  218.811454][   T29] audit: type=1326 audit(209.092:30577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16987 comm="syz.0.5423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fe03d9ff749 code=0x7ffc0000
[  218.834404][   T29] audit: type=1326 audit(209.092:30578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16987 comm="syz.0.5423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe03d9ff749 code=0x7ffc0000
[  218.857647][   T29] audit: type=1326 audit(209.092:30579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16987 comm="syz.0.5423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe03d9ff749 code=0x7ffc0000
[  218.992073][T17007] loop8: detected capacity change from 0 to 512
[  219.024750][T17012] 9p: Bad value for 'rfdno'
[  219.033089][   T29] audit: type=1326 audit(209.345:30580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17010 comm="syz.3.5433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8355ef749 code=0x7ffc0000
[  219.056409][   T29] audit: type=1326 audit(209.345:30581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17010 comm="syz.3.5433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7ff8355ef749 code=0x7ffc0000
[  219.079539][   T29] audit: type=1326 audit(209.345:30582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17010 comm="syz.3.5433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8355ef749 code=0x7ffc0000
[  219.083293][T17007] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  219.102578][   T29] audit: type=1326 audit(209.345:30583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17010 comm="syz.3.5433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7ff8355ef749 code=0x7ffc0000
[  219.153991][T17007] EXT4-fs error (device loop8): ext4_do_update_inode:5617: inode #2: comm syz.8.5430: corrupted inode contents
[  219.166089][T17007] EXT4-fs error (device loop8): ext4_dirty_inode:6502: inode #2: comm syz.8.5430: mark_inode_dirty error
[  219.177835][T17007] EXT4-fs error (device loop8): ext4_do_update_inode:5617: inode #2: comm syz.8.5430: corrupted inode contents
[  219.190073][T17007] EXT4-fs error (device loop8): __ext4_ext_dirty:206: inode #2: comm syz.8.5430: mark_inode_dirty error
[  219.216231][T15047] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  219.239786][T17022] 9p: Bad value for 'rfdno'
[  219.248310][T17020] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  219.256019][T17022] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5438'.
[  219.256761][T17020] vhci_hcd vhci_hcd.2: invalid port number 96
[  219.271469][T17020] vhci_hcd vhci_hcd.2: default hub control req: 0300 vfffa i0060 l0
[  219.662487][T17037] syz.0.5445 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  219.673667][T17037] CPU: 0 UID: 0 PID: 17037 Comm: syz.0.5445 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  219.673756][T17037] Tainted: [W]=WARN
[  219.673762][T17037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  219.673776][T17037] Call Trace:
[  219.673782][T17037]  <TASK>
[  219.673791][T17037]  __dump_stack+0x1d/0x30
[  219.673878][T17037]  dump_stack_lvl+0x95/0xd0
[  219.673916][T17037]  dump_stack+0x15/0x1b
[  219.673940][T17037]  dump_header+0x81/0x240
[  219.673960][T17037]  oom_kill_process+0x295/0x350
[  219.674034][T17037]  out_of_memory+0x97b/0xb80
[  219.674080][T17037]  try_charge_memcg+0x610/0xa10
[  219.674124][T17037]  charge_memcg+0x51/0xc0
[  219.674161][T17037]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  219.674204][T17037]  __read_swap_cache_async+0x17b/0x2d0
[  219.674315][T17037]  swap_cluster_readahead+0x362/0x3c0
[  219.674360][T17037]  swapin_readahead+0xde/0x820
[  219.674439][T17037]  ? mod_memcg_lruvec_state+0x1a1/0x280
[  219.674469][T17037]  ? __rcu_read_unlock+0x34/0x70
[  219.674511][T17037]  ? __rcu_read_unlock+0x4f/0x70
[  219.674536][T17037]  ? swap_cache_get_folio+0x277/0x280
[  219.674624][T17037]  do_swap_page+0x2b4/0x21e0
[  219.674670][T17037]  ? __pfx_default_wake_function+0x10/0x10
[  219.674790][T17037]  handle_mm_fault+0x9d8/0x2c60
[  219.674844][T17037]  do_user_addr_fault+0x630/0x1080
[  219.674937][T17037]  exc_page_fault+0x62/0xa0
[  219.675048][T17037]  asm_exc_page_fault+0x26/0x30
[  219.675091][T17037] RIP: 0033:0x7fe03d8c2641
[  219.675108][T17037] Code: eb 98 48 8b 54 24 08 48 8d 35 75 21 1c 00 48 8d 3d 78 21 1c 00 31 c0 e8 9d c7 ff ff 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 53 <48> 8b 1d 58 57 39 00 45 31 d2 31 c9 48 8b 17 45 31 db 4c 8d 83 00
[  219.675214][T17037] RSP: 002b:00007ffee2552ed0 EFLAGS: 00010206
[  219.675238][T17037] RAX: 0000000000000006 RBX: 00007ffee2552fa8 RCX: fffffffffffffff9
[  219.675254][T17037] RDX: 0000000000000006 RSI: 000000000000000c RDI: 00007ffee2552fa8
[  219.675270][T17037] RBP: 00007ffee2553070 R08: 0000001b32e20000 R09: 000000000000000c
[  219.675282][T17037] R10: 0000000000000000 R11: 0000000000000000 R12: 00007fe03dc5609c
[  219.675296][T17037] R13: 00007ffee25530a0 R14: 0000000000001067 R15: 0000000000000006
[  219.675388][T17037]  </TASK>
[  219.675396][T17037] memory: usage 307200kB, limit 307200kB, failcnt 1388
[  219.896146][T17037] memory+swap: usage 285224kB, limit 9007199254740988kB, failcnt 0
[  219.904148][T17037] kmem: usage 281780kB, limit 9007199254740988kB, failcnt 0
[  219.911530][T17037] Memory cgroup stats for /syz0:
[  220.197454][T17037] cache 16965632
[  220.206023][T17037] rss 4096
[  220.209070][T17037] shmem 16441344
[  220.212664][T17037] mapped_file 65536
[  220.216532][T17037] dirty 0
[  220.219546][T17037] writeback 0
[  220.222915][T17037] workingset_refault_anon 96
[  220.227510][T17037] workingset_refault_file 615
[  220.232274][T17037] swap 921600
[  220.235591][T17037] swapcached 16384
[  220.239392][T17037] pgpgin 256908
[  220.242891][T17037] pgpgout 252761
[  220.246615][T17037] pgfault 280604
[  220.250184][T17037] pgmajfault 62
[  220.253706][T17037] inactive_anon 0
[  220.257411][T17037] active_anon 16359424
[  220.261504][T17037] inactive_file 0
[  220.265194][T17037] active_file 528384
[  220.269091][T17037] unevictable 0
[  220.272666][T17037] hierarchical_memory_limit 314572800
[  220.278079][T17037] hierarchical_memsw_limit 9223372036854771712
[  220.284331][T17037] total_cache 16965632
[  220.288455][T17037] total_rss 4096
[  220.292050][T17037] total_shmem 16441344
[  220.296140][T17037] total_mapped_file 65536
[  220.300528][T17037] total_dirty 0
[  220.304037][T17037] total_writeback 0
[  220.307881][T17037] total_workingset_refault_anon 96
[  220.313007][T17037] total_workingset_refault_file 615
[  220.318237][T17037] total_swap 921600
[  220.322049][T17037] total_swapcached 16384
[  220.326311][T17037] total_pgpgin 256908
[  220.330412][T17037] total_pgpgout 252761
[  220.334504][T17037] total_pgfault 280604
[  220.338665][T17037] total_pgmajfault 62
[  220.342679][T17037] total_inactive_anon 0
[  220.346879][T17037] total_active_anon 16359424
[  220.351483][T17037] total_inactive_file 0
[  220.355637][T17037] total_active_file 528384
[  220.360073][T17037] total_unevictable 0
[  220.364098][T17037] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.5445,pid=17037,uid=0
[  220.378809][T17037] Memory cgroup out of memory: Killed process 17037 (syz.0.5445) total-vm:93968kB, anon-rss:1264kB, file-rss:22184kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000
[  220.402323][T17054] netlink: 'syz.9.5452': attribute type 4 has an invalid length.
[  220.489419][T17054] .`: renamed from bond0 (while UP)
[  220.543006][T17062] loop4: detected capacity change from 0 to 1024
[  220.566775][ T8198] netdevsim netdevsim8 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  220.593590][T17062] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  220.629093][T17064] __nla_validate_parse: 3 callbacks suppressed
[  220.629110][T17064] netlink: 16402 bytes leftover after parsing attributes in process `syz.9.5457'.
[  220.714710][ T8198] netdevsim netdevsim8 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  220.729326][T17077] loop9: detected capacity change from 0 to 1024
[  220.761301][T17077] EXT4-fs: inline encryption not supported
[  220.771846][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  220.795954][T17077] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  220.852192][ T8198] netdevsim netdevsim8 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  220.908490][ T8198] netdevsim netdevsim8 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  220.949439][T16841] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.101996][ T8198] bridge_slave_1: left allmulticast mode
[  221.107786][ T8198] bridge_slave_1: left promiscuous mode
[  221.113560][ T8198] bridge0: port 2(bridge_slave_1) entered disabled state
[  221.142951][ T8198] bridge_slave_0: left allmulticast mode
[  221.148720][ T8198] bridge_slave_0: left promiscuous mode
[  221.154510][ T8198] bridge0: port 1(bridge_slave_0) entered disabled state
[  221.237685][T17104] loop9: detected capacity change from 0 to 1024
[  221.244980][T17104] EXT4-fs (loop9): stripe (4) is not aligned with cluster size (4096), stripe is disabled
[  221.277631][T17104] EXT4-fs error (device loop9): ext4_map_blocks:783: inode #3: block 2: comm syz.9.5470: lblock 2 mapped to illegal pblock 2 (length 1)
[  221.292099][T17104] EXT4-fs error (device loop9): ext4_map_blocks:783: inode #3: block 48: comm syz.9.5470: lblock 0 mapped to illegal pblock 48 (length 1)
[  221.307482][T17104] EXT4-fs error (device loop9): ext4_acquire_dquot:6986: comm syz.9.5470: Failed to acquire dquot type 0
[  221.319279][T17104] EXT4-fs error (device loop9) in ext4_reserve_inode_write:6298: Corrupt filesystem
[  221.328834][T17104] EXT4-fs error (device loop9): ext4_evict_inode:253: inode #11: comm syz.9.5470: mark_inode_dirty error
[  221.340474][T17104] EXT4-fs warning (device loop9): ext4_evict_inode:256: couldn't mark inode dirty (err -117)
[  221.350742][T17104] EXT4-fs (loop9): 1 orphan inode deleted
[  221.366341][T17104] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  221.366793][ T8219] EXT4-fs error (device loop9): ext4_map_blocks:783: inode #3: block 1: comm kworker/u8:43: lblock 1 mapped to illegal pblock 1 (length 1)
[  221.393362][ T8219] EXT4-fs error (device loop9): ext4_release_dquot:7022: comm kworker/u8:43: Failed to release dquot type 0
[  221.457104][T16841] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.472841][T16841] EXT4-fs error (device loop9): __ext4_get_inode_loc:4830: comm syz-executor: Invalid inode table block 1 in block_group 0
[  221.488542][T16841] EXT4-fs error (device loop9) in ext4_reserve_inode_write:6298: Corrupt filesystem
[  221.506311][T16841] EXT4-fs error (device loop9): ext4_quota_off:7270: inode #3: comm syz-executor: mark_inode_dirty error
[  221.593418][ T8198] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  221.605231][ T8198] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  221.622958][ T8198] bond0 (unregistering): Released all slaves
[  221.643563][T17123] loop4: detected capacity change from 0 to 2048
[  221.687181][T17123]  loop4: p1 < > p4
[  221.697949][T17123] loop4: p4 size 722688 extends beyond EOD, truncated
[  221.744070][ T8198] hsr_slave_0: left promiscuous mode
[  221.751959][ T8198] hsr_slave_1: left promiscuous mode
[  221.757776][ T8198] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  221.765301][ T8198] batman_adv: batadv0: Removing interface: batadv_slave_0
[  221.786776][T17131] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[  221.828576][ T8198] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  221.835999][ T8198] batman_adv: batadv0: Removing interface: batadv_slave_1
[  221.875103][ T8198] veth1_macvtap: left promiscuous mode
[  221.882456][ T8198] veth0_macvtap: left promiscuous mode
[  221.888806][ T8198] veth1_vlan: left promiscuous mode
[  221.894608][ T8198] veth0_vlan: left promiscuous mode
[  221.980433][ T8198] team0 (unregistering): Port device team_slave_1 removed
[  221.992004][ T8198] team0 (unregistering): Port device team_slave_0 removed
[  222.107041][T17072] chnl_net:caif_netlink_parms(): no params data found
[  222.198819][T17072] bridge0: port 1(bridge_slave_0) entered blocking state
[  222.205966][T17072] bridge0: port 1(bridge_slave_0) entered disabled state
[  222.213569][T17072] bridge_slave_0: entered allmulticast mode
[  222.220011][T17072] bridge_slave_0: entered promiscuous mode
[  222.227250][T17072] bridge0: port 2(bridge_slave_1) entered blocking state
[  222.234480][T17072] bridge0: port 2(bridge_slave_1) entered disabled state
[  222.241919][T17072] bridge_slave_1: entered allmulticast mode
[  222.248749][T17072] bridge_slave_1: entered promiscuous mode
[  222.278833][T17072] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  222.299136][T17072] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  222.340242][T17072] team0: Port device team_slave_0 added
[  222.356119][T17198] loop4: detected capacity change from 0 to 1024
[  222.359536][T17072] team0: Port device team_slave_1 added
[  222.388251][T17198] EXT4-fs: Ignoring removed orlov option
[  222.397499][T17072] batman_adv: batadv0: Adding interface: batadv_slave_0
[  222.404571][T17072] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  222.430722][T17072] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  222.446901][T17198] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  222.473219][T17072] batman_adv: batadv0: Adding interface: batadv_slave_1
[  222.480274][T17072] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  222.506262][T17072] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  222.579877][T17072] hsr_slave_0: entered promiscuous mode
[  222.587223][T17072] hsr_slave_1: entered promiscuous mode
[  222.593593][T17072] debugfs: 'hsr0' already exists in 'hsr'
[  222.599400][T17072] Cannot create hsr debugfs directory
[  222.773019][T17224] loop9: detected capacity change from 0 to 1024
[  222.779926][T17224] EXT4-fs: inline encryption not supported
[  222.790502][T17224] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  222.822779][T17224] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:4215: comm syz.9.5505: Allocating blocks 385-513 which overlap fs metadata
[  222.837952][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.849752][T17224] EXT4-fs (loop9): pa ffff888107ae17e0: logic 16, phys. 129, len 24
[  222.857948][T17224] EXT4-fs error (device loop9): ext4_mb_release_inode_pa:5466: group 0, free 0, pa_free 8
[  222.871178][T17224] EXT4-fs (loop9): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 52 with error 28
[  222.883693][T17224] EXT4-fs (loop9): This should not happen!! Data will be lost
[  222.883693][T17224] 
[  222.893409][T17224] EXT4-fs (loop9): Total free blocks count 0
[  222.899474][T17224] EXT4-fs (loop9): Free/Dirty block details
[  222.905429][T17224] EXT4-fs (loop9): free_blocks=128
[  222.910585][T17224] EXT4-fs (loop9): dirty_blocks=0
[  222.915687][T17224] EXT4-fs (loop9): Block reservation details
[  222.921759][T17224] EXT4-fs (loop9): i_reserved_data_blocks=0
[  223.029239][T17072] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  223.055761][T17234] SELinux: ebitmap: truncated map
[  223.057187][T17072] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  223.063329][T17234] SELinux: failed to load policy
[  223.095546][T17072] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  223.135619][T17072] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  223.229923][T17072] 8021q: adding VLAN 0 to HW filter on device bond0
[  223.243092][T17230] loop4: detected capacity change from 0 to 1024
[  223.259923][T17072] 8021q: adding VLAN 0 to HW filter on device team0
[  223.272553][  T399] bridge0: port 1(bridge_slave_0) entered blocking state
[  223.279677][  T399] bridge0: port 1(bridge_slave_0) entered forwarding state
[  223.298940][  T399] bridge0: port 2(bridge_slave_1) entered blocking state
[  223.306128][  T399] bridge0: port 2(bridge_slave_1) entered forwarding state
[  223.351517][T17230] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: none.
[  223.407390][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-001000000000.
[  223.432921][T17072] 8021q: adding VLAN 0 to HW filter on device batadv0
[  223.554722][T17072] veth0_vlan: entered promiscuous mode
[  223.576129][T17072] veth1_vlan: entered promiscuous mode
[  223.612235][T17072] veth0_macvtap: entered promiscuous mode
[  223.620973][T17072] veth1_macvtap: entered promiscuous mode
[  223.648568][T17072] batman_adv: batadv0: Interface activated: batadv_slave_0
[  223.670619][T17072] batman_adv: batadv0: Interface activated: batadv_slave_1
[  223.680892][T17282] loop4: detected capacity change from 0 to 7
[  223.705938][ T8236] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  223.721210][ T8236] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  223.741359][ T8198] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  223.753703][ T8198] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  223.775375][T17291] xt_hashlimit: size too large, truncated to 1048576
[  223.907538][T17295] serio: Serial port ptm0
[  224.115487][T17289] netlink: 'syz.9.5525': attribute type 13 has an invalid length.
[  224.130493][T17295] serio: Serial port ptm0
[  224.182654][T17289] bridge0: port 2(bridge_slave_1) entered disabled state
[  224.189955][T17289] bridge0: port 1(bridge_slave_0) entered disabled state
[  224.282369][   T29] kauditd_printk_skb: 613 callbacks suppressed
[  224.282386][   T29] audit: type=1326 audit(214.256:31194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17318 comm="syz.3.5536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8355ef749 code=0x7ffc0000
[  224.312325][T17289] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  224.344182][   T29] audit: type=1326 audit(214.293:31195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17318 comm="syz.3.5536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8355ef749 code=0x7ffc0000
[  224.367268][   T29] audit: type=1326 audit(214.293:31196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17318 comm="syz.3.5536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7ff8355ef749 code=0x7ffc0000
[  224.372323][T17289] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  224.390250][   T29] audit: type=1326 audit(214.293:31197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17318 comm="syz.3.5536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8355ef749 code=0x7ffc0000
[  224.420611][   T29] audit: type=1326 audit(214.293:31198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17318 comm="syz.3.5536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff8355ef749 code=0x7ffc0000
[  224.443720][   T29] audit: type=1326 audit(214.293:31199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17318 comm="syz.3.5536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8355ef749 code=0x7ffc0000
[  224.466798][   T29] audit: type=1326 audit(214.293:31200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17318 comm="syz.3.5536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff8355ef749 code=0x7ffc0000
[  224.489709][   T29] audit: type=1326 audit(214.293:31201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17318 comm="syz.3.5536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8355ef749 code=0x7ffc0000
[  224.512746][   T29] audit: type=1326 audit(214.293:31202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17318 comm="syz.3.5536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff8355edf90 code=0x7ffc0000
[  224.535757][   T29] audit: type=1326 audit(214.293:31203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17318 comm="syz.3.5536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8355ef749 code=0x7ffc0000
[  224.710913][ T8236] netdevsim netdevsim9 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  224.724083][ T8236] netdevsim netdevsim9 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  224.733047][ T8236] netdevsim netdevsim9 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  224.742361][ T8236] netdevsim netdevsim9 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  224.806940][ T8231] Bluetooth: hci0: Frame reassembly failed (-84)
[  224.993680][T17368] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  225.002600][T17367] netlink: 96 bytes leftover after parsing attributes in process `syz.3.5558'.
[  225.695313][T17421] netlink: 14593 bytes leftover after parsing attributes in process `syz.3.5584'.
[  226.020033][T17432] syzkaller0: entered promiscuous mode
[  226.025577][T17432] syzkaller0: entered allmulticast mode
[  226.296716][T17435] netlink: 168 bytes leftover after parsing attributes in process `syz.9.5590'.
[  226.585323][T17457] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5600'.
[  226.594442][T17457] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5600'.
[  226.999819][ T3558] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  227.002982][   T44] Bluetooth: hci0: command 0x1003 tx timeout
[  227.159643][T17479] netlink: 14 bytes leftover after parsing attributes in process `syz.3.5610'.
[  227.170289][T17479] hsr_slave_0: left promiscuous mode
[  227.176203][T17479] hsr_slave_1: left promiscuous mode
[  227.208821][ T8231] Bluetooth: hci0: Frame reassembly failed (-84)
[  227.580428][T17515] netlink: 'syz.3.5626': attribute type 3 has an invalid length.
[  227.598360][T17517] netlink: 'syz.0.5627': attribute type 4 has an invalid length.
[  227.626341][  T399] Bluetooth: hci1: Frame reassembly failed (-84)
[  228.392904][T17559] syzkaller0: entered promiscuous mode
[  228.398410][T17559] syzkaller0: entered allmulticast mode
[  228.490991][T17561] serio: Serial port ptm1
[  228.661912][T17561] serio: Serial port ptm1
[  228.901950][T17577] netlink: 40 bytes leftover after parsing attributes in process `syz.3.5654'.
[  228.912554][T17577] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=17577 comm=syz.3.5654
[  229.093394][T17590] bridge0: port 2(bridge_slave_1) entered disabled state
[  229.100766][T17590] bridge0: port 1(bridge_slave_0) entered disabled state
[  229.181807][T17590] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  229.206996][T17590] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  229.317522][ T8236] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  229.336951][ T8236] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  229.346074][ T8236] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  229.355062][ T8236] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  229.394531][ T4985] Bluetooth: hci0: command 0x1003 tx timeout
[  229.400651][ T3558] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  229.579305][T17632] netlink: 'syz.1.5667': attribute type 13 has an invalid length.
[  229.598213][T17634] netlink: 4 bytes leftover after parsing attributes in process `syz.9.5672'.
[  229.639745][   T29] kauditd_printk_skb: 627 callbacks suppressed
[  229.639763][   T29] audit: type=1326 audit(219.260:31831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17638 comm="syz.3.5675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8355ef749 code=0x7ffc0000
[  229.669033][   T29] audit: type=1326 audit(219.260:31832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17638 comm="syz.3.5675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8355ef749 code=0x7ffc0000
[  229.692151][   T29] audit: type=1326 audit(219.260:31833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17638 comm="syz.3.5675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff8355ef749 code=0x7ffc0000
[  229.715163][   T29] audit: type=1400 audit(219.260:31834): avc:  denied  { map_create } for  pid=17638 comm="syz.3.5675" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  229.734059][   T29] audit: type=1326 audit(219.260:31835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17638 comm="syz.3.5675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8355ef749 code=0x7ffc0000
[  229.757052][   T29] audit: type=1326 audit(219.260:31836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17638 comm="syz.3.5675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8355ef749 code=0x7ffc0000
[  229.780436][   T29] audit: type=1326 audit(219.260:31837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17638 comm="syz.3.5675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff8355ef749 code=0x7ffc0000
[  229.803716][   T29] audit: type=1326 audit(219.260:31838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17638 comm="syz.3.5675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8355ef749 code=0x7ffc0000
[  229.822224][   T44] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  229.826955][   T29] audit: type=1326 audit(219.260:31839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17638 comm="syz.3.5675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8355ef749 code=0x7ffc0000
[  229.983451][   T29] audit: type=1326 audit(219.260:31840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17638 comm="syz.3.5675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff8355ef749 code=0x7ffc0000
[  230.085802][T17665] netlink: 'syz.0.5686': attribute type 1 has an invalid length.
[  230.109565][T17665] 8021q: adding VLAN 0 to HW filter on device bond3
[  230.137859][T17665] macvlan0: entered promiscuous mode
[  230.143311][T17665] macvlan0: entered allmulticast mode
[  230.169217][T17671] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5687'.
[  230.966010][T17678] ==================================================================
[  230.974159][T17678] BUG: KCSAN: data-race in atime_needs_update / inode_update_timestamps
[  230.982514][T17678] 
[  230.984849][T17678] write to 0xffff88819aa71b1c of 4 bytes by task 17677 on cpu 0:
[  230.992584][T17678]  inode_update_timestamps+0x147/0x270
[  230.998088][T17678]  file_update_time_flags+0x26c/0x310
[  231.003478][T17678]  file_update_time+0x17/0x20
[  231.008175][T17678]  shmem_file_write_iter+0x9c/0xf0
[  231.013313][T17678]  iter_file_splice_write+0x66b/0xa20
[  231.018697][T17678]  direct_splice_actor+0x156/0x2a0
[  231.023818][T17678]  splice_direct_to_actor+0x312/0x680
[  231.029204][T17678]  do_splice_direct+0xda/0x150
[  231.033988][T17678]  do_sendfile+0x380/0x650
[  231.038435][T17678]  __x64_sys_sendfile64+0x105/0x150
[  231.043649][T17678]  x64_sys_call+0x2db1/0x3000
[  231.048352][T17678]  do_syscall_64+0xca/0x2b0
[  231.052882][T17678]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  231.058802][T17678] 
[  231.061143][T17678] read to 0xffff88819aa71b1c of 4 bytes by task 17678 on cpu 1:
[  231.068792][T17678]  atime_needs_update+0x2a8/0x3e0
[  231.073854][T17678]  touch_atime+0x4a/0x340
[  231.078198][T17678]  shmem_file_splice_read+0x5b1/0x600
[  231.083587][T17678]  splice_direct_to_actor+0x26f/0x680
[  231.088991][T17678]  do_splice_direct+0xda/0x150
[  231.093766][T17678]  do_sendfile+0x380/0x650
[  231.098204][T17678]  __x64_sys_sendfile64+0x105/0x150
[  231.103417][T17678]  x64_sys_call+0x2db1/0x3000
[  231.108127][T17678]  do_syscall_64+0xca/0x2b0
[  231.112657][T17678]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  231.118562][T17678] 
[  231.120888][T17678] value changed: 0x1e164305 -> 0x1ea4fe17
[  231.126624][T17678] 
[  231.129033][T17678] Reported by Kernel Concurrency Sanitizer on:
[  231.135210][T17678] CPU: 1 UID: 0 PID: 17678 Comm: syz.0.5690 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  231.146611][T17678] Tainted: [W]=WARN
[  231.150423][T17678] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  231.160495][T17678] ==================================================================