last executing test programs:

4.826901585s ago: executing program 2 (id=1915):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000010000400000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0xea)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r1}, 0x10)
r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x9, &(0x7f0000000400)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x7, 0x6a, 0xa, 0xff00}, [@call={0xc}, @exit, @map_fd, @map_idx={0x18, 0x7, 0x5, 0x0, 0x1}]}, &(0x7f0000000140)='GPL\x00', 0x2, 0x95, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000002c0)={@ifindex, r4, 0x11, 0x0, 0x0, @void, @value=r3}, 0x20)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000240)={@local, @private, <r5=>0x0}, &(0x7f00000002c0)=0xc)
r6 = socket$xdp(0x2c, 0x3, 0x0)
bind$xdp(r3, &(0x7f0000000300)={0x2c, 0xe, r5, 0xb, r6}, 0x10)
pipe(&(0x7f0000000000)={<r7=>0xffffffffffffffff})
setsockopt$MRT6_ADD_MIF(r7, 0x29, 0xca, &(0x7f0000000040)={0x1, 0x0, 0x5, 0x0, 0x7}, 0xc)
r8 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000a00), 0x80402, 0x0)
write$cgroup_int(r8, 0x0, 0x2)

4.777005669s ago: executing program 2 (id=1917):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x29)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x15, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000005000000850000008200000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r2}, 0x10)
mbind(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x8003, &(0x7f0000000000)=0x10, 0xa7, 0x2)

4.725278843s ago: executing program 2 (id=1919):
prlimit64(0x0, 0x3, &(0x7f0000000140)={0x7, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
r1 = mq_open(&(0x7f00000007c0)='eti0\x00\x16\xd2\x90\x06t|\xc8JK\xd7M\x15\xca\x13Vn\xa3+\x85\x8a\xa0\x9b\xa9U\xdbk!\xd9\xa9i\xea0\x93\xc5V\x05\x01\xb706?\xf2\xdf\xd3\x9e\xf5\x7fze.c\xfb\xa27\xed\x90\x1b\x7fE}\xa81\xd5?\xcb\xefC\xac\xac}\xb8\x00\x97\xdf\x1au\x848bk\x02\x9cm\x93\xec\xcf~\x9f\xe0q/\x9b\xc4\xd7k\xf7\xf6\x13\xf5\x12}5l\xf6\xc7\x1aH\x1cMK\xfe2\x92\x19U \xfb`3\xe0\x1am\xd5h\x95E`+\xd2\xcb\xe61\xb2m\xde\xe3\x91\x97\x9bQH>[k\xfc\x89\xb4\xe5l\xd8(\xbc\xe0i=\xec\xb6K\x85;\x9a\x8a!\xfe\xfex\x91\xea\x91\xc3\xa9w\x1a\xaa\x1a\x7f/ZUl=\x18\xef\x8d\x06\xb5\xd1m\xd4\x04\xca\x82\x0e\x17\xfe\xf2\xc5eYaDF\x93\xbbs\xe3\x14\\\x87\xf2\xac\xaa\xea\xf42\xa9\xc6d\x93\b\x9dr\xffc]z\xed\xc2w`\xebA`&\xe1\x82\x92`K\x8bG-\xe6|\xcf-1\xc0_r\x8fX<\xe9\xd6 \x9c\x8e\x90\x19e\x05\xcaz\xc4\xfb*!n\xbc\x81\xe5\n\xe8zx\x80\x97M*\xb5\xd4\xe8\x0er\xef\xbe\x99\x13\x1f\x9aC\xe9yhH\xa8d8\xc9\xa0\x98\"\x9dIV\x86\xdeO\xb5\t\x00\x00\x00\x8ei9\xd5f\x96\xda\xd6ms\xcc\x17\xea\x8e\xddRE\xe7\xf1w\xac\xb2\xb6\'\'\xf6p)\xd9Fj\x8c\x8d\xaa\x88yx?Z\x9ahDk\x99NP*\x00\x00\x00=h\x15rJ\x8c\xed\x85\x9b\xe5v\xafx\xf1\xa6\x10\x1a\xc8r}]\xd3\xd0\xd4\x01J\xc4\x87y\x97\n\xda\x91\xbe\xaa?8\xc7E\x1e?\x9c\x1cG\xe7\xff\x92\b/\xc5\x90\x98\xae\xb5\xb8\x9b9|\xbdo\n{*\xc2\x95\x89\xb29bA\xc6\xd0\xb9?+\xea\x8e\xd9\xfd\xeeC\xf8\xe5\x95,\x9e\t\xf2\xd9\v6\x88]-u{\x85\xd4', 0x42, 0x48, 0x0)
mq_timedsend(r1, 0x0, 0xf00, 0x0, 0x0)
fchdir(r0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000300)={0x3c, 0x0, &(0x7f0000000100)=[@request_death={0x400c630e, 0x1}, @increfs_done={0x40106308, 0x2}, @decrefs, @clear_death={0x400c630f, 0x3}], 0x4a, 0x0, &(0x7f0000000380)="ec614eff80df9c22551210ab1478ab4419e7ab99fc4af361596e5f6da5b1884c422b5a234c4799bebce1505755f2018633d9d6a13815fbe67ce461d788fdfe62636abd6ad112230ef1fa"})
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r2 = inotify_init1(0x0)
fcntl$setown(r2, 0x8, 0xffffffffffffffff)
fcntl$getownex(r2, 0x10, &(0x7f0000000140)={0x0, <r3=>0x0})
r4 = syz_open_procfs(r3, &(0x7f0000000600)='fd/4\x00')
ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(r4, 0x4004662b, &(0x7f0000000180)={@desc={0x1, 0x2000000, @desc3}})
syz_mount_image$ext4(&(0x7f0000000540)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x88, &(0x7f00000005c0)={[{@nogrpid}, {@min_batch_time}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@nobarrier}, {@nodiscard}, {@quota}]}, 0x1, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x4, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000001000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='kfree\x00', r6}, 0x10)
close_range(r2, r4, 0x0)
r7 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r7, 0xc0a85320, &(0x7f00000003c0)={{0x80, 0x8}, 'port1\x00', 0x22, 0x0, 0xffff, 0x7, 0x598, 0x4000036e, 0x0, 0x0, 0x2, 0x46})
r8 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x1a0682)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r8, 0xc08c5332, &(0x7f0000000340)={0x8000000, 0x0, 0x0, 'queue0\x00'})
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
read(r7, &(0x7f00000001c0)=""/176, 0xb0)
write$sndseq(r8, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {0x80}, @raw8={"a357b6b140cbb6215dd33459"}}], 0x1c)

4.591094555s ago: executing program 2 (id=1924):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x2, [@int={0x0, 0x0, 0x0, 0x1, 0x5}]}}, 0x0, 0x2a, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x3004000, &(0x7f0000000100)={[{@abort}, {@resuid}, {@block_validity}, {@resuid={'resuid', 0x3d, 0xee01}}, {@discard}, {@noblock_validity}, {@dioread_nolock}]}, 0x1, 0x790, &(0x7f0000000f80)="$eJzs3c9rHFUcAPDvTHaT/k4qClZRAx5aEPPLgj9QaMGjiKCevDQkaSnd/qCJYEOEFrEnjwXBiwiCF2+KF0FKT4p46UX6H0ilSBBaxUNkprPJttlNds1upnU/H5jkvXm7+95k+c6bHy/zAuhbo9mPNOJARFxMIoaL9UlEVPNUJeLI3dfdWV6a+Wt5aSaJlZW3/0jy19xeXpqJhvdkdhdv2xER168l8cjA+nrnLyyemq7V5s4X+fGF0+fG5y8sPn/y9PSJuRNzZ6ampl6eOjz54sRU17b1o6d+/uafy29+/Om+G1d+v/7dviSOxJ6irHE7umU0Rlf/Jo0qEfF6tysryUCxPWnDuqRSYoPoSNrwHT4ewzEQa1/ecFz7ttTGAQA9sZItAECfSfT/ANBn6tcBbi8vzdSXcq9IANvl1tHIb9RncX+nWO6WVOJI/ntHPg5g159JNN7WTepjB7Yo+4yv36t+ni3Ro/vwQHMXL+U3/pv0/0ke/yP5KJ718T8QUewftub+fYj4h+2zlfh/qwv1i38AAAAAAADonqtHI+KlZvf/0tXxP9Hk/t9QREx0of7N7/+lN7tQDdDEraMRrxbP9rl3/N/qE11GBorc3oh4LKrJ8ZO1uSz290XEoagOZfnJ5h+f7zLevTz5Q6v6G8f/ZUtWf30sYNGOm5Whe98zO70wvdXtBiJuXYp4otIs/pPV/j9pMf73WJt1fL/01dOtyjaPf6BXVr6IONi0/197cl2y8fP5xvPjgfH6UcF6i8de+7BV/W3F/9q/KQFdlPX/uzaO/5Gk8Xmd853X8cntic9alf3X4//B5J38qaKDxboPphcWzk9GDCZvrF/fvUeIwkOtHg/1eMni/9Czzc//Nzr+r0bEuTbr/PLH6q+tykbzSHX8D2XI4n+2o/6/88TfvzzZclfRXv9/OO/TDxVrXP+DjbUboGW3EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuimNiD2RpGOr6TQdG4vYHRGPxq60dnZ+4bnjZ98/M5uVRYxENT1+sjY3ERHDd/NJlp/M02v5qfvyL0TE/oi4MrQzz4/NnK3Nlr3xAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFDY3WL+/8xvQ2W3DgDomR1lNwAA2Hb6fwDoP/p/AOg/Hff/P+3tTUMAgG3j/B8A+o/+HwAAAAAAAAAAAAAAAAAAAAAAAAB6av8zV28kEXHxlZ35khksyqqltgzotbTsBgClGSi7AUBpKu28KElWzwmA/w/n+ECySXnrKUJcQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoH8cPNDu/P9tzRQKPETM3gf9y/z/0L8c1UP/Mv8/YP5/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADY3PyFxVPTtdrceYluJyoPRjMehMRQRDwAzZDoIFH2ngkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIfBvwEAAP//snoPXw==")
chdir(&(0x7f0000000240)='./file0\x00')
ftruncate(r1, 0x9)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ENABLE(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01040000000000000096d4230c644c00018038000400200001000a004e2100000008ff010000000000000000000000000001098000001400020002000000e0e90002000020005a8558065b408540f9b9a3b6f4ab000000000d00"], 0x60}}, 0x0)
open(&(0x7f00000002c0)='./file0\x00', 0x14d37e, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000200)={r0, 0x20, &(0x7f00000001c0)={&(0x7f00000000c0)=""/240, 0xf0, 0x0, &(0x7f0000000000)=""/71, 0x47}}, 0x10)

4.508655321s ago: executing program 2 (id=1926):
openat$nvram(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r0, &(0x7f0000000200)=ANY=[], 0x118)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x1c, 0x2, 0x3, 0x401, 0x0, 0x0, {0x0, 0x0, 0x8}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}}, 0x0)
sendmsg$NFQNL_MSG_CONFIG(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="240000000203010100000000000000000900000808000440000000060800054000000012"], 0x24}}, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)

4.425399019s ago: executing program 2 (id=1927):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r2, &(0x7f0000000000)={0x18, 0x0, {0x2, @dev, 'veth1_to_batadv\x00'}}, 0x1e)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
openat$binfmt_register(0xffffff9c, &(0x7f0000000180), 0x1, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
dup(r3)
pipe2$9p(&(0x7f00000001c0)={<r4=>0xffffffffffffffff}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x1}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000d00)='sched_switch\x00', r8}, 0x10)
r9 = syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00')
writev(r9, &(0x7f0000000200)=[{&(0x7f00000004c0)='4', 0x1}], 0x1)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_emit_ethernet(0x176, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaa48847000000000000000000000000603f599001340600fe8000000000000000000000000000aafe8000000000000000000000000000000000000000000000c204000000000000000c000000000000fc02000000000000000000000000000000000000000000000000ffff00000000fe800000000000000000000000000000fe80000000000000000000000000000000000000000000000000000000000000fc00"/188, @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="50000000907800006c3e4af6e95497a4e1f23137ae5d9ab0d6a6a3ff1ff52b15b109af0f93abe7bddfe72723968479f91c26bda6d7d589fb8cb68c4f8760051117d27ab8434eb2818254ab55825a80ba277e953c42c3e3a34d6f1998abd85935442e96e25dc77ffb0469578ffae16aa69caf18e96b08085370c0c242147969cf393604407755c55c4b539a2e36241dc73a3d65b8b2585660c1365e7ec6"], 0x0)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB='\x00\x00'])

1.777160681s ago: executing program 3 (id=1958):
mbind(&(0x7f0000400000/0xc00000)=nil, 0xc01100, 0x0, 0x0, 0x0, 0x2)
move_pages(0x0, 0x10000000, 0xffffffffffffffff, &(0x7f0000000080)=[0x0], 0x0, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000010000000000000000000fe000000008c86e309de19bc26854e3a3d5effc72231f8ffeec797fee87fb70260c53c89d7ef59a1f20c3e0ee5398a6f113eb8329ed40d0e699a4cf02cd1f0b0966406e08dfcb4af8a9bbd1ba4335aefbaf2b3baf25940e86bc98208905ce8199d08405ce0dbc8497880344994f8b6b11007119dc2616a37240e2631af02"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x5, 0x4, 0x7fdf, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = dup2(0xffffffffffffffff, r1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r2}, 0x10)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000040)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x5}}, {@journal_dev={'journal_dev', 0x3d, 0x8000}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@minixdf}, {@resgid}, {@grpquota}, {@usrjquota}]}, 0x3, 0x44a, &(0x7f0000000400)="$eJzs281vG0UbAPBn10n6vv1KKOWjpUCgQkR8JE1aoAcuIJA4FIEEh3IMTlpVdRvUBIlWFQ0IlQsSqgRnxBGJv4AbFwSckLjCHVWqoJcWTkG73m1t106b1rFD/ftJm8x4x555PDve2R07gIE1nv1JIrZGxG8RMVrPNhcYr/+7evls9e/LZ6tJrKy89WeSl7ty+Wy1LFo+b0uRmUgj0k+SopJmi6fPHJ+t1eZPFfmppRPvTS2ePvPssROzR+ePzp+cOXjwwP7pF56fea4rcWZxXdn94cKeXa+9c+H16uEL7/70bdbercX+xji6ZTwL/K+VXOu+J7pdWZ9ta0gnQ31sCGtSiYisu4bz8T8albjeeaPx6sd9bRywrrJz06bOu5dXgLtYEv1uAdAf5Yk+u/4ttx5NPTaESy/VL4CyuK8WW33PUKRFmeGW69tuGo+Iw8v/fJVtsU73IQAAGn1W/fJQPNNu/pfG/Q3lthdrKGMRcU9E7IiIeyNiZ0TcF5GXfSAiHlxj/a1LQzfOf9KLtxXYLcrmfy8Wa1vN879y9hdjlSK3LY9/ODlyrDa/r3hPJmJ4U5afXqWO71/59fNO+xrnf9mW1V/OBYt2XBxquUE3N7s0m09Ku+DSRxG7h9rFn1xbCUgiYldE7F7bS28vE8ee+mZPp0I3j38VXVhnWvk64sl6/y9HS/ylZPX1yan/RW1+31R5VNzo51/Ov9mp/juKvwuy/t/cfPy3FhlLGtdrF9dex/nfP+14TXO7x/9I8nbeLyPFYx/MLi2dmo4YSQ7l+abHZ64/t8yX5bP4J/a2H/87iudk9TwUEdlB/HBEPBIRjxZtfywiHo+IvavE/+PLnfdthP6fa/v5d+34b+n/tScqx3/4rlP9t9b/B/LURPFI/vl3E7fawDt57wAAAOC/Is2/A5+kk9fSaTo5Wf8O/87YnNYWFpeePrLw/sm5+nflx2I4Le90jTbcD51OlotXrOdninvF5f79xX3jLyr/z/OT1YXaXJ9jh0G3pcP4z/xR6XfrgHXXbh1tZqQPDQF6rnX8p83Zc2/0sjFAT/m9Ngyum4z/tFftAHrP+R8GV7vxf64lby0A7k7O/zC4jH8YXMY/DC7jHwbSnfyuX2KQE5FuiGZIrFOi359MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3fFvAAAA//+uEO7O")
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x6, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
listxattr(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f0000000300)=""/46)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001cc0)={0x6, 0xd, &(0x7f0000000380)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x5}, [@tail_call, @ringbuf_query, @jmp={0x5, 0x1, 0x0, 0xa, 0x7, 0xffffffffffffffc8, 0x10}]}, 0x0, 0x1, 0x0, 0x0, 0x41000, 0x9, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40, @void, @value}, 0x94)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080))
r6 = socket(0x10, 0x3, 0x0)
r7 = socket$unix(0x1, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r7, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r8=>0x0})
sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x4e, &(0x7f0000000000)={&(0x7f0000000200)=@newlink={0x58, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x18, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_FLAGS={0xc, 0x2, {0x1f, 0x1e}}]}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x58}}, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r0}, 0x4)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r9}, 0x10)
r10 = socket(0x10, 0x3, 0x9)
connect$netlink(r10, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x25dfdbfc}, 0xc)
sendmsg$TIPC_CMD_GET_MAX_PORTS(r10, &(0x7f0000000080)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000400)={0x1c, 0x0, 0x8, 0x70bd27}, 0x1c}}, 0x400c810)
ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000880)={0x0, 0x2904c, 0x0, 0x10003, '\x00', [{0x0, 0x10, 0xfffffffffffffffe, 0x4, 0x0, 0xfffffffffffffffd}, {0xffffffff, 0x0, 0x9, 0x0, 0xfffffffffffffffc}]})

1.722159355s ago: executing program 3 (id=1960):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000380)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000a80)={&(0x7f00000009c0)=ANY=[@ANYBLOB="340000006800010900000000000000000000000000000000060003000000000014000200ff"], 0x34}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000400)='netlink_extack\x00', r0}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1e00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f00000003c0), 0x5, r2}, 0x92)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000001040)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r3 = socket$rxrpc(0x21, 0x2, 0xa)
sendmsg$inet(r3, &(0x7f0000000180)={0x0, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x4c00}, 0x0)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001a00)=ANY=[@ANYBLOB], 0x10b8}, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
r4 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r4, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x1200, 0x0, 0x3)

1.632451463s ago: executing program 3 (id=1961):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x6, 0x10, &(0x7f0000000600)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa408000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000570400002b000000850000001c00000000000000a366839e7e6abd81951b59ebb123cbbc005545be49fb8fcfbc9405455fa0e7982b5278f06f555b867cfade691273cb6b8c3b3c0fab4e3bf3484114ff33bd91b99b14f9cc3082af21922a4d22c16bd1e5fb8956ee0b291b76cd47df14487413345c6821c26a4a9ae6dd11bd258260b7efc4139cbdac84f101f40be7d39b2acf14d0cd04585c1f03760dcc7310ff62a4b8b1c88a834cba6a435a787fd79cce11d96836371d092e8a6447916f85a71cf78251e884a9b273ec07a374735cc250f6d7829b504af37810c1a6ba06d49aee64a86fe0ab72a5"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = openat$selinux_validatetrans(0xffffffffffffff9c, &(0x7f00000001c0), 0x1, 0x0)
r3 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$EXT4_IOC_SWAP_BOOT(r1, 0x6611)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f00000000c0)={'vxcan0\x00', <r4=>0x0})
bind$can_j1939(r3, &(0x7f0000000040)={0x1d, r4}, 0x18)
connect$can_j1939(r3, &(0x7f0000000080)={0x1d, r4, 0x0, {0x0, 0x1, 0x4}, 0xfd}, 0x18)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$binfmt_elf64(r5, &(0x7f0000000200)=ANY=[], 0x78)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'})
pipe(&(0x7f0000000100)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
vmsplice(r6, &(0x7f0000000080)=[{&(0x7f0000000140)=']', 0x1}], 0x100000000000021f, 0x1)
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r5, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x4, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x4}, [@ldst={0x2, 0x1, 0x0, 0x8, 0x4, 0x20}]}, &(0x7f0000000580)='syzkaller\x00', 0x400, 0xc9, &(0x7f0000000200)=""/201, 0x41000, 0x10, '\x00', r4, 0x0, r5, 0x8, &(0x7f0000000100)={0x1, 0x8}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140), 0x10, 0x4, @void, @value}, 0x94)
write$selinux_validatetrans(r2, 0x0, 0x0)
r7 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x7, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="6a0ac4ff000000027110b7000000000095001b0000000000"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
ioctl$INCFS_IOC_PERMIT_FILL(r2, 0x40046721, &(0x7f0000000040)={r7})

1.413750741s ago: executing program 4 (id=1964):
r0 = socket$netlink(0x10, 0x3, 0x0)
writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000040)="3900000013001118680907070000000f0000ff3f04000000170a001700000000040014001000030001302564aa58b9a64411f6bbf44dc48f57", 0xff4d}], 0x1)
ioctl$EXT4_IOC_MIGRATE(r0, 0x6609)
r1 = syz_io_uring_setup(0x24fa, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xb, 0x8, 0xc, 0x80000000, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r4}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000002000000000000000000818110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000020000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
r6 = syz_io_uring_setup(0x1fe8, &(0x7f0000000480), &(0x7f0000000040)=<r7=>0x0, &(0x7f0000000080)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x16, 0x0, @fd_index=0x9, 0x0, 0x0, 0x0, 0x4})
socket$netlink(0x10, 0x3, 0x0)
r9 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r10 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r10, 0x1, r9, &(0x7f0000000100))
r11 = syz_io_uring_setup(0xec4, &(0x7f00000004c0)={0x0, 0x2f4c, 0x400, 0x20000003, 0x26d}, &(0x7f0000000540)=<r12=>0x0, &(0x7f0000000340)=<r13=>0x0)
syz_io_uring_submit(r12, r13, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd_index=0x4})
io_uring_enter(r11, 0x47fa, 0x0, 0x0, 0x0, 0x0)
io_uring_enter(r6, 0x11af, 0xdfd2, 0x1, 0x0, 0x0)
io_uring_enter(r1, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

711.36187ms ago: executing program 3 (id=1974):
prlimit64(0x0, 0x3, &(0x7f0000000140)={0x7, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
r1 = mq_open(&(0x7f00000007c0)='eti0\x00\x16\xd2\x90\x06t|\xc8JK\xd7M\x15\xca\x13Vn\xa3+\x85\x8a\xa0\x9b\xa9U\xdbk!\xd9\xa9i\xea0\x93\xc5V\x05\x01\xb706?\xf2\xdf\xd3\x9e\xf5\x7fze.c\xfb\xa27\xed\x90\x1b\x7fE}\xa81\xd5?\xcb\xefC\xac\xac}\xb8\x00\x97\xdf\x1au\x848bk\x02\x9cm\x93\xec\xcf~\x9f\xe0q/\x9b\xc4\xd7k\xf7\xf6\x13\xf5\x12}5l\xf6\xc7\x1aH\x1cMK\xfe2\x92\x19U \xfb`3\xe0\x1am\xd5h\x95E`+\xd2\xcb\xe61\xb2m\xde\xe3\x91\x97\x9bQH>[k\xfc\x89\xb4\xe5l\xd8(\xbc\xe0i=\xec\xb6K\x85;\x9a\x8a!\xfe\xfex\x91\xea\x91\xc3\xa9w\x1a\xaa\x1a\x7f/ZUl=\x18\xef\x8d\x06\xb5\xd1m\xd4\x04\xca\x82\x0e\x17\xfe\xf2\xc5eYaDF\x93\xbbs\xe3\x14\\\x87\xf2\xac\xaa\xea\xf42\xa9\xc6d\x93\b\x9dr\xffc]z\xed\xc2w`\xebA`&\xe1\x82\x92`K\x8bG-\xe6|\xcf-1\xc0_r\x8fX<\xe9\xd6 \x9c\x8e\x90\x19e\x05\xcaz\xc4\xfb*!n\xbc\x81\xe5\n\xe8zx\x80\x97M*\xb5\xd4\xe8\x0er\xef\xbe\x99\x13\x1f\x9aC\xe9yhH\xa8d8\xc9\xa0\x98\"\x9dIV\x86\xdeO\xb5\t\x00\x00\x00\x8ei9\xd5f\x96\xda\xd6ms\xcc\x17\xea\x8e\xddRE\xe7\xf1w\xac\xb2\xb6\'\'\xf6p)\xd9Fj\x8c\x8d\xaa\x88yx?Z\x9ahDk\x99NP*\x00\x00\x00=h\x15rJ\x8c\xed\x85\x9b\xe5v\xafx\xf1\xa6\x10\x1a\xc8r}]\xd3\xd0\xd4\x01J\xc4\x87y\x97\n\xda\x91\xbe\xaa?8\xc7E\x1e?\x9c\x1cG\xe7\xff\x92\b/\xc5\x90\x98\xae\xb5\xb8\x9b9|\xbdo\n{*\xc2\x95\x89\xb29bA\xc6\xd0\xb9?+\xea\x8e\xd9\xfd\xeeC\xf8\xe5\x95,\x9e\t\xf2\xd9\v6\x88]-u{\x85\xd4', 0x42, 0x48, 0x0)
mq_timedsend(r1, 0x0, 0xf00, 0x0, 0x0)
fchdir(r0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000300)={0x3c, 0x0, &(0x7f0000000100)=[@request_death={0x400c630e, 0x1}, @increfs_done={0x40106308, 0x2}, @decrefs, @clear_death={0x400c630f, 0x3}], 0x4a, 0x0, &(0x7f0000000380)="ec614eff80df9c22551210ab1478ab4419e7ab99fc4af361596e5f6da5b1884c422b5a234c4799bebce1505755f2018633d9d6a13815fbe67ce461d788fdfe62636abd6ad112230ef1fa"})
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r2 = inotify_init1(0x0)
fcntl$setown(r2, 0x8, 0xffffffffffffffff)
fcntl$getownex(r2, 0x10, &(0x7f0000000140)={0x0, <r3=>0x0})
r4 = syz_open_procfs(r3, &(0x7f0000000600)='fd/4\x00')
ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(r4, 0x4004662b, &(0x7f0000000180)={@desc={0x1, 0x2000000, @desc3}})
syz_mount_image$ext4(&(0x7f0000000540)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x88, &(0x7f00000005c0)={[{@nogrpid}, {@min_batch_time}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@nobarrier}, {@nodiscard}, {@quota}]}, 0x1, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x4, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000001000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
close_range(r2, r4, 0x0)
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r6, 0xc0a85320, &(0x7f00000003c0)={{0x80, 0x8}, 'port1\x00', 0x22, 0x0, 0xffff, 0x7, 0x598, 0x4000036e, 0x0, 0x0, 0x2, 0x46})
r7 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x1a0682)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r7, 0xc08c5332, &(0x7f0000000340)={0x8000000, 0x0, 0x0, 'queue0\x00'})
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
read(r6, &(0x7f00000001c0)=""/176, 0xb0)
write$sndseq(r7, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {0x80}, @raw8={"a357b6b140cbb6215dd33459"}}], 0x1c)

589.37448ms ago: executing program 3 (id=1978):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x3, 0x2000000000000048, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$inet_mtu(0xffffffffffffffff, 0x0, 0xa, &(0x7f0000000080)=0x3, 0x4)
socket$kcm(0x29, 0x2, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73772cc9f1ba1f848430000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x30, 0x10, 0x801, 0x0, 0x25dfdbfc, {}, [@IFLA_MASTER={0x8}, @IFLA_GROUP={0x8}]}, 0x30}}, 0x0)

542.389214ms ago: executing program 4 (id=1979):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x0, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', 0xffffffffffffffff, 0x0, 0xfffffffffffffffe}, 0x18)
io_setup(0x7, &(0x7f0000000280)=<r0=>0x0)
r1 = openat$sysfs(0xffffff9c, &(0x7f0000000100)='/sys/power/pm_freeze_timeout', 0x42, 0x0)
io_submit(r0, 0x1, &(0x7f0000000500)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000000), 0xfffffc98}])
read$hiddev(r1, &(0x7f00000004c0)=""/92, 0x5c)
connect$pppl2tp(0xffffffffffffffff, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, 0x32)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000680)=ANY=[@ANYRES32=0x0, @ANYBLOB='\x00'/19, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000002c7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r2}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_procs(r3, &(0x7f0000000100)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r4, &(0x7f0000000140), 0x12)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file1\x00', 0x1008002, &(0x7f0000000840), 0x1, 0x5e0, &(0x7f0000001200)="$eJzs3c9vFFUcAPDv2/6gpWgLMSoepIkxkCgtLWCI8QBXQxr8ES9erLQgUqChNVo0oSR4MTFejDHx5EH8L5TIlZOePHjxZEiIGo4mrtndmdJtd1ta2k5lPp9k6cx7O/vesP32vXn73mwApTVY+6cSsTciplNEf5pfyOuMLHOw8bx7f39yuvZIUa2+8WeKlKXlz0/Zz77s4J6I+PmnFHs6lpc7M3fl/PjU1OTlbH949sL08MzclYPnLoyfnTw7eXH0pdFjR48cPTZyaF3ndbVF2snr73/Y/9nY2999808a+f63sRTH49XsiYvPY6MMxmD9/yQtz+o7ttGFFaQj+z1Z/BanzgIrxJrk719XRDwV/dER99+8/vj0tUIrB2yqaoqoAiWVxD+UVN4PyK/tl14HVwrplQBb4e6JxgDA8vjvbIwNRk99bGDnvRSLh3VSRKxvZK7Zroi4fWvs+plbY9djk8bhgNbmr0XE063iP9XjfyB6YqAe/5Wm+K/1C05lP2vpr6+z/KVDxeIftk4j/ntWjP9oE//vLIr/d9dZ/uD9zfd6m+K/d72nBAAAAAAAAKV180REvNjq8//KwvyfaDH/py8ijm9A+YNL9pd//l+5swHFAC3cPRHxSsv5v5V89u9AR7b1WH0+QFc6c25q8lBEPB4RB6JrR21/ZIUyDn6+5+t2eYPZ/L/8USv/djYXMKvHnc4dzcdMjM+OP+x5AxF3r0U803L+b1po/1OL9r/292B61Vdv9BD2PH/jVLtnrB7/wGapfhuxv2X7f/+uFWnl+3MM1/sDw3mvYLlnP/7ih3blrzf+3WICHl6t/d+5cvwPpMX365lZexmH5zqr7fLW2//vTm/WbznTnaV9ND47e3kkojud7KilNqWPrr3O8CjK4yGPl1r8H3hu5fG/Rf3/Xfnr9EbE/JLXTn81rynOPflv3+/t6qP/D8Wpxf/Emtr/tW+M3hj4sV35D9b+H6m39QeyFON/0PBVHqbdzektwrGzVdZW1xcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgWViNgVqTK0sF2pDA1F9EXEE7GzMnVpZvaFM5c+uDjR+PK/geiq5N/029/YT/n3/w8s2h9dsn84InZHxJcdvfX9odOXpiaKPnkAAAAAAAAAAAAAAAAAAADYJvrarP+v+aOj6NoBm66z6AoAhWkR/78UUQ9g62n/obzEP5SX+IfyEv9QXuIfykv8Q3mJfygv8Q8AAAAAAI+U3ftu/poiYv7l3vqjpjvL6yq0ZsBmqxRdAaAwbvED5WXqD5SXa3wgrZLf0/ag1Y5cyfTphzgYAAAAAAAAAAAAAEpn/17r/6GsrP+H8rL+H8orX/+/r+B6AFvPNT4Qq6zkb7n+f9WjAAAAAAAAAAAAAICNNDN35fz41NTkZRtvbY9qbOVGtVq9Wvst2C71+Z9v5FPht0t9lmzka/0e7Kji/iYBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADN/gsAAP//XsMlEQ==")
bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000003c0)={0xffffffffffffffff, &(0x7f0000000300), 0x20000000}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000001cc0)={0xffffffffffffffff, &(0x7f0000001c80)}, 0x20)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000580)='kmem_cache_free\x00'}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000dc0)={[{@nojournal_checksum}, {@nombcache}, {@noblock_validity}, {@norecovery}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@lazytime}, {@nodelalloc}, {@nodioread_nolock}, {@noauto_da_alloc}]}, 0xfe, 0x54d, &(0x7f0000000400)="$eJzs3U1rG0cfAPD/ynLenycOhEB7KIYcmpJGju2+pNBDeixtaKC9p8LemGApCpYcYjfQ5NBceimhUEoDpR+g9x5Dv0A/RaANhBJMe+hFZeWVo8SSrThKrFS/H6w9s7vy7Gj2P57RSCiAkTWZ/ShEvBIR3yQRhzuOFSM/OLl+3trD63PZlkSz+emfSST5vvb5Sf77YDtTjPj1q4iThc3l1ldWF8uVSrqU56ca1StT9ZXVU5eq5YV0Ib08Mzt75u3ZmffefWdgdX3j/N/ff3L3wzNfH1/77uf7R24ncTYO5cc66/EMbnRmJmMyf07G4+wTJ04PoLBhkuz2BbAjY3mcj0fWBxyOsTzqgf++LyOiCYyoRPzDiGqPA9pz+wHNg18aDz5YnwBtrn9x/bWR2NeaGx1YSx6bGWXz3YkBlJ+V8csfd25nWwzudQiAbd24GRGni8XN/V+S9387d7qPc54sQ/8HL87dbPzzZrfxT2Fj/BNdxj8Hu8TuTmwf/4X7Ayimp2z8937X8e/GotXEWJ77X2vMN55cvFRJs77t/xFxIsb3Zvmt1nPOrN1r9jrWOf7Ltqz89lgwv477xb2PP2a+3Cg/S507PbgZ8WrX8W+y0f5Jl/bPno/zfZZxLL3zWq9j29f/+Wr+FPF61/Z/tKKVbL0+OdW6H6bad8Vmf9069luv8ne7/ln7H9i6/hNJ53pt/enL+HHfP2mvYzu9//ckn7XSe/J918qNxtJ0xJ7k4837Zx49tp1vn5/V/8Txrfu/bvf//oj4vM/63zp6q+epw9D+80/V/k+fuPfRFz/0Kr+/9n+rlTqR7+mn/+v3Ap/luQMAAAAAAIBhU4iIQ5EUShvpQqFUWn9/x9E4UKjU6o2TF2vLl+ej9VnZiRgvtFe6D3e8H2I6fz9sOz/zRH42Io5ExLdj+1v50lytMr/blQcAAAAAAAAAAAAAAAAAAIAhcbDH5/8zv4/t9tUBz52v/IbRtW38D+KbnoCh5P8/jC7xD6NL/MPoEv8wusQ/jC7xD6NL/MPoEv8AAAAAAAAAAAAAAAAAAAAAAAAAAAAwUOfPncu25trD63NZfv7qyvJi7eqp+bS+WKouz5XmaktXSgu12kIlLc3Vqtv9vUqtdmV6JpavTTXSemOqvrJ6oVpbvty4cKlaXkgvpOMvpFYAAAAAAAAAAAAAAAAAAADwcqmvrC6WK5V0SUJiR4nicFyGxIATu90zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAj/wYAAP//Gis4ow==")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000200), 0x42400)
lchown(&(0x7f0000000400)='./file1\x00', 0x0, 0xee01)

504.044477ms ago: executing program 1 (id=1980):
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000080)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@li, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x70}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='kfree\x00', r1}, 0x10)
r2 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$USBDEVFS_CONTROL(r2, 0xc0105500, &(0x7f0000000040)={0x2, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0})
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, 0x0, 0x0)
r3 = add_key$keyring(&(0x7f0000000080), &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$KEYCTL_MOVE(0x1e, 0x0, r0, r3, 0x1)

483.127619ms ago: executing program 3 (id=1981):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
pread64(r1, &(0x7f0000000300)=""/150, 0x96, 0x7)

453.181732ms ago: executing program 1 (id=1982):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1eb481, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000300)=ANY=[@ANYBLOB="000086dd0500560008005400000060ec970001983a00fc000018c6ba35000000000000000700ff020000000000000000000000000001000000000000000000000000000000000000000000000000860090780000000000000000000000000000ee3f000000002b036f8c006e75021d683910c3090b3188a7c747eb2278a273c1b80029442911892704", @ANYRESDEC=r1], 0xfdef)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f00000027c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100))
timer_gettime(0x0, &(0x7f00000002c0))
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="170000000000000004000000ff00000000000000279e62c8d31b501f0b50d3d93f15e6d0beb5123c67de5a172998a9ad4327ee1c9123db267f95911790234d92e85a9649a1306c3e01476653dfba4e86fddd8ffb30557543b59377b6b74f18b869ee0eeeae7a9a7ec07d7fed0f6d6457d7ac46cfaacf2bb3f414ddbf7c", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r4}, 0x10)
r5 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r5, 0x10e, 0x1, &(0x7f0000000040)=0x12, 0x4)
r6 = socket$inet(0x2, 0x801, 0x0)
bind$inet(r6, &(0x7f0000000000)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r6, 0x0, 0xffffffffffffffb5, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
r7 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000280), 0x4)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='memory.swap.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r8, 0x0)
ftruncate(r8, 0xc17a)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xa, &(0x7f0000000300)=ANY=[@ANYBLOB="1800080000000000000000000400000085200000020000006f100000fbffffff551a0000040000008510c8b9fbffffff9500000000000000183100000200000000000000000000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x4, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, 0x0, r7, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000380)={0x3, 0xd, 0x8, 0x5}, 0x10, 0x0, 0x0, 0x2, &(0x7f00000003c0)=[r2, r2, r8], &(0x7f0000000400)=[{0x3, 0x4, 0x7, 0x7}, {0x3, 0x4, 0xc, 0x7}], 0x10, 0x8, @void, @value}, 0x94)
shutdown(r6, 0x1)
splice(r6, 0x0, 0xffffffffffffffff, 0x0, 0x7ffff000, 0x0)

359.41694ms ago: executing program 1 (id=1985):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000003680)='sched_switch\x00', r0}, 0x10)
r1 = syz_open_dev$sg(&(0x7f0000001940), 0x0, 0x0)
ioctl$SG_IO(r1, 0x2285, &(0x7f0000000680)={0x53, 0xfffffffe, 0x6, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000400)="9ef0b94c0000", 0x0, 0xfffffbfc, 0x0, 0x100004, 0x0})

298.798115ms ago: executing program 1 (id=1986):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000380)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000a80)={&(0x7f00000009c0)=ANY=[@ANYBLOB="340000006800010900000000000000000000000000000000060003000000000014000200ff"], 0x34}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000400)='netlink_extack\x00', r0}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1e00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f00000003c0), 0x5, r2}, 0x92)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kfree\x00'}, 0x10)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r3 = socket$rxrpc(0x21, 0x2, 0xa)
sendmsg$inet(r3, &(0x7f0000000180)={0x0, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x4c00}, 0x0)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001a00)=ANY=[@ANYBLOB], 0x10b8}, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
r4 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r4, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x1200, 0x0, 0x3)

297.660295ms ago: executing program 0 (id=1987):
mbind(&(0x7f0000400000/0xc00000)=nil, 0xc01100, 0x0, 0x0, 0x0, 0x2)
move_pages(0x0, 0x10000000, 0xffffffffffffffff, &(0x7f0000000080)=[0x0], 0x0, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000010000000000000000000fe000000008c86e309de19bc26854e3a3d5effc72231f8ffeec797fee87fb70260c53c89d7ef59a1f20c3e0ee5398a6f113eb8329ed40d0e699a4cf02cd1f0b0966406e08dfcb4af8a9bbd1ba4335aefbaf2b3baf25940e86bc98208905ce8199d08405ce0dbc8497880344994f8b6b11007119dc2616a37240e2631af02"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f00000001c0)=@framed={{}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfe}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = dup2(r1, 0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r2}, 0x10)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000040)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x5}}, {@journal_dev={'journal_dev', 0x3d, 0x8000}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@minixdf}, {@resgid}, {@grpquota}, {@usrjquota}]}, 0x3, 0x44a, &(0x7f0000000400)="$eJzs281vG0UbAPBn10n6vv1KKOWjpUCgQkR8JE1aoAcuIJA4FIEEh3IMTlpVdRvUBIlWFQ0IlQsSqgRnxBGJv4AbFwSckLjCHVWqoJcWTkG73m1t106b1rFD/ftJm8x4x555PDve2R07gIE1nv1JIrZGxG8RMVrPNhcYr/+7evls9e/LZ6tJrKy89WeSl7ty+Wy1LFo+b0uRmUgj0k+SopJmi6fPHJ+t1eZPFfmppRPvTS2ePvPssROzR+ePzp+cOXjwwP7pF56fea4rcWZxXdn94cKeXa+9c+H16uEL7/70bdbercX+xji6ZTwL/K+VXOu+J7pdWZ9ta0gnQ31sCGtSiYisu4bz8T8albjeeaPx6sd9bRywrrJz06bOu5dXgLtYEv1uAdAf5Yk+u/4ttx5NPTaESy/VL4CyuK8WW33PUKRFmeGW69tuGo+Iw8v/fJVtsU73IQAAGn1W/fJQPNNu/pfG/Q3lthdrKGMRcU9E7IiIeyNiZ0TcF5GXfSAiHlxj/a1LQzfOf9KLtxXYLcrmfy8Wa1vN879y9hdjlSK3LY9/ODlyrDa/r3hPJmJ4U5afXqWO71/59fNO+xrnf9mW1V/OBYt2XBxquUE3N7s0m09Ku+DSRxG7h9rFn1xbCUgiYldE7F7bS28vE8ee+mZPp0I3j38VXVhnWvk64sl6/y9HS/ylZPX1yan/RW1+31R5VNzo51/Ov9mp/juKvwuy/t/cfPy3FhlLGtdrF9dex/nfP+14TXO7x/9I8nbeLyPFYx/MLi2dmo4YSQ7l+abHZ64/t8yX5bP4J/a2H/87iudk9TwUEdlB/HBEPBIRjxZtfywiHo+IvavE/+PLnfdthP6fa/v5d+34b+n/tScqx3/4rlP9t9b/B/LURPFI/vl3E7fawDt57wAAAOC/Is2/A5+kk9fSaTo5Wf8O/87YnNYWFpeePrLw/sm5+nflx2I4Le90jTbcD51OlotXrOdninvF5f79xX3jLyr/z/OT1YXaXJ9jh0G3pcP4z/xR6XfrgHXXbh1tZqQPDQF6rnX8p83Zc2/0sjFAT/m9Ngyum4z/tFftAHrP+R8GV7vxf64lby0A7k7O/zC4jH8YXMY/DC7jHwbSnfyuX2KQE5FuiGZIrFOi359MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3fFvAAAA//+uEO7O")
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x6, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
listxattr(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f0000000300)=""/46)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001cc0)={0x6, 0xd, &(0x7f0000000380)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x5}, [@tail_call, @ringbuf_query, @jmp={0x5, 0x1, 0x0, 0xa, 0x7, 0xffffffffffffffc8, 0x10}]}, 0x0, 0x1, 0x0, 0x0, 0x41000, 0x9, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40, @void, @value}, 0x94)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080))
r6 = socket(0x10, 0x3, 0x0)
r7 = socket$unix(0x1, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r7, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r8=>0x0})
sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x4e, &(0x7f0000000000)={&(0x7f0000000200)=@newlink={0x58, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x18, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_FLAGS={0xc, 0x2, {0x1f, 0x1e}}]}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x58}}, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r0}, 0x4)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r9}, 0x10)
r10 = socket(0x10, 0x3, 0x9)
connect$netlink(r10, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x25dfdbfc}, 0xc)
sendmsg$TIPC_CMD_GET_MAX_PORTS(r10, &(0x7f0000000080)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000400)={0x1c, 0x0, 0x8, 0x70bd27}, 0x1c}}, 0x400c810)
ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000880)={0x0, 0x2904c, 0x0, 0x10003, '\x00', [{0x0, 0x10, 0xfffffffffffffffe, 0x4, 0x0, 0xfffffffffffffffd}, {0xffffffff, 0x0, 0x9, 0x0, 0xfffffffffffffffc}]})

293.208495ms ago: executing program 4 (id=1988):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
unshare(0x64000600)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff60, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x3, &(0x7f00000003c0)={<r3=>0xffffffffffffffff}, 0x111}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r2, &(0x7f0000000700)={0x3, 0x40, 0xfa02, {{0x6000000, 0x0, 0xfffffffd, @mcast2}, {0xa, 0x0, 0x0, @mcast2={0xff, 0x5}}, r3}}, 0x48)

267.908797ms ago: executing program 1 (id=1989):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x29)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x15, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000005000000850000008200000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r2}, 0x10)
mbind(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x8003, &(0x7f0000000000)=0x10, 0xa7, 0x2)

241.70818ms ago: executing program 1 (id=1990):
r0 = socket$netlink(0x10, 0x3, 0x0)
writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000040)="3900000013001118680907070000000f0000ff3f04000000170a001700000000040014001000030001302564aa58b9a64411f6bbf44dc48f57", 0xff4d}], 0x1)
ioctl$EXT4_IOC_MIGRATE(r0, 0x6609)
r1 = syz_io_uring_setup(0x24fa, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xb, 0x8, 0xc, 0x80000000, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r4}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000002000000000000000000818110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000020000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
r6 = syz_io_uring_setup(0x1fe8, &(0x7f0000000480), &(0x7f0000000040)=<r7=>0x0, &(0x7f0000000080)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x16, 0x0, @fd_index=0x9, 0x0, 0x0, 0x0, 0x4})
socket$netlink(0x10, 0x3, 0x0)
r9 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r10 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r10, 0x1, r9, &(0x7f0000000100))
r11 = syz_io_uring_setup(0xec4, &(0x7f00000004c0)={0x0, 0x2f4c, 0x400, 0x20000003, 0x26d}, &(0x7f0000000540)=<r12=>0x0, &(0x7f0000000340))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r12, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r11, 0x47fa, 0x0, 0x0, 0x0, 0x0)
io_uring_enter(r6, 0x11af, 0xdfd2, 0x1, 0x0, 0x0)
io_uring_enter(r1, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

189.317524ms ago: executing program 0 (id=1991):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x3, 0x2000000000000048, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$inet_mtu(0xffffffffffffffff, 0x0, 0xa, &(0x7f0000000080)=0x3, 0x4)
socket$kcm(0x29, 0x2, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73772cc9f1ba1f848430000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x30, 0x10, 0x801, 0x0, 0x25dfdbfc, {}, [@IFLA_MASTER={0x8}, @IFLA_GROUP={0x8}]}, 0x30}}, 0x0)

185.997054ms ago: executing program 4 (id=1992):
socket$inet6_sctp(0xa, 0x1, 0x84)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000010000"], 0x48)
ioperm(0x0, 0x8, 0x3)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000011240)={'batadv_slave_0\x00', <r2=>0x0})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f00000000c0)={'batadv0\x00', <r4=>0x0})
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000fc0)=ANY=[@ANYBLOB="4000000010000305000000000000000000000700", @ANYRES32=0x0, @ANYBLOB="00000000000000002000128008000100687372001400028008000200", @ANYRES32=r2, @ANYBLOB="08000100", @ANYRES32=r4, @ANYBLOB], 0x40}}, 0x0)

114.10687ms ago: executing program 0 (id=1993):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$unix(0x1, 0x2, 0x0)
readahead(r0, 0x0, 0xbe)
r1 = epoll_create1(0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, 0xffffffffffffffff, &(0x7f0000000600)={0x70000000})
r2 = socket$netlink(0x10, 0x3, 0x9)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
close(r2)

113.57114ms ago: executing program 4 (id=1994):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r1 = openat$cgroup_devices(r0, &(0x7f0000000100)='devices.allow\x00', 0x2, 0x0)
write$cgroup_devices(r1, &(0x7f00000000c0)=ANY=[@ANYBLOB="63202a3a2a2072770aee"], 0xa)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x52)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00', r4}, 0x10)
ioctl$BTRFS_IOC_GET_FEATURES(r4, 0x80189439, &(0x7f0000000340))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r2}, &(0x7f0000000380), &(0x7f00000003c0)=r3}, 0x20)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7020000020000008500000086000000180100002020692500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000009b00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r6, 0x0, 0x8, 0x8, &(0x7f00000002c0)='\r\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x50)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = pidfd_getfd(0xffffffffffffffff, r2, 0x0)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000180)={r8, r3, 0x0, r6}, 0x10)
sendmsg$IPCTNL_MSG_CT_GET(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="380000000101010200000000000000000200000018000280140057cc080001000000000008000200000000000c001980"], 0x38}}, 0x0)

57.425985ms ago: executing program 0 (id=1995):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000840)={&(0x7f00000001c0)='ext4_forget\x00', r0, 0x0, 0xfffffffffffffff2}, 0x18)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000047b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000007b00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0xa, 0x2, 0x9, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r2}, &(0x7f0000000200), &(0x7f0000000280)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000380)='kfree\x00', r3}, 0x10)
r4 = syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301)
ioctl$USBDEVFS_IOCTL(r4, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r4, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect)

55.513075ms ago: executing program 4 (id=1996):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1eb481, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000300)=ANY=[@ANYBLOB="000086dd0500560008005400000060ec970001983a00fc000018c6ba35000000000000000700ff020000000000000000000000000001000000000000000000000000000000000000000000000000860090780000000000000000000000000000ee3f000000002b036f8c006e75021d683910c3090b3188a7c747eb2278a273c1b80029442911892704", @ANYRESDEC=r1], 0xfdef)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f00000027c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100))
timer_gettime(0x0, &(0x7f00000002c0))
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="170000000000000004000000ff00000000000000279e62c8d31b501f0b50d3d93f15e6d0beb5123c67de5a172998a9ad4327ee1c9123db267f95911790234d92e85a9649a1306c3e01476653dfba4e86fddd8ffb30557543b59377b6b74f18b869ee0eeeae7a9a7ec07d7fed0f6d6457d7ac46cfaacf2bb3f414ddbf7c", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r4}, 0x10)
r5 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r5, 0x10e, 0x1, &(0x7f0000000040)=0x12, 0x4)
r6 = socket$inet(0x2, 0x801, 0x0)
bind$inet(r6, &(0x7f0000000000)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r6, 0x0, 0xffffffffffffffb5, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
r7 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000280), 0x4)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='memory.swap.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r8, 0x0)
ftruncate(r8, 0xc17a)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xa, &(0x7f0000000300)=ANY=[@ANYBLOB="1800080000000000000000000400000085200000020000006f100000fbffffff551a0000040000008510c8b9fbffffff9500000000000000183100000200000000000000000000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x4, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, 0x0, r7, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000380)={0x3, 0xd, 0x8, 0x5}, 0x10, 0x0, 0x0, 0x2, &(0x7f00000003c0)=[r2, r2, r8], &(0x7f0000000400)=[{0x3, 0x4, 0x7, 0x7}, {0x3, 0x4, 0xc, 0x7}], 0x10, 0x8, @void, @value}, 0x94)
shutdown(r6, 0x1)
splice(r6, 0x0, 0xffffffffffffffff, 0x0, 0x7ffff000, 0x0)

22.771218ms ago: executing program 0 (id=1997):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000005c0)=@newlink={0x34, 0x10, 0x503, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x4}}}]}, 0x34}}, 0x0)

0s ago: executing program 0 (id=1998):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='kfree\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x418484, &(0x7f0000000440), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==") (async)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x1, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000a496000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000100)={r3, 0x0, 0x30, 0x12, @val=@uprobe_multi={&(0x7f00000028c0)='./file0\x00', &(0x7f0000002900)=[0x4], 0x0, 0x4, 0x100000}}, 0x40) (async)
r4 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000280)={0x41}, 0x10)
r5 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r5, 0x10f, 0x87, &(0x7f0000000040)={0x41}, 0x10) (async)
r6 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r6, 0x10f, 0x87, &(0x7f0000000100)={0x41}, 0x1be)
r7 = semget$private(0x0, 0x4000000009, 0x0)
semop(r7, &(0x7f0000000240)=[{0x2, 0x7fff, 0x1000}], 0x1) (async)
semop(r7, &(0x7f0000000100)=[{0x2, 0xd5db}], 0x1) (async, rerun: 64)
semop(r7, &(0x7f00000000c0)=[{0x2, 0x7, 0x800}, {0x3, 0x50e, 0x1000}, {0x2, 0x2, 0x1000}], 0x3) (async, rerun: 64)
sendmsg$tipc(r6, &(0x7f0000000240)={&(0x7f0000000080), 0x10, 0x0}, 0x0)

kernel console output (not intermixed with test programs):

pe=0 sclass=netlink_audit_socket pid=6561 comm=syz.2.1156
[   79.759910][ T6565] bpf_get_probe_write_proto: 8 callbacks suppressed
[   79.759952][ T6565] syz.2.1158[6565] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   79.766974][ T6565] syz.2.1158[6565] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   79.779579][ T6565] syz.2.1158[6565] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   79.850683][ T6571] loop1: detected capacity change from 0 to 512
[   79.877633][ T6572] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   79.887673][ T6572] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   79.968317][ T6579] netlink: 'syz.1.1164': attribute type 10 has an invalid length.
[   79.978223][ T6579] bond0: (slave netdevsim1): Enslaving as an active interface with an up link
[   79.995139][ T6579] bond0: (slave dummy0): Releasing backup interface
[   80.001969][ T6579] bond0: (slave dummy0): the permanent HWaddr of slave - aa:aa:aa:aa:aa:24 - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts
[   80.033940][ T6579] bond0: (slave netdevsim1): Releasing backup interface
[   80.324508][ T6586] loop0: detected capacity change from 0 to 1024
[   80.332040][ T6586] EXT4-fs: Ignoring removed orlov option
[   80.337934][ T6586] EXT4-fs: Ignoring removed nomblk_io_submit option
[   80.398529][ T6590] loop0: detected capacity change from 0 to 512
[   80.405810][ T6590] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   80.418639][ T6590] EXT4-fs (loop0): 1 truncate cleaned up
[   80.437358][ T6590] EXT4-fs error (device loop0): mb_free_blocks:1948: group 0, inode 18: block 33:freeing already freed block (bit 32); block bitmap corrupt.
[   80.456355][ T6590] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1168'.
[   80.472386][ T6590] netlink: 'syz.0.1168': attribute type 10 has an invalid length.
[   80.949669][ T6617] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   80.958890][ T6617] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   80.972912][ T6619] loop3: detected capacity change from 0 to 512
[   80.981454][ T6619] EXT4-fs: Ignoring removed bh option
[   80.989142][ T6619] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[   81.000292][ T6619] EXT4-fs (loop3): 1 truncate cleaned up
[   81.011305][ T6619] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1180'.
[   81.027828][ T6619] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[   81.573261][ T6636] loop0: detected capacity change from 0 to 512
[   81.703629][ T6639] netlink: 'syz.4.1186': attribute type 10 has an invalid length.
[   81.714023][ T6639] bond0: (slave netdevsim1): Enslaving as an active interface with an up link
[   81.743492][ T6639] bond0: (slave dummy0): Releasing backup interface
[   81.750191][ T6639] bond0: (slave dummy0): the permanent HWaddr of slave - aa:aa:aa:aa:aa:24 - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts
[   81.829388][ T6639] bond0: (slave netdevsim1): Releasing backup interface
[   81.843455][ T6643] netlink: 'syz.2.1188': attribute type 10 has an invalid length.
[   81.862996][ T6643] bond0: (slave netdevsim1): Enslaving as an active interface with an up link
[   81.887868][ T6643] bond0: (slave dummy0): Releasing backup interface
[   81.894525][ T6643] bond0: (slave dummy0): the permanent HWaddr of slave - aa:aa:aa:aa:aa:24 - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts
[   81.937850][ T6643] bond0: (slave netdevsim1): Releasing backup interface
[   82.032670][ T6655] loop3: detected capacity change from 0 to 2048
[   82.084773][ T6655] Alternate GPT is invalid, using primary GPT.
[   82.091491][ T6655]  loop3: p2 p3 p7
[   82.177907][ T6665] loop3: detected capacity change from 0 to 2048
[   82.230762][ T6665] Alternate GPT is invalid, using primary GPT.
[   82.237398][ T6665]  loop3: p2 p3 p7
[   82.779757][ T6689] loop4: detected capacity change from 0 to 512
[   82.794034][ T6689] EXT4-fs: Ignoring removed bh option
[   82.806443][ T6689] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[   82.818445][ T6689] EXT4-fs (loop4): 1 truncate cleaned up
[   82.828039][ T6689] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1204'.
[   82.844047][ T6693] loop1: detected capacity change from 0 to 512
[   82.851540][ T6693] EXT4-fs: Ignoring removed bh option
[   82.860617][ T6693] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[   82.870879][ T6689] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[   82.883023][ T6693] EXT4-fs (loop1): 1 truncate cleaned up
[   82.893202][ T6693] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1205'.
[   82.909478][ T6693] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[   83.036500][ T6708] loop1: detected capacity change from 0 to 512
[   83.043385][ T6708] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   83.056523][ T6708] EXT4-fs (loop1): 1 truncate cleaned up
[   83.079293][ T6708] EXT4-fs error (device loop1): mb_free_blocks:1948: group 0, inode 18: block 33:freeing already freed block (bit 32); block bitmap corrupt.
[   83.119161][ T6708] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1211'.
[   83.128679][ T6708] netlink: 'syz.1.1211': attribute type 10 has an invalid length.
[   83.141895][ T6708] bond0: (slave dummy0): Enslaving as an active interface with an up link
[   83.270629][ T6731] loop1: detected capacity change from 0 to 1024
[   83.285738][ T6731] EXT4-fs: Ignoring removed orlov option
[   83.291502][ T6731] EXT4-fs: Ignoring removed nomblk_io_submit option
[   83.310351][ T6735] loop3: detected capacity change from 0 to 1024
[   83.360926][ T6735] ext4 filesystem being mounted at /279/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   83.387203][ T6751] loop4: detected capacity change from 0 to 512
[   83.391130][ T6745] loop0: detected capacity change from 0 to 8192
[   83.408237][ T6751] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   83.438472][ T6749] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1229'.
[   83.466629][ T6749] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[   83.492725][ T6751] EXT4-fs (loop4): 1 truncate cleaned up
[   83.523847][ T6751] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 18: block 33:freeing already freed block (bit 32); block bitmap corrupt.
[   83.542980][ T6751] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1230'.
[   83.580950][ T6769] loop1: detected capacity change from 0 to 512
[   83.587425][ T6769] EXT4-fs: Ignoring removed bh option
[   83.593220][ T6751] netlink: 'syz.4.1230': attribute type 10 has an invalid length.
[   83.603664][ T6769] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[   83.603927][ T6751] bond0: (slave dummy0): Enslaving as an active interface with an up link
[   83.635564][ T6766] loop0: detected capacity change from 0 to 1024
[   83.655830][ T6769] EXT4-fs (loop1): 1 truncate cleaned up
[   83.677261][ T6766] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.1235: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[   83.721119][ T6769] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1236'.
[   83.780959][ T6778] loop3: detected capacity change from 0 to 2048
[   83.788070][ T6783] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   83.822847][ T6783] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   83.865256][ T6778] Alternate GPT is invalid, using primary GPT.
[   83.871767][ T6778]  loop3: p2 p3 p7
[   83.970210][ T6793] loop1: detected capacity change from 0 to 512
[   83.989793][ T6797] loop0: detected capacity change from 0 to 512
[   84.012026][ T6797] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   84.025893][ T6799] netlink: 'syz.3.1249': attribute type 10 has an invalid length.
[   84.032345][ T6797] EXT4-fs (loop0): 1 truncate cleaned up
[   84.036816][ T6799] bond0: (slave netdevsim1): Enslaving as an active interface with an up link
[   84.058998][ T6797] EXT4-fs error (device loop0): mb_free_blocks:1948: group 0, inode 18: block 33:freeing already freed block (bit 32); block bitmap corrupt.
[   84.071811][ T6806] netlink: 'syz.3.1251': attribute type 10 has an invalid length.
[   84.082709][ T6803] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1250'.
[   84.092104][ T6797] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1248'.
[   84.101696][ T6797] netlink: 'syz.0.1248': attribute type 10 has an invalid length.
[   84.119979][ T6806] bond0: (slave dummy0): Releasing backup interface
[   84.126834][ T6806] bond0: (slave dummy0): the permanent HWaddr of slave - aa:aa:aa:aa:aa:24 - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts
[   84.153763][ T6808] loop0: detected capacity change from 0 to 1024
[   84.161046][ T6808] EXT4-fs: Ignoring removed orlov option
[   84.166802][ T6808] EXT4-fs: Ignoring removed nomblk_io_submit option
[   84.173767][ T6806] bond0: (slave netdevsim1): Releasing backup interface
[   84.228532][ T6815] loop0: detected capacity change from 0 to 512
[   84.250911][ T6815] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.1254: corrupted in-inode xattr: invalid ea_ino
[   84.265083][ T6815] EXT4-fs error (device loop0): ext4_orphan_get:1393: comm syz.0.1254: couldn't read orphan inode 15 (err -117)
[   84.280669][ T6815] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=6815 comm=syz.0.1254
[   84.322844][   T29] kauditd_printk_skb: 756 callbacks suppressed
[   84.322856][   T29] audit: type=1326 audit(1729454482.485:11823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6819 comm="syz.0.1256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7deaa4dff9 code=0x7ffc0000
[   84.364010][   T29] audit: type=1326 audit(1729454482.515:11824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6819 comm="syz.0.1256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7deaa4dff9 code=0x7ffc0000
[   84.387527][   T29] audit: type=1326 audit(1729454482.515:11825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6819 comm="syz.0.1256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7deaa4dff9 code=0x7ffc0000
[   84.411101][   T29] audit: type=1326 audit(1729454482.515:11826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6819 comm="syz.0.1256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=248 compat=0 ip=0x7f7deaa4dff9 code=0x7ffc0000
[   84.434577][   T29] audit: type=1326 audit(1729454482.515:11827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6819 comm="syz.0.1256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7deaa4dff9 code=0x7ffc0000
[   84.458087][   T29] audit: type=1326 audit(1729454482.515:11828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6819 comm="syz.0.1256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=249 compat=0 ip=0x7f7deaa4dff9 code=0x7ffc0000
[   84.481650][   T29] audit: type=1326 audit(1729454482.515:11829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6819 comm="syz.0.1256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7deaa4dff9 code=0x7ffc0000
[   84.505128][   T29] audit: type=1326 audit(1729454482.515:11830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6819 comm="syz.0.1256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=249 compat=0 ip=0x7f7deaa4dff9 code=0x7ffc0000
[   84.528726][   T29] audit: type=1326 audit(1729454482.525:11831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6819 comm="syz.0.1256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7deaa4dff9 code=0x7ffc0000
[   84.552445][   T29] audit: type=1326 audit(1729454482.525:11832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6819 comm="syz.0.1256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7deaa4dff9 code=0x7ffc0000
[   84.620790][ T6830] loop4: detected capacity change from 0 to 2048
[   84.681316][ T6830] Alternate GPT is invalid, using primary GPT.
[   84.687747][ T6830]  loop4: p2 p3 p7
[   84.767203][ T6838] loop0: detected capacity change from 0 to 512
[   84.786551][ T6841] loop1: detected capacity change from 0 to 512
[   84.788904][ T6838] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   84.802034][ T6841] EXT4-fs: Ignoring removed bh option
[   84.813714][ T6838] EXT4-fs (loop0): 1 truncate cleaned up
[   84.820029][ T6841] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[   84.833918][ T6838] EXT4-fs error (device loop0): mb_free_blocks:1948: group 0, inode 18: block 33:freeing already freed block (bit 32); block bitmap corrupt.
[   84.839319][ T6841] EXT4-fs (loop1): 1 truncate cleaned up
[   84.850909][ T6838] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1262'.
[   84.864802][ T6838] netlink: 'syz.0.1262': attribute type 10 has an invalid length.
[   84.883257][ T6841] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1264'.
[   84.936718][ T6858] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[   84.962949][ T6863] syz.0.1272[6863] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   84.963092][ T6863] syz.0.1272[6863] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   84.974705][ T6863] syz.0.1272[6863] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   85.023250][ T6867] loop1: detected capacity change from 0 to 2048
[   85.050797][ T6869] loop0: detected capacity change from 0 to 512
[   85.070926][ T6867] Alternate GPT is invalid, using primary GPT.
[   85.077558][ T6867]  loop1: p2 p3 p7
[   85.107154][ T6880] netlink: 'syz.3.1280': attribute type 10 has an invalid length.
[   85.108084][ T6878] loop1: detected capacity change from 0 to 512
[   85.117720][ T6880] bond0: (slave netdevsim1): Enslaving as an active interface with an up link
[   85.122203][ T6878] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   85.141954][ T6878] EXT4-fs (loop1): 1 truncate cleaned up
[   85.157310][ T6880] bond0: (slave netdevsim1): Releasing backup interface
[   85.163860][ T6878] EXT4-fs error (device loop1): mb_free_blocks:1948: group 0, inode 18: block 33:freeing already freed block (bit 32); block bitmap corrupt.
[   85.189535][ T6878] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1279'.
[   85.201120][ T6878] netlink: 'syz.1.1279': attribute type 10 has an invalid length.
[   85.260906][ T6888] loop1: detected capacity change from 0 to 512
[   85.278881][ T6888] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.1283: corrupted in-inode xattr: invalid ea_ino
[   85.307061][ T6888] EXT4-fs error (device loop1): ext4_orphan_get:1393: comm syz.1.1283: couldn't read orphan inode 15 (err -117)
[   85.332878][ T6888] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=6888 comm=syz.1.1283
[   85.397213][ T6891] netlink: 'syz.1.1284': attribute type 10 has an invalid length.
[   85.416854][ T6891] bond0: (slave netdevsim1): Enslaving as an active interface with an up link
[   85.698984][ T6908] loop4: detected capacity change from 0 to 128
[   85.707242][ T6906] loop1: detected capacity change from 0 to 1024
[   85.767235][ T6906] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.1291: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[   86.088580][ T6927] loop1: detected capacity change from 0 to 1024
[   86.116505][ T6927] EXT4-fs: Ignoring removed orlov option
[   86.122379][ T6927] EXT4-fs: Ignoring removed nomblk_io_submit option
[   86.150949][ T6928] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[   86.206930][ T6932] syz.3.1303[6932] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   86.206995][ T6932] syz.3.1303[6932] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   86.223881][ T6932] syz.3.1303[6932] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   86.270135][ T6936] netlink: 'syz.3.1304': attribute type 10 has an invalid length.
[   86.297301][ T6936] bond0: (slave netdevsim1): Enslaving as an active interface with an up link
[   86.366870][ T6936] bond0: (slave netdevsim1): Releasing backup interface
[   86.436285][ T6944] bond0: (slave netdevsim1): Enslaving as an active interface with an up link
[   86.440788][ T6941] loop0: detected capacity change from 0 to 512
[   86.463026][ T6945] loop1: detected capacity change from 0 to 1024
[   86.512768][ T6944] bond0: (slave netdevsim1): Releasing backup interface
[   86.517315][ T6945] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.1307: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[   86.803952][ T6961] loop4: detected capacity change from 0 to 1024
[   86.811265][ T6961] EXT4-fs: Ignoring removed orlov option
[   86.817904][ T6961] EXT4-fs: Ignoring removed nomblk_io_submit option
[   86.831859][ T6962] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1314'.
[   86.868478][ T6962] bond0: (slave dummy0): Enslaving as an active interface with an up link
[   87.085874][ T6968] loop1: detected capacity change from 0 to 8192
[   87.177272][ T6973] loop1: detected capacity change from 0 to 512
[   87.187266][ T6973] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.1319: corrupted in-inode xattr: invalid ea_ino
[   87.215227][ T6973] EXT4-fs error (device loop1): ext4_orphan_get:1393: comm syz.1.1319: couldn't read orphan inode 15 (err -117)
[   87.248551][ T6973] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=6973 comm=syz.1.1319
[   87.364685][ T6995] loop0: detected capacity change from 0 to 512
[   87.371537][ T6995] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   87.382621][ T6995] EXT4-fs (loop0): 1 truncate cleaned up
[   87.389936][ T6995] EXT4-fs error (device loop0): mb_free_blocks:1948: group 0, inode 16: block 33:freeing already freed block (bit 32); block bitmap corrupt.
[   87.407236][ T6995] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1327'.
[   87.455556][ T7000] loop3: detected capacity change from 0 to 8192
[   87.769078][ T7024] loop0: detected capacity change from 0 to 512
[   87.776717][ T7024] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   87.781487][ T7026] loop3: detected capacity change from 0 to 512
[   87.793182][ T7026] EXT4-fs: Ignoring removed bh option
[   87.798412][ T7024] EXT4-fs (loop0): 1 truncate cleaned up
[   87.799073][ T7026] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[   87.807019][ T7024] EXT4-fs error (device loop0): mb_free_blocks:1948: group 0, inode 16: block 33:freeing already freed block (bit 32); block bitmap corrupt.
[   87.824279][ T7026] EXT4-fs (loop3): 1 truncate cleaned up
[   87.852460][ T7026] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[   87.919719][ T7035] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   87.928503][ T7035] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   88.287500][ T7057] loop3: detected capacity change from 0 to 512
[   88.294279][ T7057] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   88.305917][ T7057] EXT4-fs (loop3): 1 truncate cleaned up
[   88.313011][ T7057] EXT4-fs error (device loop3): mb_free_blocks:1948: group 0, inode 16: block 33:freeing already freed block (bit 32); block bitmap corrupt.
[   88.329373][ T7057] validate_nla: 4 callbacks suppressed
[   88.329387][ T7057] netlink: 'syz.3.1352': attribute type 10 has an invalid length.
[   88.345056][ T7057] bond0: (slave dummy0): Enslaving as an active interface with an up link
[   89.047427][ T7077] loop1: detected capacity change from 0 to 512
[   89.452529][   T29] kauditd_printk_skb: 760 callbacks suppressed
[   89.452542][   T29] audit: type=1326 audit(1729454487.618:12593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7086 comm="syz.0.1362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7deaa4dff9 code=0x7ffc0000
[   89.492882][   T29] audit: type=1326 audit(1729454487.648:12594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7086 comm="syz.0.1362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f7deaa4dff9 code=0x7ffc0000
[   89.516421][   T29] audit: type=1326 audit(1729454487.648:12595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7086 comm="syz.0.1362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7deaa4dff9 code=0x7ffc0000
[   89.539957][   T29] audit: type=1326 audit(1729454487.648:12596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7086 comm="syz.0.1362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7deaa4dff9 code=0x7ffc0000
[   89.563525][   T29] audit: type=1326 audit(1729454487.648:12597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7086 comm="syz.0.1362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7deaa4dff9 code=0x7ffc0000
[   89.587028][   T29] audit: type=1326 audit(1729454487.648:12598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7086 comm="syz.0.1362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7deaa4dff9 code=0x7ffc0000
[   89.610617][   T29] audit: type=1326 audit(1729454487.648:12599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7086 comm="syz.0.1362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f7deaa4dff9 code=0x7ffc0000
[   89.634122][   T29] audit: type=1326 audit(1729454487.658:12600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7086 comm="syz.0.1362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7deaa4dff9 code=0x7ffc0000
[   89.657849][   T29] audit: type=1326 audit(1729454487.658:12601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7086 comm="syz.0.1362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7deaa4dff9 code=0x7ffc0000
[   89.681294][   T29] audit: type=1326 audit(1729454487.658:12602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7086 comm="syz.0.1362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7deaa4dff9 code=0x7ffc0000
[   89.779418][ T7093] loop0: detected capacity change from 0 to 512
[   89.786342][ T7093] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   89.797558][ T7093] EXT4-fs (loop0): 1 truncate cleaned up
[   89.804542][ T7093] EXT4-fs error (device loop0): mb_free_blocks:1948: group 0, inode 16: block 33:freeing already freed block (bit 32); block bitmap corrupt.
[   89.821123][ T7093] __nla_validate_parse: 3 callbacks suppressed
[   89.821140][ T7093] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1364'.
[   89.836872][ T7093] netlink: 'syz.0.1364': attribute type 10 has an invalid length.
[   89.887536][ T7105] netlink: 'syz.0.1368': attribute type 10 has an invalid length.
[   89.896910][ T7105] bond0: (slave netdevsim1): Enslaving as an active interface with an up link
[   89.915911][ T7105] bond0: (slave dummy0): Releasing backup interface
[   89.922805][ T7105] bond0: (slave dummy0): the permanent HWaddr of slave - aa:aa:aa:aa:aa:24 - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts
[   89.957912][ T7105] bond0: (slave netdevsim1): Releasing backup interface
[   90.331368][ T7119] loop4: detected capacity change from 0 to 512
[   90.338265][ T7119] EXT4-fs: Ignoring removed bh option
[   90.344003][ T7119] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[   90.353866][ T7119] EXT4-fs (loop4): 1 truncate cleaned up
[   90.363575][ T7119] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1373'.
[   90.381001][ T7119] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[   90.573297][ T7124] loop3: detected capacity change from 0 to 8192
[   90.664551][ T7126] loop4: detected capacity change from 0 to 1024
[   90.686434][ T7126] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.1375: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[   90.728586][ T7131] loop1: detected capacity change from 0 to 512
[   90.735585][ T7131] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   90.747300][ T7131] EXT4-fs (loop1): 1 truncate cleaned up
[   90.754297][ T7131] EXT4-fs error (device loop1): mb_free_blocks:1948: group 0, inode 16: block 33:freeing already freed block (bit 32); block bitmap corrupt.
[   90.770819][ T7131] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1377'.
[   90.780467][ T7131] netlink: 'syz.1.1377': attribute type 10 has an invalid length.
[   90.805872][ T7139] loop0: detected capacity change from 0 to 512
[   90.808840][ T7143] loop4: detected capacity change from 0 to 1024
[   90.818558][ T7139] EXT4-fs: Ignoring removed bh option
[   90.819252][ T7143] EXT4-fs: Ignoring removed orlov option
[   90.830023][ T7143] EXT4-fs: Ignoring removed nomblk_io_submit option
[   90.832400][ T7139] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[   90.857879][ T7139] EXT4-fs (loop0): 1 truncate cleaned up
[   90.869531][ T7151] loop1: detected capacity change from 0 to 512
[   90.873178][ T7139] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1380'.
[   90.896540][ T7139] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[   90.904464][ T7151] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.1383: corrupted in-inode xattr: invalid ea_ino
[   90.920826][ T7151] EXT4-fs error (device loop1): ext4_orphan_get:1393: comm syz.1.1383: couldn't read orphan inode 15 (err -117)
[   90.937860][ T7151] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=7151 comm=syz.1.1383
[   90.941947][ T7154] loop4: detected capacity change from 0 to 1024
[   90.974498][ T7154] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.1384: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[   90.999465][ T7160] loop1: detected capacity change from 0 to 1024
[   91.020028][ T7160] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.1386: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[   91.076258][ T7169] loop0: detected capacity change from 0 to 512
[   91.082334][ T7171] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[   91.083210][ T7169] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   91.103315][ T7169] EXT4-fs (loop0): 1 truncate cleaned up
[   91.192201][ T7169] EXT4-fs error (device loop0): mb_free_blocks:1948: group 0, inode 18: block 33:freeing already freed block (bit 32); block bitmap corrupt.
[   91.217611][ T7180] loop4: detected capacity change from 0 to 512
[   91.224128][ T7180] EXT4-fs: Ignoring removed bh option
[   91.242891][ T7180] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[   91.249827][ T7169] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1390'.
[   91.270047][ T7180] EXT4-fs (loop4): 1 truncate cleaned up
[   91.290928][ T7176] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1393'.
[   91.303335][ T7169] netlink: 'syz.0.1390': attribute type 10 has an invalid length.
[   91.331315][ T7185] loop1: detected capacity change from 0 to 1024
[   91.338894][ T7169] bond0: (slave dummy0): Enslaving as an active interface with an up link
[   91.354815][ T7176] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[   91.378999][ T7185] ext4 filesystem being mounted at /320/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   91.448487][ T7189] loop0: detected capacity change from 0 to 512
[   91.465073][ T7189] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.1396: corrupted in-inode xattr: invalid ea_ino
[   91.481040][ T7189] EXT4-fs error (device loop0): ext4_orphan_get:1393: comm syz.0.1396: couldn't read orphan inode 15 (err -117)
[   91.513571][ T7189] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=7189 comm=syz.0.1396
[   91.565839][ T7203] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[   91.592355][ T7213] pimreg: entered allmulticast mode
[   91.600055][ T7209] loop4: detected capacity change from 0 to 8192
[   91.609753][ T7213] pimreg: left allmulticast mode
[   91.780944][ T7226] pimreg: entered allmulticast mode
[   91.805646][ T7226] pimreg: left allmulticast mode
[   91.893650][ T7239] loop4: detected capacity change from 0 to 1024
[   91.900589][ T7239] EXT4-fs: Ignoring removed orlov option
[   91.906304][ T7239] EXT4-fs: Ignoring removed nomblk_io_submit option
[   91.918626][ T7237] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=7237 comm=syz.2.1417
[   91.937020][ T7244] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[   91.950322][ T7241] loop1: detected capacity change from 0 to 512
[   91.957535][ T7241] EXT4-fs: Ignoring removed bh option
[   91.965313][ T7241] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[   91.984303][ T7241] EXT4-fs (loop1): 1 truncate cleaned up
[   91.993345][ T7241] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1420'.
[   92.023245][ T7257] pimreg: entered allmulticast mode
[   92.030775][ T7257] pimreg: left allmulticast mode
[   92.164912][ T7277] loop4: detected capacity change from 0 to 512
[   92.167799][ T7279] loop1: detected capacity change from 0 to 512
[   92.179980][ T7279] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.1434: corrupted in-inode xattr: invalid ea_ino
[   92.193662][ T7279] EXT4-fs error (device loop1): ext4_orphan_get:1393: comm syz.1.1434: couldn't read orphan inode 15 (err -117)
[   92.208680][ T7279] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=7279 comm=syz.1.1434
[   92.250469][ T7287] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[   92.303069][ T7293] loop1: detected capacity change from 0 to 512
[   92.309612][ T7293] EXT4-fs: Ignoring removed bh option
[   92.315237][ T7293] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[   92.324533][ T7293] EXT4-fs (loop1): 1 truncate cleaned up
[   92.333347][ T7293] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1439'.
[   92.440787][ T7301] pimreg: entered allmulticast mode
[   92.448310][ T7301] pimreg: left allmulticast mode
[   92.532516][ T7313] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=7313 comm=syz.2.1447
[   92.914328][ T7323] loop0: detected capacity change from 0 to 512
[   92.920983][ T7323] EXT4-fs: Ignoring removed bh option
[   92.926806][ T7323] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[   92.936179][ T7323] EXT4-fs (loop0): 1 truncate cleaned up
[   92.945709][ T7323] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1451'.
[   92.982612][ T7327] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1452'.
[   93.027965][ T7331] loop0: detected capacity change from 0 to 1024
[   93.046981][ T7331] ext4 filesystem being mounted at /296/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   93.388010][ T7351] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   93.406454][ T7351] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   93.445419][ T7353] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[   93.451978][ T7353] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   93.459444][ T7353] vhci_hcd vhci_hcd.0: Device attached
[   93.484338][ T7353] capability: warning: `syz.3.1462' uses deprecated v2 capabilities in a way that may be insecure
[   93.516330][ T7357] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[   93.525778][ T7354] vhci_hcd: connection closed
[   93.525954][ T2123] vhci_hcd: stop threads
[   93.534887][ T2123] vhci_hcd: release socket
[   93.539380][ T2123] vhci_hcd: disconnect device
[   93.562042][ T7360] bond0: (slave dummy0): Releasing backup interface
[   93.591454][ T7361] netlink: 'syz.2.1464': attribute type 10 has an invalid length.
[   93.614207][ T7363] loop4: detected capacity change from 0 to 1024
[   93.627389][ T7363] ext4 filesystem being mounted at /254/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   93.638803][ T7365] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=7365 comm=syz.2.1467
[   93.736154][ T7383] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[   93.773829][ T7380] loop4: detected capacity change from 0 to 8192
[   93.810317][ T7385] bond0: (slave dummy0): Releasing backup interface
[   93.907105][ T7389] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[   93.944607][ T7393] loop4: detected capacity change from 0 to 1024
[   93.964839][ T7393] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.1478: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[   94.076959][ T7398] loop1: detected capacity change from 0 to 512
[   94.086246][ T7398] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.1480: corrupted in-inode xattr: invalid ea_ino
[   94.108367][ T7398] EXT4-fs error (device loop1): ext4_orphan_get:1393: comm syz.1.1480: couldn't read orphan inode 15 (err -117)
[   94.159159][ T7398] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=7398 comm=syz.1.1480
[   94.174899][ T7406] loop0: detected capacity change from 0 to 1024
[   94.240609][ T7406] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.1484: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[   94.285137][ T7420] bond0: (slave dummy0): Releasing backup interface
[   94.372952][ T7423] loop3: detected capacity change from 0 to 512
[   94.462356][   T29] kauditd_printk_skb: 573 callbacks suppressed
[   94.462371][   T29] audit: type=1326 audit(1729454492.627:13176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7429 comm="syz.0.1492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7deaa4dff9 code=0x7ffc0000
[   94.495246][   T29] audit: type=1326 audit(1729454492.627:13177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7429 comm="syz.0.1492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7deaa4dff9 code=0x7ffc0000
[   94.519002][   T29] audit: type=1326 audit(1729454492.657:13178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7429 comm="syz.0.1492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7deaa4dff9 code=0x7ffc0000
[   94.542623][   T29] audit: type=1326 audit(1729454492.657:13179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7429 comm="syz.0.1492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7deaa4dff9 code=0x7ffc0000
[   94.566204][   T29] audit: type=1326 audit(1729454492.657:13180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7429 comm="syz.0.1492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7deaa4dff9 code=0x7ffc0000
[   94.589712][   T29] audit: type=1326 audit(1729454492.657:13181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7429 comm="syz.0.1492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7deaa4dff9 code=0x7ffc0000
[   94.613274][   T29] audit: type=1326 audit(1729454492.657:13182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7429 comm="syz.0.1492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7deaa4dff9 code=0x7ffc0000
[   94.636936][   T29] audit: type=1326 audit(1729454492.657:13183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7429 comm="syz.0.1492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7deaa4dff9 code=0x7ffc0000
[   94.660426][   T29] audit: type=1326 audit(1729454492.657:13184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7429 comm="syz.0.1492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7deaa4dff9 code=0x7ffc0000
[   94.684007][   T29] audit: type=1326 audit(1729454492.657:13185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7429 comm="syz.0.1492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7deaa4dff9 code=0x7ffc0000
[   94.929124][ T7437] loop0: detected capacity change from 0 to 2048
[   95.104812][ T7442] loop4: detected capacity change from 0 to 512
[   95.250114][ T7444] __nla_validate_parse: 3 callbacks suppressed
[   95.250129][ T7444] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1496'.
[   95.355504][ T7454] loop1: detected capacity change from 0 to 512
[   95.362477][ T7454] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   95.374034][ T7454] EXT4-fs (loop1): 1 truncate cleaned up
[   95.380230][ T7454] EXT4-fs mount: 121 callbacks suppressed
[   95.380244][ T7454] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   95.402794][ T7454] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1500'.
[   95.412635][ T7454] netlink: 'syz.1.1500': attribute type 10 has an invalid length.
[   95.464744][ T3269] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   95.675313][ T7471] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1507'.
[   95.801135][ T7481] loop3: detected capacity change from 0 to 512
[   95.852150][ T7477] loop4: detected capacity change from 0 to 2048
[   95.860181][ T7485] loop1: detected capacity change from 0 to 1024
[   95.860529][ T7487] netlink: 5 bytes leftover after parsing attributes in process `syz.3.1513'.
[   95.866820][ T7485] EXT4-fs: Ignoring removed orlov option
[   95.876418][ T7487] 0ªX¹¦Dö»: renamed from gretap0 (while UP)
[   95.881090][ T7485] EXT4-fs: Ignoring removed nomblk_io_submit option
[   95.896429][ T7477] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   95.910044][ T7487] 0ªX¹¦Dö»: entered allmulticast mode
[   95.988365][ T7485] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   96.007045][ T7494] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1515'.
[   96.025626][ T3269] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.048154][ T7494] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1515'.
[   96.060562][ T3275] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.107180][ T7506] loop1: detected capacity change from 0 to 8192
[   96.129614][ T7510] batadv0: entered promiscuous mode
[   96.144040][ T7508] loop4: detected capacity change from 0 to 512
[   96.152728][ T7510] batadv_slave_0: entered promiscuous mode
[   96.181334][ T7516] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1523'.
[   96.194671][ T7518] loop1: detected capacity change from 0 to 512
[   96.201053][ T7516] batadv0 (unregistering): left promiscuous mode
[   96.201957][ T7518] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   96.218679][ T7518] EXT4-fs (loop1): 1 truncate cleaned up
[   96.224723][ T7518] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   96.240008][ T7518] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1524'.
[   96.249794][ T7518] netlink: 'syz.1.1524': attribute type 10 has an invalid length.
[   96.264014][ T3269] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.298855][ T7524] bond0: (slave dummy0): Releasing backup interface
[   96.305625][ T7524] bond0: (slave dummy0): the permanent HWaddr of slave - aa:aa:aa:aa:aa:24 - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts
[   96.338588][ T7524] bond0: (slave netdevsim1): Releasing backup interface
[   96.730219][ T7532] loop3: detected capacity change from 0 to 512
[   96.748685][ T7532] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #15: comm syz.3.1529: corrupted in-inode xattr: invalid ea_ino
[   96.763309][ T7532] EXT4-fs error (device loop3): ext4_orphan_get:1393: comm syz.3.1529: couldn't read orphan inode 15 (err -117)
[   96.776114][ T7532] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   96.793830][ T7532] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=7532 comm=syz.3.1529
[   96.815784][ T3270] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.096643][ T7540] loop4: detected capacity change from 0 to 8192
[   97.242848][ T7550] loop3: detected capacity change from 0 to 512
[   97.249874][ T7550] EXT4-fs: Ignoring removed oldalloc option
[   97.257760][ T7550] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   97.283100][ T7550] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2863: Unable to expand inode 11. Delete some EAs or run e2fsck.
[   97.303097][ T7550] EXT4-fs (loop3): 1 truncate cleaned up
[   97.309559][ T7550] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   97.316628][ T7559] usb usb5: usbfs: process 7559 (syz.2.1541) did not claim interface 0 before use
[   97.334972][ T7559] usb usb5: selecting invalid altsetting 155
[   97.354449][ T7557] loop1: detected capacity change from 0 to 8192
[   97.398660][ T7557]  loop1: p2 p3 p4
[   97.402518][ T7557] loop1: p2 start 452985600 is beyond EOD, truncated
[   97.409392][ T7557] loop1: p3 start 4177527808 is beyond EOD, truncated
[   97.416243][ T7557] loop1: p4 size 3599499392 extends beyond EOD, truncated
[   98.088782][ T3270] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.202488][ T7576] loop4: detected capacity change from 0 to 8192
[   98.440907][ T7584] loop4: detected capacity change from 0 to 1024
[   98.454360][ T7584] EXT4-fs: Ignoring removed orlov option
[   98.460103][ T7584] EXT4-fs: Ignoring removed nomblk_io_submit option
[   98.476514][ T7586] loop3: detected capacity change from 0 to 1024
[   98.476995][ T7584] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   98.483357][ T7586] EXT4-fs: Ignoring removed orlov option
[   98.501333][ T7586] EXT4-fs: Ignoring removed nomblk_io_submit option
[   98.509100][ T3275] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.537822][ T7586] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   98.574464][ T7599] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1552'.
[   98.589480][ T7586] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1549'.
[   98.610473][ T3270] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.625888][ T7604] loop4: detected capacity change from 0 to 512
[   98.644190][ T7604] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.1553: corrupted in-inode xattr: invalid ea_ino
[   98.658218][ T7604] EXT4-fs error (device loop4): ext4_orphan_get:1393: comm syz.4.1553: couldn't read orphan inode 15 (err -117)
[   98.671237][ T7604] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   98.689306][ T7604] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=7604 comm=syz.4.1553
[   98.708797][ T7613] loop3: detected capacity change from 0 to 512
[   98.715882][ T3275] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.716250][ T7613] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   98.736363][ T7613] EXT4-fs (loop3): 1 truncate cleaned up
[   98.742937][ T7613] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   98.744463][ T7616] netlink: 'syz.4.1557': attribute type 10 has an invalid length.
[   98.763354][ T7616] hsr0: entered promiscuous mode
[   98.774221][ T7616] bond0: (slave hsr0): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[   98.786598][ T7616] bond0: (slave hsr0): The slave device specified does not support setting the MAC address
[   98.798533][ T7616] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[   98.811167][ T7616] bond0: (slave hsr0): Error -22 calling dev_set_mtu
[   98.818363][ T7618] netlink: 'syz.3.1556': attribute type 10 has an invalid length.
[   98.829440][ T7618] bond0: (slave dummy0): Enslaving as an active interface with an up link
[   98.850052][ T3270] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.878199][ T7620] hub 6-0:1.0: USB hub found
[   98.882879][ T7620] hub 6-0:1.0: 8 ports detected
[   98.911526][ T7626] loop4: detected capacity change from 0 to 1024
[   98.918715][ T7626] EXT4-fs: Ignoring removed orlov option
[   98.921614][ T7628] loop3: detected capacity change from 0 to 512
[   98.924413][ T7626] EXT4-fs: Ignoring removed nomblk_io_submit option
[   98.931369][ T7628] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   98.948734][ T7628] EXT4-fs (loop3): 1 truncate cleaned up
[   98.954715][ T7628] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   98.974572][ T7628] netlink: 'syz.3.1562': attribute type 10 has an invalid length.
[   98.978626][ T7626] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   99.014944][ T3275] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.025482][ T3270] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.044162][ T7635] usb usb5: usbfs: process 7635 (syz.2.1566) did not claim interface 0 before use
[   99.053997][ T7635] usb usb5: selecting invalid altsetting 155
[   99.094577][ T7640] loop3: detected capacity change from 0 to 512
[   99.152091][ T7651] netlink: 'syz.4.1571': attribute type 10 has an invalid length.
[   99.162126][ T7651] bond0: (slave netdevsim1): Enslaving as an active interface with an up link
[   99.925818][ T7666] 1ªX¹¦Dö»: renamed from 
00ªX¹¦Dö» (while UP)
[   99.982802][ T7668] loop3: detected capacity change from 0 to 512
[  100.061722][   T29] kauditd_printk_skb: 562 callbacks suppressed
[  100.061736][   T29] audit: type=1326 audit(1729454498.224:13748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7676 comm="syz.4.1580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f041525dff9 code=0x7ffc0000
[  100.092050][   T29] audit: type=1326 audit(1729454498.224:13749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7676 comm="syz.4.1580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f041525dff9 code=0x7ffc0000
[  100.092074][   T29] audit: type=1326 audit(1729454498.224:13750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7676 comm="syz.4.1580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f041525dff9 code=0x7ffc0000
[  100.092092][   T29] audit: type=1326 audit(1729454498.224:13751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7676 comm="syz.4.1580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f041525dff9 code=0x7ffc0000
[  100.092148][   T29] audit: type=1326 audit(1729454498.224:13752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7676 comm="syz.4.1580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=248 compat=0 ip=0x7f041525dff9 code=0x7ffc0000
[  100.092172][   T29] audit: type=1326 audit(1729454498.224:13753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7676 comm="syz.4.1580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f041525dff9 code=0x7ffc0000
[  100.092265][   T29] audit: type=1326 audit(1729454498.224:13754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7676 comm="syz.4.1580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=249 compat=0 ip=0x7f041525dff9 code=0x7ffc0000
[  100.092287][   T29] audit: type=1326 audit(1729454498.224:13755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7676 comm="syz.4.1580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f041525dff9 code=0x7ffc0000
[  100.092309][   T29] audit: type=1326 audit(1729454498.224:13756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7676 comm="syz.4.1580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=249 compat=0 ip=0x7f041525dff9 code=0x7ffc0000
[  100.092329][   T29] audit: type=1326 audit(1729454498.224:13757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7676 comm="syz.4.1580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f041525dff9 code=0x7ffc0000
[  100.119041][ T7680] loop3: detected capacity change from 0 to 512
[  100.177414][ T7682] program syz.4.1582 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  100.386452][ T7689] bond0: (slave netdevsim1): Releasing backup interface
[  101.301942][ T7705] __nla_validate_parse: 6 callbacks suppressed
[  101.301953][ T7705] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1591'.
[  101.369536][ T7712] bond0: (slave dummy0): Releasing backup interface
[  101.481845][ T7722] lo speed is unknown, defaulting to 1000
[  101.487795][ T7722] lo speed is unknown, defaulting to 1000
[  101.493669][ T7722] lo speed is unknown, defaulting to 1000
[  101.500335][ T7722] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  101.509948][ T7722] lo speed is unknown, defaulting to 1000
[  101.516267][ T7722] lo speed is unknown, defaulting to 1000
[  101.522196][ T7722] lo speed is unknown, defaulting to 1000
[  101.528204][ T7722] lo speed is unknown, defaulting to 1000
[  101.534226][ T7722] lo speed is unknown, defaulting to 1000
[  101.540324][ T7722] lo speed is unknown, defaulting to 1000
[  101.546510][ T7722] lo speed is unknown, defaulting to 1000
[  101.552458][ T7722] lo speed is unknown, defaulting to 1000
[  102.204159][ T7732] loop4: detected capacity change from 0 to 1024
[  102.210842][ T7732] EXT4-fs: Ignoring removed orlov option
[  102.216522][ T7732] EXT4-fs: Ignoring removed nomblk_io_submit option
[  102.226877][ T7732] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.245469][ T3275] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.356740][ T7742] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1604'.
[  102.562155][ T7758] loop1: detected capacity change from 0 to 8192
[  102.717785][ T7763] loop1: detected capacity change from 0 to 1024
[  102.724761][ T7763] EXT4-fs: Ignoring removed orlov option
[  102.730805][ T7763] EXT4-fs: Ignoring removed nomblk_io_submit option
[  102.757102][ T7763] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.757329][ T7769] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=514 sclass=netlink_route_socket pid=7769 comm=syz.3.1614
[  102.791239][ T3269] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.824642][ T7769] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1614'.
[  102.848987][ T7771] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1616'.
[  102.915010][ T7793] loop3: detected capacity change from 0 to 1024
[  102.921933][ T7793] EXT4-fs: Ignoring removed orlov option
[  102.927771][ T7793] EXT4-fs: Ignoring removed nomblk_io_submit option
[  102.957938][ T7793] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.979957][ T3270] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.990582][ T7797] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  103.001341][ T7797] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  103.094323][ T7810] program syz.3.1631 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  103.243926][ T7824] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[  103.250465][ T7824] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  103.258082][ T7824] vhci_hcd vhci_hcd.0: Device attached
[  103.337230][ T7825] vhci_hcd: connection closed
[  103.337465][   T56] vhci_hcd: stop threads
[  103.346469][   T56] vhci_hcd: release socket
[  103.350908][   T56] vhci_hcd: disconnect device
[  103.598495][ T7832] loop1: detected capacity change from 0 to 512
[  103.605311][ T7832] EXT4-fs: Ignoring removed bh option
[  103.611181][ T7832] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  103.631440][ T7832] EXT4-fs (loop1): 1 truncate cleaned up
[  103.638250][ T7832] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  103.653305][ T7832] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1640'.
[  103.724131][ T3269] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.859218][ T7847] loop1: detected capacity change from 0 to 1024
[  103.866357][ T7847] EXT4-fs: Ignoring removed orlov option
[  103.872074][ T7847] EXT4-fs: Ignoring removed nomblk_io_submit option
[  103.909439][ T7847] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  103.963459][ T3269] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.982749][ T7854] loop3: detected capacity change from 0 to 512
[  103.990486][ T7854] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  104.001907][ T7854] EXT4-fs (loop3): 1 truncate cleaned up
[  104.009997][ T7854] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  104.025627][ T7854] netlink: 'syz.3.1649': attribute type 10 has an invalid length.
[  104.039748][ T7854] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  104.120105][ T3270] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.198489][ T7879] loop4: detected capacity change from 0 to 128
[  104.308439][ T7886] netlink: 'syz.2.1660': attribute type 21 has an invalid length.
[  104.325635][ T7886] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1660'.
[  104.354506][ T7888] loop1: detected capacity change from 0 to 1024
[  104.361428][ T7888] EXT4-fs: Ignoring removed orlov option
[  104.367121][ T7888] EXT4-fs: Ignoring removed nomblk_io_submit option
[  104.384773][ T7891] loop4: detected capacity change from 0 to 512
[  104.407348][ T7891] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  104.443069][ T7891] ext4 filesystem being mounted at /302/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  104.463306][ T7888] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  104.503956][ T7886] hub 6-0:1.0: USB hub found
[  104.509088][ T3269] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.523674][ T7886] hub 6-0:1.0: 8 ports detected
[  104.765941][ T7925] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  104.784903][ T7925] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  104.853294][ T7910] chnl_net:caif_netlink_parms(): no params data found
[  104.886915][ T3275] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.004184][ T7910] bridge0: port 1(bridge_slave_0) entered blocking state
[  105.011361][ T7910] bridge0: port 1(bridge_slave_0) entered disabled state
[  105.019326][ T7910] bridge_slave_0: entered allmulticast mode
[  105.026365][ T7910] bridge_slave_0: entered promiscuous mode
[  105.033293][ T7910] bridge0: port 2(bridge_slave_1) entered blocking state
[  105.040379][ T7910] bridge0: port 2(bridge_slave_1) entered disabled state
[  105.048488][ T7910] bridge_slave_1: entered allmulticast mode
[  105.054920][ T7910] bridge_slave_1: entered promiscuous mode
[  105.076692][ T7910] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  105.087755][ T7910] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  105.111276][ T7910] team0: Port device team_slave_0 added
[  105.118217][ T7910] team0: Port device team_slave_1 added
[  105.138089][ T7910] batman_adv: batadv0: Adding interface: batadv_slave_0
[  105.145043][ T7910] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  105.171043][ T7910] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  105.182433][ T7910] batman_adv: batadv0: Adding interface: batadv_slave_1
[  105.189463][ T7910] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  105.215460][ T7910] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  105.253483][ T7910] hsr_slave_0: entered promiscuous mode
[  105.260586][ T7910] hsr_slave_1: entered promiscuous mode
[  105.267873][ T7910] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  105.275554][ T7910] Cannot create hsr debugfs directory
[  105.423271][ T7910] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  105.517559][ T7946] netlink: 'syz.1.1675': attribute type 21 has an invalid length.
[  105.525514][ T7946] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1675'.
[  105.540453][ T7910] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  106.036355][ T7953] loop3: detected capacity change from 0 to 2048
[  106.079338][ T7910] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  106.120110][ T7953] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  106.163368][ T7910] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  106.213817][ T7951] hub 6-0:1.0: USB hub found
[  106.221468][ T7951] hub 6-0:1.0: 8 ports detected
[  106.384612][ T7910] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  106.450179][ T7910] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  106.510623][ T7910] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  106.531947][ T7910] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  106.546768][   T29] kauditd_printk_skb: 575 callbacks suppressed
[  106.546780][   T29] audit: type=1326 audit(1729454504.714:14333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7962 comm="syz.1.1678" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41e246dff9 code=0x7ffc0000
[  106.579723][   T29] audit: type=1326 audit(1729454504.744:14334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7962 comm="syz.1.1678" exe="/root/syz-executor" sig=0 arch=c000003e syscall=193 compat=0 ip=0x7f41e246dff9 code=0x7ffc0000
[  106.603267][   T29] audit: type=1326 audit(1729454504.744:14335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7962 comm="syz.1.1678" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41e246dff9 code=0x7ffc0000
[  106.626850][   T29] audit: type=1326 audit(1729454504.744:14336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7962 comm="syz.1.1678" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41e246dff9 code=0x7ffc0000
[  106.650449][   T29] audit: type=1326 audit(1729454504.744:14337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7962 comm="syz.1.1678" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f41e246dff9 code=0x7ffc0000
[  106.674247][   T29] audit: type=1326 audit(1729454504.744:14338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7962 comm="syz.1.1678" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41e246dff9 code=0x7ffc0000
[  106.690381][ T7910] 8021q: adding VLAN 0 to HW filter on device bond0
[  106.698110][   T29] audit: type=1326 audit(1729454504.744:14339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7962 comm="syz.1.1678" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41e246dff9 code=0x7ffc0000
[  106.712954][ T7910] 8021q: adding VLAN 0 to HW filter on device team0
[  106.728000][   T29] audit: type=1326 audit(1729454504.744:14340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7962 comm="syz.1.1678" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f41e246dff9 code=0x7ffc0000
[  106.758276][   T29] audit: type=1326 audit(1729454504.744:14341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7962 comm="syz.1.1678" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41e246dff9 code=0x7ffc0000
[  106.781879][   T29] audit: type=1326 audit(1729454504.744:14342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7962 comm="syz.1.1678" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f41e246dff9 code=0x7ffc0000
[  106.816179][   T28] bridge0: port 1(bridge_slave_0) entered blocking state
[  106.823297][   T28] bridge0: port 1(bridge_slave_0) entered forwarding state
[  106.832227][   T28] bridge0: port 2(bridge_slave_1) entered blocking state
[  106.839275][   T28] bridge0: port 2(bridge_slave_1) entered forwarding state
[  106.872954][ T7971] loop1: detected capacity change from 0 to 256
[  106.888267][ T7971] FAT-fs (loop1): codepage cp874 not found
[  106.915575][ T7910] 8021q: adding VLAN 0 to HW filter on device batadv0
[  106.991976][ T7910] veth0_vlan: entered promiscuous mode
[  107.000988][ T7910] veth1_vlan: entered promiscuous mode
[  107.024842][ T7910] veth0_macvtap: entered promiscuous mode
[  107.034527][ T7910] veth1_macvtap: entered promiscuous mode
[  107.046917][ T7910] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  107.057447][ T7910] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  107.071018][ T7910] batman_adv: batadv0: Interface activated: batadv_slave_0
[  107.083629][ T7910] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  107.094117][ T7910] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  107.106246][ T7910] batman_adv: batadv0: Interface activated: batadv_slave_1
[  107.117628][ T7910] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  107.126503][ T7910] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  107.135531][ T7910] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  107.144221][ T7910] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  108.680126][ T7994] loop1: detected capacity change from 0 to 512
[  108.688279][ T7994] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.1683: corrupted in-inode xattr: invalid ea_ino
[  108.701977][ T7994] EXT4-fs error (device loop1): ext4_orphan_get:1393: comm syz.1.1683: couldn't read orphan inode 15 (err -117)
[  108.714391][ T7994] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  108.730058][ T7994] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=7994 comm=syz.1.1683
[  108.749208][ T3269] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.779396][ T7999] netlink: 5 bytes leftover after parsing attributes in process `syz.1.1685'.
[  108.788558][ T7999] 0ªX¹¦Dö»: renamed from gretap0 (while UP)
[  108.796154][ T7999] 0ªX¹¦Dö»: entered allmulticast mode
[  109.680268][ T8011] bridge0: port 1(vlan3) entered blocking state
[  109.686627][ T8011] bridge0: port 1(vlan3) entered disabled state
[  109.693067][ T8011] vlan3: entered allmulticast mode
[  109.698985][ T8011] vlan3: left allmulticast mode
[  110.016894][ T8025] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=8025 comm=syz.0.1695
[  110.039853][ T8027] netlink: 5 bytes leftover after parsing attributes in process `syz.0.1696'.
[  110.048836][ T8027] 0ªX¹¦Dö»: renamed from gretap0 (while UP)
[  110.056613][ T8027] 0ªX¹¦Dö»: entered allmulticast mode
[  110.122397][ T8037] FAULT_INJECTION: forcing a failure.
[  110.122397][ T8037] name failslab, interval 1, probability 0, space 0, times 0
[  110.135209][ T8037] CPU: 1 UID: 0 PID: 8037 Comm: syz.2.1701 Not tainted 6.12.0-rc3-syzkaller-00420-g715ca9dd687f #0
[  110.145894][ T8037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  110.156161][ T8037] Call Trace:
[  110.159490][ T8037]  <TASK>
[  110.162423][ T8037]  dump_stack_lvl+0xf2/0x150
[  110.167082][ T8037]  dump_stack+0x15/0x20
[  110.171281][ T8037]  should_fail_ex+0x223/0x230
[  110.176029][ T8037]  ? __alloc_skb+0x10b/0x310
[  110.180636][ T8037]  should_failslab+0x8f/0xb0
[  110.185238][ T8037]  kmem_cache_alloc_node_noprof+0x51/0x2b0
[  110.191227][ T8037]  __alloc_skb+0x10b/0x310
[  110.195701][ T8037]  audit_log_start+0x368/0x6b0
[  110.200672][ T8037]  audit_seccomp+0x4b/0x130
[  110.205175][ T8037]  __seccomp_filter+0x6fa/0x1180
[  110.210221][ T8037]  ? proc_fail_nth_write+0x12a/0x150
[  110.215539][ T8037]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  110.221265][ T8037]  ? vfs_write+0x580/0x910
[  110.225672][ T8037]  ? __fget_files+0x1d4/0x210
[  110.230470][ T8037]  __secure_computing+0x9f/0x1c0
[  110.235642][ T8037]  syscall_trace_enter+0xd1/0x1f0
[  110.240911][ T8037]  ? fpregs_assert_state_consistent+0x83/0xa0
[  110.247298][ T8037]  do_syscall_64+0xaa/0x1c0
[  110.251874][ T8037]  ? clear_bhb_loop+0x55/0xb0
[  110.256761][ T8037]  ? clear_bhb_loop+0x55/0xb0
[  110.261483][ T8037]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  110.267619][ T8037] RIP: 0033:0x7f1cb0c2dff9
[  110.272060][ T8037] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  110.291887][ T8037] RSP: 002b:00007f1caf8a7038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b5
[  110.300515][ T8037] RAX: ffffffffffffffda RBX: 00007f1cb0de5f80 RCX: 00007f1cb0c2dff9
[  110.308574][ T8037] RDX: 0000000020000080 RSI: 0000000020000040 RDI: ffffffffffffff9c
[  110.316532][ T8037] RBP: 00007f1caf8a7090 R08: 0000000000000000 R09: 0000000000000000
[  110.324488][ T8037] R10: 0000000000000018 R11: 0000000000000246 R12: 0000000000000001
[  110.332468][ T8037] R13: 0000000000000000 R14: 00007f1cb0de5f80 R15: 00007ffefd09ccd8
[  110.340668][ T8037]  </TASK>
[  110.366941][ T8039] FAULT_INJECTION: forcing a failure.
[  110.366941][ T8039] name failslab, interval 1, probability 0, space 0, times 0
[  110.380167][ T8039] CPU: 0 UID: 0 PID: 8039 Comm: syz.2.1703 Not tainted 6.12.0-rc3-syzkaller-00420-g715ca9dd687f #0
[  110.390997][ T8039] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  110.401225][ T8039] Call Trace:
[  110.404493][ T8039]  <TASK>
[  110.407528][ T8039]  dump_stack_lvl+0xf2/0x150
[  110.412177][ T8039]  dump_stack+0x15/0x20
[  110.416365][ T8039]  should_fail_ex+0x223/0x230
[  110.421039][ T8039]  ? __alloc_skb+0x10b/0x310
[  110.425629][ T8039]  should_failslab+0x8f/0xb0
[  110.430213][ T8039]  kmem_cache_alloc_node_noprof+0x51/0x2b0
[  110.436159][ T8039]  __alloc_skb+0x10b/0x310
[  110.440730][ T8039]  audit_log_start+0x368/0x6b0
[  110.445522][ T8039]  audit_seccomp+0x4b/0x130
[  110.450098][ T8039]  __seccomp_filter+0x6fa/0x1180
[  110.455030][ T8039]  ? proc_fail_nth_write+0x12a/0x150
[  110.460428][ T8039]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  110.466125][ T8039]  ? vfs_write+0x580/0x910
[  110.470561][ T8039]  ? __fget_files+0x1d4/0x210
[  110.475251][ T8039]  __secure_computing+0x9f/0x1c0
[  110.480268][ T8039]  syscall_trace_enter+0xd1/0x1f0
[  110.485289][ T8039]  ? fpregs_assert_state_consistent+0x83/0xa0
[  110.491570][ T8039]  do_syscall_64+0xaa/0x1c0
[  110.496081][ T8039]  ? clear_bhb_loop+0x55/0xb0
[  110.500807][ T8039]  ? clear_bhb_loop+0x55/0xb0
[  110.505470][ T8039]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  110.511394][ T8039] RIP: 0033:0x7f1cb0c2dff9
[  110.515955][ T8039] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  110.535812][ T8039] RSP: 002b:00007f1caf8a7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d0
[  110.544301][ T8039] RAX: ffffffffffffffda RBX: 00007f1cb0de5f80 RCX: 00007f1cb0c2dff9
[  110.552281][ T8039] RDX: 0000000000000001 RSI: 0000000000000001 RDI: 00007f1cb191e000
[  110.560276][ T8039] RBP: 00007f1caf8a7090 R08: 0000000000000000 R09: 0000000000000000
[  110.568235][ T8039] R10: 0000000020000080 R11: 0000000000000246 R12: 0000000000000001
[  110.576198][ T8039] R13: 0000000000000000 R14: 00007f1cb0de5f80 R15: 00007ffefd09ccd8
[  110.584213][ T8039]  </TASK>
[  110.671826][ T8046] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1705'.
[  110.681090][ T8046] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1705'.
[  110.699559][ T8046] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1705'.
[  110.708765][ T8046] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1705'.
[  110.732333][ T8046] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1705'.
[  110.741800][ T8046] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1705'.
[  110.840090][ T8055] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  110.849505][ T8055] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  110.938930][ T8061] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  110.947454][ T8061] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  111.406743][ T8070] netlink: 5 bytes leftover after parsing attributes in process `syz.0.1711'.
[  111.415853][ T8070] 1ªX¹¦Dö»: renamed from 
00ªX¹¦Dö» (while UP)
[  112.116611][   T29] kauditd_printk_skb: 352 callbacks suppressed
[  112.116627][   T29] audit: type=1326 audit(1729454510.281:14691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8078 comm="syz.1.1714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41e246dff9 code=0x7ffc0000
[  112.146416][   T29] audit: type=1326 audit(1729454510.281:14692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8078 comm="syz.1.1714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41e246dff9 code=0x7ffc0000
[  112.170003][   T29] audit: type=1326 audit(1729454510.281:14693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8078 comm="syz.1.1714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f41e246dff9 code=0x7ffc0000
[  112.193977][   T29] audit: type=1326 audit(1729454510.281:14694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8078 comm="syz.1.1714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41e246dff9 code=0x7ffc0000
[  112.217620][   T29] audit: type=1326 audit(1729454510.281:14695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8078 comm="syz.1.1714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f41e246dff9 code=0x7ffc0000
[  112.241184][   T29] audit: type=1326 audit(1729454510.281:14696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8078 comm="syz.1.1714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41e246dff9 code=0x7ffc0000
[  112.241209][   T29] audit: type=1326 audit(1729454510.281:14697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8078 comm="syz.1.1714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f41e246dff9 code=0x7ffc0000
[  112.288860][   T29] audit: type=1326 audit(1729454510.281:14698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8078 comm="syz.1.1714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41e246dff9 code=0x7ffc0000
[  112.312804][   T29] audit: type=1326 audit(1729454510.281:14699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8078 comm="syz.1.1714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f41e246dff9 code=0x7ffc0000
[  112.336417][   T29] audit: type=1326 audit(1729454510.281:14700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8078 comm="syz.1.1714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41e246dff9 code=0x7ffc0000
[  112.977531][ T8084] loop1: detected capacity change from 0 to 512
[  112.984470][ T8084] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  112.997299][ T8084] EXT4-fs (loop1): 1 truncate cleaned up
[  113.003476][ T8084] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  113.027126][ T3269] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.358824][ T8108] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=8108 comm=syz.0.1726
[  113.385976][ T8111] netlink: 'syz.0.1727': attribute type 21 has an invalid length.
[  113.393936][ T8111] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1727'.
[  113.478213][ T8111] hub 6-0:1.0: USB hub found
[  113.482919][ T8111] hub 6-0:1.0: 8 ports detected
[  113.775202][ T8130] syz.0.1734[8130] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  113.775269][ T8130] syz.0.1734[8130] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  113.786774][ T8130] syz.0.1734[8130] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  114.684759][ T8144] SELinux: security_context_str_to_sid (u) failed with errno=-22
[  114.911281][ T8156] netlink: 'syz.0.1744': attribute type 10 has an invalid length.
[  114.938995][ T8156] 8021q: adding VLAN 0 to HW filter on device batadv0
[  115.089846][ T8163] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  115.257763][ T8174] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  115.266941][ T8174] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  115.640402][ T8176] chnl_net:caif_netlink_parms(): no params data found
[  115.671746][ T8176] bridge0: port 1(bridge_slave_0) entered blocking state
[  115.678834][ T8176] bridge0: port 1(bridge_slave_0) entered disabled state
[  115.686069][ T8176] bridge_slave_0: entered allmulticast mode
[  115.692456][ T8176] bridge_slave_0: entered promiscuous mode
[  115.699318][ T8176] bridge0: port 2(bridge_slave_1) entered blocking state
[  115.706363][ T8176] bridge0: port 2(bridge_slave_1) entered disabled state
[  115.713542][ T8176] bridge_slave_1: entered allmulticast mode
[  115.720043][ T8176] bridge_slave_1: entered promiscuous mode
[  115.735905][ T8176] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  115.746520][ T8176] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  115.764295][ T8176] team0: Port device team_slave_0 added
[  115.771453][ T8176] team0: Port device team_slave_1 added
[  115.785049][ T8176] batman_adv: batadv0: Adding interface: batadv_slave_0
[  115.792060][ T8176] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  115.818054][ T8176] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  115.831311][ T8176] batman_adv: batadv0: Adding interface: batadv_slave_1
[  115.838303][ T8176] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  115.864231][ T8176] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  115.906205][ T8197] bridge0: port 3(vlan2) entered blocking state
[  115.912574][ T8197] bridge0: port 3(vlan2) entered disabled state
[  115.919923][ T8197] vlan2: entered allmulticast mode
[  115.925649][ T8197] vlan2: left allmulticast mode
[  115.936144][ T8176] hsr_slave_0: entered promiscuous mode
[  115.942301][ T8176] hsr_slave_1: entered promiscuous mode
[  115.948861][ T8176] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  115.956485][ T8176] Cannot create hsr debugfs directory
[  116.078863][ T8176] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  116.168438][ T8176] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  116.197766][ T8193] chnl_net:caif_netlink_parms(): no params data found
[  116.240558][ T8176] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  116.252140][ T8193] bridge0: port 1(bridge_slave_0) entered blocking state
[  116.259418][ T8193] bridge0: port 1(bridge_slave_0) entered disabled state
[  116.266887][ T8193] bridge_slave_0: entered allmulticast mode
[  116.273245][ T8193] bridge_slave_0: entered promiscuous mode
[  116.282406][ T8193] bridge0: port 2(bridge_slave_1) entered blocking state
[  116.289537][ T8193] bridge0: port 2(bridge_slave_1) entered disabled state
[  116.296697][ T8193] bridge_slave_1: entered allmulticast mode
[  116.303185][ T8193] bridge_slave_1: entered promiscuous mode
[  116.329333][ T8176] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  116.342071][ T8193] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  116.358235][ T8193] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  116.378809][ T8193] team0: Port device team_slave_0 added
[  116.386247][ T8193] team0: Port device team_slave_1 added
[  116.406178][ T8193] batman_adv: batadv0: Adding interface: batadv_slave_0
[  116.413171][ T8193] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  116.439261][ T8193] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  116.456506][ T8193] batman_adv: batadv0: Adding interface: batadv_slave_1
[  116.457636][ T8228] loop1: detected capacity change from 0 to 512
[  116.463444][ T8193] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  116.463516][ T8193] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  116.467090][ T8176] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  116.471507][ T8228] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  116.526951][ T8176] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  116.535211][ T8228] EXT4-fs (loop1): 1 truncate cleaned up
[  116.536824][ T8176] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  116.547335][ T8228] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  116.566360][ T8176] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  116.580690][ T3269] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.596164][ T8193] hsr_slave_0: entered promiscuous mode
[  116.602519][ T8193] hsr_slave_1: entered promiscuous mode
[  116.610570][ T8193] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  116.618403][ T8193] Cannot create hsr debugfs directory
[  116.694322][ T8233] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  116.705224][ T8233] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  116.714642][ T8193] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  116.732306][ T8176] 8021q: adding VLAN 0 to HW filter on device bond0
[  116.749258][ T8176] 8021q: adding VLAN 0 to HW filter on device team0
[  116.761593][ T8193] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  116.774934][ T1769] bridge0: port 1(bridge_slave_0) entered blocking state
[  116.782102][ T1769] bridge0: port 1(bridge_slave_0) entered forwarding state
[  116.793700][ T2123] bridge0: port 2(bridge_slave_1) entered blocking state
[  116.800791][ T2123] bridge0: port 2(bridge_slave_1) entered forwarding state
[  116.819090][ T8193] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  116.869257][ T8193] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  116.886608][ T8176] 8021q: adding VLAN 0 to HW filter on device batadv0
[  116.942587][ T8193] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  116.952047][ T8193] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  116.962165][ T8193] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  116.973218][ T8193] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  117.031739][ T8193] 8021q: adding VLAN 0 to HW filter on device bond0
[  117.050602][ T8193] 8021q: adding VLAN 0 to HW filter on device team0
[  117.069768][ T2123] bridge0: port 1(bridge_slave_0) entered blocking state
[  117.076879][ T2123] bridge0: port 1(bridge_slave_0) entered forwarding state
[  117.103118][ T2123] bridge0: port 2(bridge_slave_1) entered blocking state
[  117.110225][ T2123] bridge0: port 2(bridge_slave_1) entered forwarding state
[  117.139457][   T29] kauditd_printk_skb: 845 callbacks suppressed
[  117.139471][   T29] audit: type=1326 audit(1729454515.306:15546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8256 comm="syz.2.1767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cb0c2dff9 code=0x7ffc0000
[  117.177566][ T8176] veth0_vlan: entered promiscuous mode
[  117.193252][   T29] audit: type=1326 audit(1729454515.346:15547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8256 comm="syz.2.1767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1cb0c2dff9 code=0x7ffc0000
[  117.216890][   T29] audit: type=1326 audit(1729454515.346:15548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8256 comm="syz.2.1767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cb0c2dff9 code=0x7ffc0000
[  117.240574][   T29] audit: type=1326 audit(1729454515.346:15549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8256 comm="syz.2.1767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1cb0c2dff9 code=0x7ffc0000
[  117.264305][   T29] audit: type=1326 audit(1729454515.346:15550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8256 comm="syz.2.1767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cb0c2dff9 code=0x7ffc0000
[  117.287853][   T29] audit: type=1326 audit(1729454515.346:15551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8256 comm="syz.2.1767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f1cb0c2dff9 code=0x7ffc0000
[  117.312743][ T8193] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  117.323249][ T8193] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  117.336707][ T8176] veth1_vlan: entered promiscuous mode
[  117.352578][ T8261] €: renamed from bond0 (while UP)
[  117.397839][ T8176] veth0_macvtap: entered promiscuous mode
[  117.410567][ T8176] veth1_macvtap: entered promiscuous mode
[  117.421520][ T8176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  117.432077][ T8176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  117.442002][ T8176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  117.452457][ T8176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  117.476435][ T8176] batman_adv: batadv0: Interface activated: batadv_slave_0
[  117.476712][   T29] audit: type=1400 audit(1729454515.646:15552): avc:  denied  { unmount } for  pid=8258 comm="syz.0.1768" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  117.484965][ T8176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  117.514154][ T8176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  117.524027][ T8176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  117.534659][ T8176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  117.561169][ T8176] batman_adv: batadv0: Interface activated: batadv_slave_1
[  117.574673][ T8193] 8021q: adding VLAN 0 to HW filter on device batadv0
[  117.601112][ T8176] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  117.609880][ T8176] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  117.618670][ T8176] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  117.627525][ T8176] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  117.691706][ T8286] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1750'.
[  117.710173][ T8286] loop4: detected capacity change from 0 to 512
[  117.732109][ T8286] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  117.744951][ T8286] ext4 filesystem being mounted at /0/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  117.767734][ T8193] veth0_vlan: entered promiscuous mode
[  117.779435][ T8193] veth1_vlan: entered promiscuous mode
[  117.800816][ T8176] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.802061][ T8193] veth0_macvtap: entered promiscuous mode
[  117.819118][ T8193] veth1_macvtap: entered promiscuous mode
[  117.834544][ T8193] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  117.845115][ T8193] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  117.855032][ T8193] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  117.865598][ T8193] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  117.875478][ T8193] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  117.885897][ T8193] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  117.896895][ T8193] batman_adv: batadv0: Interface activated: batadv_slave_0
[  117.904236][ T8295] netlink: 'syz.4.1772': attribute type 21 has an invalid length.
[  117.912622][ T8295] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1772'.
[  117.928464][ T8193] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  117.939056][ T8193] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  117.948908][ T8193] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  117.959550][ T8193] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  117.969473][ T8193] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  117.979981][ T8193] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  117.991532][ T8193] batman_adv: batadv0: Interface activated: batadv_slave_1
[  118.010398][ T8193] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  118.019241][ T8193] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  118.027962][ T8193] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  118.036696][ T8193] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  118.056116][ T8296] hub 6-0:1.0: USB hub found
[  118.081110][ T8296] hub 6-0:1.0: 8 ports detected
[  118.085010][   T29] audit: type=1400 audit(1729454516.246:15553): avc:  denied  { relabelfrom } for  pid=8300 comm="syz.2.1774" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  118.106064][   T29] audit: type=1400 audit(1729454516.246:15554): avc:  denied  { relabelto } for  pid=8300 comm="syz.2.1774" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  118.302435][ T8317] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=8317 comm=syz.3.1752
[  118.336459][   T29] audit: type=1326 audit(1729454516.506:15555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8319 comm="syz.2.1778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cb0c2dff9 code=0x7ffc0000
[  118.377513][ T8303] chnl_net:caif_netlink_parms(): no params data found
[  118.450780][ T8326] loop4: detected capacity change from 0 to 512
[  118.465327][ T8303] bridge0: port 1(bridge_slave_0) entered blocking state
[  118.470158][ T8326] EXT4-fs (loop4): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  118.472433][ T8303] bridge0: port 1(bridge_slave_0) entered disabled state
[  118.493786][ T8326] netlink: 100 bytes leftover after parsing attributes in process `+}[@'.
[  118.494002][ T8303] bridge_slave_0: entered allmulticast mode
[  118.509082][ T8303] bridge_slave_0: entered promiscuous mode
[  118.516843][ T8303] bridge0: port 2(bridge_slave_1) entered blocking state
[  118.523905][ T8303] bridge0: port 2(bridge_slave_1) entered disabled state
[  118.531147][ T8303] bridge_slave_1: entered allmulticast mode
[  118.537588][ T8303] bridge_slave_1: entered promiscuous mode
[  118.546148][ T8326] EXT4-fs warning (device loop4): ext4_enable_quotas:7097: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  118.571029][ T8331] bridge_slave_0: left allmulticast mode
[  118.576812][ T8331] bridge_slave_0: left promiscuous mode
[  118.582454][ T8331] bridge0: port 1(bridge_slave_0) entered disabled state
[  118.591359][ T8331] bridge_slave_1: left allmulticast mode
[  118.597171][ T8331] bridge_slave_1: left promiscuous mode
[  118.602877][ T8331] bridge0: port 2(bridge_slave_1) entered disabled state
[  118.612475][ T8331] bond0: (slave bond_slave_0): Releasing backup interface
[  118.624423][ T8331] bond0: (slave bond_slave_1): Releasing backup interface
[  118.632340][ T8176] EXT4-fs (loop4): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[  118.648531][ T8331] team0: Port device team_slave_0 removed
[  118.659947][ T8331] team0: Port device team_slave_1 removed
[  118.667300][ T8331] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  118.674872][ T8331] batman_adv: batadv0: Removing interface: batadv_slave_0
[  118.686229][ T8331] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  118.693741][ T8331] batman_adv: batadv0: Removing interface: batadv_slave_1
[  118.725877][ T8303] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  118.737756][ T8303] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  118.804975][ T8303] team0: Port device team_slave_0 added
[  118.828608][ T8303] team0: Port device team_slave_1 added
[  118.865110][ T8303] batman_adv: batadv0: Adding interface: batadv_slave_0
[  118.872178][ T8303] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  118.898226][ T8303] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  118.918805][ T8303] batman_adv: batadv0: Adding interface: batadv_slave_1
[  118.926019][ T8303] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  118.952026][ T8303] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  118.996464][ T8303] hsr_slave_0: entered promiscuous mode
[  119.002946][ T8303] hsr_slave_1: entered promiscuous mode
[  119.010125][ T8303] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  119.018926][ T8303] Cannot create hsr debugfs directory
[  119.108534][ T8303] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.189248][ T8303] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.269611][ T8303] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.349658][ T8303] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.568633][ T8303] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  119.599066][ T8303] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  119.631533][ T8303] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  119.667728][ T8303] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  119.730650][ T8353] netlink: 5 bytes leftover after parsing attributes in process `syz.4.1787'.
[  119.739721][ T8353] 0ªX¹¦Dö»: renamed from gretap0 (while UP)
[  119.748245][ T8353] 0ªX¹¦Dö»: entered allmulticast mode
[  119.773026][ T8303] 8021q: adding VLAN 0 to HW filter on device bond0
[  119.787463][ T8303] 8021q: adding VLAN 0 to HW filter on device team0
[  119.798066][ T1769] bridge0: port 1(bridge_slave_0) entered blocking state
[  119.805129][ T1769] bridge0: port 1(bridge_slave_0) entered forwarding state
[  119.820405][ T1873] bridge0: port 2(bridge_slave_1) entered blocking state
[  119.827932][ T1873] bridge0: port 2(bridge_slave_1) entered forwarding state
[  119.895209][ T8303] 8021q: adding VLAN 0 to HW filter on device batadv0
[  119.961412][ T8303] veth0_vlan: entered promiscuous mode
[  119.971877][ T8303] veth1_vlan: entered promiscuous mode
[  119.990108][ T8303] veth0_macvtap: entered promiscuous mode
[  119.998172][ T8303] veth1_macvtap: entered promiscuous mode
[  120.009828][ T8303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  120.020540][ T8303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  120.030639][ T8303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  120.041176][ T8303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  120.051168][ T8303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  120.061666][ T8303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  120.072901][ T8303] batman_adv: batadv0: Interface activated: batadv_slave_0
[  120.088537][ T8303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  120.099114][ T8303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  120.109330][ T8303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  120.119851][ T8303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  120.129905][ T8303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  120.140370][ T8303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  120.152602][ T8303] batman_adv: batadv0: Interface activated: batadv_slave_1
[  120.161638][ T8303] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  120.163808][ T8367] netlink: 268 bytes leftover after parsing attributes in process `syz.2.1788'.
[  120.170420][ T8303] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  120.179517][ T8367] unsupported nla_type 65024
[  120.193291][ T8303] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  120.202058][ T8303] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  120.315733][ T8373] loop1: detected capacity change from 0 to 512
[  120.324111][ T8373] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.1789: corrupted in-inode xattr: invalid ea_ino
[  120.338548][ T8373] EXT4-fs error (device loop1): ext4_orphan_get:1393: comm syz.1.1789: couldn't read orphan inode 15 (err -117)
[  120.351486][ T8373] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  120.368416][ T8373] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=8373 comm=syz.1.1789
[  120.388573][ T3269] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  120.647516][ T8386] loop4: detected capacity change from 0 to 512
[  120.860325][ T8393] bridge0: port 3(vlan2) entered blocking state
[  120.866757][ T8393] bridge0: port 3(vlan2) entered disabled state
[  120.873510][ T8393] vlan2: entered allmulticast mode
[  120.879389][ T8393] vlan2: left allmulticast mode
[  120.981444][ T8398] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1798'.
[  121.042091][ T8408] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1802'.
[  121.051272][ T8408] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  121.058839][ T8408] batman_adv: batadv0: Removing interface: batadv_slave_0
[  121.066784][ T8408] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  121.074265][ T8408] batman_adv: batadv0: Removing interface: batadv_slave_1
[  121.216270][ T8418] netlink: 'syz.4.1805': attribute type 21 has an invalid length.
[  121.224197][ T8418] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1805'.
[  121.279370][ T8418] hub 6-0:1.0: USB hub found
[  121.284345][ T8418] hub 6-0:1.0: 8 ports detected
[  121.313820][ T8422] can0: slcan on ttyS3.
[  121.337549][ T8431] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1810'.
[  121.385342][ T8421] can0 (unregistered): slcan off ttyS3.
[  121.397826][ T8433] can0: slcan on ttyS3.
[  121.407392][ T8433] FAULT_INJECTION: forcing a failure.
[  121.407392][ T8433] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  121.420673][ T8433] CPU: 0 UID: 0 PID: 8433 Comm: syz.0.1811 Not tainted 6.12.0-rc3-syzkaller-00420-g715ca9dd687f #0
[  121.431360][ T8433] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  121.441422][ T8433] Call Trace:
[  121.444701][ T8433]  <TASK>
[  121.447639][ T8433]  dump_stack_lvl+0xf2/0x150
[  121.452247][ T8433]  dump_stack+0x15/0x20
[  121.456510][ T8433]  should_fail_ex+0x223/0x230
[  121.461192][ T8433]  should_fail+0xb/0x10
[  121.465347][ T8433]  should_fail_usercopy+0x1a/0x20
[  121.470571][ T8433]  strncpy_from_user+0x25/0x200
[  121.475446][ T8433]  ? kmem_cache_alloc_noprof+0x10c/0x290
[  121.481080][ T8433]  getname_flags+0xb0/0x3b0
[  121.485640][ T8433]  __se_sys_statx+0x111/0x1e0
[  121.490360][ T8433]  ? __fget_files+0x1d4/0x210
[  121.495040][ T8433]  ? fput+0x14e/0x190
[  121.499112][ T8433]  ? ksys_write+0x17a/0x1b0
[  121.503618][ T8433]  __x64_sys_statx+0x67/0x80
[  121.508212][ T8433]  x64_sys_call+0x298b/0x2d60
[  121.512896][ T8433]  do_syscall_64+0xc9/0x1c0
[  121.517409][ T8433]  ? clear_bhb_loop+0x55/0xb0
[  121.522089][ T8433]  ? clear_bhb_loop+0x55/0xb0
[  121.526895][ T8433]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  121.532818][ T8433] RIP: 0033:0x7fc296ccdff9
[  121.537236][ T8433] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  121.557040][ T8433] RSP: 002b:00007fc295941038 EFLAGS: 00000246 ORIG_RAX: 000000000000014c
[  121.565454][ T8433] RAX: ffffffffffffffda RBX: 00007fc296e85f80 RCX: 00007fc296ccdff9
[  121.573443][ T8433] RDX: 0000000000000800 RSI: 0000000000000000 RDI: ffffffffffffffff
[  121.581409][ T8433] RBP: 00007fc295941090 R08: 0000000000000000 R09: 0000000000000000
[  121.589372][ T8433] R10: 153146e58b5e3128 R11: 0000000000000246 R12: 0000000000000001
[  121.597337][ T8433] R13: 0000000000000000 R14: 00007fc296e85f80 R15: 00007ffcd91d1df8
[  121.605650][ T8433]  </TASK>
[  121.631193][ T8438] syz.1.1813[8438] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  121.631246][ T8438] syz.1.1813[8438] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  121.643435][ T8438] syz.1.1813[8438] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  121.665435][ T8432] can0 (unregistered): slcan off ttyS3.
[  121.731725][ T8441] loop1: detected capacity change from 0 to 256
[  121.743734][ T8443] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1816'.
[  121.750259][ T8441] FAT-fs (loop1): codepage cp874 not found
[  121.787667][ T8447] netlink: 'syz.0.1817': attribute type 21 has an invalid length.
[  121.852305][ T8447] hub 6-0:1.0: USB hub found
[  121.857883][ T8447] hub 6-0:1.0: 8 ports detected
[  122.192419][   T29] kauditd_printk_skb: 315 callbacks suppressed
[  122.192433][   T29] audit: type=1400 audit(1729454520.356:15870): avc:  denied  { mount } for  pid=8471 comm="syz.3.1826" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  122.347426][   T29] audit: type=1400 audit(1729454520.476:15871): avc:  denied  { unmount } for  pid=8471 comm="syz.3.1826" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  122.378265][ T8483] netlink: 'syz.2.1830': attribute type 21 has an invalid length.
[  122.484915][ T8483] hub 6-0:1.0: USB hub found
[  122.490264][ T8483] hub 6-0:1.0: 8 ports detected
[  122.567840][   T29] audit: type=1326 audit(1729454520.736:15872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8494 comm="syz.2.1832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cb0c2dff9 code=0x7ffc0000
[  122.568396][ T8493] bridge_slave_0: left allmulticast mode
[  122.597395][ T8493] bridge_slave_0: left promiscuous mode
[  122.603078][ T8493] bridge0: port 1(bridge_slave_0) entered disabled state
[  122.612041][   T29] audit: type=1326 audit(1729454520.736:15873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8494 comm="syz.2.1832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cb0c2dff9 code=0x7ffc0000
[  122.635720][   T29] audit: type=1326 audit(1729454520.776:15874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8494 comm="syz.2.1832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f1cb0c2dff9 code=0x7ffc0000
[  122.659246][   T29] audit: type=1326 audit(1729454520.776:15875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8494 comm="syz.2.1832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cb0c2dff9 code=0x7ffc0000
[  122.682992][   T29] audit: type=1326 audit(1729454520.776:15876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8494 comm="syz.2.1832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cb0c2dff9 code=0x7ffc0000
[  122.710903][ T8493] bridge_slave_1: left allmulticast mode
[  122.716616][ T8493] bridge_slave_1: left promiscuous mode
[  122.722311][ T8493] bridge0: port 2(bridge_slave_1) entered disabled state
[  122.729784][   T29] audit: type=1326 audit(1729454520.776:15877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8494 comm="syz.2.1832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1cb0c2dff9 code=0x7ffc0000
[  122.753402][   T29] audit: type=1326 audit(1729454520.776:15878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8494 comm="syz.2.1832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cb0c2dff9 code=0x7ffc0000
[  122.777371][   T29] audit: type=1326 audit(1729454520.776:15879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8494 comm="syz.2.1832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1cb0c2dff9 code=0x7ffc0000
[  122.804741][ T8493] bond0: (slave bond_slave_0): Releasing backup interface
[  122.816361][ T8493] bond0: (slave bond_slave_1): Releasing backup interface
[  122.830016][ T8493] team0: Port device team_slave_0 removed
[  122.841460][ T8493] team0: Port device team_slave_1 removed
[  122.848527][ T8493] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  122.856077][ T8493] batman_adv: batadv0: Removing interface: batadv_slave_0
[  122.867589][ T8493] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  122.875058][ T8493] batman_adv: batadv0: Removing interface: batadv_slave_1
[  122.987015][ T8509] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  123.044020][ T8509] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  123.202669][ T8519] bridge0: port 1(vlan3) entered blocking state
[  123.209146][ T8519] bridge0: port 1(vlan3) entered disabled state
[  123.218200][ T8519] vlan3: entered allmulticast mode
[  123.223808][ T8519] vlan3: left allmulticast mode
[  123.296886][ T8531] netlink: 'syz.1.1843': attribute type 21 has an invalid length.
[  123.304816][ T8531] __nla_validate_parse: 3 callbacks suppressed
[  123.304830][ T8531] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1843'.
[  123.348012][ T8533] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1844'.
[  123.363231][ T8531] hub 6-0:1.0: USB hub found
[  123.368376][ T8531] hub 6-0:1.0: 8 ports detected
[  123.398398][ T8538] netlink: 'syz.4.1845': attribute type 3 has an invalid length.
[  123.411180][ T8538] loop4: detected capacity change from 0 to 512
[  123.421084][ T8540] loop1: detected capacity change from 0 to 1024
[  123.427763][ T8538] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  123.441211][ T8540] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  123.456635][ T8538] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  123.479243][ T8538] ext4 filesystem being mounted at /23/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  123.499463][ T8540] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.1846: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  123.635940][ T3269] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  123.802790][ T8561] loop1: detected capacity change from 0 to 512
[  123.819653][ T8561] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  123.840389][ T8563] bridge0: port 1(vlan2) entered blocking state
[  123.846843][ T8563] bridge0: port 1(vlan2) entered disabled state
[  123.853427][ T8563] vlan2: entered allmulticast mode
[  123.854155][ T8561] EXT4-fs (loop1): 1 truncate cleaned up
[  123.864875][ T8563] vlan2: left allmulticast mode
[  123.865681][ T8561] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  123.873674][ T8566] FAULT_INJECTION: forcing a failure.
[  123.873674][ T8566] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  123.895248][ T8566] CPU: 0 UID: 0 PID: 8566 Comm: syz.0.1855 Not tainted 6.12.0-rc3-syzkaller-00420-g715ca9dd687f #0
[  123.906683][ T8566] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  123.916779][ T8566] Call Trace:
[  123.920047][ T8566]  <TASK>
[  123.923003][ T8566]  dump_stack_lvl+0xf2/0x150
[  123.927616][ T8566]  dump_stack+0x15/0x20
[  123.931874][ T8566]  should_fail_ex+0x223/0x230
[  123.936641][ T8566]  should_fail+0xb/0x10
[  123.940812][ T8566]  should_fail_usercopy+0x1a/0x20
[  123.945864][ T8566]  _copy_from_user+0x1e/0xd0
[  123.950449][ T8566]  __sys_bpf+0x14e/0x7a0
[  123.954749][ T8566]  __x64_sys_bpf+0x43/0x50
[  123.959191][ T8566]  x64_sys_call+0x2625/0x2d60
[  123.963953][ T8566]  do_syscall_64+0xc9/0x1c0
[  123.968569][ T8566]  ? clear_bhb_loop+0x55/0xb0
[  123.973309][ T8566]  ? clear_bhb_loop+0x55/0xb0
[  123.978015][ T8566]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.984016][ T8566] RIP: 0033:0x7fc296ccdff9
[  123.988437][ T8566] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  124.008167][ T8566] RSP: 002b:00007fc295941038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  124.016570][ T8566] RAX: ffffffffffffffda RBX: 00007fc296e85f80 RCX: 00007fc296ccdff9
[  124.024634][ T8566] RDX: 000000000000002c RSI: 0000000020000080 RDI: 000000000000000a
[  124.032666][ T8566] RBP: 00007fc295941090 R08: 0000000000000000 R09: 0000000000000000
[  124.040633][ T8566] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  124.048598][ T8566] R13: 0000000000000000 R14: 00007fc296e85f80 R15: 00007ffcd91d1df8
[  124.056620][ T8566]  </TASK>
[  124.075658][ T3269] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  124.098728][ T8568] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1856'.
[  124.196080][ T8584] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  124.204975][ T8580] netlink: 'syz.3.1861': attribute type 21 has an invalid length.
[  124.220568][ T8580] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1861'.
[  124.241223][ T8584] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  124.251168][ T8176] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  124.289867][ T8580] hub 6-0:1.0: USB hub found
[  124.299497][ T8580] hub 6-0:1.0: 8 ports detected
[  124.336580][ T8593] bridge_slave_0: left allmulticast mode
[  124.342358][ T8593] bridge_slave_0: left promiscuous mode
[  124.348082][ T8593] bridge0: port 1(bridge_slave_0) entered disabled state
[  124.368170][ T8593] bridge_slave_1: left allmulticast mode
[  124.373930][ T8593] bridge_slave_1: left promiscuous mode
[  124.379598][ T8593] bridge0: port 2(bridge_slave_1) entered disabled state
[  124.390123][ T8593] bond0: (slave bond_slave_0): Releasing backup interface
[  124.405620][ T8593] bond0: (slave bond_slave_1): Releasing backup interface
[  124.426428][ T8593] team0: Port device team_slave_0 removed
[  124.438574][ T8593] team0: Port device team_slave_1 removed
[  124.591821][ T8614] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1873'.
[  124.606500][ T8616] loop4: detected capacity change from 0 to 512
[  124.894693][ T8635] loop1: detected capacity change from 0 to 1024
[  124.901693][ T8635] EXT4-fs: Ignoring removed orlov option
[  124.907576][ T8635] EXT4-fs: Ignoring removed nomblk_io_submit option
[  124.952176][ T8635] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  125.046828][ T3269] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  125.103968][ T8645] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1884'.
[  125.113108][ T8645] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1884'.
[  125.132256][ T8647] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1885'.
[  125.167554][ T8645] netlink: 'syz.4.1884': attribute type 10 has an invalid length.
[  125.176726][ T8645] veth0_macvtap: left promiscuous mode
[  125.184878][ T8645] veth0_macvtap: entered promiscuous mode
[  125.191749][ T8645] team0: Device macvtap0 failed to register rx_handler
[  125.200419][ T8645] veth0_macvtap: left promiscuous mode
[  125.202137][ T8656] sg_write: data in/out 18/14 bytes for SCSI command 0x4-- guessing data in;
[  125.202137][ T8656]    program syz.4.1884 not setting count and/or reply_len properly
[  125.218326][ T8657] loop1: detected capacity change from 0 to 512
[  125.350909][ T8667] loop1: detected capacity change from 0 to 1024
[  125.372281][ T8667] EXT4-fs: Ignoring removed orlov option
[  125.378048][ T8667] EXT4-fs: Ignoring removed nomblk_io_submit option
[  125.399163][ T8667] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  125.582431][ T3269] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  125.737930][ T1873] bridge_slave_1: left allmulticast mode
[  125.743689][ T1873] bridge_slave_1: left promiscuous mode
[  125.749488][ T1873] bridge0: port 2(bridge_slave_1) entered disabled state
[  125.776956][ T1873] bridge_slave_0: left allmulticast mode
[  125.782774][ T1873] bridge_slave_0: left promiscuous mode
[  125.788490][ T1873] bridge0: port 1(bridge_slave_0) entered disabled state
[  125.949486][ T1873] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  125.962375][ T1873] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  125.974352][ T1873] bond0 (unregistering): Released all slaves
[  125.984378][ T8694] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1901'.
[  126.041115][ T1873] hsr_slave_0: left promiscuous mode
[  126.054135][ T1873] hsr_slave_1: left promiscuous mode
[  126.067278][ T1873] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  126.074749][ T1873] batman_adv: batadv0: Removing interface: batadv_slave_0
[  126.085240][ T1873] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  126.092709][ T1873] batman_adv: batadv0: Removing interface: batadv_slave_1
[  126.103208][ T1873] veth1_macvtap: left promiscuous mode
[  126.108747][ T1873] veth0_macvtap: left promiscuous mode
[  126.114417][ T1873] veth1_vlan: left promiscuous mode
[  126.119783][ T1873] veth0_vlan: left promiscuous mode
[  126.227945][ T1873] team0 (unregistering): Port device team_slave_1 removed
[  126.239681][ T1873] team0 (unregistering): Port device team_slave_0 removed
[  126.472242][ T8713] bridge0: port 1(vlan2) entered blocking state
[  126.478634][ T8713] bridge0: port 1(vlan2) entered disabled state
[  126.485128][ T8713] vlan2: entered allmulticast mode
[  126.490653][ T8713] vlan2: left allmulticast mode
[  126.562798][ T8723] bridge0: port 1(vlan2) entered blocking state
[  126.569253][ T8723] bridge0: port 1(vlan2) entered disabled state
[  126.579678][ T8723] vlan2: entered allmulticast mode
[  126.589680][ T8723] vlan2: left allmulticast mode
[  126.614156][ T8725] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1912'.
[  126.629907][ T8734] syz.2.1915[8734] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  126.630090][ T8734] syz.2.1915[8734] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  126.643517][ T8734] syz.2.1915[8734] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  126.683852][ T8740] loop4: detected capacity change from 0 to 256
[  126.711247][ T8740] FAT-fs (loop4): codepage cp874 not found
[  126.759958][ T8749] syz.3.1921[8749] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  126.760046][ T8749] syz.3.1921[8749] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  126.951405][ T8765] loop1: detected capacity change from 0 to 512
[  126.974947][ T8765] EXT4-fs error (device loop1): ext4_orphan_get:1388: inode #15: comm syz.1.1925: casefold flag without casefold feature
[  126.993081][ T8765] EXT4-fs error (device loop1): ext4_orphan_get:1393: comm syz.1.1925: couldn't read orphan inode 15 (err -117)
[  127.006151][ T8765] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  127.332389][ T3269] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  127.619195][   T29] kauditd_printk_skb: 515 callbacks suppressed
[  127.619210][   T29] audit: type=1326 audit(1729454525.786:16395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8780 comm="syz.0.1930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc296ccdff9 code=0x7ffc0000
[  127.649230][   T29] audit: type=1326 audit(1729454525.786:16396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8780 comm="syz.0.1930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc296ccdff9 code=0x7ffc0000
[  127.679656][   T29] audit: type=1326 audit(1729454525.836:16397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8780 comm="syz.0.1930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fc296ccdff9 code=0x7ffc0000
[  127.703470][   T29] audit: type=1326 audit(1729454525.836:16398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8780 comm="syz.0.1930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc296ccdff9 code=0x7ffc0000
[  127.727398][   T29] audit: type=1326 audit(1729454525.836:16399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8780 comm="syz.0.1930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc296ccdff9 code=0x7ffc0000
[  127.750961][   T29] audit: type=1326 audit(1729454525.836:16400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8780 comm="syz.0.1930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc296ccdff9 code=0x7ffc0000
[  127.774485][   T29] audit: type=1326 audit(1729454525.836:16401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8780 comm="syz.0.1930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc296ccdff9 code=0x7ffc0000
[  127.798137][   T29] audit: type=1326 audit(1729454525.836:16402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8780 comm="syz.0.1930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc296ccdff9 code=0x7ffc0000
[  127.821613][   T29] audit: type=1326 audit(1729454525.846:16403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8780 comm="syz.0.1930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc296ccdff9 code=0x7ffc0000
[  127.845247][   T29] audit: type=1326 audit(1729454525.846:16404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8780 comm="syz.0.1930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc296ccdff9 code=0x7ffc0000
[  127.913942][ T8789] bridge0: port 1(vlan2) entered blocking state
[  127.920426][ T8789] bridge0: port 1(vlan2) entered disabled state
[  127.927924][ T8789] vlan2: entered allmulticast mode
[  127.933780][ T8789] vlan2: left allmulticast mode
[  127.957156][ T8791] loop4: detected capacity change from 0 to 1024
[  127.967728][ T8791] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  127.992745][ T8791] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.1934: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  128.092802][ T8176] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.111813][ T8808] loop4: detected capacity change from 0 to 512
[  128.122024][ T8808] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.1939: corrupted in-inode xattr: invalid ea_ino
[  128.136549][ T8808] EXT4-fs error (device loop4): ext4_orphan_get:1393: comm syz.4.1939: couldn't read orphan inode 15 (err -117)
[  128.149573][ T8808] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  128.216672][ T8821] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=8821 comm=syz.4.1939
[  128.267951][ T8176] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.422555][ T8858] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  128.452934][ T8861] __nla_validate_parse: 1 callbacks suppressed
[  128.452949][ T8861] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1944'.
[  128.476027][ T8858] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  128.495431][ T8861] loop1: detected capacity change from 0 to 512
[  128.523221][ T8861] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  128.543433][ T8861] ext4 filesystem being mounted at /435/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  128.580639][ T3269] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.623534][ T8879] loop1: detected capacity change from 0 to 256
[  128.643770][ T8879] FAT-fs (loop1): codepage cp874 not found
[  129.128766][ T8898] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1951'.
[  129.602085][ T8915] vlan2: entered allmulticast mode
[  129.607330][ T8915] bridge_slave_0: entered allmulticast mode
[  129.699776][ T8921] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=8921 comm=syz.3.1958
[  129.744896][ T8925] netlink: 'syz.1.1959': attribute type 21 has an invalid length.
[  129.753123][ T8925] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1959'.
[  129.789496][ T8925] hub 6-0:1.0: USB hub found
[  129.795599][ T8925] hub 6-0:1.0: 8 ports detected
[  130.051673][ T8942] netlink: 5 bytes leftover after parsing attributes in process `syz.4.1964'.
[  130.080754][ T8942] 1ªX¹¦Dö»: renamed from 
00ªX¹¦Dö» (while UP)
[  130.397034][ T8948] netlink: '+}[@': attribute type 3 has an invalid length.
[  130.611521][ T8958] netlink: 'syz.0.1971': attribute type 21 has an invalid length.
[  130.619928][ T8958] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1971'.
[  130.657769][ T8958] hub 6-0:1.0: USB hub found
[  130.662746][ T8958] hub 6-0:1.0: 8 ports detected
[  130.960693][ T8976] loop4: detected capacity change from 0 to 1024
[  130.992026][ T8976] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  131.018384][ T8976] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.1979: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  131.039482][ T8986] hub 6-0:1.0: USB hub found
[  131.044240][ T8986] hub 6-0:1.0: 8 ports detected
[  131.113566][ T8992] loop1: detected capacity change from 0 to 1024
[  131.120303][ T8992] EXT4-fs: Ignoring removed orlov option
[  131.126164][ T8992] EXT4-fs: Ignoring removed nomblk_io_submit option
[  131.139041][ T8992] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  131.167619][ T8176] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.182560][ T3269] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.214964][ T9004] netlink: 5 bytes leftover after parsing attributes in process `syz.1.1990'.
[  131.216706][ T9005] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=9005 comm=syz.0.1987
[  131.224326][ T9004] 1ªX¹¦Dö»: renamed from 
00ªX¹¦Dö» (while UP)
[  131.346937][ T9016] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1994'.
[  131.407518][ T9018] hub 6-0:1.0: USB hub found
[  131.412242][ T9018] hub 6-0:1.0: 8 ports detected
[  131.459851][ T9027] ==================================================================
[  131.467951][ T9027] BUG: KCSAN: data-race in mas_wr_store_entry / mtree_range_walk
[  131.475665][ T9027] 
[  131.478007][ T9027] write to 0xffff888104732108 of 8 bytes by task 9026 on cpu 1:
[  131.485625][ T9027]  mas_wr_store_entry+0x146b/0x2d00
[  131.491256][ T9027]  mas_store_prealloc+0x6bf/0x960
[  131.496277][ T9027]  commit_merge+0x441/0x740
[  131.500787][ T9027]  vma_expand+0x211/0x360
[  131.505146][ T9027]  vma_merge_new_range+0x2cf/0x3e0
[  131.510286][ T9027]  mmap_region+0x81a/0x1710
[  131.514782][ T9027]  do_mmap+0x718/0xb60
[  131.518872][ T9027]  vm_mmap_pgoff+0x133/0x290
[  131.523552][ T9027]  ksys_mmap_pgoff+0xd0/0x330
[  131.528218][ T9027]  x64_sys_call+0x1884/0x2d60
[  131.532914][ T9027]  do_syscall_64+0xc9/0x1c0
[  131.537402][ T9027]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.543286][ T9027] 
[  131.546047][ T9027] read to 0xffff888104732108 of 8 bytes by task 9027 on cpu 0:
[  131.553584][ T9027]  mtree_range_walk+0x140/0x460
[  131.558428][ T9027]  mas_walk+0x16e/0x320
[  131.562577][ T9027]  lock_vma_under_rcu+0x95/0x260
[  131.567513][ T9027]  exc_page_fault+0x150/0x650
[  131.572182][ T9027]  asm_exc_page_fault+0x26/0x30
[  131.577024][ T9027] 
[  131.579335][ T9027] value changed: 0x00007fc28d4defff -> 0x0000000000000000
[  131.586430][ T9027] 
[  131.588752][ T9027] Reported by Kernel Concurrency Sanitizer on:
[  131.594886][ T9027] CPU: 0 UID: 0 PID: 9027 Comm: syz.0.1998 Not tainted 6.12.0-rc3-syzkaller-00420-g715ca9dd687f #0
[  131.605550][ T9027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  131.615599][ T9027] ==================================================================