last executing test programs:

2m9.770336068s ago: executing program 1 (id=237):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={0x0, r1}, 0x18)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff9, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
execve(&(0x7f0000000340)='./file0\x00', 0x0, 0x0)
r3 = socket$pppoe(0x18, 0x1, 0x0)
ioctl$PPPOEIOCSFWD(r3, 0x40047452, 0x0)

2m9.563843428s ago: executing program 1 (id=242):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$inet(0x2, 0x2, 0x0)
socket$inet(0x2, 0x2, 0x0)
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000540), 0x1, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r2=>0x0})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r4}, &(0x7f0000000240), &(0x7f0000000040)=r0}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r5, r2, 0x25, 0x2, @val=@tcx={@void, @value}}, 0x40)
syz_emit_ethernet(0x32, &(0x7f00000002c0)={@multicast, @empty, @val={@void, {0x8100, 0x4, 0x1, 0x1}}, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @loopback}, {0x0, 0x4e20, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}, 0x0)

2m9.458869448s ago: executing program 1 (id=245):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x18)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000440), r1)
sendmsg$NLBL_CALIPSO_C_ADD(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002bbd7004ffdbdf250100000008000100000000000800020002"], 0x54}, 0x1, 0x0, 0x0, 0x4000040}, 0x800)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r3}, 0x18)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
r4 = openat$tcp_congestion(0xffffff9c, 0x0, 0x1, 0x0)
write$tcp_congestion(r4, 0x0, 0x0)
r5 = gettid()
timer_create(0x0, &(0x7f0000000180)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r6 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x0, &(0x7f0000000300)={0x0, 0x1, 0x7})
mq_timedsend(r6, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r6, 0x0, 0x0, 0x0, 0x0)
rename(&(0x7f0000000000)='./file0\x00', &(0x7f0000000440)='./file0\x00')

2m8.606462739s ago: executing program 1 (id=258):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYRES32=0x0, @ANYRES8, @ANYRES8=0x0, @ANYRES8=0x0], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x201, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)=@newtfilter={0x40, 0x2c, 0xd27, 0x10, 0x0, {0x0, 0x0, 0x0, r2, {}, {0x0, 0x2}, {0x8}}, [@filter_kind_options=@f_matchall={{0xd}, {0xc, 0x2, [@TCA_MATCHALL_CLASSID={0x8, 0x1, {0x3, 0xa}}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x4000001}, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x18, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000005c0)='GPL\x00', 0x0, 0xffffffd7, 0x0, 0x0, 0x0, '\x00', r2, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = open_tree(0xffffffffffffffff, &(0x7f0000000180)='./file0\x00', 0x1000)
syz_genetlink_get_family_id$wireguard(&(0x7f0000000100), r4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00', r3}, 0x10)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$iso9660(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x800000, &(0x7f0000000900)=ANY=[@ANYRES8=0x0, @ANYRESOCT, @ANYRESOCT, @ANYRES32, @ANYBLOB="b7ad7cd65c46a5be7840094fc88ed3944440d445ac89758d3aa4a6c77ea3e1e50196a99f88ba68f3377383de4de11c07aa5d22d9f4f3c58344d6011b6ea5ee82cf40e4ca5976370cb73c872e576f936791a0ffa5639ac237214be5926acea5405e00f1a144cf7a5240bc1e56ed617e19d6a5a268505f0012b4baf36d3a71eb34c8b67281dbba4b20c3d724ef150deff6f7d908bc72575a1f43b608e0d118", @ANYBLOB="a1fffd2e4c38a7b17fef1a78ad194301887b7711a1517cd8b4288a2fbb7d202d8c4a1809add074e6dde0703158125f2f114c49f5ee5f249d63ac0d851c212ccd8d82b7c694ead23c41f021e8bc78d646d07e3513568bb81d2179a012dcdcb845b0a58b6d5e46a177de56e3e77ed573967e4ebe299078019693ca486edbaa44e947802c7f46f1de18cf7f0e1af02964d04cc84d979855e8d3a3fda262f6a7d2b4b4849fd880c9b9af9be818ba05386754a3505e833ca0b95491ed", @ANYRES8=0x0], 0x3, 0x7cd, &(0x7f0000001780)="$eJzs3U1sHOXdAPD/GpvkNVKEeFGIohAmgVcKUjDrNZjX4gDLemwPrHdXu+vKUVVBRBxkxQEERS05lOYCbdWq6qlH2iu33lpVaqUe2p4qlUMvvSFxqmjVSlWrqpKrmd11/LG2A3E+Cr+fFT+PZ/7zfIwn89+xPbMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAESpNlsuT5ainjWWlpMdRiIiub8fu7hj9fr6+nqvNmjvl1uKPfqNKOX/4vDhONZbdOz+a6uP5p9Ox4neVyficF4cjiv3HL336f8dHRlsv3PAN+zUdcaVIr6ZD+rS+bW1lTduwkBuoe/8fK+1o8MW/rP4vs+njazTzBar82mSdZrJzPR0+fGFuU4yl9XTzrlON11Mau202m22kzO1R5PJmZmpJJ0411xqzM9W6+lg4VOPVcrl6eT5iVZabXeajcefn+jUFrJ6PWvMFzGV8tcij3kqqc22X8i6STetLibJxdW1lan9ZpcHTe6x/sQj93781kd/W13JD8jdgkr9A7MyOVmpTE4/OfPkU+XyaKVc2bqgvE1sRMRIRB5xUw5a7hzFKXMvB3PihgMw0s//UY8sGrEUy5EM+RiLWsxGO5qxmH/9h7EdEX2D/P9/j//5d3v1uzn/D7L8sWurj0eR/0/2vjq5W/4fOtaD/Bjpj2e39W/G23ElLsX5WIu1WIk3bvqIbvBj5GDbm480GpFFJ5qRxWJUiyVJf0kSMzEd01GOF2Mh5qITScxFFvVIoxPnohPdSIsjqhbtSKMa3WhGO5I4E7V4NJKYjJmYialIIo2JOBfNWIpGzMdsVItWLsZqsd+nto3r6Dde+tkrv//4/by+ETS5x0RK+Yu5POivewTtSPfXn//Xox8h/3/RHfAZHD679UH+BwAAAD63SsVP3/Pr/7F4sKjNZfX0y7d7WAAAAMABKn7zfyIvxvLag1HKr//LQyI/vOVjAwAAAA5GqbjHrhQR4/FQrza4XWrYDwEAAACA/0LF7/9P5sV4xDvFAtf/AAAA8Dnzrd2esf/R4Bm7ndah0i/+Eu32WOlqa/mR0uVqHle9fFdvu37xpY0Wu3PHS4ej10jR1vTolXtKETFaS0+UBk+//PehXvlJ8fn46Mbmuz3rv7RtABtb3LV9SvkAjlzZNoCjRcffjVO9mFMXeuWFflz/icTjc1k9nag1608Xj0TM/3XfenX161FM/9uNxSOluLi6tjLx8mtrF4qxXM1buXq5/wDFHc9RHD6Wosf1/h6IB4fPeKy4EaPf73iv3/Lmb8DIs8XmI3v3Wdrc57txuhdzerxXjm+d/+G8z8mJpyejWj0y0k2Xu2+tb5p9fxSTNzjzd+PhXszDZx7uFUNGUdkyild3jqKyeRT9nbDPvth3FGP9A+v9U+8s//3XzVI6td8opraN4vCnHAXA7XKxeOrPtSz0P0UW+td6T57/r+XdpBfQ1z/LPbDRVH6WG6SBbWe5i7GxZrD9plw3Gjuy+/aXF7Gtl13O6Gd6MWd6rydGjw/JK+UhZ/TXV1//Tf+M/sQHP/zRV07+9iefPbt9EI/2YvpF3PerXXJsPufvNRbHB40uP9Ov/HjXfjv1SinGIu766uXX4+ibb195bPXy+VdWXll5tVKZmi4/US4/WYmx4qVCv5B7ABhi//fY2Tei9MQ+V9X3bfxJwUS8HK/FWlyIs8XdBhHx0PBWxzf9GcLZOB3FxfIuV63jm97h5ew+15bXYis7YwevK3bETm3aYw/8oCj+cRO/KQBwk53eJw9fT/4/u89199Zcvu3qOHbP5cP8/03dGwDwxZC2PymNd98rtdtZ68XJmZnJanchTdrN2gtJO5udT5Os0U3btYVqYz5NWu1mt1kb/OB4Nu0knaVWq9nuJnPNdtJqdrLl4p3fk/5bv3fSxWqjm9U6rXpa7aRJrdnoVmvdZDbr1JLW3c/Vs85C2i427rTSWjaX1ardrNlIOs2ldi2dSJJOmiatpUFgNps2utlcllcbSaudLVbbVyOivrSYJrNpp9bOWt1mr8FaM4q+ssZcs71YNDuxc/p/utX7GwDuBG++feXS+bW1lTe2Vo7E9iXbKqNRVP64V8ygcrvnCABsJUsDAAAAAAAAAAAAAMCdb+ftevnSfW/pG1Y5FJ9+q0Pxqbq4wUo+tVvV1+2v5LO9A4ZxeysvPfPMpd1innvn2ML1tTP8f8qwW13fOxJx90+/31vy7K2a6Yef7cBeL+0Rc5tPTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwxH8CAAD//+mvWJQ=")
r6 = openat$binfmt_register(0xffffff9c, &(0x7f0000000040), 0x1, 0x0)
write$binfmt_register(r6, &(0x7f0000000100)={0x3a, 'syz3', 0x3a, 'E', 0x3a, 0x6, 0x3a, 'E', 0x3a, '@{@$\x9a$^', 0x3a, './file0', 0x3a, [0x50, 0x4f, 0x46, 0x4f, 0x50]}, 0x34)
ioctl$TCSETAF(r5, 0x5408, &(0x7f0000000080)={0x49de, 0x0, 0x0, 0xbfff, 0x0, "ec28a144f13d7607"})
write$binfmt_aout(r5, &(0x7f0000000300)=ANY=[], 0xff2e)
ioctl$TCSETS(r5, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000300)='nilfs2_transaction_transition\x00', r0, 0x0, 0x1}, 0x18)
r7 = syz_open_pts(r5, 0x0)
r8 = dup3(r7, r5, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r10 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x140, 0x0)
r11 = syz_io_uring_setup(0x2421, &(0x7f0000000380)={0x0, 0x0, 0x13090}, &(0x7f0000000100), &(0x7f0000000080))
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000300), 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="7472616e731d66642c7666646e6f3d", @ANYRESHEX=r10, @ANYBLOB=',wfdno=', @ANYRESHEX=r11, @ANYBLOB=',\x00'])
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r9}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
semtimedop(0x0, &(0x7f0000000340), 0x0, 0x0)
ioctl$TIOCSTI(r8, 0x5412, &(0x7f0000000000)=0x44)
socket$inet6_sctp(0xa, 0x5, 0x84)

2m7.74343832s ago: executing program 1 (id=268):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x18)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000440), r1)
sendmsg$NLBL_CALIPSO_C_ADD(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002bbd7004ffdbdf250100000008000100000000000800020002"], 0x54}, 0x1, 0x0, 0x0, 0x4000040}, 0x800)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r3}, 0x18)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
r4 = openat$tcp_congestion(0xffffff9c, 0x0, 0x1, 0x0)
write$tcp_congestion(r4, 0x0, 0x0)
r5 = gettid()
timer_create(0x0, &(0x7f0000000180)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r6 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x0, &(0x7f0000000300)={0x0, 0x1, 0x7})
mq_timedsend(r6, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r6, 0x0, 0x0, 0x0, 0x0)
rename(&(0x7f0000000000)='./file0\x00', &(0x7f0000000440)='./file0\x00')

2m7.43704884s ago: executing program 1 (id=274):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={0x0, r1}, 0x18)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff9, @void, @value}, 0x94)
syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000080)='./file1\x00', 0xc44, &(0x7f0000000740)=ANY=[@ANYBLOB="00694ba7e2ae8959c3a1a1006a809454d1b9e49ca9bcfc4fc4988c654d24bf47f27cf5182a66907790f63da0382e7e8b6fa7bc01215b438ad0a0c54300383d371f98a51969e94000800000d1a09c066c83c90eb1659f642d9740b323fc7da8f03a2e547ee2dd62af8c0b51da0e3b75a1ccf23bb04d83fa977502819dcc5fbe622c4c35880cfe115f8743ddf5255ed6532d8ce9391e704bb6c64bf7bd3c3b218ccf99b00749bc4d22cdc096d92b7e3f7731bfbfc5af583df7f136a59dade8dafa14bcefad343a259d07d5b6e7152b1031acbba628c1f5310e53cd87b92c6be007f8aa026ce147dfd51281dba68af9b738f0a097f69b277ef9a9bd369a107367e5ed6f27bd9ef071148bc60b4845accf826763066baf9b092754602e7fe53fbd347a39262850be890a0300863518f5cd8e1d6d388c66123eac43a65f0b3a585c80576666c4ee5d579c349d415741bd3de7fd5af2fa9b50f63bbd192fa1ee4eb9d2eb2b4afffa5dd5a32f292bffcecbcc18071375b13aa12b581b2b23e80fb7a1eca9816df0137b589441fca8b569993caed53c6d9deae218f204dfc7d7b06ca1565bbe12aea254ec23175760206f4c038a44159a57df1494350f375b254e4ba19be275d35df150ebb5b2d041a9dc024c97f377f272c92c902a9c7bbd80423cf959d12f119a306f83a131aa770e44b00c2dae191251e9ad47644c7e8ec36f18a3123dedd5c91b2809224c4130875231b2aba9ba0cd94c4af0915ba0516d5e46648f0db3f845b671181a5ba7d6d187eb2bcf5f4db13648c856faa15a323e595d2616c02e8acc4e3ba966032a39"], 0x2, 0x266, &(0x7f0000000480)="$eJzs3b9rFHkUAPC32c2vazYcBwfHwS0cB1eFJHB9juMOwgUVwyIRCW7MRkI2BAwEtEhiJVjZWFqmiwha2On/INjYiI2IlSkEC8lIMmF3YzbGlWRHks+nmce892a+3wkzky32u5d/XZifWVya3dx8HX19uSiMXt1KklwMRFfkI7UWAMBJ8iFJ4l2SynosAEBneP8DwOlz2Pu/O92c6/CwAIBj9O2f/+9OPnlZqY7+9RWlSW89fDHV/hgBgKM1MXnx/62nf/SPxaM7EQu3lsvL5XSb5v+ejbmoRTWGohgfI5K6NP5vbPzfodK2/ojywupu/+pyOb+3fziKMRBx4cz+/uFSam9/d/zQ3D8Sxfip9flHWvb3xJ+/N/UPRjGeXYnFqMXM9r8kTf0rw6XSP2fHP+vv3amL9Xymfx8AAAAAAAAAAAAAAAAAAAAAAE6mwVLdQNP6N7l6frBlfrX99YEa6/Pc3ukvxC+FuJnh1AEAAAAAAAAAAAAAAAAAAOC7sXT9xnylVqteqwfT5+d+3LvnsCDXIpXfPX47xzn64H2mZz8w2L4wx3iK3yKiseftsczi4Ub1+frUpYnsL2YHg2iZepD5wKa/UNMVETvBz/dGK49XXr3ZXxNrTfdyIb1vK7V029P8sCh1+OEEAAAAAAAAAAAAAAAAAACnTONrwAdVJJ0dEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABkoPH7/20HPfU9G/3pwQ4oTpP3M50nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACn26cAAAD//5yXqIk=")
execve(&(0x7f0000000340)='./file0\x00', 0x0, 0x0)
r2 = socket$pppoe(0x18, 0x1, 0x0)
ioctl$PPPOEIOCSFWD(r2, 0x40047452, 0x0)

2m7.41941966s ago: executing program 32 (id=274):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={0x0, r1}, 0x18)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff9, @void, @value}, 0x94)
syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000080)='./file1\x00', 0xc44, &(0x7f0000000740)=ANY=[@ANYBLOB="00694ba7e2ae8959c3a1a1006a809454d1b9e49ca9bcfc4fc4988c654d24bf47f27cf5182a66907790f63da0382e7e8b6fa7bc01215b438ad0a0c54300383d371f98a51969e94000800000d1a09c066c83c90eb1659f642d9740b323fc7da8f03a2e547ee2dd62af8c0b51da0e3b75a1ccf23bb04d83fa977502819dcc5fbe622c4c35880cfe115f8743ddf5255ed6532d8ce9391e704bb6c64bf7bd3c3b218ccf99b00749bc4d22cdc096d92b7e3f7731bfbfc5af583df7f136a59dade8dafa14bcefad343a259d07d5b6e7152b1031acbba628c1f5310e53cd87b92c6be007f8aa026ce147dfd51281dba68af9b738f0a097f69b277ef9a9bd369a107367e5ed6f27bd9ef071148bc60b4845accf826763066baf9b092754602e7fe53fbd347a39262850be890a0300863518f5cd8e1d6d388c66123eac43a65f0b3a585c80576666c4ee5d579c349d415741bd3de7fd5af2fa9b50f63bbd192fa1ee4eb9d2eb2b4afffa5dd5a32f292bffcecbcc18071375b13aa12b581b2b23e80fb7a1eca9816df0137b589441fca8b569993caed53c6d9deae218f204dfc7d7b06ca1565bbe12aea254ec23175760206f4c038a44159a57df1494350f375b254e4ba19be275d35df150ebb5b2d041a9dc024c97f377f272c92c902a9c7bbd80423cf959d12f119a306f83a131aa770e44b00c2dae191251e9ad47644c7e8ec36f18a3123dedd5c91b2809224c4130875231b2aba9ba0cd94c4af0915ba0516d5e46648f0db3f845b671181a5ba7d6d187eb2bcf5f4db13648c856faa15a323e595d2616c02e8acc4e3ba966032a39"], 0x2, 0x266, &(0x7f0000000480)="$eJzs3b9rFHkUAPC32c2vazYcBwfHwS0cB1eFJHB9juMOwgUVwyIRCW7MRkI2BAwEtEhiJVjZWFqmiwha2On/INjYiI2IlSkEC8lIMmF3YzbGlWRHks+nmce892a+3wkzky32u5d/XZifWVya3dx8HX19uSiMXt1KklwMRFfkI7UWAMBJ8iFJ4l2SynosAEBneP8DwOlz2Pu/O92c6/CwAIBj9O2f/+9OPnlZqY7+9RWlSW89fDHV/hgBgKM1MXnx/62nf/SPxaM7EQu3lsvL5XSb5v+ejbmoRTWGohgfI5K6NP5vbPzfodK2/ojywupu/+pyOb+3fziKMRBx4cz+/uFSam9/d/zQ3D8Sxfip9flHWvb3xJ+/N/UPRjGeXYnFqMXM9r8kTf0rw6XSP2fHP+vv3amL9Xymfx8AAAAAAAAAAAAAAAAAAAAAAE6mwVLdQNP6N7l6frBlfrX99YEa6/Pc3ukvxC+FuJnh1AEAAAAAAAAAAAAAAAAAAOC7sXT9xnylVqteqwfT5+d+3LvnsCDXIpXfPX47xzn64H2mZz8w2L4wx3iK3yKiseftsczi4Ub1+frUpYnsL2YHg2iZepD5wKa/UNMVETvBz/dGK49XXr3ZXxNrTfdyIb1vK7V029P8sCh1+OEEAAAAAAAAAAAAAAAAAACnTONrwAdVJJ0dEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABkoPH7/20HPfU9G/3pwQ4oTpP3M50nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACn26cAAAD//5yXqIk=")
execve(&(0x7f0000000340)='./file0\x00', 0x0, 0x0)
r2 = socket$pppoe(0x18, 0x1, 0x0)
ioctl$PPPOEIOCSFWD(r2, 0x40047452, 0x0)

1m27.360428549s ago: executing program 5 (id=1297):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00'})
r1 = syz_open_dev$usbfs(&(0x7f0000000100), 0x75, 0x1a1281)
ioctl$USBDEVFS_FREE_STREAMS(r1, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="02002303100007006000000002000020d3"])
r2 = signalfd4(r0, &(0x7f0000002100)={[0x2000104000001]}, 0x8, 0x0)
clock_gettime(0x0, &(0x7f0000002180)={<r3=>0x0, <r4=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = add_key$keyring(&(0x7f0000000100), 0x0, 0x0, 0x0, 0xfffffffffffffffe)
add_key(&(0x7f00000003c0)='ceph\x00', 0x0, &(0x7f0000000400)="010000000037a788a11d1f000000000000006923c63a4541062101a59ea9cba39a989ca8c70b3692930208", 0x2b, r5)
ppoll(&(0x7f0000002140)=[{r1, 0x405}, {r0, 0xc020}, {r1, 0x4000}, {r2, 0x5542}, {r1, 0x280}], 0x5, &(0x7f00000021c0)={r3, r4+10000000}, &(0x7f0000002200)={[0xdc2e]}, 0x8)
io_uring_setup(0x22a3, &(0x7f0000000240)={0x0, 0xa542, 0x2, 0xfffffffd, 0x21d})
syz_emit_ethernet(0x86, &(0x7f0000000140)=ANY=[@ANYBLOB="5b1a033f2511aaaaaaaaaabb080045000078000000000011907800000000000000000000000000649078100000000400000000000000fdcdae25a7a296a92a8a5290e48ebcb0eeae0000000000000000e400000000008035f3c07eeca4a20a9858ac150000000063081fe8fe001a08ed082ad7121d696f00"/134], 0x0)
socket$inet6(0xa, 0x6, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000a40)={[{@stripe={'stripe', 0x3d, 0x3}}, {@noauto_da_alloc}, {@jqfmt_vfsold}, {@data_err_ignore}, {@noauto_da_alloc}, {@delalloc}, {@resuid}, {@oldalloc}, {@jqfmt_vfsv1}]}, 0xfc, 0x550, &(0x7f0000000b00)="$eJzs3d9rW1UcAPDvTdv91nUwhvoghT04mUvX1h8TfJiPosOBvs/Q3pXRZBlNOtY6cHtwL77IEEQciH+A7z4O/wH/ioEOhoyiD75EbnrTZWvSZm22Zubzgduec89Nzz0593t6bk5CAhhaE9mPQsSrEfFtEnG4rWw08sKJteNWH16fzbYkGo3P/koiyfe1jk/y3wfzzCsR8dvXEScLG+utLa8slMrldDHPT9YrVyZryyunLlVK8+l8enl6ZubMOzPT77/3bt/a+ub5f3749O5HZ745vvr9L/eP3E7ibBzKy9rbsQM32jMTMZE/J2Nx9okDp/pQ2SBJdvsE2JaRPM7HIhsDDsdIHvXA/99XEdEAhlQi/mFIteYBrXv7Pt0HvzAefLh2A7Sx/aNrr43Evua90YHV5LE7o+x+d7wP9Wd1/PrnndvZFv17HQJgSzduRsTp0dGN41+Sj3/bd7qHY56sw/gHz8/dbP7zVqf5T2F9/hMd5j8HO8Tudmwd/4X7faimq2z+90HH+e/6otX4SJ57qTnnG0suXiqn2dj2ckSciLG9WX6z9Zwzq/ca3cra53/ZltXfmgvm53F/dO/jj5kr1Us7aXO7BzcjXus4/03W+z/p0P/Z83G+xzqOpXde71a2dfufrcbPEW907P9HK1rJ5uuTk83rYbJ1VWz0961jv3erf7fbn/X/gc3bP560r9fWnr6On/b9m3Yr2+71vyf5vJnek++7VqrXF6ci9iSfbNw//eixrXzr+Kz9J45vPv51uv73R8QXPbb/1tFbXQ8dhP6fe6r+f/rEvY+//LFb/b31/9vN1Il8Ty/jX68nuJPnDgAAAAAAAAZNISIORVIorqcLhWJx7f0dR+NAoVyt1U9erC5dnovmZ2XHY6zQWuk+3PZ+iKn8/bCt/PQT+ZmIOBIR343sb+aLs9Xy3G43HgAAAAAAAAAAAAAAAAAAAAbEwYh9nT7/n/ljZLfPDnjmfOU3DK/u8Z+X9OObnoCB5P8/DC/xD8NL/MPwEv8wvMQ/DC/xD8NL/MPwEv8AAAAAAAAAAAAAAAAAAAAAAAAAAADQV+fPncu2xurD67NZfu7q8tJC9eqpubS2UKwszRZnq4tXivPV6nw5Lc5WK1v9vXK1emVqOpauTdbTWn2ytrxyoVJduly/cKlSmk8vpGPPpVUAAAAAAAAAAAAAAAAAAADwYqktryyUyuV0UUJiW4nRwTgNiT4ndntkAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBH/gsAAP//sQI4ww==")
r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
pwritev2(r6, &(0x7f00000006c0)=[{&(0x7f0000000080)='7', 0x1}], 0x1, 0x6e45, 0x0, 0x0)

1m27.144704199s ago: executing program 5 (id=1303):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73f72cc9f0ba1f8483e0000005e140602000000000e000a", 0x23}], 0x1}, 0x0)

1m27.113056709s ago: executing program 5 (id=1305):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c)
setsockopt$sock_int(r0, 0x1, 0xe, &(0x7f0000000000)=0xfffffffd, 0x4)

1m27.044433479s ago: executing program 5 (id=1306):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c10, &(0x7f0000000400)={[{@sysvgroups}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x200}}]}, 0xff, 0x23f, &(0x7f0000000540)="$eJzs3T1oLFUYBuB3Zne95t5FrtoI4g+IiAbCtRNsYqMQkBBEBBUiIjZKIsQEu8TKxkJrlVQ2QeyMlpIm2CiCVdQUsRE0WBgstFiZnURisuLPxh1xngdmZ2b3nPnOMPOe3WbYAK11Nclskk6S6SS9JMXpBnfWy9Xj3c2p3cVkMHjsh2LYrt6vnfS7kmQjyQNJdsoiL3STte2nDn7ae+Se11d7d7+7/eTURE/y2OHB/qNH78y/9sHc/WufffHdfJHZ9H93XhevGPFet0hu+jeK/UcU3aZHwF+x8Mr7X1a5vznJXcP891KmvnhvrFy308t9b/9R3ze///zWSY4VuHiDQa/6DtwYAK1TJumnKGeS1NtlOTNT/4b/qnO5fHF55eXp55dXl55reqYCLko/2X/4o0sfXjmT/287df6B/68q/48vbH1dbR91mh4NMBG31asq/9PPrN8b+YfWkX9oL/mH9pJ/aC/5h/aSf2gv+Yf2kn9oL/mH9pJ/aK/T+QcA2mVwqeknkIGmND3/AAAAAAAAAAAAAAAAAAAA521O7S6eLJOq+clbyeFDSbqj6neG/0ecXD98vfxjUTX7TVF3G8vTd4x5gDG91/DT1zd802z9T29vtv76UrLxapJr3e75+684vv/+uRv/5PPes2MW+JuKM/sPPjHZ+mf9stVs/bm95ONq/rk2av4pc8twPXr+6VfXb8z6L/085gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYmF8DAAD//xFQbUc=")
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0)
getsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x10000000000030, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000140), r0)
sendmsg$ETHTOOL_MSG_COALESCE_GET(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x7c, r1, 0x200, 0x70bd2a, 0x25dfdbfd, {}, [@HEADER={0x68, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bridge\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bond\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}]}, 0x7c}, 0x1, 0x0, 0x0, 0x20000800}, 0x24040802)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x2, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
perf_event_open(&(0x7f0000000400)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x82, 0xf20e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x63db, 0x6, 0x0, 0x0, 0x0, 0x0, 0x80}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

1m26.967112799s ago: executing program 5 (id=1307):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$selinux_load(r2, &(0x7f0000000340)={0xf97cff8c, 0x8}, 0x2000)

1m26.489039139s ago: executing program 5 (id=1312):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3804402, &(0x7f0000000600)={[{@user_xattr}, {@data_err_abort}, {@resuid}, {@errors_remount}, {@norecovery}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x7b1}}, {@stripe={'stripe', 0x3d, 0x5}}, {@noinit_itable}, {@nomblk_io_submit}, {@grpquota}, {@nogrpid}]}, 0x1, 0x54f, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbZdnamc8HbnvOvTc995t7v6fn5iQkgKE1kf0oRLwcEd8kEQfbto1GvnFibb/V+1dnsyWJRuPTv5JI8nWt/ZP89/688lJE/PZVxPHCxnZryysLpXI5Xczrk/XKpcna8sqJC5XSfDqfXpyemTn19sz0e+++M7BY3zj7z/ef3P7w1NdHV7/75e6hm0mcjgP5tvY4nsC19spETOTPyVicfmTHqQE0tpMk230A9GUkz/OxyPqAgzGSZz3w//dlRDSAIZXIfxhSrXFA695+QPfBz417H6zdAG2Mf3TttZHY07w32reaPHRnlN3vjg+g/ayNX/+8dTNbYnCvQwBs6dr1iDg5Orqx/0vy/q9/J3vY59E29H/w7NzOxj9vdhr/FNbHP9Fh/LO/Q+72Y+v8L9wdQDNdZeO/9zuOf9cnrcZH8toLzTHfWHL+QjnN+rYXI+JYjO3O6pvN55xavdPotq19/JctWfutsWB+HHdHdz/8mLlSvfQkMbe7dz3ilY7j32T9/Ccdzn/2fJztsY0j6a3Xum3bOv6nq/FTxOsdz/+DGa1k8/nJyeb1MNm6Kjb6+8aR37u1v93xZ+d/3+bxjyft87W1x2/jxz3/pt229Xv970o+a5Z35euulOr1xamIXcnHG9dPP3hsq97aP4v/2NHN+79O1//eiPi8x/hvHP751f7jf7qy+Oce6/w/fuHOR1/80K393s7/W83SsXxNL/1frwf4JM8dAAAAAAAA7DSFiDgQSaG4Xi4UisW193ccjn2FcrVWP36+unRxLpqflR2PsUJrpvtg2/shpvL3w7bq04/UZyLiUER8O7K3WS/OVstz2x08AAAAAAAAAAAAAAAAAAAA7BD7u3z+P/PHyHYfHfDU+cpvGF5b5v8gvukJ2JH8/4fhJf9heMl/GF7yH4aX/IfhJf9heMl/GF7yHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAbq7Jkz2dJYvX91NqvPXV5eWqhePjGX1haKlaXZ4mx18VJxvlqdL6fF2Wplq79XrlYvTU3H0pXJelqrT9aWV85VqksX6+cuVErz6bl07JlEBQAAAAAAAAAAAAAAAAAAAM+X2vLKQqlcThcVFPoqjO6Mw1AYcGG7eyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeOC/AAAA///ktDiZ")
r0 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x80044940, &(0x7f00000030c0))
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xbe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x100000000, 0x6}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000100)='kmem_cache_free\x00', r1, 0x0, 0x9}, 0x18)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
r3 = socket(0x1e, 0x4, 0x0)
r4 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10)
sendmmsg(r3, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
close_range(r2, 0xffffffffffffffff, 0x0)

1m26.488435549s ago: executing program 33 (id=1312):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3804402, &(0x7f0000000600)={[{@user_xattr}, {@data_err_abort}, {@resuid}, {@errors_remount}, {@norecovery}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x7b1}}, {@stripe={'stripe', 0x3d, 0x5}}, {@noinit_itable}, {@nomblk_io_submit}, {@grpquota}, {@nogrpid}]}, 0x1, 0x54f, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbZdnamc8HbnvOvTc995t7v6fn5iQkgKE1kf0oRLwcEd8kEQfbto1GvnFibb/V+1dnsyWJRuPTv5JI8nWt/ZP89/688lJE/PZVxPHCxnZryysLpXI5Xczrk/XKpcna8sqJC5XSfDqfXpyemTn19sz0e+++M7BY3zj7z/ef3P7w1NdHV7/75e6hm0mcjgP5tvY4nsC19spETOTPyVicfmTHqQE0tpMk230A9GUkz/OxyPqAgzGSZz3w//dlRDSAIZXIfxhSrXFA695+QPfBz417H6zdAG2Mf3TttZHY07w32reaPHRnlN3vjg+g/ayNX/+8dTNbYnCvQwBs6dr1iDg5Orqx/0vy/q9/J3vY59E29H/w7NzOxj9vdhr/FNbHP9Fh/LO/Q+72Y+v8L9wdQDNdZeO/9zuOf9cnrcZH8toLzTHfWHL+QjnN+rYXI+JYjO3O6pvN55xavdPotq19/JctWfutsWB+HHdHdz/8mLlSvfQkMbe7dz3ilY7j32T9/Ccdzn/2fJztsY0j6a3Xum3bOv6nq/FTxOsdz/+DGa1k8/nJyeb1MNm6Kjb6+8aR37u1v93xZ+d/3+bxjyft87W1x2/jxz3/pt229Xv970o+a5Z35euulOr1xamIXcnHG9dPP3hsq97aP4v/2NHN+79O1//eiPi8x/hvHP751f7jf7qy+Oce6/w/fuHOR1/80K393s7/W83SsXxNL/1frwf4JM8dAAAAAAAA7DSFiDgQSaG4Xi4UisW193ccjn2FcrVWP36+unRxLpqflR2PsUJrpvtg2/shpvL3w7bq04/UZyLiUER8O7K3WS/OVstz2x08AAAAAAAAAAAAAAAAAAAA7BD7u3z+P/PHyHYfHfDU+cpvGF5b5v8gvukJ2JH8/4fhJf9heMl/GF7yH4aX/IfhJf9heMl/GF7yHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAbq7Jkz2dJYvX91NqvPXV5eWqhePjGX1haKlaXZ4mx18VJxvlqdL6fF2Wplq79XrlYvTU3H0pXJelqrT9aWV85VqksX6+cuVErz6bl07JlEBQAAAAAAAAAAAAAAAAAAAM+X2vLKQqlcThcVFPoqjO6Mw1AYcGG7eyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeOC/AAAA///ktDiZ")
r0 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x80044940, &(0x7f00000030c0))
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xbe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x100000000, 0x6}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000100)='kmem_cache_free\x00', r1, 0x0, 0x9}, 0x18)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
r3 = socket(0x1e, 0x4, 0x0)
r4 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10)
sendmmsg(r3, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
close_range(r2, 0xffffffffffffffff, 0x0)

2.731966757s ago: executing program 0 (id=3158):
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x7, 0x8000, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r1}, &(0x7f00000002c0), &(0x7f0000000280)}, 0x20)
madvise(&(0x7f0000000000/0x2000)=nil, 0x8000000, 0x19)

1.785143748s ago: executing program 0 (id=3170):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000800)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000ec0)={'batadv0\x00', <r3=>0x0})
r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="030300000000000000000500000008000300", @ANYRES32=r3], 0x1c}}, 0x0)

1.747766458s ago: executing program 2 (id=3172):
sendmsg$IPSET_CMD_LIST(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c00000007060108800000000405000700"/28], 0x1c}, 0x1, 0x0, 0x0, 0x20000005}, 0x80)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000fbe000)={0x0, 0x0}, 0x10)
syz_open_dev$usbfs(&(0x7f0000000080), 0x75, 0x109301)
openat(0xffffffffffffffff, 0x0, 0x8000, 0x1)
r0 = syz_io_uring_setup(0x231, &(0x7f0000000080)={0x0, 0x20000, 0x10}, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
syz_io_uring_submit(r1, r2, 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x35, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000200), 0x800)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r3, 0x4058534c, &(0x7f0000000180)={0x80, 0x2b, 0x3})
io_uring_enter(r0, 0x7a98, 0x0, 0x0, 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={0xffffffffffffffff, 0xfca804a0, 0x0, 0x0, 0x0, 0x0, 0x5ee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xa}, 0x50)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1000000004000000080000000500000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000000000000000001000000000000000"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r5}, &(0x7f0000000000), &(0x7f0000000040)=r6}, 0x20)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000240)={r6}, 0x57)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r7, 0x8933, &(0x7f0000000040)={'batadv0\x00', <r8=>0x0})
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=@setlink={0x3c, 0x13, 0x1, 0x0, 0x0, {}, [@IFLA_MASTER={0x8, 0xa, r8}, @IFLA_ALT_IFNAME={0x14, 0x35, 'dummy0\x00'}]}, 0x3c}}, 0x0)
r9 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r9, 0x8922, &(0x7f0000000080)={'dummy0\x00'})
r10 = socket(0x10, 0x3, 0x6)
r11 = socket(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r10, 0x8933, &(0x7f0000000600)={'team0\x00', <r12=>0x0})
sendmsg$nl_route_sched(r11, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x88, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r12, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x2, [], 0x0, [0x4, 0x2, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3dc], [0x0, 0x4]}}}}]}, 0x88}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a680000000202050000000000000000000000000008000240000000000900010073797a30000000000c00044000000000000000050c0004400000000000000001080002400000000308000240000000020900010073797a31000000000900010073797a300000000014000000020a0108000000000000000001000007140000001100010000000000000000000000000a"], 0xa4}}, 0x0)
r13 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000280)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x48, 0xffffffffffffffff)
add_key$fscrypt_v1(&(0x7f0000000400), &(0x7f0000000440)={'fscrypt:', @desc2}, &(0x7f0000000480)={0x0, "6035ae1e0fe721441700322225930e6c1e3e2a51a92fd796bc34d7cf6e0236805b4377f7ab1a9b01c103a4c6de6269613800"}, 0x48, 0xfffffffffffffffd)
keyctl$invalidate(0x15, r13)

1.712887538s ago: executing program 6 (id=3173):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="540000000206010200000000000000000500000005000100060000000d000300686173683a6e6574000000000900020073797a31000000000c00078008000640000000400500050002000000050004"], 0x54}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000740)={0x38, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x10, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @empty=0xfffffffe}}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000084)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_SAVE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x8, 0x6, 0x201, 0x0, 0x0, {0x1, 0x0, 0xa}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x4084)

1.671908429s ago: executing program 0 (id=3174):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fa540000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1900000004000000080000000800000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8923, &(0x7f0000000040)={'bond0\x00', 0x1001})

1.652555068s ago: executing program 2 (id=3175):
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x75, 0x1a1281)
ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="02002303100007006000000002000020d3"])
clock_gettime(0x0, &(0x7f0000002180)={<r1=>0x0, <r2=>0x0})
ppoll(&(0x7f0000002140), 0x0, &(0x7f00000021c0)={r1, r2+10000000}, &(0x7f0000002200)={[0xdc2e]}, 0x8)

1.628023599s ago: executing program 6 (id=3176):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0x80, &(0x7f0000000800), 0xfd, 0x525, &(0x7f0000000a40)="$eJzs3c9vI1cdAPDvOOvEyaZNWnoABO3SFha0WifxtlHVA5QTQqgSokeQtiHxRlHsOIqd0oQ9bM9ckajECY78AZx74s4FwY1LOSDxIwI1SByMZjxOncRu0iaOQ/z5SKN5b2Z2vt+XxO/Zz2u/AMbWnYh4EhGTEfF2RMzlx5N8izc6W3rdRwePVw8PHq8m0W6/9Y8kO58ei55/k7qd37MUET/4TsSPk9Nxm3v7myu1WnUnry+06tsLzb39+xv1lfXqenWrUlleWl587cGrlUtr6wv1ybz05Q9//+QbP03Tms2P9LbjMnWaXjyKk7oVEd8bRrARmMjbMznqRPhMChHxbES8mD3+52Ii+20CADdZuz0X7bneOgBw0xWyObCkUM7nAmajUCiXO3N4z8VModZotu49auxurXXmyuajWHi0Uasu5nOF81FM0vpSVv64XjlRfxARz0TEz6ems3p5tVFbG+UTHwAYY7dPjP//nuqM/2eavoLkAIDhKY06AQDgyhn/AWD8GP8BYPwY/wFg/HTGf/+jDwDGidf/ADB+zjf+J51v9QQA/t99/8030619mH//9do7e7ubjXfur1Wbm+X67mp5tbGzXV5vNNaz7+ypn3W/WqOxvfRK7L47/83tZmuhubf/sN7Y3Wo9zL7X+2G1mF3leQQAjNIzL3zwpyQdkV+fzrboWcuhONLMgGErjDoBYGQmRp0AMDJW+4LxdYHX+KYH4Ibos0TvMaV+HxBqt9vt4aUEDNndL5j/h3HVM//vU0AwZsz/w/gy/w/jq91Ozrvmfxy/sDSM5YgBgCtgjh8Y8P7/s/n+N/mbAz9aO3nF+8PMCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAK637vq/5Xwt8NkoFMrliKciYj6KyaONWnUxIp6OiD9OFafS+tKIcwYALqrw1yRf/+vu3Muzx049f/uoOBkRP/nlW794d6XV2vlDxGTyz6nu8db7+fHKp4v81CW1AADG09S5r+yO09m+54X8RwePV7vbcHLs72/fjohSJ/7hwWQcHsW/FbeyfSmKETHzrySvdyQ9cxcX8eS9iPh8v/YnMZvNgXRWPj0Zf+KSnr+cP37hWPxCdq6zT38Wn7uEXGDcfJD2P2/0e/wV4k627//4L2U91MXl/V96q9XDrA/8OH63/5sY0P/dOW+MV3733U5p+vS59yK+eCuiG/uwp//pxk8GxH/51N1O3z/15y89/+Kg3Nq/irgb/eP3xlpo1bcXmnv79zfqK+vV9epWpbK8tLz42oNXKwvZHPXC4NHg76/fe3rQubT9MwPil85o/1cHRjzu1/99+4df+YT4X3+pX/xCPPcJ8dMx8WvnjL8y89vSoHNp/LUB7T/r93/vnPE//Mv+qWXDAYDRae7tb67UatUdhU9V6D7bvC75jEFhIvb20x/5dcnnZOFbVxVrcsBf3c9e6vxNnjjVbn+mWIN6jMuYdQOug6MHfUT8Z9TJAAAAAAAAAAAAAAAAfV3m55MGfRhu1G0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg5vpfAAAA//8Hi8oe")
listxattr(&(0x7f0000000a00)='./file1\x00', 0x0, 0x0)

1.566994539s ago: executing program 0 (id=3177):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00'})
r1 = syz_open_dev$usbfs(&(0x7f0000000100), 0x75, 0x1a1281)
ioctl$USBDEVFS_FREE_STREAMS(r1, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="02002303100007006000000002000020d3"])
r2 = signalfd4(r0, &(0x7f0000002100)={[0x2000104000001]}, 0x8, 0x0)
clock_gettime(0x0, &(0x7f0000002180)={<r3=>0x0, <r4=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
add_key(&(0x7f00000003c0)='ceph\x00', 0x0, 0x0, 0x0, r5)
ppoll(&(0x7f0000002140)=[{r1, 0x405}, {r0, 0xc020}, {r1, 0x4000}, {r2, 0x5542}, {r1, 0x280}], 0x5, &(0x7f00000021c0)={r3, r4+10000000}, &(0x7f0000002200)={[0xdc2e]}, 0x8)
io_uring_setup(0x22a3, &(0x7f0000000240)={0x0, 0xa542, 0x2, 0xfffffffd, 0x21d})
syz_emit_ethernet(0x86, &(0x7f0000000140)=ANY=[@ANYBLOB="5b1a033f2511aaaaaaaaaabb080045000078000000000011907800000000000000000000000000649078100000000400000000000000fdcdae25a7a296a92a8a5290e48ebcb0eeae0000000000000000e400000000008035f3c07eeca4a20a9858ac150000000063081fe8fe001a08ed082ad7121d696f00"/134], 0x0)
r6 = socket$inet6(0xa, 0x6, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000a40)={[{@stripe={'stripe', 0x3d, 0x3}}, {@noauto_da_alloc}, {@jqfmt_vfsold}, {@data_err_ignore}, {@noauto_da_alloc}, {@delalloc}, {@resuid}, {@oldalloc}, {@jqfmt_vfsv1}]}, 0xfc, 0x550, &(0x7f0000000b00)="$eJzs3d9rW1UcAPDvTdv91nUwhvoghT04mUvX1h8TfJiPosOBvs/Q3pXRZBlNOtY6cHtwL77IEEQciH+A7z4O/wH/ioEOhoyiD75EbnrTZWvSZm22Zubzgduec89Nzz0593t6bk5CAhhaE9mPQsSrEfFtEnG4rWw08sKJteNWH16fzbYkGo3P/koiyfe1jk/y3wfzzCsR8dvXEScLG+utLa8slMrldDHPT9YrVyZryyunLlVK8+l8enl6ZubMOzPT77/3bt/a+ub5f3749O5HZ745vvr9L/eP3E7ibBzKy9rbsQM32jMTMZE/J2Nx9okDp/pQ2SBJdvsE2JaRPM7HIhsDDsdIHvXA/99XEdEAhlQi/mFIteYBrXv7Pt0HvzAefLh2A7Sx/aNrr43Evua90YHV5LE7o+x+d7wP9Wd1/PrnndvZFv17HQJgSzduRsTp0dGN41+Sj3/bd7qHY56sw/gHz8/dbP7zVqf5T2F9/hMd5j8HO8Tudmwd/4X7faimq2z+90HH+e/6otX4SJ57qTnnG0suXiqn2dj2ckSciLG9WX6z9Zwzq/ca3cra53/ZltXfmgvm53F/dO/jj5kr1Us7aXO7BzcjXus4/03W+z/p0P/Z83G+xzqOpXde71a2dfufrcbPEW907P9HK1rJ5uuTk83rYbJ1VWz0961jv3erf7fbn/X/gc3bP560r9fWnr6On/b9m3Yr2+71vyf5vJnek++7VqrXF6ci9iSfbNw//eixrXzr+Kz9J45vPv51uv73R8QXPbb/1tFbXQ8dhP6fe6r+f/rEvY+//LFb/b31/9vN1Il8Ty/jX68nuJPnDgAAAAAAAAZNISIORVIorqcLhWJx7f0dR+NAoVyt1U9erC5dnovmZ2XHY6zQWuk+3PZ+iKn8/bCt/PQT+ZmIOBIR343sb+aLs9Xy3G43HgAAAAAAAAAAAAAAAAAAAAbEwYh9nT7/n/ljZLfPDnjmfOU3DK/u8Z+X9OObnoCB5P8/DC/xD8NL/MPwEv8wvMQ/DC/xD8NL/MPwEv8AAAAAAAAAAAAAAAAAAAAAAAAAAADQV+fPncu2xurD67NZfu7q8tJC9eqpubS2UKwszRZnq4tXivPV6nw5Lc5WK1v9vXK1emVqOpauTdbTWn2ytrxyoVJduly/cKlSmk8vpGPPpVUAAAAAAAAAAAAAAAAAAADwYqktryyUyuV0UUJiW4nRwTgNiT4ndntkAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBH/gsAAP//sQI4ww==")
r7 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
pwritev2(r7, &(0x7f00000006c0)=[{&(0x7f0000000080)='7', 0x1}], 0x1, 0x6e45, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0)
ioctl$EXT4_IOC_CLEAR_ES_CACHE(r8, 0x6628)
bind$inet6(r6, &(0x7f0000000140)={0xa, 0x4e24, 0x8001, @rand_addr, 0x8}, 0x1c)
listen(r6, 0x80080400)
r9 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r9, &(0x7f0000e5c000)={0x2, 0x4e20, @remote}, 0x10)
getsockopt$inet_int(r9, 0x10d, 0x89, &(0x7f0000000000), &(0x7f0000000080)=0x4)
r10 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ip_tables_matches\x00')
r11 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r11, 0x1, r10, &(0x7f0000000040)={0x10000011})
ppoll(&(0x7f0000000100)=[{r11}], 0x1, 0x0, 0x0, 0x0)

1.510480399s ago: executing program 6 (id=3178):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="160000000000000004000000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0x80, &(0x7f0000000800), 0xfd, 0x525, &(0x7f0000000a40)="$eJzs3c9vI1cdAPDvOOvEyaZNWnoABO3SFha0WifxtlHVA5QTQqgSokeQtiHxRlHsOIqd0oQ9bM9ckajECY78AZx74s4FwY1LOSDxIwI1SByMZjxOncRu0iaOQ/z5SKN5b2Z2vt+XxO/Zz2u/AMbWnYh4EhGTEfF2RMzlx5N8izc6W3rdRwePVw8PHq8m0W6/9Y8kO58ei55/k7qd37MUET/4TsSPk9Nxm3v7myu1WnUnry+06tsLzb39+xv1lfXqenWrUlleWl587cGrlUtr6wv1ybz05Q9//+QbP03Tms2P9LbjMnWaXjyKk7oVEd8bRrARmMjbMznqRPhMChHxbES8mD3+52Ii+20CADdZuz0X7bneOgBw0xWyObCkUM7nAmajUCiXO3N4z8VModZotu49auxurXXmyuajWHi0Uasu5nOF81FM0vpSVv64XjlRfxARz0TEz6ems3p5tVFbG+UTHwAYY7dPjP//nuqM/2eavoLkAIDhKY06AQDgyhn/AWD8GP8BYPwY/wFg/HTGf/+jDwDGidf/ADB+zjf+J51v9QQA/t99/8030619mH//9do7e7ubjXfur1Wbm+X67mp5tbGzXV5vNNaz7+ypn3W/WqOxvfRK7L47/83tZmuhubf/sN7Y3Wo9zL7X+2G1mF3leQQAjNIzL3zwpyQdkV+fzrboWcuhONLMgGErjDoBYGQmRp0AMDJW+4LxdYHX+KYH4Ibos0TvMaV+HxBqt9vt4aUEDNndL5j/h3HVM//vU0AwZsz/w/gy/w/jq91Ozrvmfxy/sDSM5YgBgCtgjh8Y8P7/s/n+N/mbAz9aO3nF+8PMCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAK637vq/5Xwt8NkoFMrliKciYj6KyaONWnUxIp6OiD9OFafS+tKIcwYALqrw1yRf/+vu3Muzx049f/uoOBkRP/nlW794d6XV2vlDxGTyz6nu8db7+fHKp4v81CW1AADG09S5r+yO09m+54X8RwePV7vbcHLs72/fjohSJ/7hwWQcHsW/FbeyfSmKETHzrySvdyQ9cxcX8eS9iPh8v/YnMZvNgXRWPj0Zf+KSnr+cP37hWPxCdq6zT38Wn7uEXGDcfJD2P2/0e/wV4k627//4L2U91MXl/V96q9XDrA/8OH63/5sY0P/dOW+MV3733U5p+vS59yK+eCuiG/uwp//pxk8GxH/51N1O3z/15y89/+Kg3Nq/irgb/eP3xlpo1bcXmnv79zfqK+vV9epWpbK8tLz42oNXKwvZHPXC4NHg76/fe3rQubT9MwPil85o/1cHRjzu1/99+4df+YT4X3+pX/xCPPcJ8dMx8WvnjL8y89vSoHNp/LUB7T/r93/vnPE//Mv+qWXDAYDRae7tb67UatUdhU9V6D7bvC75jEFhIvb20x/5dcnnZOFbVxVrcsBf3c9e6vxNnjjVbn+mWIN6jMuYdQOug6MHfUT8Z9TJAAAAAAAAAAAAAAAAfV3m55MGfRhu1G0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg5vpfAAAA//8Hi8oe")
symlinkat(&(0x7f0000001040)='./file1\x00', 0xffffffffffffffff, &(0x7f0000000000)='./file0\x00')
removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000780)=@known='system.posix_acl_access\x00')

1.363010299s ago: executing program 4 (id=3182):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500001000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
r2 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x8000, 0x0)
fchdir(r2)
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/ipc\x00')
mount(&(0x7f0000000000), &(0x7f0000000040)='./cgroup\x00', 0x0, 0x1001, 0x0)

1.332237489s ago: executing program 6 (id=3184):
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0b00000005000000020000000400000005"], 0x50)
ioctl$int_in(0xffffffffffffffff, 0x5421, 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='\t\x00\t\x00'/16, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
fchown(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x8}, 0x18)
syz_mount_image$iso9660(&(0x7f0000000680), &(0x7f00000006c0)='./file0\x00', 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="646566636f6e746578742b0f6101651f752c6673636f6e746578743d757365725f752c00b29993c7218d8fb4cfcb476f97cef234fb91b48559ca58ac8c4463fbe5896c284e3ce420f0c22f2df00c9dac62845501ea85c115308574767bf257e06d0f00252d5e7dd30c07d7b9cec38ff476bba61f67f0414cda7f44ec1aac14573bad05695cabe3d7cf3e1cc7b723986f631f1171cec76da0eccc956faddcfcc606376082b019d49f632d3f44c49e912fe121239d41f005000000860a033bb2b34d8fa737b1e58764f60536412c1f6d1efdf7fc95145004cd4532dfce155a4a6c769f12a443bf74215b658a4c7e84fd07"], 0x1, 0x646, &(0x7f0000000740)="$eJzs3d9uFOfZAPBn+aMP+ZNQ1VYIIUIm0EogEbO7DkZWjrbjWXuS3Z3VzDqCowgFEyFMUkEqFc44oa3UXkROexHtFUW9hFYzuyYGbC8F4k3R77eC992ZZ+Z9ZryaR2PvzAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEK10vd3utGKQj7ZuJgdL18tieMj83fX984XmkHEjWvW/OHUqzk4nnf31j7PP1P9djPPTd+fjVN2ciif/f+YXn/7qxLHd5Q9J6Eg8evzk/u2dne2Hi05kQTayUV4V+bC3kSV5VSRrq6vta5v9Kunng6y6VU2yYZKWWW9SlMnl9ErSWVtbSbLlW8XWaGO9N8h2J974uNturyafLY+zXlkVo2ufLVfpZj4Y5KONJqaeXcfcqD+In+eTZJL1hkly997O9sq8JOugzusEdecFddvdbqfT7XZWr69dv9Fun3hlQvsl8UrE4j+0LNY7PoLDmzs2q/8xiDxGsRU3I9n3lcZ6lFHE8ID5M7v1/7fXskPH3Vv/d6v82R9nn4um/l+YvrtwUP0/IJejez2Kx/Ek7sft2Imd2I6HC8/oaF8bkcUo8qiiiDyG0WumJLMpSazFaqxGO76MzehHFUn0I49BZFHFrahiElnziUqjjCx6MYkiykjicqRxJZLoxFqsxUokkcVy3IoitmIUG7EevWYtd+Nes99XDsnxeVDndYK6hwSp/7y9d38Qhzf07936DwAAALy3Ws1v3+vz/5PxQdPr54Osvei0AAAAgHeo+cv/+bo5Wfc+iJbzfwAAAHjftJpr7FoRsRQfTnu7V0L5JQAAAAC8J5q//1+om6W692G0nP8DAADA++bPc++xX43/r/WPf0VZnmw9Hd/8TetBr47rPTg+Xe74y2uc9M+1Ts9W0jSrJ2bv0ux8a3b3y+c3wfxh1tydl0frHSQQf42PpjEf3Zm2d3bnTEdZ6ueDbDktBp92otc7fWyS3Zz84Zt7f4xm8/8yGp5uxd17O9vLX327c6fJ5Wm9lqcPZjdQfOU+iofk8l1zv4Xmmot9t/hkcyHGbNyl6bjtvdt/bLr4sf9izGdxcRpzcWnaLr24/afqMTvLB239LIvOW275s7g0jbl0+dK02SeL7rwsunuzeKN98RpZrMzLYuUtswBYlLtzqlDr1cL/Bke5o6nuz+LyNObyuebAeuLcPkf09rwjevstq9vf48o05spu8EE1th73by9V1e/rBb4/cNxq0G3Vu/D4dw9+H2cePX7y8b0Ht7/e/nr7m253ZbX9Sbt9vRsnm82YNWoPAPuY/4yduRGtT+acVf/y+VcKluOr+DZ24k5cba42aL5xsO9al/Z8DeHqnLPWpT1PeLk656xuac+DXl4/duUIfhIAcHQuzqnDr1P/r845736xlh9+dry3lgMAP42s/KG1NPlTqyzz8ZedtbVOb7KZJWWRfp6U+fpGluSjSVamm73RRpaMy2JSpMWg7nyRr2dVUm2Nx0U5SfpFmYyLKr/ZPPk9mT36vcqGvdEkT6vxIOtVWZIWo0kvnSTreZUm463fDfJqMyubhatxlub9PO1N8mKUVMVWmWbLSVJl2Z7AfD0bTfJ+XndHybjMh73yVvJFMdgaZsl6VqVlPp4U0xXujpWP+kU5bFa7vOidDQA/E48eP7l/e2dn++FP2Fn0NgIAL1KlAQAAAAAAAAAAAADg5+8orv/T0dH5X+ss+sgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAK/6TwAAAP//7m5YCA==")

1.234816229s ago: executing program 4 (id=3186):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0, r1}, 0x18)
socket$inet(0x2, 0x2, 0x0)
socket$inet(0x2, 0x2, 0x0)
r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000540), 0x1, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r4=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="00001600"/20], 0x48)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r5}, &(0x7f0000000240), &(0x7f0000000040)=r2}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r6, r4, 0x25, 0x2, @val=@tcx={@void, @value}}, 0x40)
syz_emit_ethernet(0x32, &(0x7f00000002c0)={@multicast, @empty, @val={@void, {0x8100, 0x4, 0x1, 0x1}}, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @loopback}, {0x0, 0x4e20, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}, 0x0)

1.129954099s ago: executing program 4 (id=3187):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fa540000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={0x0, r1, 0x0, 0x2}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1900000004000000080000000800000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8923, &(0x7f0000000040)={'bond0\x00', 0x1001})

1.065940529s ago: executing program 6 (id=3188):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0x80, &(0x7f0000000800), 0xfd, 0x525, &(0x7f0000000a40)="$eJzs3c9vI1cdAPDvOOvEyaZNWnoABO3SFha0WifxtlHVA5QTQqgSokeQtiHxRlHsOIqd0oQ9bM9ckajECY78AZx74s4FwY1LOSDxIwI1SByMZjxOncRu0iaOQ/z5SKN5b2Z2vt+XxO/Zz2u/AMbWnYh4EhGTEfF2RMzlx5N8izc6W3rdRwePVw8PHq8m0W6/9Y8kO58ei55/k7qd37MUET/4TsSPk9Nxm3v7myu1WnUnry+06tsLzb39+xv1lfXqenWrUlleWl587cGrlUtr6wv1ybz05Q9//+QbP03Tms2P9LbjMnWaXjyKk7oVEd8bRrARmMjbMznqRPhMChHxbES8mD3+52Ii+20CADdZuz0X7bneOgBw0xWyObCkUM7nAmajUCiXO3N4z8VModZotu49auxurXXmyuajWHi0Uasu5nOF81FM0vpSVv64XjlRfxARz0TEz6ems3p5tVFbG+UTHwAYY7dPjP//nuqM/2eavoLkAIDhKY06AQDgyhn/AWD8GP8BYPwY/wFg/HTGf/+jDwDGidf/ADB+zjf+J51v9QQA/t99/8030619mH//9do7e7ubjXfur1Wbm+X67mp5tbGzXV5vNNaz7+ypn3W/WqOxvfRK7L47/83tZmuhubf/sN7Y3Wo9zL7X+2G1mF3leQQAjNIzL3zwpyQdkV+fzrboWcuhONLMgGErjDoBYGQmRp0AMDJW+4LxdYHX+KYH4Ibos0TvMaV+HxBqt9vt4aUEDNndL5j/h3HVM//vU0AwZsz/w/gy/w/jq91Ozrvmfxy/sDSM5YgBgCtgjh8Y8P7/s/n+N/mbAz9aO3nF+8PMCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAK637vq/5Xwt8NkoFMrliKciYj6KyaONWnUxIp6OiD9OFafS+tKIcwYALqrw1yRf/+vu3Muzx049f/uoOBkRP/nlW794d6XV2vlDxGTyz6nu8db7+fHKp4v81CW1AADG09S5r+yO09m+54X8RwePV7vbcHLs72/fjohSJ/7hwWQcHsW/FbeyfSmKETHzrySvdyQ9cxcX8eS9iPh8v/YnMZvNgXRWPj0Zf+KSnr+cP37hWPxCdq6zT38Wn7uEXGDcfJD2P2/0e/wV4k627//4L2U91MXl/V96q9XDrA/8OH63/5sY0P/dOW+MV3733U5p+vS59yK+eCuiG/uwp//pxk8GxH/51N1O3z/15y89/+Kg3Nq/irgb/eP3xlpo1bcXmnv79zfqK+vV9epWpbK8tLz42oNXKwvZHPXC4NHg76/fe3rQubT9MwPil85o/1cHRjzu1/99+4df+YT4X3+pX/xCPPcJ8dMx8WvnjL8y89vSoHNp/LUB7T/r93/vnPE//Mv+qWXDAYDRae7tb67UatUdhU9V6D7bvC75jEFhIvb20x/5dcnnZOFbVxVrcsBf3c9e6vxNnjjVbn+mWIN6jMuYdQOug6MHfUT8Z9TJAAAAAAAAAAAAAAAAfV3m55MGfRhu1G0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg5vpfAAAA//8Hi8oe")
listxattr(&(0x7f0000000a00)='./file1\x00', 0x0, 0x0)

1.013951169s ago: executing program 4 (id=3190):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x11, 0x80a, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'bond0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=r2, @ANYBLOB="00000000000000002400128009000100626f6e64000000001400028008000000000000000800090001"], 0x44}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x11, 0x80a, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000300)={'bond0\x00', <r5=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000010400"/20, @ANYRES32=r5, @ANYBLOB="00000000000000001c00128009000100626f6e64000000000c0002800800070003"], 0x3c}}, 0x0)
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r6, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)="2e00000010008188040f80ec59acbc0413a181000b00000000010000000000000e000a000f000000028002002d1f", 0x2e}], 0x1}, 0x0)
syz_emit_ethernet(0x42, &(0x7f0000000200)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x2b}, @link_local, @void, {@arp={0x806, @ether_ipv6={0x1, 0x86dd, 0x6, 0x10, 0x4, @broadcast, @mcast1, @local, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}}}}, 0x0)

909.558729ms ago: executing program 6 (id=3193):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0xc0ed0006, &(0x7f0000000000)={[{@jqfmt_vfsold}, {@resgid={'resgid', 0x3d, 0xee00}}, {@bh}, {@noload}, {@data_err_ignore}, {@usrjquota}]}, 0xfe, 0x444, &(0x7f0000000980)="$eJzs3MtvG8UfAPDv2nHS5y/5lfJoaCFQEBGPpEkf9MAFBBIHkJC4FHEKSVqFpg1qgkSrCAKHcESVuCOOSPwFnOCCgBMSV7ijShXKpYWT0dq7qZvYaZw4del+PtLGM96xZr67O/bsjJ0ACmso/ZNE7IuI3yOiv569vcBQ/eHmyuLk3yuLk0lUq2//ldTK3VhZnMyL5q/bW89Uq1m+r0m9y+9GTMzOTl/K8qMLFz4Ynb985YWZCxPnps9NXxw/ffrE8SO9p8ZPdiTONK4bgx/PHT70+jtX35w8c/W9n79N27sv298YR6cM1Y9uU09XOl1bd+1vSCc9XWwIbSlHRHq6KrX+3x/l2L26rz9e+6yrjQN2VLVarTb7fM4sVYH7WBLdbgHQHfkHfXr/m293aehxT7j+cv0GKI37ZrbV9/REKStTWXN/20lDEXFm6Z+v0i12aB4CAKDR9+n45/lm479SPNRQ7n/ZGspARPw/Ig5ExAMRcTAiHoyolX04Ih5ps/61KyTrxz+la1sKbJPS8d9L2drW7eO/fPQXA+Ust78WfyU5OzM7fSw7JsNR6UvzYxvU8cOrv33Ral/j+C/d0vrzsWDWjms9aybopiYWJrYTc6Prn0YM9jSLP4l8GSeJiEMRMbjFOmae/eZwq313jn8DHVhnqn4d8Uz9/C/FmvhzScv1ybEXT42fHN0Vs9PHRvOrYr1ffl1+q1X924q/A9Lzv6fp9b8a/0CyK2L+8pXztfXa+fbrWP7j85b3NFu7/mdWG9ebPX40sbBwaSyiN3lj/fPjt16b5/PyafzDR5v3/wNx60g8GhHpRXwkIh6LiMeztj8REU9GxNEN4v/plafebz/+DWblOyiNf+pO5z8az3/7ifL5H79rP/5cev5P1FLD2TObef/bbAO3c+wAAADgv6JU+w58UhpZTZdKIyP17/AfjD1LMTe/8NzZuQ8vTtW/Kz8QlVI+09XfMB86ls0N5/nxNfnj2bzxl+XdtfzI5NzsVLeDh4Lb26L/p/4sd7t1wI7zey0oLv0fikv/h+LS/6G49H8ormb9/5MutAO4+3z+Q3Hp/1Bc+j8Ul/4PhdTyt/Glbf3kf7uJpBuVSrSTiNI90Yz7P9Gz6X9mscVEX9Nd3X5nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6Ix/AwAA//+UFuN0")
chdir(0x0)
open(&(0x7f0000000040)='./bus\x00', 0x183042, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r1, &(0x7f0000000240)='t', 0x1)
sendfile(r1, r0, 0x0, 0x10001)
sendfile(r1, r0, 0x0, 0x7ffff000)
r2 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r2, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuset.memory_pressure\x00', 0x275a, 0x0)
r3 = syz_open_dev$loop(&(0x7f0000000640), 0x0, 0x22400)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000580)={0x0, {}, 0x0, {}, 0x40010001, 0x5, 0xa, 0x11, "9e959f1600007b08aa26e66c4056eae795280154c382ecff090f00000cfcebd8a6078ed93fd5f0643902dd8f6fac274de9d940bba5e51e92bbd4ce85450d00", "f625c1076e4c36c808000000000000008d347f41be5a0c00000000000100", [0xffffffffffffffff, 0x7]})
getdents(r2, &(0x7f0000001fc0)=""/184, 0xb8)

839.826749ms ago: executing program 4 (id=3194):
r0 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24, 0x24, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff2}, {0x0, 0x1}}}, 0x24}}, 0x0)
r1 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
r3 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r3, &(0x7f0000000200)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=@newtfilter={0x3c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0xfffa, 0x4}, {}, {0x1c, 0xfff9}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_ETH_TYPE={0x6, 0x8, 0x8035}]}}]}, 0x3c}}, 0x24000000)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0)

802.492999ms ago: executing program 4 (id=3196):
r0 = socket(0x1e, 0x4, 0x0)
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x3fc}, 0x10)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
sendmmsg(r0, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x4477}], 0x1}}], 0x400000000000181, 0x9200000000000000)
recvmmsg(r1, &(0x7f0000002840)=[{{0x0, 0x0, &(0x7f0000001600)=[{&(0x7f0000000480)=""/4085, 0xff5}], 0x1}}], 0x1, 0x12000, 0x0)
r2 = socket(0x1e, 0x4, 0x0)
r3 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000000040)=@req={0x3fc, 0x800000}, 0x10)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)

745.180639ms ago: executing program 2 (id=3197):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)

721.483129ms ago: executing program 2 (id=3199):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000040)={0x46, 0x200, 0x3}, 0x10)
r2 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000180)={0x42}, 0x10)
sendmsg$tipc(r2, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x18, <r3=>r0, {0x4}}, './file0\x00'})
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000340)={'batadv_slave_1\x00', <r4=>0x0})
sendmsg$xdp(r3, &(0x7f0000000680)={&(0x7f0000000380)={0x2c, 0xd, r4, 0x3}, 0x10, &(0x7f0000000640)=[{&(0x7f00000003c0)="f9a3f37785ee8b7e9ffce52380f494b7a718fcafba0dd87e6cd2faadad421fbc3c8b0ed3c047a4", 0x27}, {&(0x7f0000000440)="4c64c490ae32de717bdeddd51be082f83671c7674159ea9c054b65b008e3a2f291293d73716d5a2045461813ca43ab5870da5e754809e48c6a2783d4c3f4767155d81bf5d843e973d42c41a8f02271e270578865f1732aadbe4c5652b9aeb2fb602e8a019d31f29a6f61305140be74b309f0a5afca3e574e5276d5a057f7515946e7bae868264937385b907d01c9b0f0a957", 0x92}, {&(0x7f0000000500)="f4ba01", 0x3}, {&(0x7f0000000540)}], 0x4, 0x0, 0x0, 0x885}, 0x48000)
r5 = dup3(r1, r2, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r5, 0x0, 0x0)
setsockopt$TIPC_GROUP_LEAVE(r2, 0x10f, 0x88)

683.316339ms ago: executing program 0 (id=3200):
sendmsg$IPSET_CMD_LIST(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c00000007060108800000000405000700"/28], 0x1c}, 0x1, 0x0, 0x0, 0x20000005}, 0x80)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000fbe000)={0x0, 0x0}, 0x10)
syz_open_dev$usbfs(&(0x7f0000000080), 0x75, 0x109301)
openat(0xffffffffffffffff, 0x0, 0x8000, 0x1)
r0 = syz_io_uring_setup(0x231, &(0x7f0000000080)={0x0, 0x20000, 0x10}, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
syz_io_uring_submit(r1, r2, 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x35, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000200), 0x800)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r3, 0x4058534c, &(0x7f0000000180)={0x80, 0x2b, 0x3})
io_uring_enter(r0, 0x7a98, 0x0, 0x0, 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={0xffffffffffffffff, 0xfca804a0, 0x0, 0x0, 0x0, 0x0, 0x5ee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xa}, 0x50)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1000000004000000080000000500000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000100000000000000000"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r5}, &(0x7f0000000000), &(0x7f0000000040)=r6}, 0x20)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000240)={r6}, 0x57)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r7, 0x8933, &(0x7f0000000040)={'batadv0\x00', <r8=>0x0})
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=@setlink={0x3c, 0x13, 0x1, 0x0, 0x0, {}, [@IFLA_MASTER={0x8, 0xa, r8}, @IFLA_ALT_IFNAME={0x14, 0x35, 'dummy0\x00'}]}, 0x3c}}, 0x0)
r9 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r9, 0x8922, &(0x7f0000000080)={'dummy0\x00'})
r10 = socket(0x10, 0x3, 0x6)
r11 = socket(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r10, 0x8933, &(0x7f0000000600)={'team0\x00', <r12=>0x0})
sendmsg$nl_route_sched(r11, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x88, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r12, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x2, [], 0x0, [0x4, 0x2, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3dc], [0x0, 0x4]}}}}]}, 0x88}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a680000000202050000000000000000000000000008000240000000000900010073797a30000000000c00044000000000000000050c0004400000000000000001080002400000000308000240000000020900010073797a31000000000900010073797a300000000014000000020a0108000000000000000001000007140000001100010000000000000000000000000a"], 0xa4}}, 0x0)
r13 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000280)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x48, 0xffffffffffffffff)
add_key$fscrypt_v1(&(0x7f0000000400), &(0x7f0000000440)={'fscrypt:', @desc2}, &(0x7f0000000480)={0x0, "6035ae1e0fe721441700322225930e6c1e3e2a51a92fd796bc34d7cf6e0236805b4377f7ab1a9b01c103a4c6de6269613800"}, 0x48, 0xfffffffffffffffd)
keyctl$invalidate(0x15, r13)

614.174499ms ago: executing program 3 (id=3201):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="3c0000006800010000000000000000000a0000000000002a060007000400000008000500", @ANYRES32, @ANYBLOB="1400088010"], 0x3c}}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, 0x0)
bind$can_raw(r2, &(0x7f0000000040), 0x10)
setsockopt$CAN_RAW_ERR_FILTER(r2, 0x65, 0x2, &(0x7f00000000c0), 0x4)
accept$inet(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000480)='ext4\x00', &(0x7f0000000200)='./file0\x00', 0x3000006, &(0x7f0000000040)={[{@discard}, {@abort}, {@block_validity}, {@init_itable_val={'init_itable', 0x3d, 0x6}}, {@usrjquota}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1ff}}, {@nobh}, {}, {@orlov}, {@user_xattr}, {@init_itable_val={'init_itable', 0x3d, 0x400}}]}, 0x1, 0x556, &(0x7f0000001100)="$eJzs3d1rW+UfAPDvSdu9/37rYAwVkcIunMyltvVlghfzUnQ40PsZ2rMymi6jScdaB24X7sYbGYKIA/Fe770c/gP+FQMtDBlFL7ypnPSky9akybL0ZebzgbM9zzknfc4353yfPCdPQgIYWGPZP4WIFyPi6yTiaNO24cg3jq3vt/rwxnS2JLG29smfSST5usb+Sf7/4bzyQkT8+mXE6cLmdqtLy3OlcjldyOvjtfmr49Wl5TOX50uz6Wx6ZXJq6uxbU5PvvvN232J97cLf331874OzX51c/fbnlWN3kjgXR/JtzXE8g5vNlbEYy5+TkTj3xI4TfWhsL0l2+wDoyVCe5yOR9QFHYyjPeuC/74uIWAMGVCL/YUA1xgGNe/s+3Qc/Nx68v34DtDn+4fX3RuJA/d7o0Gry2J1Rdr872of2szZ++ePunWyJ/r0PAdDRzVsRK0PDw5v7vyTv/3r3Rhf7PNmG/g92zr1s/PN6q/FPYWP8Ey3GP4db5G4vOud/YaUPzbSVjf/eazn+3Zi0Gh3Ka/+rj/lGkkuXy2nWt/0/Ik7FyP6svtV8ztnV+2vttjWP/7Ila78xFsyPY2V4/+OPmSnVSs8Sc7MHtyJeajn+TTbOf9Li/GfPx4Uu2ziR3n2l3bbO8W+vtR8jXm15/h/NaCVbz0+O16+H8cZVsdlft0/81q793Y4/O/+Hto5/NGmer60+fRs/HPgnbbet1+t/X/JpvbwvX3e9VKstTETsSz7avH7y0WMb9cb+WfynTm7d/7W6/g9GxGddxn/7+E8v9x7/9srin3mq8//0hfsffv59u/a7O/9v1kun8jXd9H/dHuCzPHcAAAAAAACw1xQi4kgkheJGuVAoFtc/33E8DhXKlWrt9KXK4pWZqH9XdjRGCo2Z7qNNn4eYyD8P26hPPlGfiohjEfHN0MF6vThdKc/sdvAAAAAAAAAAAAAAAAAAAACwRxxu8/3/zO9Du310wLbzk98wuDrmfz9+6QnYk7z+w+CS/zC45D8MLvkPg0v+w+DqkP/JTh0HsPO8/sPgkv8AAAAAAAAAAAAAAAAAAAAAAAAAAADQVxfOn8+WtdWHN6az+sy1pcW5yrUzM2l1rji/OF2crixcLc5WKrPltDhdme/098qVytWJyVi8Pl5Lq7Xx6tLyxfnK4pXaxcvzpdn0YjqyI1EBAAAAAAAAAAAAAAAAAADA86W6tDxXKpfTBQWFngrDe+MwFPpc2O2eCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAe+TcAAP//Z7w5Vw==")
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000e8ff0000000000ff000044850000000e0000003f0000000000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000340)='kfree\x00', r3}, 0x18)
r4 = fsopen(&(0x7f0000000400)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000240)=',-\x10*\x00', &(0x7f0000000380)='$\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r4, 0x5, &(0x7f00000005c0)='dE\x00', 0x0, r4)
fsconfig$FSCONFIG_SET_BINARY(r4, 0x2, &(0x7f0000000580)='\xa3\x04\x00', &(0x7f00000003c0)="c5", 0x1)
close(r4)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000080000000800000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
recvmsg$can_raw(0xffffffffffffffff, &(0x7f0000000b40)={&(0x7f0000000600)=@vsock={0x28, 0x0, 0x0, @hyper}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000140)}, {&(0x7f0000001680)=""/4096, 0x1000}, {&(0x7f0000000440)=""/35, 0x23}, {&(0x7f0000000680)=""/169, 0xa9}, {&(0x7f0000000740)=""/160, 0xa0}, {&(0x7f0000000800)=""/170, 0xaa}, {&(0x7f0000000a40)=""/231, 0xe7}], 0x7, &(0x7f00000008c0)=""/49, 0x31}, 0x120)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = dup(r5)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x4000000000000, 0x4, 0x0, 0x0)
r7 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ANNOUNCE(0xffffffffffffffff, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r7, @ANYBLOB="02002cbd7000ffdbdf25b930d1ac29337c1ee178c90800000055759972fba2d3231589b47dbc20e86ce151435f499a0a9a845368dc9827ddecb9a6068cc2cec82cbabaed9d71e6a7068d219fbc6f1195716f04f4839de5b4cd8e7f1df5d79b9155cc7c60c65793c63228f8f778a43bff0f46787999bc87ebb2f41735371303"], 0x14}, 0x1, 0x0, 0x0, 0x8004}, 0x20000000)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r6, &(0x7f0000000340)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x50, r7, 0x400, 0x70bd25, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x8}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x1}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x50}]}, 0x50}}, 0x80)
r8 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r8, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x1200, 0x0, 0x3)

613.929679ms ago: executing program 2 (id=3202):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_SCAN(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB, @ANYRES16=r1, @ANYBLOB="0107000000000000000020000000040003"], 0x1c}, 0x1, 0x0, 0x0, 0x8041}, 0x0)

515.890229ms ago: executing program 2 (id=3203):
gettid()
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, 0x0, 0x0)
r1 = io_uring_setup(0x3256, &(0x7f0000000240)={0x0, 0xede7, 0x20, 0x1, 0xa2})
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r1, 0x13, &(0x7f00000002c0)=[0x40, 0x6], 0x2)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r0, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x0, 0x200000, 0x0, 0xffff, 0xffffffff}}}}, @TCA_RATE={0x6, 0x5, {0x40, 0xf}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x3, 0x9, 0x6, 0x3, 0x1, 0x9, 0x4}}, {0x4}}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x1a3e87981a1f578a}, 0x0)
ioctl$sock_inet6_SIOCSIFDSTADDR(r0, 0x8918, &(0x7f0000000300)={@remote, 0x62, r4})
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0x0, 0x0, 0x14}, 0x0)
read(r0, &(0x7f0000000140)=""/228, 0xe4)

271.77835ms ago: executing program 0 (id=3204):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES64=<r1=>r0, @ANYBLOB="0000000000000000b7020000000007008500000086000000f15cfbd16a0d6a295f034fb1b6d8458c252f6e3417f663002c0bdc"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4b, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
pipe(&(0x7f0000005880)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
fsetxattr$security_selinux(r2, &(0x7f00000000c0), &(0x7f0000000040)='system_u:object_r:dhcp_state_t:s0\x00', 0x1e, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f00001fa000/0x1000)=nil, 0x1000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r6, &(0x7f0000000040)={0x2, 0x4e21, @empty}, 0x10)
connect$inet(r6, &(0x7f0000000140)={0x2, 0x4e21, @empty}, 0x10)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYRES32=r1, @ANYRESOCT, @ANYBLOB, @ANYRES32=0x0, @ANYRES32=r3, @ANYRES8], 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7020000140000474c358c9021aff35bee106b0083000000bf090000000000005509010000000000950000000000b5c60000bf91000000000000b7020000000000008500000084000000b700000000000000950000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r8}, 0x10)
sendto$inet(r6, &(0x7f00000026c0)='?', 0xc574, 0x0, 0x0, 0x0)

238.71429ms ago: executing program 3 (id=3205):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0x80, &(0x7f0000000800), 0xfd, 0x525, &(0x7f0000000a40)="$eJzs3c9vI1cdAPDvOOvEyaZNWnoABO3SFha0WifxtlHVA5QTQqgSokeQtiHxRlHsOIqd0oQ9bM9ckajECY78AZx74s4FwY1LOSDxIwI1SByMZjxOncRu0iaOQ/z5SKN5b2Z2vt+XxO/Zz2u/AMbWnYh4EhGTEfF2RMzlx5N8izc6W3rdRwePVw8PHq8m0W6/9Y8kO58ei55/k7qd37MUET/4TsSPk9Nxm3v7myu1WnUnry+06tsLzb39+xv1lfXqenWrUlleWl587cGrlUtr6wv1ybz05Q9//+QbP03Tms2P9LbjMnWaXjyKk7oVEd8bRrARmMjbMznqRPhMChHxbES8mD3+52Ii+20CADdZuz0X7bneOgBw0xWyObCkUM7nAmajUCiXO3N4z8VModZotu49auxurXXmyuajWHi0Uasu5nOF81FM0vpSVv64XjlRfxARz0TEz6ems3p5tVFbG+UTHwAYY7dPjP//nuqM/2eavoLkAIDhKY06AQDgyhn/AWD8GP8BYPwY/wFg/HTGf/+jDwDGidf/ADB+zjf+J51v9QQA/t99/8030619mH//9do7e7ubjXfur1Wbm+X67mp5tbGzXV5vNNaz7+ypn3W/WqOxvfRK7L47/83tZmuhubf/sN7Y3Wo9zL7X+2G1mF3leQQAjNIzL3zwpyQdkV+fzrboWcuhONLMgGErjDoBYGQmRp0AMDJW+4LxdYHX+KYH4Ibos0TvMaV+HxBqt9vt4aUEDNndL5j/h3HVM//vU0AwZsz/w/gy/w/jq91Ozrvmfxy/sDSM5YgBgCtgjh8Y8P7/s/n+N/mbAz9aO3nF+8PMCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAK637vq/5Xwt8NkoFMrliKciYj6KyaONWnUxIp6OiD9OFafS+tKIcwYALqrw1yRf/+vu3Muzx049f/uoOBkRP/nlW794d6XV2vlDxGTyz6nu8db7+fHKp4v81CW1AADG09S5r+yO09m+54X8RwePV7vbcHLs72/fjohSJ/7hwWQcHsW/FbeyfSmKETHzrySvdyQ9cxcX8eS9iPh8v/YnMZvNgXRWPj0Zf+KSnr+cP37hWPxCdq6zT38Wn7uEXGDcfJD2P2/0e/wV4k627//4L2U91MXl/V96q9XDrA/8OH63/5sY0P/dOW+MV3733U5p+vS59yK+eCuiG/uwp//pxk8GxH/51N1O3z/15y89/+Kg3Nq/irgb/eP3xlpo1bcXmnv79zfqK+vV9epWpbK8tLz42oNXKwvZHPXC4NHg76/fe3rQubT9MwPil85o/1cHRjzu1/99+4df+YT4X3+pX/xCPPcJ8dMx8WvnjL8y89vSoHNp/LUB7T/r93/vnPE//Mv+qWXDAYDRae7tb67UatUdhU9V6D7bvC75jEFhIvb20x/5dcnnZOFbVxVrcsBf3c9e6vxNnjjVbn+mWIN6jMuYdQOug6MHfUT8Z9TJAAAAAAAAAAAAAAAAfV3m55MGfRhu1G0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg5vpfAAAA//8Hi8oe")
listxattr(&(0x7f0000000a00)='./file1\x00', 0x0, 0x0)

161.18505ms ago: executing program 3 (id=3206):
r0 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000c80)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xffe0}, {0xffff, 0xffff}, {0xd}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0x10, 0x3, 0x1, 0x1}}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x51}, 0x20040000)
r4 = socket$inet_dccp(0x2, 0x6, 0x0)
listen(r0, 0x5)
accept4(r0, 0x0, 0x0, 0x80800)
setsockopt$sock_linger(r4, 0x1, 0xd, &(0x7f0000000040)={0x1, 0x1}, 0x8)
connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e20, @dev}, 0x10)
sendmmsg(r4, &(0x7f0000002980), 0x400000000000239, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

77.26805ms ago: executing program 3 (id=3207):
gettid()
connect$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
r0 = io_uring_setup(0x3256, &(0x7f0000000240)={0x0, 0xede7, 0x20, 0x1, 0xa2})
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r0, 0x13, &(0x7f00000002c0)=[0x40, 0x6], 0x2)
bind$inet(0xffffffffffffffff, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x0, 0x200000, 0x0, 0xffff, 0xffffffff}}}}, @TCA_RATE={0x6, 0x5, {0x40, 0xf}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x3, 0x9, 0x6, 0x3, 0x1, 0x9, 0x4}}, {0x4}}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x1a3e87981a1f578a}, 0x0)
ioctl$sock_inet6_SIOCSIFDSTADDR(0xffffffffffffffff, 0x8918, &(0x7f0000000300)={@remote, 0x62, r3})
read(0xffffffffffffffff, &(0x7f0000000140)=""/228, 0xe4)

42.12278ms ago: executing program 3 (id=3208):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB='\n'], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c30000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1, 0x0, 0x3}, 0x18)
futex(0x0, 0x85, 0x0, 0x0, 0x0, 0xa0090199)

0s ago: executing program 3 (id=3209):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)

kernel console output (not intermixed with test programs):

r helper that may corrupt user memory!
[  141.628202][T10471] syz.3.2515[10471] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  141.690266][   T29] kauditd_printk_skb: 498 callbacks suppressed
[  141.690284][   T29] audit: type=1326 audit(1733318312.899:12623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10473 comm="syz.6.2518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c134fff19 code=0x7ffc0000
[  141.732674][   T29] audit: type=1326 audit(1733318312.899:12624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10473 comm="syz.6.2518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7f3c134fff19 code=0x7ffc0000
[  141.756716][   T29] audit: type=1326 audit(1733318312.899:12625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10473 comm="syz.6.2518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c134fff19 code=0x7ffc0000
[  141.760204][T10475] netlink: 100 bytes leftover after parsing attributes in process `syz.2.2516'.
[  141.780323][   T29] audit: type=1326 audit(1733318312.909:12626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10473 comm="syz.6.2518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7f3c134fff19 code=0x7ffc0000
[  141.813009][   T29] audit: type=1326 audit(1733318312.909:12627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10473 comm="syz.6.2518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c134fff19 code=0x7ffc0000
[  141.836732][   T29] audit: type=1326 audit(1733318312.909:12628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10473 comm="syz.6.2518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=276 compat=0 ip=0x7f3c134fff19 code=0x7ffc0000
[  141.860360][   T29] audit: type=1326 audit(1733318312.909:12629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10469 comm="syz.3.2515" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e3dc7ff19 code=0x7ffc0000
[  141.860402][   T29] audit: type=1326 audit(1733318312.909:12630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10469 comm="syz.3.2515" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f0e3dc7ff19 code=0x7ffc0000
[  141.860477][   T29] audit: type=1326 audit(1733318312.909:12631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10469 comm="syz.3.2515" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e3dc7ff19 code=0x7ffc0000
[  141.860516][   T29] audit: type=1326 audit(1733318312.909:12632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10469 comm="syz.3.2515" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f0e3dc7ff19 code=0x7ffc0000
[  141.896914][T10480] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  141.906275][T10480] loop6: detected capacity change from 0 to 1024
[  141.906750][T10480] EXT4-fs: Ignoring removed oldalloc option
[  141.934197][T10480] EXT4-fs (loop6): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  141.946966][T10484] loop3: detected capacity change from 0 to 1024
[  142.023662][T10484] EXT4-fs: Ignoring removed nobh option
[  142.029443][T10484] EXT4-fs: Ignoring removed orlov option
[  142.085860][T10491] loop2: detected capacity change from 0 to 1024
[  142.112242][T10499] loop0: detected capacity change from 0 to 512
[  142.171999][T10502] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2526'.
[  142.219928][T10506] FAULT_INJECTION: forcing a failure.
[  142.219928][T10506] name failslab, interval 1, probability 0, space 0, times 0
[  142.233160][T10506] CPU: 0 UID: 0 PID: 10506 Comm: syz.6.2527 Not tainted 6.13.0-rc1-syzkaller-00025-gfeffde684ac2 #0
[  142.244035][T10506] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  142.254141][T10506] Call Trace:
[  142.257444][T10506]  <TASK>
[  142.260385][T10506]  dump_stack_lvl+0xf2/0x150
[  142.265031][T10506]  dump_stack+0x15/0x1a
[  142.269272][T10506]  should_fail_ex+0x223/0x230
[  142.273988][T10506]  should_failslab+0x8f/0xb0
[  142.278674][T10506]  kmem_cache_alloc_node_noprof+0x59/0x320
[  142.284579][T10506]  ? __alloc_skb+0x10b/0x310
[  142.289215][T10506]  __alloc_skb+0x10b/0x310
[  142.293678][T10506]  netlink_alloc_large_skb+0xad/0xe0
[  142.299073][T10506]  netlink_sendmsg+0x3b4/0x6e0
[  142.303880][T10506]  ? __pfx_netlink_sendmsg+0x10/0x10
[  142.309285][T10506]  __sock_sendmsg+0x140/0x180
[  142.314009][T10506]  ____sys_sendmsg+0x312/0x410
[  142.314494][T10509] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  142.318796][T10506]  __sys_sendmsg+0x19d/0x230
[  142.318846][T10506]  __x64_sys_sendmsg+0x46/0x50
[  142.335909][T10506]  x64_sys_call+0x2734/0x2dc0
[  142.340668][T10506]  do_syscall_64+0xc9/0x1c0
[  142.345275][T10506]  ? clear_bhb_loop+0x55/0xb0
[  142.349994][T10506]  ? clear_bhb_loop+0x55/0xb0
[  142.354737][T10506]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  142.354888][T10511] syz.4.2531[10511] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  142.360732][T10506] RIP: 0033:0x7f3c134fff19
[  142.360756][T10506] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  142.377172][T10511] syz.4.2531[10511] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  142.396126][T10506] RSP: 002b:00007f3c11b77058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  142.396162][T10506] RAX: ffffffffffffffda RBX: 00007f3c136c5fa0 RCX: 00007f3c134fff19
[  142.396178][T10506] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 0000000000000003
[  142.396193][T10506] RBP: 00007f3c11b770a0 R08: 0000000000000000 R09: 0000000000000000
[  142.396208][T10506] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  142.396221][T10506] R13: 0000000000000000 R14: 00007f3c136c5fa0 R15: 00007ffe1e03c868
[  142.396246][T10506]  </TASK>
[  142.448350][T10514] batman_adv: batadv0: Interface deactivated: dummy0
[  142.453421][T10511] syz.4.2531[10511] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  142.458491][T10514] batman_adv: batadv0: Removing interface: dummy0
[  142.499448][T10517] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  142.510002][T10499] ext4 filesystem being mounted at /439/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  142.512216][T10517] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  142.535470][T10514] bridge_slave_0: left allmulticast mode
[  142.541973][T10514] bridge_slave_0: left promiscuous mode
[  142.548416][T10514] bridge0: port 1(bridge_slave_0) entered disabled state
[  142.558847][T10514] bridge_slave_1: left allmulticast mode
[  142.564590][T10514] bridge_slave_1: left promiscuous mode
[  142.570420][T10514] bridge0: port 2(bridge_slave_1) entered disabled state
[  142.583589][T10514] 
: (slave bond_slave_0): Releasing backup interface
[  142.612796][T10514] 
: (slave bond_slave_1): Releasing backup interface
[  142.628207][T10514] team0: Port device team_slave_0 removed
[  142.643159][T10525] loop0: detected capacity change from 0 to 1024
[  142.652462][T10525] EXT4-fs: Ignoring removed nomblk_io_submit option
[  142.663016][T10514] team0: Port device team_slave_1 removed
[  142.670814][T10525] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  142.673878][T10514] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  142.688741][T10514] batman_adv: batadv0: Removing interface: batadv_slave_0
[  142.706345][T10514] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  142.713874][T10514] batman_adv: batadv0: Removing interface: batadv_slave_1
[  142.791523][T10534] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  142.817855][T10534] loop2: detected capacity change from 0 to 1024
[  142.827826][T10525] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  142.848301][T10534] EXT4-fs: Ignoring removed oldalloc option
[  142.855995][T10534] EXT4-fs (loop2): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  142.917035][T10544] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2540'.
[  142.926432][T10544] IPVS: Error joining to the multicast group
[  142.992229][T10549] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2542'.
[  143.016259][T10549] loop2: detected capacity change from 0 to 1024
[  143.020758][T10547] loop0: detected capacity change from 0 to 8192
[  143.029368][T10549] EXT4-fs: Ignoring removed nobh option
[  143.034974][T10549] EXT4-fs: Ignoring removed orlov option
[  143.109653][T10554] loop6: detected capacity change from 0 to 512
[  143.170215][T10554] ext4 filesystem being mounted at /254/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  143.398160][T10572] syz.2.2548[10572] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  143.398263][T10572] syz.2.2548[10572] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  143.410905][T10572] syz.2.2548[10572] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  143.438865][T10572] bridge_slave_0: left allmulticast mode
[  143.455943][T10572] bridge_slave_0: left promiscuous mode
[  143.461751][T10572] bridge0: port 1(bridge_slave_0) entered disabled state
[  143.472759][T10572] bridge_slave_1: left allmulticast mode
[  143.478634][T10572] bridge_slave_1: left promiscuous mode
[  143.484499][T10572] bridge0: port 2(bridge_slave_1) entered disabled state
[  143.496563][T10572] 
: (slave bond_slave_0): Releasing backup interface
[  143.506645][T10576] syz.3.2551[10576] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  143.507847][T10572] 
: (slave bond_slave_1): Releasing backup interface
[  143.533874][T10572] team0: Port device team_slave_0 removed
[  143.544416][T10572] team0: Port device team_slave_1 removed
[  143.554613][T10572] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  143.562145][T10572] batman_adv: batadv0: Removing interface: batadv_slave_0
[  143.571596][T10572] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  143.579233][T10572] batman_adv: batadv0: Removing interface: batadv_slave_1
[  143.644476][T10583] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  143.662677][T10583] loop6: detected capacity change from 0 to 1024
[  143.670031][T10583] EXT4-fs: Ignoring removed oldalloc option
[  143.682901][T10583] EXT4-fs (loop6): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  143.700199][T10586] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  143.714630][T10586] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  143.837915][T10593] loop3: detected capacity change from 0 to 1024
[  143.931742][T10598] netlink: 16402 bytes leftover after parsing attributes in process `�&/�'.
[  143.972516][T10593] loop3: detected capacity change from 0 to 1024
[  144.001044][T10593] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  144.016528][T10606] loop0: detected capacity change from 0 to 512
[  144.066192][T10606] ext4 filesystem being mounted at /445/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  144.081283][T10614] futex_wake_op: syz.4.2561 tries to shift op by 144; fix this program
[  144.115807][T10616] SELinux:  Context u:r:untrusted_app:s0:c512,c768 is not valid (left unmapped).
[  144.181113][T10620] loop3: detected capacity change from 0 to 1024
[  144.188297][T10620] EXT4-fs: Ignoring removed nobh option
[  144.193932][T10620] EXT4-fs: Ignoring removed orlov option
[  144.220908][T10623] loop0: detected capacity change from 0 to 512
[  144.240674][T10625] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  144.279537][T10623] ext4 filesystem being mounted at /446/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  144.302728][T10625] loop6: detected capacity change from 0 to 1024
[  144.311849][T10625] EXT4-fs: Ignoring removed oldalloc option
[  144.346760][T10634] IPVS: Error joining to the multicast group
[  144.346771][T10625] EXT4-fs (loop6): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  144.527986][T10651] futex_wake_op: syz.0.2575 tries to shift op by 144; fix this program
[  144.579614][T10657] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  144.621533][T10662] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  144.632532][T10660] loop3: detected capacity change from 0 to 1024
[  144.633057][T10662] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  144.640462][T10660] EXT4-fs: Ignoring removed nomblk_io_submit option
[  144.654874][T10660] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  144.660083][T10663] __nla_validate_parse: 3 callbacks suppressed
[  144.660101][T10663] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2576'.
[  144.684251][T10663] netlink: 'syz.0.2576': attribute type 10 has an invalid length.
[  144.763646][T10660] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  144.904606][T10672] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2580'.
[  144.915648][T10672] netlink: 'syz.3.2580': attribute type 10 has an invalid length.
[  144.925373][T10672] veth0_macvtap: entered promiscuous mode
[  144.932866][T10672] team0: Device macvtap0 failed to register rx_handler
[  144.940008][T10672] veth0_macvtap: left promiscuous mode
[  145.002550][T10677] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  145.195155][T10680] netlink: 16402 bytes leftover after parsing attributes in process `�&/�'.
[  145.244533][T10684] futex_wake_op: syz.6.2586 tries to shift op by 144; fix this program
[  145.316107][T10691] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  145.372009][T10696] netlink: 44 bytes leftover after parsing attributes in process `syz.6.2591'.
[  145.384162][T10698] loop2: detected capacity change from 0 to 512
[  145.422436][T10698] EXT4-fs error (device loop2): ext4_acquire_dquot:6938: comm syz.2.2592: Failed to acquire dquot type 1
[  145.427991][T10702] loop6: detected capacity change from 0 to 1024
[  145.441869][T10702] EXT4-fs: Ignoring removed nobh option
[  145.447477][T10702] EXT4-fs: Ignoring removed orlov option
[  145.462758][T10705] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  145.470841][T10698] EXT4-fs (loop2): 1 truncate cleaned up
[  145.478461][T10705] loop0: detected capacity change from 0 to 1024
[  145.485331][T10698] ext4 filesystem being mounted at /552/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  145.490372][T10705] EXT4-fs: Ignoring removed oldalloc option
[  145.509014][T10705] EXT4-fs (loop0): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  145.527614][T10698] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2592'.
[  145.602879][T10715] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  145.637166][T10715] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  145.658812][T10718] netlink: 16402 bytes leftover after parsing attributes in process `�&/�'.
[  145.784725][T10730] futex_wake_op: syz.6.2601 tries to shift op by 144; fix this program
[  145.798399][T10731] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2598'.
[  145.827727][T10733] tipc: Started in network mode
[  145.833072][T10733] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[  145.842622][T10733] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  145.877294][T10737] netlink: 60 bytes leftover after parsing attributes in process `syz.6.2604'.
[  145.893446][T10737] netlink: 'syz.6.2604': attribute type 10 has an invalid length.
[  145.901574][T10737] veth0_macvtap: entered promiscuous mode
[  145.909779][T10737] team0: Device macvtap0 failed to register rx_handler
[  145.916916][T10737] veth0_macvtap: left promiscuous mode
[  145.993123][T10745] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  146.008411][T10745] loop6: detected capacity change from 0 to 1024
[  146.017460][T10745] EXT4-fs: Ignoring removed oldalloc option
[  146.025079][T10745] EXT4-fs (loop6): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  146.034070][T10748] netlink: 16402 bytes leftover after parsing attributes in process `�&/�'.
[  146.186733][T10753] loop3: detected capacity change from 0 to 1024
[  146.194172][T10753] EXT4-fs: Ignoring removed oldalloc option
[  146.202461][T10753] EXT4-fs (loop3): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  146.295233][T10763] futex_wake_op: syz.2.2613 tries to shift op by 144; fix this program
[  146.525906][ T1094] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x4
[  146.533873][ T1094] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x2
[  146.541771][ T1094] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x3
[  146.561082][ T1094] hid-generic 0000:3000000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  146.589021][T10782] netlink: 16402 bytes leftover after parsing attributes in process `�&/�'.
[  146.631585][T10784] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  146.678134][T10789] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  146.689689][T10784] loop0: detected capacity change from 0 to 1024
[  146.703214][T10789] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  146.711268][T10784] EXT4-fs: Ignoring removed oldalloc option
[  146.729714][T10784] EXT4-fs (loop0): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  146.741241][T10791] futex_wake_op: syz.2.2624 tries to shift op by 144; fix this program
[  146.805677][   T29] kauditd_printk_skb: 590 callbacks suppressed
[  146.805694][   T29] audit: type=1326 audit(1733318318.009:13221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10795 comm="syz.2.2625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff997dfff19 code=0x7ffc0000
[  146.836054][   T29] audit: type=1326 audit(1733318318.009:13222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10795 comm="syz.2.2625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=6 compat=0 ip=0x7ff997dfff19 code=0x7ffc0000
[  146.859624][   T29] audit: type=1326 audit(1733318318.009:13223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10795 comm="syz.2.2625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff997dfff19 code=0x7ffc0000
[  146.883305][   T29] audit: type=1326 audit(1733318318.009:13224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10795 comm="syz.2.2625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=266 compat=0 ip=0x7ff997dfff19 code=0x7ffc0000
[  146.907089][   T29] audit: type=1326 audit(1733318318.009:13225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10795 comm="syz.2.2625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff997dfff19 code=0x7ffc0000
[  146.930757][   T29] audit: type=1326 audit(1733318318.009:13226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10795 comm="syz.2.2625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff997dfff19 code=0x7ffc0000
[  146.954532][   T29] audit: type=1326 audit(1733318318.009:13227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10795 comm="syz.2.2625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=179 compat=0 ip=0x7ff997dfff19 code=0x7ffc0000
[  146.978277][   T29] audit: type=1326 audit(1733318318.009:13228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10795 comm="syz.2.2625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff997dfff19 code=0x7ffc0000
[  147.001868][   T29] audit: type=1326 audit(1733318318.039:13229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10795 comm="syz.2.2625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff997dfff19 code=0x7ffc0000
[  147.025577][   T29] audit: type=1326 audit(1733318318.039:13230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10795 comm="syz.2.2625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7ff997dfff19 code=0x7ffc0000
[  147.176963][T10804] bpf_get_probe_write_proto: 5 callbacks suppressed
[  147.176981][T10804] syz.6.2628[10804] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  147.184015][T10804] syz.6.2628[10804] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  147.195584][T10804] syz.6.2628[10804] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  147.373788][T10823] futex_wake_op: syz.6.2635 tries to shift op by 144; fix this program
[  147.408506][T10811] FAULT_INJECTION: forcing a failure.
[  147.408506][T10811] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  147.421821][T10811] CPU: 0 UID: 0 PID: 10811 Comm: syz.2.2631 Not tainted 6.13.0-rc1-syzkaller-00025-gfeffde684ac2 #0
[  147.432753][T10811] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  147.442833][T10811] Call Trace:
[  147.446127][T10811]  <TASK>
[  147.449078][T10811]  dump_stack_lvl+0xf2/0x150
[  147.453765][T10811]  dump_stack+0x15/0x1a
[  147.457964][T10811]  should_fail_ex+0x223/0x230
[  147.462722][T10811]  should_fail+0xb/0x10
[  147.466905][T10811]  should_fail_usercopy+0x1a/0x20
[  147.471956][T10811]  _copy_from_user+0x1e/0xb0
[  147.476699][T10811]  restore_altstack+0x48/0xd0
[  147.481456][T10811]  __do_sys_rt_sigreturn+0xd7/0x160
[  147.486694][T10811]  x64_sys_call+0x2982/0x2dc0
[  147.491418][T10811]  do_syscall_64+0xc9/0x1c0
[  147.495928][T10811]  ? clear_bhb_loop+0x55/0xb0
[  147.500641][T10811]  ? clear_bhb_loop+0x55/0xb0
[  147.505459][T10811]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.511413][T10811] RIP: 0033:0x7ff997d9c129
[  147.515912][T10811] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25
[  147.535533][T10811] RSP: 002b:00007ff996476ac0 EFLAGS: 00000246 ORIG_RAX: 000000000000000f
[  147.543975][T10811] RAX: ffffffffffffffda RBX: 00007ff997fc5fa0 RCX: 00007ff997d9c129
[  147.551971][T10811] RDX: 00007ff996476ac0 RSI: 00007ff996476bf0 RDI: 0000000000000011
[  147.559954][T10811] RBP: 00007ff9964770a0 R08: 0000000000000000 R09: 0000000000000000
[  147.568089][T10811] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  147.576139][T10811] R13: 0000000000000000 R14: 00007ff997fc5fa0 R15: 00007ffc5d51ae98
[  147.584167][T10811]  </TASK>
[  147.673288][T10838] syz.2.2642[10838] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  147.673369][T10838] syz.2.2642[10838] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  147.690099][T10838] syz.2.2642[10838] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  148.042826][T10855] futex_wake_op: syz.2.2647 tries to shift op by 144; fix this program
[  148.164799][T10859] FAULT_INJECTION: forcing a failure.
[  148.164799][T10859] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  148.178275][T10859] CPU: 0 UID: 0 PID: 10859 Comm: syz.0.2650 Not tainted 6.13.0-rc1-syzkaller-00025-gfeffde684ac2 #0
[  148.189065][T10859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  148.199146][T10859] Call Trace:
[  148.202491][T10859]  <TASK>
[  148.205451][T10859]  dump_stack_lvl+0xf2/0x150
[  148.210109][T10859]  dump_stack+0x15/0x1a
[  148.214307][T10859]  should_fail_ex+0x223/0x230
[  148.219086][T10859]  should_fail+0xb/0x10
[  148.223269][T10859]  should_fail_usercopy+0x1a/0x20
[  148.228327][T10859]  _copy_from_user+0x1e/0xb0
[  148.232955][T10859]  move_addr_to_kernel+0x82/0x120
[  148.238018][T10859]  __sys_sendto+0x12e/0x230
[  148.242553][T10859]  __x64_sys_sendto+0x78/0x90
[  148.247252][T10859]  x64_sys_call+0x29fa/0x2dc0
[  148.251972][T10859]  do_syscall_64+0xc9/0x1c0
[  148.256496][T10859]  ? clear_bhb_loop+0x55/0xb0
[  148.261202][T10859]  ? clear_bhb_loop+0x55/0xb0
[  148.265906][T10859]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.271878][T10859] RIP: 0033:0x7f6ddfb7ff19
[  148.276388][T10859] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  148.296048][T10859] RSP: 002b:00007f6dde1f7058 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  148.304529][T10859] RAX: ffffffffffffffda RBX: 00007f6ddfd45fa0 RCX: 00007f6ddfb7ff19
[  148.312580][T10859] RDX: 000000000000000e RSI: 00000000200002c0 RDI: 0000000000000003
[  148.320585][T10859] RBP: 00007f6dde1f70a0 R08: 0000000020000140 R09: 0000000000000014
[  148.328605][T10859] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  148.336683][T10859] R13: 0000000000000000 R14: 00007f6ddfd45fa0 R15: 00007ffee3af6ac8
[  148.344689][T10859]  </TASK>
[  148.415623][T10867] loop3: detected capacity change from 0 to 512
[  148.458952][T10867] ext4 filesystem being mounted at /538/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  148.551932][T10871] loop6: detected capacity change from 0 to 1024
[  148.596361][T10871] EXT4-fs: Ignoring removed nobh option
[  148.602129][T10871] EXT4-fs: Ignoring removed orlov option
[  148.808199][T10885] loop3: detected capacity change from 0 to 1024
[  148.915525][T10894] futex_wake_op: syz.6.2662 tries to shift op by 144; fix this program
[  149.020094][    T8] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x4
[  149.027927][    T8] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x2
[  149.048640][    T8] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x3
[  149.067599][T10902] loop6: detected capacity change from 0 to 1024
[  149.074585][    T8] hid-generic 0000:3000000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  149.095305][T10902] EXT4-fs: Ignoring removed nobh option
[  149.101141][T10902] EXT4-fs: Ignoring removed orlov option
[  149.194209][T10907] loop3: detected capacity change from 0 to 764
[  149.216491][T10907] iso9660: Unknown parameter '0xffffffffffffffff�����W�C�0���nZ�#���OpfB���!�W'
[  149.279625][T10907] netlink: 'syz.3.2667': attribute type 10 has an invalid length.
[  149.335746][T10907] loop3: detected capacity change from 0 to 2048
[  149.391468][T10907]  loop3: p1 < > p3 p4 < >
[  149.396786][T10907] loop3: p3 start 4284289 is beyond EOD, truncated
[  149.420982][ T2999]  loop3: p1 < > p3 p4 < >
[  149.428787][ T2999] loop3: p3 start 4284289 is beyond EOD, truncated
[  149.568305][ T5983] udevd[5983]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[  149.581373][T10925] futex_wake_op: syz.6.2676 tries to shift op by 144; fix this program
[  149.589673][ T5989] udevd[5989]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[  149.740184][T10937] FAULT_INJECTION: forcing a failure.
[  149.740184][T10937] name failslab, interval 1, probability 0, space 0, times 0
[  149.753374][T10937] CPU: 1 UID: 0 PID: 10937 Comm: syz.6.2681 Not tainted 6.13.0-rc1-syzkaller-00025-gfeffde684ac2 #0
[  149.764230][T10937] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  149.774303][T10937] Call Trace:
[  149.777590][T10937]  <TASK>
[  149.780531][T10937]  dump_stack_lvl+0xf2/0x150
[  149.785211][T10937]  dump_stack+0x15/0x1a
[  149.789472][T10937]  should_fail_ex+0x223/0x230
[  149.794209][T10937]  should_failslab+0x8f/0xb0
[  149.798950][T10937]  kmem_cache_alloc_node_noprof+0x59/0x320
[  149.804803][T10937]  ? __alloc_skb+0x10b/0x310
[  149.809455][T10937]  __alloc_skb+0x10b/0x310
[  149.813902][T10937]  tipc_msg_reverse+0x1c7/0x4c0
[  149.818779][T10937]  tipc_sk_respond+0xa1/0x270
[  149.823617][T10937]  __tipc_shutdown+0xbce/0xc00
[  149.828453][T10937]  ? __pfx_woken_wake_function+0x10/0x10
[  149.834122][T10937]  tipc_release+0x68/0xa70
[  149.838554][T10937]  ? proc_fail_nth_write+0x12a/0x150
[  149.844053][T10937]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  149.849736][T10937]  sock_close+0x68/0x150
[  149.853995][T10937]  ? __pfx_sock_close+0x10/0x10
[  149.858862][T10937]  __fput+0x17a/0x6d0
[  149.862859][T10937]  ? file_close_fd_locked+0x17f/0x1a0
[  149.868288][T10937]  __fput_sync+0x96/0xc0
[  149.872544][T10937]  __se_sys_close+0x109/0x1b0
[  149.877270][T10937]  __x64_sys_close+0x1f/0x30
[  149.881881][T10937]  x64_sys_call+0x266c/0x2dc0
[  149.886572][T10937]  do_syscall_64+0xc9/0x1c0
[  149.891087][T10937]  ? clear_bhb_loop+0x55/0xb0
[  149.895771][T10937]  ? clear_bhb_loop+0x55/0xb0
[  149.900497][T10937]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  149.906419][T10937] RIP: 0033:0x7f3c134fff19
[  149.910879][T10937] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  149.930496][T10937] RSP: 002b:00007f3c11b77058 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  149.938919][T10937] RAX: ffffffffffffffda RBX: 00007f3c136c5fa0 RCX: 00007f3c134fff19
[  149.946985][T10937] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  149.955020][T10937] RBP: 00007f3c11b770a0 R08: 0000000000000000 R09: 0000000000000000
[  149.963000][T10937] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  149.971014][T10937] R13: 0000000000000000 R14: 00007f3c136c5fa0 R15: 00007ffe1e03c868
[  149.979072][T10937]  </TASK>
[  150.037983][T10946] netlink: 'syz.3.2685': attribute type 10 has an invalid length.
[  150.052233][T10948] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  150.067607][T10946] geneve1: entered promiscuous mode
[  150.078419][T10946] 
: (slave geneve1): Enslaving as an active interface with an up link
[  150.121388][T10948] loop0: detected capacity change from 0 to 1024
[  150.159306][T10948] EXT4-fs: Ignoring removed oldalloc option
[  150.172525][T10948] EXT4-fs (loop0): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  150.320491][T10968] futex_wake_op: syz.3.2691 tries to shift op by 144; fix this program
[  150.469434][T10976] loop3: detected capacity change from 0 to 1024
[  150.481391][T10976] EXT4-fs: Ignoring removed nobh option
[  150.487028][T10976] EXT4-fs: Ignoring removed orlov option
[  150.675012][T10986] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  150.794010][T10994] __nla_validate_parse: 6 callbacks suppressed
[  150.794026][T10994] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2701'.
[  150.915671][T11004] loop6: detected capacity change from 0 to 1024
[  150.923056][T11004] EXT4-fs: Ignoring removed nomblk_io_submit option
[  150.948409][T11004] EXT4-fs (loop6): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  151.027682][ T3377] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x4
[  151.035513][ T3377] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x2
[  151.055075][ T3377] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x3
[  151.074724][ T3377] hid-generic 0000:3000000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  151.087121][T11004] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  151.114943][T11016] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  151.261255][ T3377] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x4
[  151.269004][ T3377] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x2
[  151.283660][ T3377] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x3
[  151.298160][ T3377] hid-generic 0000:3000000:0000.0004: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  151.575829][T11040] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  151.597533][T11038] netlink: 'syz.6.2722': attribute type 10 has an invalid length.
[  151.616513][T11041] serio: Serial port ttyS3
[  151.624277][T11036] loop2: detected capacity change from 0 to 1024
[  151.624318][T11038] team0: Port device netdevsim1 added
[  151.632284][T11036] EXT4-fs: Ignoring removed oldalloc option
[  151.654873][T11045] netlink: 'syz.6.2722': attribute type 10 has an invalid length.
[  151.666741][T11036] EXT4-fs (loop2): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  151.681882][T11045] team0: Port device netdevsim1 removed
[  151.696170][T11045] 
: (slave netdevsim1): Enslaving as an active interface with an up link
[  151.804102][T11051] netlink: 16402 bytes leftover after parsing attributes in process `�&/�'.
[  151.832227][   T29] kauditd_printk_skb: 450 callbacks suppressed
[  151.832246][   T29] audit: type=1326 audit(1733318323.039:13681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11050 comm=87262F16E7 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c134fff19 code=0x7ffc0000
[  151.862016][   T29] audit: type=1326 audit(1733318323.039:13682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11050 comm=87262F16E7 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c134fff19 code=0x7ffc0000
[  151.997160][   T29] audit: type=1326 audit(1733318323.189:13683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11059 comm="syz.6.2728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c134fff19 code=0x7ffc0000
[  152.021034][   T29] audit: type=1326 audit(1733318323.189:13684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11059 comm="syz.6.2728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c134fff19 code=0x7ffc0000
[  152.052682][   T29] audit: type=1326 audit(1733318323.239:13685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11059 comm="syz.6.2728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3c134fff19 code=0x7ffc0000
[  152.076373][   T29] audit: type=1326 audit(1733318323.239:13686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11059 comm="syz.6.2728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c134fff19 code=0x7ffc0000
[  152.087105][T11065] loop6: detected capacity change from 0 to 1024
[  152.100090][   T29] audit: type=1326 audit(1733318323.239:13687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11059 comm="syz.6.2728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3c134fff19 code=0x7ffc0000
[  152.130296][   T29] audit: type=1326 audit(1733318323.239:13688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11059 comm="syz.6.2728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c134fff19 code=0x7ffc0000
[  152.153976][   T29] audit: type=1326 audit(1733318323.239:13689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11059 comm="syz.6.2728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7f3c134fff19 code=0x7ffc0000
[  152.171536][T11065] EXT4-fs (loop6): shut down requested (0)
[  152.177589][   T29] audit: type=1326 audit(1733318323.239:13690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11059 comm="syz.6.2728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c134fff19 code=0x7ffc0000
[  152.293097][T11082] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  152.313186][T11084] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2734'.
[  152.314587][T11082] loop0: detected capacity change from 0 to 1024
[  152.330510][T11082] EXT4-fs: Ignoring removed oldalloc option
[  152.337023][T11082] EXT4-fs (loop0): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  152.477921][T11092] netlink: 16402 bytes leftover after parsing attributes in process `�&/�'.
[  152.484721][T11089] Process accounting resumed
[  152.619755][T11099] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  152.637957][T11099] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  152.745371][T11110] syz.2.2747[11110] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  152.745587][T11110] syz.2.2747[11110] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  152.757286][T11110] syz.2.2747[11110] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  152.769969][T11110] syz.2.2747[11110] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  152.784322][T11110] syz.2.2747[11110] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  152.795977][T11110] syz.2.2747[11110] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  152.937805][T11119] serio: Serial port ttyS3
[  152.994021][T11124] loop2: detected capacity change from 0 to 128
[  153.007078][T11124] loop2: detected capacity change from 0 to 512
[  153.014972][T11124] EXT4-fs: Ignoring removed orlov option
[  153.021539][T11124] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  153.040568][T11124] ext4 filesystem being mounted at /588/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  153.053370][T11124] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.2751: bg 0: block 255: padding at end of block bitmap is not set
[  153.068094][T11124] EXT4-fs (loop2): Remounting filesystem read-only
[  153.076213][T11124] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  153.085200][T11124] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  153.113364][T11129] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  153.131511][T11129] loop3: detected capacity change from 0 to 1024
[  153.140237][T11129] EXT4-fs: Ignoring removed oldalloc option
[  153.147674][T11129] EXT4-fs (loop3): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  153.234024][T11135] netlink: 16402 bytes leftover after parsing attributes in process `�&/�'.
[  153.236298][T11124] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  153.253724][T11124] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  153.263567][T11124] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=13
[  153.272529][T11124] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=13
[  153.282170][T11124] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  153.440137][T11147] loop2: detected capacity change from 0 to 1024
[  153.466311][ T1094] hid-generic 0000:3000000:0000.0005: unknown main item tag 0x4
[  153.474340][ T1094] hid-generic 0000:3000000:0000.0005: unknown main item tag 0x2
[  153.487932][ T1094] hid-generic 0000:3000000:0000.0005: unknown main item tag 0x3
[  153.492539][T11147] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2758'.
[  153.501074][ T1094] hid-generic 0000:3000000:0000.0005: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  153.635729][T11160] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2762'.
[  153.656771][T11162] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  153.666709][T11162] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  153.791298][T11164] netlink: 61211 bytes leftover after parsing attributes in process `syz.4.2764'.
[  154.097240][T11182] loop3: detected capacity change from 0 to 764
[  154.110895][T11182] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[  154.116403][T11185] serio: Serial port ttyS3
[  154.130897][T11182] IPVS: set_ctl: invalid protocol: 51 224.0.0.1:0
[  154.261305][T11191] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2776'.
[  154.271461][T11191] netlink: 'syz.0.2776': attribute type 10 has an invalid length.
[  154.439931][T11194] loop2: detected capacity change from 0 to 1024
[  154.446955][T11194] EXT4-fs: Ignoring removed nomblk_io_submit option
[  154.454229][T11194] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  154.528714][T11194] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  154.643513][T11203] loop2: detected capacity change from 0 to 512
[  154.651194][T11203] EXT4-fs: Ignoring removed bh option
[  154.657061][T11203] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  154.677166][T11203] EXT4-fs (loop2): 1 truncate cleaned up
[  154.763799][T11211] loop2: detected capacity change from 0 to 256
[  154.778424][T11211] ebt_among: dst integrity fail: 102
[  155.091086][T11223] loop3: detected capacity change from 0 to 1024
[  155.114438][T11223] EXT4-fs: Ignoring removed nomblk_io_submit option
[  155.127402][T11226] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2787'.
[  155.143886][T11223] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  155.197170][T11237] loop0: detected capacity change from 0 to 512
[  155.214177][T11237] EXT4-fs (loop0): orphan cleanup on readonly fs
[  155.228066][T11237] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.2791: bg 0: block 248: padding at end of block bitmap is not set
[  155.244329][T11237] EXT4-fs error (device loop0): ext4_acquire_dquot:6938: comm syz.0.2791: Failed to acquire dquot type 1
[  155.263563][T11223] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  155.276572][T11237] EXT4-fs (loop0): 1 truncate cleaned up
[  155.303769][T11237] syz.0.2791 (11237) used greatest stack depth: 9392 bytes left
[  155.413149][T11252] serio: Serial port ttyS3
[  155.449429][T11217] chnl_net:caif_netlink_parms(): no params data found
[  155.488481][T11258] syz.0.2796[11258] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  155.489265][T11258] syz.0.2796[11258] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  155.502348][T11258] syz.0.2796[11258] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  155.524710][T11258] bridge_slave_0: left allmulticast mode
[  155.542008][T11258] bridge_slave_0: left promiscuous mode
[  155.547762][T11258] bridge0: port 1(bridge_slave_0) entered disabled state
[  155.558020][T11258] bridge_slave_1: left allmulticast mode
[  155.564188][T11258] bridge_slave_1: left promiscuous mode
[  155.569940][T11258] bridge0: port 2(bridge_slave_1) entered disabled state
[  155.580141][T11258] 
: (slave bond_slave_0): Releasing backup interface
[  155.590817][T11258] 
: (slave bond_slave_1): Releasing backup interface
[  155.625603][T11217] bridge0: port 1(bridge_slave_0) entered blocking state
[  155.632851][T11217] bridge0: port 1(bridge_slave_0) entered disabled state
[  155.641744][T11217] bridge_slave_0: entered allmulticast mode
[  155.648498][T11217] bridge_slave_0: entered promiscuous mode
[  155.662314][T11217] bridge0: port 2(bridge_slave_1) entered blocking state
[  155.669455][T11217] bridge0: port 2(bridge_slave_1) entered disabled state
[  155.674076][T11263] loop0: detected capacity change from 0 to 764
[  155.685096][T11263] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[  155.686877][T11217] bridge_slave_1: entered allmulticast mode
[  155.702492][T11217] bridge_slave_1: entered promiscuous mode
[  155.745265][T11217] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  155.757766][T11217] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  155.788392][T11217] team0: Port device team_slave_0 added
[  155.796499][T11217] team0: Port device team_slave_1 added
[  155.821952][T11217] batman_adv: batadv0: Adding interface: batadv_slave_0
[  155.829325][T11217] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  155.855604][T11217] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  155.869420][T11217] batman_adv: batadv0: Adding interface: batadv_slave_1
[  155.876493][T11217] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  155.902748][T11217] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  155.961222][T11270] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2800'.
[  155.983647][T11217] hsr_slave_0: entered promiscuous mode
[  155.991583][T11217] hsr_slave_1: entered promiscuous mode
[  156.063461][T11277] futex_wake_op: syz.0.2803 tries to shift op by 144; fix this program
[  156.089263][T11273] loop6: detected capacity change from 0 to 1024
[  156.096728][T11273] EXT4-fs: Ignoring removed nobh option
[  156.102387][T11273] EXT4-fs: Ignoring removed orlov option
[  156.113405][T11217] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  156.213220][T11217] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  156.276298][T11288] loop3: detected capacity change from 0 to 764
[  156.296264][T11217] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  156.315320][T11288] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[  156.340996][T11293] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  156.355504][T11295] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  156.382485][T11217] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  156.396005][T11295] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  156.486905][T11217] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  156.508041][T11217] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  156.522901][T11217] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  156.536020][T11217] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  156.546765][T11300] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2811'.
[  156.675142][T11217] 8021q: adding VLAN 0 to HW filter on device bond0
[  156.694170][T11217] 8021q: adding VLAN 0 to HW filter on device team0
[  156.715131][T11308] syz.3.2815[11308] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  156.723794][   T55] bridge0: port 1(bridge_slave_0) entered blocking state
[  156.742339][   T55] bridge0: port 1(bridge_slave_0) entered forwarding state
[  156.780747][T11217] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  156.791364][T11217] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  156.805656][   T55] bridge0: port 2(bridge_slave_1) entered blocking state
[  156.812875][   T55] bridge0: port 2(bridge_slave_1) entered forwarding state
[  156.852763][   T29] kauditd_printk_skb: 236 callbacks suppressed
[  156.852778][   T29] audit: type=1326 audit(1733318328.059:13923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11311 comm="syz.4.2816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e13eeff19 code=0x7ffc0000
[  156.882678][   T29] audit: type=1326 audit(1733318328.059:13924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11311 comm="syz.4.2816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f6e13eeff19 code=0x7ffc0000
[  156.906227][   T29] audit: type=1326 audit(1733318328.059:13925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11311 comm="syz.4.2816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e13eeff19 code=0x7ffc0000
[  156.930064][   T29] audit: type=1326 audit(1733318328.099:13926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11311 comm="syz.4.2816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6e13eeff19 code=0x7ffc0000
[  156.953782][   T29] audit: type=1326 audit(1733318328.099:13927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11311 comm="syz.4.2816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e13eeff19 code=0x7ffc0000
[  156.977637][   T29] audit: type=1326 audit(1733318328.099:13928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11311 comm="syz.4.2816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e13eeff19 code=0x7ffc0000
[  157.001541][   T29] audit: type=1326 audit(1733318328.139:13929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11311 comm="syz.4.2816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7f6e13eeff19 code=0x7ffc0000
[  157.025240][   T29] audit: type=1326 audit(1733318328.139:13930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11311 comm="syz.4.2816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e13eeff19 code=0x7ffc0000
[  157.048926][   T29] audit: type=1326 audit(1733318328.139:13931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11311 comm="syz.4.2816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e13eeff19 code=0x7ffc0000
[  157.091155][   T29] audit: type=1326 audit(1733318328.279:13932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11311 comm="syz.4.2816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f6e13eeff19 code=0x7ffc0000
[  157.138328][T11217] 8021q: adding VLAN 0 to HW filter on device batadv0
[  157.166940][T11324] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2821'.
[  157.181164][T11319] loop3: detected capacity change from 0 to 1024
[  157.307824][T11334] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  157.327224][T11332] loop6: detected capacity change from 0 to 1024
[  157.334649][T11332] EXT4-fs: Ignoring removed oldalloc option
[  157.352451][T11332] EXT4-fs (loop6): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  157.452385][T11334] loop0: detected capacity change from 0 to 1024
[  157.453175][T11346] loop3: detected capacity change from 0 to 1024
[  157.462013][T11334] EXT4-fs: Ignoring removed oldalloc option
[  157.466104][T11346] EXT4-fs: Ignoring removed nomblk_io_submit option
[  157.480951][T11346] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  157.488370][T11334] EXT4-fs (loop0): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  157.517783][T11217] veth0_vlan: entered promiscuous mode
[  157.529910][T11217] veth1_vlan: entered promiscuous mode
[  157.559038][T11217] veth0_macvtap: entered promiscuous mode
[  157.567792][T11217] veth1_macvtap: entered promiscuous mode
[  157.591733][T11346] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  157.622961][T11217] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  157.633453][T11217] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  157.651962][T11217] batman_adv: batadv0: Interface activated: batadv_slave_0
[  157.665161][T11217] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  157.675808][T11217] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  157.695650][T11217] batman_adv: batadv0: Interface activated: batadv_slave_1
[  157.711474][T11217] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  157.720665][T11217] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  157.729572][T11217] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  157.738316][T11217] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  157.868090][T11365] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2831'.
[  157.897035][T11367] loop3: detected capacity change from 0 to 1024
[  157.910328][T11367] EXT4-fs: Ignoring removed nobh option
[  157.915950][T11367] EXT4-fs: Ignoring removed orlov option
[  157.925436][T11369] loop2: detected capacity change from 0 to 1024
[  157.939448][T11369] EXT4-fs: Ignoring removed nobh option
[  157.945126][T11369] EXT4-fs: Ignoring removed orlov option
[  158.139273][T11386] bpf_get_probe_write_proto: 2 callbacks suppressed
[  158.139293][T11386] syz.6.2838[11386] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  158.139654][T11388] syz.4.2839[11388] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  158.145978][T11386] syz.6.2838[11386] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  158.162910][T11388] syz.4.2839[11388] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  158.199380][T11382] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  158.210705][T11388] syz.4.2839[11388] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  158.244042][T11382] loop2: detected capacity change from 0 to 1024
[  158.269283][T11386] syz.6.2838[11386] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  158.319252][T11382] EXT4-fs: Ignoring removed oldalloc option
[  158.342199][T11386] 
: (slave netdevsim1): Releasing backup interface
[  158.351397][T11382] EXT4-fs (loop2): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  158.383927][T11397] netlink: 16402 bytes leftover after parsing attributes in process `�&/�'.
[  158.472139][T11404] futex_wake_op: syz.4.2845 tries to shift op by 144; fix this program
[  158.511872][T11405] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2843'.
[  158.585878][T11412] batman_adv: batadv0: Adding interface: dummy0
[  158.592313][T11412] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  158.618300][T11412] batman_adv: batadv0: Interface activated: dummy0
[  158.629282][T11412] net_ratelimit: 10 callbacks suppressed
[  158.629294][T11412] batadv0: mtu less than device minimum
[  158.641269][T11412] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  158.652096][T11412] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  158.662786][T11412] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  158.673724][T11412] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  158.684596][T11412] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  158.695564][T11412] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  158.706468][T11412] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  158.717359][T11412] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  158.728193][T11412] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  158.755168][T11417] loop3: detected capacity change from 0 to 1024
[  158.774518][T11417] EXT4-fs: Ignoring removed nobh option
[  158.780531][T11417] EXT4-fs: Ignoring removed orlov option
[  159.018490][T11434] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  159.055795][T11436] loop0: detected capacity change from 0 to 764
[  159.077335][T11434] loop2: detected capacity change from 0 to 1024
[  159.088383][T11436] iso9660: Unknown parameter '0xffffffffffffffff�����W�C�0���nZ�#���OpfB���!�W'
[  159.110500][T11434] EXT4-fs: Ignoring removed oldalloc option
[  159.138793][T11436] netlink: 'syz.0.2857': attribute type 10 has an invalid length.
[  159.161731][T11434] EXT4-fs (loop2): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  159.193798][T11436] loop0: detected capacity change from 0 to 2048
[  159.206465][T11444] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2859'.
[  159.249139][T11436]  loop0: p1 < > p3 p4 < >
[  159.254446][T11436] loop0: p3 start 4284289 is beyond EOD, truncated
[  159.309189][T11449] loop3: detected capacity change from 0 to 512
[  159.315651][ T2999]  loop0: p1 < > p3 p4 < >
[  159.322042][T11449] EXT4-fs: Ignoring removed orlov option
[  159.326449][ T2999] loop0: p3 start 4284289 is beyond EOD, truncated
[  159.333672][T11449] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  159.361495][T11452] loop2: detected capacity change from 0 to 1024
[  159.370572][T11449] ext4 filesystem being mounted at /589/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  159.382870][ T5983] udevd[5983]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[  159.385957][T11452] EXT4-fs: Ignoring removed nobh option
[  159.394399][ T5991] udevd[5991]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[  159.398237][T11452] EXT4-fs: Ignoring removed orlov option
[  159.461166][ T5983] udevd[5983]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[  159.473357][ T3289] udevd[3289]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[  159.525523][T11462] netlink: 16402 bytes leftover after parsing attributes in process `�&/�'.
[  159.550054][T11464] loop6: detected capacity change from 0 to 1024
[  159.557019][T11464] EXT4-fs: Ignoring removed nobh option
[  159.563004][T11464] EXT4-fs: Ignoring removed orlov option
[  159.658797][T11472] loop3: detected capacity change from 0 to 764
[  159.665653][T11472] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[  159.679882][T11474] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  159.724477][T11474] loop0: detected capacity change from 0 to 1024
[  159.742639][T11474] EXT4-fs: Ignoring removed oldalloc option
[  159.756433][T11474] EXT4-fs (loop0): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  159.781685][T11482] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2871'.
[  159.792699][T11479] loop3: detected capacity change from 0 to 764
[  159.800566][T11479] iso9660: Unknown parameter '0xffffffffffffffff�����W�C�0���nZ�#���OpfB���!�W'
[  159.837698][T11479] netlink: 'syz.3.2873': attribute type 10 has an invalid length.
[  159.870982][T11479] loop3: detected capacity change from 0 to 2048
[  159.929603][T11479]  loop3: p1 < > p3 p4 < >
[  159.939884][T11479] loop3: p3 start 4284289 is beyond EOD, truncated
[  159.978685][ T2999]  loop3: p1 < > p3 p4 < >
[  159.984252][ T2999] loop3: p3 start 4284289 is beyond EOD, truncated
[  160.098463][ T5991] udevd[5991]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[  160.107127][ T5983] udevd[5983]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[  160.566467][T11519] loop2: detected capacity change from 0 to 764
[  160.590052][T11519] iso9660: Unknown parameter '0xffffffffffffffff�����W�C�0���nZ�#���OpfB���!�W'
[  160.656633][T11519] netlink: 'syz.2.2887': attribute type 10 has an invalid length.
[  160.675073][T11519] hsr_slave_0: left promiscuous mode
[  160.690693][T11519] hsr_slave_1: left promiscuous mode
[  160.762781][T11522] loop2: detected capacity change from 0 to 2048
[  160.792109][T11524] netlink: 'syz.4.2889': attribute type 10 has an invalid length.
[  160.820589][T11522]  loop2: p1 < > p3 p4 < >
[  160.835050][T11522] loop2: p3 start 4284289 is beyond EOD, truncated
[  160.975329][T11532] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2894'.
[  161.088058][T11538] loop3: detected capacity change from 0 to 764
[  161.109362][T11538] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[  161.164753][T11545] netlink: 36 bytes leftover after parsing attributes in process `syz.6.2897'.
[  161.308270][T11556] loop3: detected capacity change from 0 to 128
[  161.334110][T11556] loop3: detected capacity change from 0 to 512
[  161.348253][T11559] netlink: 'syz.4.2904': attribute type 10 has an invalid length.
[  161.360154][T11556] EXT4-fs: Ignoring removed orlov option
[  161.370848][T11556] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  161.402865][T11556] EXT4-fs mount: 110 callbacks suppressed
[  161.402885][T11556] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  161.437085][T11556] ext4 filesystem being mounted at /596/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  161.475067][T11556] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2903: bg 0: block 255: padding at end of block bitmap is not set
[  161.501915][T11556] EXT4-fs (loop3): Remounting filesystem read-only
[  161.520062][T11556] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=12
[  161.539311][T11556] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=12
[  161.711878][T11556] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=12
[  161.720973][T11556] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=12
[  161.731733][T11556] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=13
[  161.740735][T11556] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=13
[  161.751135][T11556] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=12
[  161.830043][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.924331][T11572] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2908'.
[  161.974575][T11572] loop3: detected capacity change from 0 to 1024
[  161.983204][T11576] loop6: detected capacity change from 0 to 764
[  161.990419][T11572] EXT4-fs: Ignoring removed nobh option
[  161.996026][T11572] EXT4-fs: Ignoring removed orlov option
[  162.002098][T11574] loop2: detected capacity change from 0 to 1024
[  162.010606][T11576] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[  162.023509][T11574] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  162.056656][T11572] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  162.074675][T11574] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.094806][   T29] kauditd_printk_skb: 864 callbacks suppressed
[  162.094827][   T29] audit: type=1326 audit(1733318333.289:14795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11548 comm="syz.0.2900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ddfb7ff19 code=0x7ffc0000
[  162.124850][   T29] audit: type=1326 audit(1733318333.289:14796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11548 comm="syz.0.2900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ddfb7ff19 code=0x7ffc0000
[  162.148494][T11574] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2909'.
[  162.164281][   T29] audit: type=1326 audit(1733318333.329:14797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11570 comm="syz.3.2908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e3dc7ff19 code=0x7ffc0000
[  162.188089][   T29] audit: type=1326 audit(1733318333.329:14798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11570 comm="syz.3.2908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f0e3dc7ff19 code=0x7ffc0000
[  162.190168][T11583] syz.0.2912[11583] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  162.213380][   T29] audit: type=1326 audit(1733318333.329:14799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11570 comm="syz.3.2908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e3dc7ff19 code=0x7ffc0000
[  162.213446][   T29] audit: type=1326 audit(1733318333.329:14800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11570 comm="syz.3.2908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f0e3dc7ff19 code=0x7ffc0000
[  162.213494][   T29] audit: type=1326 audit(1733318333.329:14801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11570 comm="syz.3.2908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e3dc7ff19 code=0x7ffc0000
[  162.213541][   T29] audit: type=1326 audit(1733318333.329:14802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11570 comm="syz.3.2908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e3dc7ff19 code=0x7ffc0000
[  162.213641][   T29] audit: type=1326 audit(1733318333.329:14803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11570 comm="syz.3.2908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7f0e3dc7ff19 code=0x7ffc0000
[  162.213727][   T29] audit: type=1326 audit(1733318333.329:14804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11570 comm="syz.3.2908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e3dc7ff19 code=0x7ffc0000
[  162.370677][T11583] syz.0.2912[11583] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  162.370824][T11583] syz.0.2912[11583] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  162.479374][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.513885][T11593] futex_wake_op: syz.6.2917 tries to shift op by 144; fix this program
[  162.527526][T11595] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=11595 comm=syz.2.2919
[  162.624348][T11605] loop3: detected capacity change from 0 to 764
[  162.626131][T11608] syz.2.2922[11608] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  162.633570][T11605] iso9660: Unknown parameter '0xffffffffffffffff�����W�C�0���nZ�#���OpfB���!�W'
[  162.657881][T11608] batman_adv: batadv0: Interface deactivated: dummy0
[  162.664690][T11608] batman_adv: batadv0: Removing interface: dummy0
[  162.681759][T11608] bridge_slave_0: left allmulticast mode
[  162.687458][T11608] bridge_slave_0: left promiscuous mode
[  162.693281][T11608] bridge0: port 1(bridge_slave_0) entered disabled state
[  162.703500][T11608] bridge_slave_1: left allmulticast mode
[  162.709202][T11608] bridge_slave_1: left promiscuous mode
[  162.714863][T11608] bridge0: port 2(bridge_slave_1) entered disabled state
[  162.723524][T11612] netlink: 'syz.3.2915': attribute type 10 has an invalid length.
[  162.733693][T11608] bond0: (slave bond_slave_0): Releasing backup interface
[  162.744039][T11608] bond0: (slave bond_slave_1): Releasing backup interface
[  162.757561][T11608] team0: Port device team_slave_0 removed
[  162.767540][T11608] team0: Port device team_slave_1 removed
[  162.775190][T11608] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  162.782805][T11608] batman_adv: batadv0: Removing interface: batadv_slave_0
[  162.785805][T11616] loop3: detected capacity change from 0 to 2048
[  162.798239][T11608] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  162.805758][T11608] batman_adv: batadv0: Removing interface: batadv_slave_1
[  162.826418][T11609] netlink: 36 bytes leftover after parsing attributes in process `syz.6.2921'.
[  162.830104][T11616]  loop3: p1 < > p3 p4 < >
[  162.843706][T11616] loop3: p3 start 4284289 is beyond EOD, truncated
[  163.064298][T11631] team0: Port device macvlan1 added
[  163.202491][T11644] futex_wake_op: syz.2.2931 tries to shift op by 144; fix this program
[  163.286657][T11624] chnl_net:caif_netlink_parms(): no params data found
[  163.331613][T11624] bridge0: port 1(bridge_slave_0) entered blocking state
[  163.338824][T11624] bridge0: port 1(bridge_slave_0) entered disabled state
[  163.345958][T11624] bridge_slave_0: entered allmulticast mode
[  163.352549][T11624] bridge_slave_0: entered promiscuous mode
[  163.360371][T11624] bridge0: port 2(bridge_slave_1) entered blocking state
[  163.367457][T11624] bridge0: port 2(bridge_slave_1) entered disabled state
[  163.374739][T11624] bridge_slave_1: entered allmulticast mode
[  163.394392][T11624] bridge_slave_1: entered promiscuous mode
[  163.402270][T11653] loop0: detected capacity change from 0 to 764
[  163.420811][T11653] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[  163.461367][T11624] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  163.475133][T11624] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  163.519716][T11624] team0: Port device team_slave_0 added
[  163.526738][T11624] team0: Port device team_slave_1 added
[  163.552672][T11624] batman_adv: batadv0: Adding interface: batadv_slave_0
[  163.559876][T11624] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  163.585869][T11624] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  163.621850][T11624] batman_adv: batadv0: Adding interface: batadv_slave_1
[  163.629219][T11624] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  163.655955][T11624] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  163.695154][T11624] hsr_slave_0: entered promiscuous mode
[  163.696548][T11673] futex_wake_op: syz.6.2941 tries to shift op by 144; fix this program
[  163.709465][T11624] hsr_slave_1: entered promiscuous mode
[  163.738200][T11676] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2942'.
[  163.755155][T11676] netlink: 'syz.6.2942': attribute type 10 has an invalid length.
[  163.763780][T11676] veth0_macvtap: entered promiscuous mode
[  163.771184][T11676] team0: Device macvtap0 failed to register rx_handler
[  163.778291][T11676] veth0_macvtap: left promiscuous mode
[  163.814908][T11678] loop6: detected capacity change from 0 to 512
[  163.827313][T11624] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  163.828932][T11678] EXT4-fs (loop6): orphan cleanup on readonly fs
[  163.845337][T11678] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.2943: bg 0: block 248: padding at end of block bitmap is not set
[  163.860043][T11678] EXT4-fs error (device loop6): ext4_acquire_dquot:6938: comm syz.6.2943: Failed to acquire dquot type 1
[  163.872215][T11678] EXT4-fs (loop6): 1 truncate cleaned up
[  163.878463][T11678] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  163.902901][T11624] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  163.904611][T11678] syz.6.2943 (11678) used greatest stack depth: 9296 bytes left
[  163.921483][ T7223] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.972144][T11624] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  164.000621][T11685] loop6: detected capacity change from 0 to 764
[  164.007399][T11685] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[  164.035599][T11624] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  164.119693][T11624] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  164.123021][T11693] loop2: detected capacity change from 0 to 1024
[  164.142074][T11624] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  164.150406][T11693] EXT4-fs: Ignoring removed nobh option
[  164.156077][T11693] EXT4-fs: Ignoring removed orlov option
[  164.166305][T11624] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  164.174858][T11695] futex_wake_op: syz.6.2951 tries to shift op by 144; fix this program
[  164.177355][T11624] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  164.205215][T11693] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  164.270571][T11700] loop6: detected capacity change from 0 to 1024
[  164.280350][T11624] 8021q: adding VLAN 0 to HW filter on device bond0
[  164.295255][T11624] 8021q: adding VLAN 0 to HW filter on device team0
[  164.324412][T11700] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  164.327625][T11217] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.346099][T11700] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.360836][   T28] bridge0: port 1(bridge_slave_0) entered blocking state
[  164.368013][   T28] bridge0: port 1(bridge_slave_0) entered forwarding state
[  164.378804][   T28] bridge0: port 2(bridge_slave_1) entered blocking state
[  164.385969][   T28] bridge0: port 2(bridge_slave_1) entered forwarding state
[  164.408325][T11700] netlink: 44 bytes leftover after parsing attributes in process `syz.6.2952'.
[  164.425546][T11624] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  164.436028][T11624] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  164.442859][T11703] loop2: detected capacity change from 0 to 512
[  164.510460][T11703] EXT4-fs (loop2): orphan cleanup on readonly fs
[  164.534892][T11703] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.2953: bg 0: block 248: padding at end of block bitmap is not set
[  164.549729][T11703] EXT4-fs error (device loop2): ext4_acquire_dquot:6938: comm syz.2.2953: Failed to acquire dquot type 1
[  164.573940][T11703] EXT4-fs (loop2): 1 truncate cleaned up
[  164.588148][T11624] 8021q: adding VLAN 0 to HW filter on device batadv0
[  164.588326][T11714] loop0: detected capacity change from 0 to 764
[  164.619008][T11714] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[  164.623058][T11703] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  164.683674][T11217] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.691561][T11719] vlan2: entered allmulticast mode
[  164.697854][T11719] bridge_slave_0: entered allmulticast mode
[  164.706130][T11719] bridge_slave_0: left allmulticast mode
[  164.764657][T11731] futex_wake_op: syz.2.2961 tries to shift op by 144; fix this program
[  164.821583][T11735] loop2: detected capacity change from 0 to 128
[  164.843605][T11735] loop2: detected capacity change from 0 to 512
[  164.851193][T11624] veth0_vlan: entered promiscuous mode
[  164.866131][T11624] veth1_vlan: entered promiscuous mode
[  164.885001][T11735] EXT4-fs: Ignoring removed orlov option
[  164.892037][T11735] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  164.895257][T11624] veth0_macvtap: entered promiscuous mode
[  164.910060][T11624] veth1_macvtap: entered promiscuous mode
[  164.924731][T11735] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  164.925369][T11624] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  164.937833][T11735] ext4 filesystem being mounted at /28/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  164.947783][T11624] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  164.969136][T11624] batman_adv: batadv0: Interface activated: batadv_slave_0
[  164.983563][T11735] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.2962: bg 0: block 255: padding at end of block bitmap is not set
[  164.983743][T11624] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  165.008780][T11624] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  165.014472][T11735] EXT4-fs (loop2): Remounting filesystem read-only
[  165.020018][T11624] batman_adv: batadv0: Interface activated: batadv_slave_1
[  165.030757][T11735] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  165.034701][T11624] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  165.050152][T11624] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  165.058985][T11624] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  165.063756][T11735] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  165.067674][T11624] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  165.085748][T11738] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  165.095535][T11738] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  165.107078][T11738] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=13
[  165.116494][T11738] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=13
[  165.126626][T11738] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  165.159089][T11217] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.212225][T11746] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2923'.
[  165.385741][T11748] FAULT_INJECTION: forcing a failure.
[  165.385741][T11748] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  165.399203][T11748] CPU: 0 UID: 0 PID: 11748 Comm: syz.4.2965 Not tainted 6.13.0-rc1-syzkaller-00025-gfeffde684ac2 #0
[  165.409994][T11748] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  165.420060][T11748] Call Trace:
[  165.423407][T11748]  <TASK>
[  165.426339][T11748]  dump_stack_lvl+0xf2/0x150
[  165.431099][T11748]  dump_stack+0x15/0x1a
[  165.435305][T11748]  should_fail_ex+0x223/0x230
[  165.440111][T11748]  should_fail+0xb/0x10
[  165.444341][T11748]  should_fail_usercopy+0x1a/0x20
[  165.449380][T11748]  _copy_from_user+0x1e/0xb0
[  165.454087][T11748]  __sys_bpf+0x14e/0x7a0
[  165.458359][T11748]  __x64_sys_bpf+0x43/0x50
[  165.462930][T11748]  x64_sys_call+0x2914/0x2dc0
[  165.467647][T11748]  do_syscall_64+0xc9/0x1c0
[  165.472177][T11748]  ? clear_bhb_loop+0x55/0xb0
[  165.476883][T11748]  ? clear_bhb_loop+0x55/0xb0
[  165.481635][T11748]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.487610][T11748] RIP: 0033:0x7f6e13eeff19
[  165.492074][T11748] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  165.511791][T11748] RSP: 002b:00007f6e12567058 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  165.520283][T11748] RAX: ffffffffffffffda RBX: 00007f6e140b5fa0 RCX: 00007f6e13eeff19
[  165.528358][T11748] RDX: 0000000000000050 RSI: 0000000020000600 RDI: 000000000000000a
[  165.536406][T11748] RBP: 00007f6e125670a0 R08: 0000000000000000 R09: 0000000000000000
[  165.544406][T11748] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  165.552393][T11748] R13: 0000000000000000 R14: 00007f6e140b5fa0 R15: 00007ffd63ab60c8
[  165.560441][T11748]  </TASK>
[  165.588158][T11753] loop6: detected capacity change from 0 to 1024
[  165.631034][T11753] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  165.642698][T11758] loop0: detected capacity change from 0 to 764
[  165.650438][T11758] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[  165.707655][T11762] futex_wake_op: syz.0.2971 tries to shift op by 144; fix this program
[  165.722941][T11753] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.741406][T11764] loop0: detected capacity change from 0 to 512
[  165.754562][T11766] FAULT_INJECTION: forcing a failure.
[  165.754562][T11766] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  165.768040][T11766] CPU: 1 UID: 0 PID: 11766 Comm: syz.4.2972 Not tainted 6.13.0-rc1-syzkaller-00025-gfeffde684ac2 #0
[  165.768247][T11753] netlink: 44 bytes leftover after parsing attributes in process `syz.6.2966'.
[  165.778835][T11766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  165.778853][T11766] Call Trace:
[  165.778861][T11766]  <TASK>
[  165.778884][T11766]  dump_stack_lvl+0xf2/0x150
[  165.778943][T11766]  dump_stack+0x15/0x1a
[  165.813293][T11766]  should_fail_ex+0x223/0x230
[  165.817976][T11766]  should_fail+0xb/0x10
[  165.822158][T11766]  should_fail_usercopy+0x1a/0x20
[  165.824468][T11764] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  165.827177][T11766]  _copy_from_user+0x1e/0xb0
[  165.844281][T11766]  __x64_sys_rt_sigsuspend+0x6e/0xe0
[  165.844843][T11764] ext4 filesystem being mounted at /526/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  165.849594][T11766]  x64_sys_call+0x21c9/0x2dc0
[  165.864735][T11766]  do_syscall_64+0xc9/0x1c0
[  165.869417][T11766]  ? clear_bhb_loop+0x55/0xb0
[  165.874128][T11766]  ? clear_bhb_loop+0x55/0xb0
[  165.878819][T11766]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.884748][T11766] RIP: 0033:0x7f6e13eeff19
[  165.889162][T11766] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  165.908912][T11766] RSP: 002b:00007f6e12567058 EFLAGS: 00000246 ORIG_RAX: 0000000000000082
[  165.917356][T11766] RAX: ffffffffffffffda RBX: 00007f6e140b5fa0 RCX: 00007f6e13eeff19
[  165.925447][T11766] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000020000040
[  165.933584][T11766] RBP: 00007f6e125670a0 R08: 0000000000000000 R09: 0000000000000000
[  165.941556][T11766] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  165.949632][T11766] R13: 0000000000000000 R14: 00007f6e140b5fa0 R15: 00007ffd63ab60c8
[  165.957658][T11766]  </TASK>
[  165.963024][ T3298] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.035645][T11776] loop0: detected capacity change from 0 to 128
[  166.094820][T11776] loop0: detected capacity change from 0 to 512
[  166.114224][T11776] EXT4-fs: Ignoring removed orlov option
[  166.130843][T11776] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  166.172212][T11776] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  166.205142][T11776] ext4 filesystem being mounted at /527/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  166.223296][T11792] futex_wake_op: syz.3.2983 tries to shift op by 144; fix this program
[  166.261898][T11776] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.2974: bg 0: block 255: padding at end of block bitmap is not set
[  166.282357][T11796] FAULT_INJECTION: forcing a failure.
[  166.282357][T11796] name fail_futex, interval 1, probability 0, space 0, times 1
[  166.295192][T11796] CPU: 0 UID: 0 PID: 11796 Comm: syz.4.2986 Not tainted 6.13.0-rc1-syzkaller-00025-gfeffde684ac2 #0
[  166.306087][T11796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  166.316172][T11796] Call Trace:
[  166.319529][T11796]  <TASK>
[  166.322471][T11796]  dump_stack_lvl+0xf2/0x150
[  166.327089][T11796]  dump_stack+0x15/0x1a
[  166.331264][T11796]  should_fail_ex+0x223/0x230
[  166.335956][T11796]  should_fail+0xb/0x10
[  166.340139][T11796]  get_futex_key+0x109/0x740
[  166.344750][T11796]  futex_wake_op+0xb2/0xb50
[  166.349267][T11796]  ? kstrtouint+0x77/0xc0
[  166.353659][T11796]  ? kstrtouint_from_user+0xb0/0xe0
[  166.358937][T11796]  ? proc_fail_nth_write+0x12a/0x150
[  166.364392][T11796]  do_futex+0x32c/0x370
[  166.368641][T11796]  __se_sys_futex+0x25d/0x3a0
[  166.373340][T11796]  ? fput+0x1c4/0x200
[  166.377331][T11796]  __x64_sys_futex+0x78/0x90
[  166.381982][T11796]  x64_sys_call+0x2d6a/0x2dc0
[  166.386741][T11796]  do_syscall_64+0xc9/0x1c0
[  166.391263][T11796]  ? clear_bhb_loop+0x55/0xb0
[  166.396041][T11796]  ? clear_bhb_loop+0x55/0xb0
[  166.400732][T11796]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.406678][T11796] RIP: 0033:0x7f6e13eeff19
[  166.411110][T11796] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  166.430759][T11796] RSP: 002b:00007f6e12567058 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  166.439198][T11796] RAX: ffffffffffffffda RBX: 00007f6e140b5fa0 RCX: 00007f6e13eeff19
[  166.447221][T11796] RDX: 0000000000000000 RSI: 0000000000000085 RDI: 0000000000000000
[  166.455378][T11796] RBP: 00007f6e125670a0 R08: 0000000000000000 R09: 00000000a0090199
[  166.463354][T11796] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  166.471331][T11796] R13: 0000000000000000 R14: 00007f6e140b5fa0 R15: 00007ffd63ab60c8
[  166.479326][T11796]  </TASK>
[  166.528628][T11776] EXT4-fs (loop0): Remounting filesystem read-only
[  166.535591][T11801] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=12
[  166.545092][T11801] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=12
[  166.567355][T11799] loop2: detected capacity change from 0 to 1024
[  166.574801][ T3298] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.659858][T11799] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  166.674920][T11803] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  166.708082][T11799] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.771512][T11816] FAULT_INJECTION: forcing a failure.
[  166.771512][T11816] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  166.783974][T11799] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2987'.
[  166.784810][T11816] CPU: 1 UID: 0 PID: 11816 Comm: syz.4.2993 Not tainted 6.13.0-rc1-syzkaller-00025-gfeffde684ac2 #0
[  166.797454][T11813] futex_wake_op: syz.3.2992 tries to shift op by 144; fix this program
[  166.804409][T11816] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  166.804427][T11816] Call Trace:
[  166.804435][T11816]  <TASK>
[  166.804444][T11816]  dump_stack_lvl+0xf2/0x150
[  166.804540][T11816]  dump_stack+0x15/0x1a
[  166.804576][T11816]  should_fail_ex+0x223/0x230
[  166.804607][T11816]  should_fail_alloc_page+0xfd/0x110
[  166.804654][T11816]  __alloc_pages_noprof+0x109/0x340
[  166.804727][T11816]  alloc_pages_mpol_noprof+0xb1/0x1e0
[  166.804760][T11816]  vma_alloc_folio_noprof+0x1a0/0x2f0
[  166.864299][T11816]  handle_mm_fault+0xdd7/0x2ac0
[  166.869252][T11816]  exc_page_fault+0x3b9/0x650
[  166.874121][T11816]  asm_exc_page_fault+0x26/0x30
[  166.879020][T11816] RIP: 0033:0x7f6e13dba81b
[  166.883461][T11816] Code: 00 00 00 48 8d 3d e5 44 19 00 48 89 c1 31 c0 e8 1b 47 ff ff eb d2 66 0f 1f 84 00 00 00 00 00 55 31 c0 53 48 81 ec 68 10 00 00 <48> 89 7c 24 08 48 8d 3d 19 45 19 00 48 89 34 24 48 8b 14 24 48 8b
[  166.894912][T11820] futex_wake_op: syz.3.2996 tries to shift op by 144; fix this program
[  166.903072][T11816] RSP: 002b:00007f6e12565fd0 EFLAGS: 00010202
[  166.903098][T11816] RAX: 0000000000000000 RBX: 00007f6e140b5fa0 RCX: 0000000000000000
[  166.925433][T11816] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000020000280
[  166.933426][T11816] RBP: 00007f6e125670a0 R08: 0000000000000000 R09: 0000000000000000
[  166.941488][T11816] R10: 0000000020000280 R11: 0000000000000000 R12: 0000000000000001
[  166.948265][T11822] bpf_get_probe_write_proto: 2 callbacks suppressed
[  166.948285][T11822] syz.3.2997[11822] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  166.949489][T11816] R13: 0000000000000000 R14: 00007f6e140b5fa0 R15: 00007ffd63ab60c8
[  166.949520][T11816]  </TASK>
[  166.957196][T11822] syz.3.2997[11822] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  166.967959][T11816] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  167.002644][T11822] syz.3.2997[11822] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  167.007205][T11824] loop6: detected capacity change from 0 to 128
[  167.033571][T11824] loop6: detected capacity change from 0 to 512
[  167.043285][T11824] EXT4-fs: Ignoring removed orlov option
[  167.061602][T11824] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  167.113491][T11830] FAULT_INJECTION: forcing a failure.
[  167.113491][T11830] name failslab, interval 1, probability 0, space 0, times 0
[  167.126489][T11830] CPU: 1 UID: 0 PID: 11830 Comm: syz.0.3000 Not tainted 6.13.0-rc1-syzkaller-00025-gfeffde684ac2 #0
[  167.137274][T11830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  167.147349][T11830] Call Trace:
[  167.150638][T11830]  <TASK>
[  167.153601][T11830]  dump_stack_lvl+0xf2/0x150
[  167.158256][T11830]  dump_stack+0x15/0x1a
[  167.162433][T11830]  should_fail_ex+0x223/0x230
[  167.167219][T11830]  should_failslab+0x8f/0xb0
[  167.171845][T11830]  kmem_cache_alloc_node_noprof+0x59/0x320
[  167.177664][T11830]  ? __alloc_skb+0x10b/0x310
[  167.182345][T11830]  __alloc_skb+0x10b/0x310
[  167.186790][T11830]  alloc_skb_with_frags+0x80/0x450
[  167.191933][T11830]  ? bsearch+0x98/0xc0
[  167.196058][T11830]  ? __pfx_cmp_ex_search+0x10/0x10
[  167.201262][T11830]  ? rep_movs_alternative+0x13/0x70
[  167.206483][T11830]  ? search_extable+0x54/0x80
[  167.211346][T11830]  ? rep_movs_alternative+0x13/0x70
[  167.216564][T11830]  sock_alloc_send_pskb+0x435/0x4f0
[  167.221883][T11830]  packet_sendmsg+0x2485/0x3670
[  167.226809][T11830]  ? exc_page_fault+0x4fc/0x650
[  167.231785][T11830]  ? avc_has_perm+0xd4/0x160
[  167.236403][T11830]  ? selinux_socket_sendmsg+0x185/0x1c0
[  167.242071][T11830]  ? __pfx_packet_sendmsg+0x10/0x10
[  167.247380][T11830]  __sock_sendmsg+0x140/0x180
[  167.252165][T11830]  __sys_sendto+0x1a8/0x230
[  167.256743][T11830]  __x64_sys_sendto+0x78/0x90
[  167.261434][T11830]  x64_sys_call+0x29fa/0x2dc0
[  167.266143][T11830]  do_syscall_64+0xc9/0x1c0
[  167.270656][T11830]  ? clear_bhb_loop+0x55/0xb0
[  167.275389][T11830]  ? clear_bhb_loop+0x55/0xb0
[  167.280075][T11830]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.285993][T11830] RIP: 0033:0x7f6ddfb7ff19
[  167.290413][T11830] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  167.310053][T11830] RSP: 002b:00007f6dde1f7058 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  167.318479][T11830] RAX: ffffffffffffffda RBX: 00007f6ddfd45fa0 RCX: 00007f6ddfb7ff19
[  167.326495][T11830] RDX: 000000000000000e RSI: 00000000200001c0 RDI: 0000000000000003
[  167.334478][T11830] RBP: 00007f6dde1f70a0 R08: 0000000000000000 R09: 0000000000000000
[  167.342466][T11830] R10: 0000000000000800 R11: 0000000000000246 R12: 0000000000000001
[  167.350447][T11830] R13: 0000000000000000 R14: 00007f6ddfd45fa0 R15: 00007ffee3af6ac8
[  167.358467][T11830]  </TASK>
[  167.470849][T11824] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  167.485274][T11824] ext4 filesystem being mounted at /353/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  167.538899][   T29] kauditd_printk_skb: 244 callbacks suppressed
[  167.538918][   T29] audit: type=1326 audit(1733318338.739:15041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11844 comm="syz.0.3005" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f6ddfb7ff19 code=0x0
[  167.592313][T11824] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.2994: bg 0: block 255: padding at end of block bitmap is not set
[  167.612889][T11853] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3006'.
[  167.616066][T11854] loop2: detected capacity change from 0 to 1024
[  167.629986][T11850] pim6reg1: entered promiscuous mode
[  167.632970][T11854] EXT4-fs: Ignoring removed nomblk_io_submit option
[  167.635337][T11850] pim6reg1: entered allmulticast mode
[  167.652384][T11824] EXT4-fs (loop6): Remounting filesystem read-only
[  167.661373][T11854] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  167.677026][T11848] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop6 ino=12
[  167.687330][T11858] syz.4.3009[11858] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  167.687449][T11858] syz.4.3009[11858] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  167.702479][T11824] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop6 ino=12
[  167.708912][T11848] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop6 ino=12
[  167.717548][T11858] syz.4.3009[11858] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  167.723710][   T29] audit: type=1400 audit(1733318338.919:15042): avc:  denied  { read } for  pid=11849 comm="syz.3.3007" lport=57383 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  167.765812][T11824] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop6 ino=12
[  167.778911][T11854] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  167.818155][T11864] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  167.843922][ T7223] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.853848][  T167] Quota error (device loop6): dquot_write_dquot: Can't write quota structure (error -5). Quota may get out of sync!
[  167.866270][  T167] Quota error (device loop6): dquot_write_dquot: Can't write quota structure (error -5). Quota may get out of sync!
[  167.878974][T11865] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  167.904288][   T29] audit: type=1326 audit(1733318339.109:15043): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11866 comm="syz.6.3011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c134fff19 code=0x7ffc0000
[  167.928090][   T29] audit: type=1326 audit(1733318339.119:15044): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11866 comm="syz.6.3011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3c134fe880 code=0x7ffc0000
[  167.951919][   T29] audit: type=1326 audit(1733318339.119:15045): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11866 comm="syz.6.3011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c134fff19 code=0x7ffc0000
[  167.975591][   T29] audit: type=1326 audit(1733318339.119:15046): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11866 comm="syz.6.3011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c134fff19 code=0x7ffc0000
[  167.999319][   T29] audit: type=1326 audit(1733318339.119:15047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11866 comm="syz.6.3011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f3c134fff19 code=0x7ffc0000
[  168.022911][   T29] audit: type=1326 audit(1733318339.129:15048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11866 comm="syz.6.3011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c134fff19 code=0x7ffc0000
[  168.047588][T11217] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.081913][T11871] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  168.098229][T11871] loop2: detected capacity change from 0 to 1024
[  168.105655][T11871] EXT4-fs: Ignoring removed oldalloc option
[  168.108035][T11874] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3013'.
[  168.121136][T11871] EXT4-fs (loop2): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  168.151732][T11871] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  168.194290][T11882] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3016'.
[  168.284611][T11217] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.397183][T11892] syz.0.3020[11892] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  168.397253][T11892] syz.0.3020[11892] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  168.417022][T11892] syz.0.3020[11892] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  168.641105][T11906] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3024'.
[  168.841288][T11914] loop6: detected capacity change from 0 to 1024
[  168.862188][T11914] EXT4-fs: Ignoring removed nobh option
[  168.867831][T11914] EXT4-fs: Ignoring removed orlov option
[  168.892493][T11914] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  168.947382][T11921] loop0: detected capacity change from 0 to 764
[  168.966757][T11921] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[  169.096443][T11924] loop0: detected capacity change from 0 to 512
[  169.124947][T11924] EXT4-fs (loop0): orphan cleanup on readonly fs
[  169.156272][T11924] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.3030: bg 0: block 248: padding at end of block bitmap is not set
[  169.172032][T11924] EXT4-fs error (device loop0): ext4_acquire_dquot:6938: comm syz.0.3030: Failed to acquire dquot type 1
[  169.184264][T11924] EXT4-fs (loop0): 1 truncate cleaned up
[  169.190730][T11924] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  169.220918][ T3298] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.268290][T11927] loop0: detected capacity change from 0 to 512
[  169.306694][T11927] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  169.329245][T11927] ext4 filesystem being mounted at /539/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  169.452481][ T3298] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.457398][T11933] syz.2.3031[11933] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  169.520140][T11940] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3035'.
[  169.607959][T11949] 
: renamed from bond0 (while UP)
[  169.679584][ T7223] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.816929][T11970] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3046'.
[  170.050520][T11981] loop6: detected capacity change from 0 to 512
[  170.103167][T11981] EXT4-fs (loop6): orphan cleanup on readonly fs
[  170.113037][T11981] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.3052: bg 0: block 248: padding at end of block bitmap is not set
[  170.130827][T11981] EXT4-fs error (device loop6): ext4_acquire_dquot:6938: comm syz.6.3052: Failed to acquire dquot type 1
[  170.143967][T11988] loop3: detected capacity change from 0 to 1024
[  170.151405][T11988] EXT4-fs: Ignoring removed nomblk_io_submit option
[  170.151957][T11981] EXT4-fs (loop6): 1 truncate cleaned up
[  170.186149][T11988] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  170.207228][T11981] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  170.241676][T11988] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  170.271766][ T7223] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.342246][T11988] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  170.466928][T11624] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.000577][T11992] chnl_net:caif_netlink_parms(): no params data found
[  171.056170][T12035] loop2: detected capacity change from 0 to 512
[  171.082273][T12035] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  171.118129][T12035] EXT4-fs (loop2): 1 truncate cleaned up
[  171.124531][T12035] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  171.165669][T11992] bridge0: port 1(bridge_slave_0) entered blocking state
[  171.172789][T11992] bridge0: port 1(bridge_slave_0) entered disabled state
[  171.185274][T11992] bridge_slave_0: entered allmulticast mode
[  171.200117][T11992] bridge_slave_0: entered promiscuous mode
[  171.211421][T11992] bridge0: port 2(bridge_slave_1) entered blocking state
[  171.218511][T11992] bridge0: port 2(bridge_slave_1) entered disabled state
[  171.225819][T11992] bridge_slave_1: entered allmulticast mode
[  171.232495][T11992] bridge_slave_1: entered promiscuous mode
[  171.250654][T12045] EXT4-fs error (device loop2): ext4_generic_delete_entry:2687: inode #2: block 13: comm syz.2.3068: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[  171.282807][T12045] EXT4-fs error (device loop2) in ext4_delete_entry:2758: Corrupt filesystem
[  171.296152][T11992] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  171.309931][T11992] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  171.344505][T11992] team0: Port device team_slave_0 added
[  171.363269][T12046] netlink: 44 bytes leftover after parsing attributes in process `syz.3.3070'.
[  171.382380][T11992] team0: Port device team_slave_1 added
[  171.408395][T11992] batman_adv: batadv0: Adding interface: batadv_slave_0
[  171.415636][T11992] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  171.441752][T11992] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  171.486652][T11992] batman_adv: batadv0: Adding interface: batadv_slave_1
[  171.493670][T11992] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  171.519724][T11992] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  171.560526][T11992] hsr_slave_0: entered promiscuous mode
[  171.566782][T11992] hsr_slave_1: entered promiscuous mode
[  171.598609][T11992] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  171.608890][T11992] Cannot create hsr debugfs directory
[  171.735227][T11992] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  171.793663][T11992] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  171.851469][T11992] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  171.905248][T11217] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.923702][T11992] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  172.035105][T11992] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  172.060231][T11992] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  172.081247][T11992] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  172.103153][T11992] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  172.181024][T12080] loop2: detected capacity change from 0 to 1024
[  172.198390][T12080] EXT4-fs: Ignoring removed nobh option
[  172.204072][T12080] EXT4-fs: Ignoring removed orlov option
[  172.230881][T11992] 8021q: adding VLAN 0 to HW filter on device bond0
[  172.250289][T12080] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  172.257656][T11992] 8021q: adding VLAN 0 to HW filter on device team0
[  172.275864][T12085] futex_wake_op: syz.6.3078 tries to shift op by 144; fix this program
[  172.290153][T11992] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  172.300658][T11992] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  172.314682][   T28] bridge0: port 1(bridge_slave_0) entered blocking state
[  172.321838][   T28] bridge0: port 1(bridge_slave_0) entered forwarding state
[  172.347349][   T28] bridge0: port 2(bridge_slave_1) entered blocking state
[  172.354535][   T28] bridge0: port 2(bridge_slave_1) entered forwarding state
[  172.440076][T11217] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.463497][T11992] 8021q: adding VLAN 0 to HW filter on device batadv0
[  172.760342][T11992] veth0_vlan: entered promiscuous mode
[  172.783461][T11992] veth1_vlan: entered promiscuous mode
[  172.835523][T11992] veth0_macvtap: entered promiscuous mode
[  172.857154][T11992] veth1_macvtap: entered promiscuous mode
[  172.894120][T11992] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  172.904890][T11992] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.915055][T11992] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  172.925747][T11992] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.950388][T12118] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  172.965725][T12118] loop2: detected capacity change from 0 to 1024
[  172.973852][T11992] batman_adv: batadv0: Interface activated: batadv_slave_0
[  172.989335][T12118] EXT4-fs: Ignoring removed oldalloc option
[  172.995505][T11992] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  173.006051][T11992] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.016091][T11992] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  173.026617][T11992] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.040518][T11992] batman_adv: batadv0: Interface activated: batadv_slave_1
[  173.047954][T12118] EXT4-fs (loop2): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  173.061354][T11992] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  173.070660][T11992] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  173.079439][T11992] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  173.088162][T11992] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  173.104460][T12118] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  173.200253][T11217] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  173.250391][T12127] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  173.285477][   T29] kauditd_printk_skb: 132 callbacks suppressed
[  173.285492][   T29] audit: type=1326 audit(1733318344.489:15177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12128 comm="syz.4.3092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b424eff19 code=0x7ffc0000
[  173.331179][   T29] audit: type=1326 audit(1733318344.489:15178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12128 comm="syz.4.3092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3b424eff19 code=0x7ffc0000
[  173.354757][   T29] audit: type=1326 audit(1733318344.489:15179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12128 comm="syz.4.3092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b424eff19 code=0x7ffc0000
[  173.370651][T12129] xt_CT: No such helper "syz1"
[  173.378494][   T29] audit: type=1326 audit(1733318344.489:15180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12128 comm="syz.4.3092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3b424ee880 code=0x7ffc0000
[  173.393590][T12134] futex_wake_op: syz.6.3094 tries to shift op by 144; fix this program
[  173.406743][   T29] audit: type=1326 audit(1733318344.489:15181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12128 comm="syz.4.3092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f3b424f1747 code=0x7ffc0000
[  173.438747][   T29] audit: type=1326 audit(1733318344.489:15182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12128 comm="syz.4.3092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3b424eff19 code=0x7ffc0000
[  173.462285][   T29] audit: type=1326 audit(1733318344.489:15183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12128 comm="syz.4.3092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f3b424f1747 code=0x7ffc0000
[  173.485976][   T29] audit: type=1326 audit(1733318344.489:15184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12128 comm="syz.4.3092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f3b424eeb7a code=0x7ffc0000
[  173.509414][   T29] audit: type=1326 audit(1733318344.489:15185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12128 comm="syz.4.3092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b424eff19 code=0x7ffc0000
[  173.533039][   T29] audit: type=1326 audit(1733318344.489:15186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12128 comm="syz.4.3092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3b424ee880 code=0x7ffc0000
[  173.579984][T12138] loop0: detected capacity change from 0 to 512
[  173.596374][T12138] EXT4-fs: Ignoring removed mblk_io_submit option
[  173.603132][T12138] ext4: Unknown parameter 'fsname'
[  173.624840][T12142] hub 9-0:1.0: USB hub found
[  173.630485][T12142] hub 9-0:1.0: 8 ports detected
[  173.742788][T12149] netlink: 44 bytes leftover after parsing attributes in process `syz.3.3100'.
[  173.767061][T12152] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  173.858887][T12152] loop0: detected capacity change from 0 to 1024
[  173.876978][T12152] EXT4-fs: Ignoring removed oldalloc option
[  173.890514][T12152] EXT4-fs (loop0): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  173.934672][T12152] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  174.005718][ T3298] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.110343][T12171] loop0: detected capacity change from 0 to 764
[  174.136276][T12174] loop2: detected capacity change from 0 to 764
[  174.152553][T12174] iso9660: Unknown parameter '0xffffffffffffffff�����W�C�0���nZ�#���OpfB���!�W'
[  174.164112][T12171] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[  174.202943][T12174] netlink: 'syz.2.3109': attribute type 10 has an invalid length.
[  174.299785][T12180] netlink: 76 bytes leftover after parsing attributes in process `syz.0.3112'.
[  174.319816][T12180] tipc: Started in network mode
[  174.324882][T12180] tipc: Node identity ac14140f, cluster identity 4711
[  174.325504][T12174] loop2: detected capacity change from 0 to 2048
[  174.356573][T12180] tipc: New replicast peer: 255.255.255.5
[  174.362906][T12180] tipc: Enabled bearer <udp:s>, priority 10
[  174.389714][T12174]  loop2: p1 < > p3 p4 < >
[  174.395989][T12174] loop2: p3 start 4284289 is beyond EOD, truncated
[  174.475928][T12185] syz.2.3114: attempt to access beyond end of device
[  174.475928][T12185] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  174.571209][T12191] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  174.614059][T12191] loop2: detected capacity change from 0 to 1024
[  174.632310][T12191] EXT4-fs: Ignoring removed oldalloc option
[  174.650615][T12191] EXT4-fs (loop2): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  174.721249][T12191] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  174.731814][T12198] loop0: detected capacity change from 0 to 128
[  174.756021][T12199] serio: Serial port ttyS3
[  174.770231][T11217] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.805709][T12198] loop0: detected capacity change from 0 to 512
[  174.816155][T12201] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  174.907790][T12198] EXT4-fs: Ignoring removed orlov option
[  174.943341][T12198] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  174.997189][T12198] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  175.012343][T12198] ext4 filesystem being mounted at /554/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  175.061420][T12198] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.3118: bg 0: block 255: padding at end of block bitmap is not set
[  175.103536][T12198] EXT4-fs (loop0): Remounting filesystem read-only
[  175.120622][T12198] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=12
[  175.134208][T12198] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=12
[  175.190038][ T3298] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  175.368609][    T9] tipc: Node number set to 2886997007
[  175.425345][T12235] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  175.441730][T12235] loop0: detected capacity change from 0 to 1024
[  175.450754][T12235] EXT4-fs: Ignoring removed oldalloc option
[  175.457396][T12235] EXT4-fs (loop0): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  175.481583][T12235] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  175.628287][T12240] loop3: detected capacity change from 0 to 128
[  175.650961][ T3298] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  175.689286][T12240] loop3: detected capacity change from 0 to 512
[  175.713943][T12240] EXT4-fs: Ignoring removed orlov option
[  175.733787][T12240] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  175.772954][T12240] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  175.797683][T12240] ext4 filesystem being mounted at /31/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  175.816681][T12240] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.3132: bg 0: block 255: padding at end of block bitmap is not set
[  175.870880][T12240] EXT4-fs (loop3): Remounting filesystem read-only
[  175.886769][T12252] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=12
[  175.897163][T12252] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=12
[  175.930595][T11624] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  175.954969][T12257] netlink: 44 bytes leftover after parsing attributes in process `syz.6.3138'.
[  176.000935][T12261] loop3: detected capacity change from 0 to 128
[  176.020865][T12261] @: renamed from vlan0 (while UP)
[  176.063955][T12261] wireguard0: entered promiscuous mode
[  176.069700][T12261] wireguard0: entered allmulticast mode
[  176.093194][T12268] loop6: detected capacity change from 0 to 764
[  176.100419][T12268] iso9660: Unknown parameter '0xffffffffffffffff�����W�C�0���nZ�#���OpfB���!�W'
[  176.124838][T12268] netlink: 'syz.6.3143': attribute type 10 has an invalid length.
[  176.140540][T12269] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3142'.
[  176.154937][T12269] netlink: 'syz.2.3142': attribute type 10 has an invalid length.
[  176.158353][T12268] loop6: detected capacity change from 0 to 2048
[  176.170625][T12269] veth0_macvtap: left promiscuous mode
[  176.179363][T12269] veth0_macvtap: entered promiscuous mode
[  176.186332][T12269] team0: Device macvtap0 failed to register rx_handler
[  176.194417][T12269] veth0_macvtap: left promiscuous mode
[  176.229554][T12268]  loop6: p1 < > p3 p4 < >
[  176.235264][T12268] loop6: p3 start 4284289 is beyond EOD, truncated
[  176.531398][T12289] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  176.677453][T12299] loop0: detected capacity change from 0 to 764
[  176.686075][T12299] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[  176.734093][T12301] loop0: detected capacity change from 0 to 512
[  176.752863][T12301] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  176.766920][T12301] ext4 filesystem being mounted at /561/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  176.798440][ T3298] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  177.006522][T12311] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  177.021367][T12311] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  177.394613][T12313] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  177.494236][T12319] loop6: detected capacity change from 0 to 256
[  177.504523][T12319] FAT-fs (loop6): unable to read block(171798691840) for building NFS inode
[  177.537451][T12321] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  177.569235][T12321] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  177.918936][T12352] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  177.922160][T12355] loop6: detected capacity change from 0 to 512
[  177.979676][T12355] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  177.994575][T12355] ext4 filesystem being mounted at /387/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  178.019718][ T7223] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  178.045518][T12363] loop6: detected capacity change from 0 to 512
[  178.082570][T12363] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  178.095674][T12363] ext4 filesystem being mounted at /388/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  178.116673][T12368] loop0: detected capacity change from 0 to 1024
[  178.123984][T12368] EXT4-fs: Ignoring removed oldalloc option
[  178.140011][T12368] EXT4-fs (loop0): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  178.202188][ T7223] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  178.227512][T12378] batman_adv: batadv0: Adding interface: dummy0
[  178.234050][T12378] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  178.260112][T12378] batman_adv: batadv0: Interface activated: dummy0
[  178.261512][T12368] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  178.304975][T12378] net_ratelimit: 11 callbacks suppressed
[  178.304990][T12378] batadv0: mtu less than device minimum
[  178.316754][T12378] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  178.321677][T12383] loop6: detected capacity change from 0 to 764
[  178.327484][T12378] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  178.344148][T12378] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  178.355133][T12378] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  178.365863][T12378] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  178.376704][T12378] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  178.387470][T12378] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  178.398273][T12378] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  178.399146][T12383] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[  178.409129][T12378] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  178.446302][T12388] 
: renamed from bond0 (while UP)
[  178.487624][T12391] loop6: detected capacity change from 0 to 512
[  178.523397][   T29] kauditd_printk_skb: 411 callbacks suppressed
[  178.523486][   T29] audit: type=1400 audit(1733318349.729:15594): avc:  denied  { connect } for  pid=12392 comm="syz.3.3189" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  178.554494][T12391] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  178.569521][T12391] ext4 filesystem being mounted at /390/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  178.606941][T12396] netlink: 'syz.4.3190': attribute type 10 has an invalid length.
[  178.619800][T12396] syz_tun: entered promiscuous mode
[  178.633637][T12396] 
: (slave syz_tun): Enslaving as an active interface with an up link
[  178.634613][T12406] loop3: detected capacity change from 0 to 512
[  178.652388][T12406] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  178.681369][T12406] EXT4-fs (loop3): 1 truncate cleaned up
[  178.694072][T12409] loop6: detected capacity change from 0 to 512
[  178.702766][T12409] EXT4-fs: Ignoring removed bh option
[  178.711461][T12409] EXT4-fs error (device loop6): __ext4_iget:4984: inode #15: block 1803188595: comm syz.6.3193: invalid block
[  178.746122][T12409] EXT4-fs error (device loop6): ext4_orphan_get:1394: comm syz.6.3193: couldn't read orphan inode 15 (err -117)
[  178.777384][T12417] futex_wake_op: syz.3.3195 tries to shift op by 144; fix this program
[  178.956018][T12430] loop3: detected capacity change from 0 to 1024
[  178.989752][T12430] EXT4-fs: Ignoring removed nobh option
[  178.995489][T12430] EXT4-fs: Ignoring removed orlov option
[  179.030714][   T29] audit: type=1326 audit(1733318350.239:15595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12425 comm="syz.3.3201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28bdd6ff19 code=0x7ffc0000
[  179.054503][   T29] audit: type=1326 audit(1733318350.239:15596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12425 comm="syz.3.3201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28bdd6ff19 code=0x7ffc0000
[  179.078145][   T29] audit: type=1326 audit(1733318350.239:15597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12425 comm="syz.3.3201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f28bdd6ff19 code=0x7ffc0000
[  179.101646][   T29] audit: type=1326 audit(1733318350.239:15598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12425 comm="syz.3.3201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28bdd6ff19 code=0x7ffc0000
[  179.125332][   T29] audit: type=1326 audit(1733318350.239:15599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12425 comm="syz.3.3201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f28bdd6ff19 code=0x7ffc0000
[  179.149333][   T29] audit: type=1326 audit(1733318350.239:15600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12425 comm="syz.3.3201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28bdd6ff19 code=0x7ffc0000
[  179.172975][   T29] audit: type=1326 audit(1733318350.239:15601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12425 comm="syz.3.3201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7f28bdd6ff19 code=0x7ffc0000
[  179.196563][   T29] audit: type=1326 audit(1733318350.239:15602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12425 comm="syz.3.3201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28bdd6ff19 code=0x7ffc0000
[  179.230626][   T29] audit: type=1326 audit(1733318350.239:15603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12425 comm="syz.3.3201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f28bdd6ff19 code=0x7ffc0000
[  179.320673][T12445] loop3: detected capacity change from 0 to 512
[  179.342647][T12445] ext4 filesystem being mounted at /52/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  179.496648][T12455] futex_wake_op: syz.3.3208 tries to shift op by 144; fix this program
[  179.552329][T12424] ==================================================================
[  179.560558][T12424] BUG: KCSAN: data-race in __writeback_single_inode / xas_set_mark
[  179.568508][T12424] 
[  179.570861][T12424] write to 0xffff8881069d2224 of 4 bytes by task 12409 on cpu 0:
[  179.578603][T12424]  xas_set_mark+0x131/0x150
[  179.583165][T12424]  __folio_start_writeback+0x1e8/0x430
[  179.588686][T12424]  ext4_bio_write_folio+0x591/0x9d0
[  179.593918][T12424]  mpage_process_page_bufs+0x486/0x5d0
[  179.599406][T12424]  mpage_prepare_extent_to_map+0x788/0xb80
[  179.605238][T12424]  ext4_do_writepages+0xa20/0x2130
[  179.610383][T12424]  ext4_writepages+0x159/0x2e0
[  179.615164][T12424]  do_writepages+0x1d8/0x480
[  179.619785][T12424]  file_write_and_wait_range+0x168/0x2f0
[  179.625454][T12424]  generic_buffers_fsync_noflush+0x46/0x120
[  179.631367][T12424]  ext4_sync_file+0x1ff/0x6c0
[  179.636061][T12424]  vfs_fsync_range+0x116/0x130
[  179.640836][T12424]  ext4_buffered_write_iter+0x326/0x370
[  179.646394][T12424]  ext4_file_write_iter+0x383/0xf20
[  179.651608][T12424]  iter_file_splice_write+0x5f1/0x980
[  179.656989][T12424]  direct_splice_actor+0x160/0x2c0
[  179.662108][T12424]  splice_direct_to_actor+0x302/0x670
[  179.667489][T12424]  do_splice_direct+0xd7/0x150
[  179.672256][T12424]  do_sendfile+0x398/0x660
[  179.676669][T12424]  __x64_sys_sendfile64+0x110/0x150
[  179.681882][T12424]  x64_sys_call+0xfbd/0x2dc0
[  179.686476][T12424]  do_syscall_64+0xc9/0x1c0
[  179.690985][T12424]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  179.696917][T12424] 
[  179.699241][T12424] read to 0xffff8881069d2224 of 4 bytes by task 12424 on cpu 1:
[  179.706878][T12424]  __writeback_single_inode+0x210/0x850
[  179.712474][T12424]  writeback_single_inode+0x16c/0x3f0
[  179.717869][T12424]  sync_inode_metadata+0x5c/0x90
[  179.722802][T12424]  generic_buffers_fsync_noflush+0xd8/0x120
[  179.728702][T12424]  ext4_sync_file+0x1ff/0x6c0
[  179.733398][T12424]  vfs_fsync_range+0x116/0x130
[  179.738170][T12424]  ext4_buffered_write_iter+0x326/0x370
[  179.743741][T12424]  ext4_file_write_iter+0x383/0xf20
[  179.748945][T12424]  iter_file_splice_write+0x5f1/0x980
[  179.754348][T12424]  direct_splice_actor+0x160/0x2c0
[  179.759468][T12424]  splice_direct_to_actor+0x302/0x670
[  179.764849][T12424]  do_splice_direct+0xd7/0x150
[  179.769616][T12424]  do_sendfile+0x398/0x660
[  179.774037][T12424]  __x64_sys_sendfile64+0x110/0x150
[  179.779233][T12424]  x64_sys_call+0xfbd/0x2dc0
[  179.783826][T12424]  do_syscall_64+0xc9/0x1c0
[  179.788324][T12424]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  179.794238][T12424] 
[  179.796569][T12424] value changed: 0x0a000021 -> 0x04000021
[  179.802299][T12424] 
[  179.804619][T12424] Reported by Kernel Concurrency Sanitizer on:
[  179.810769][T12424] CPU: 1 UID: 0 PID: 12424 Comm: syz.6.3193 Not tainted 6.13.0-rc1-syzkaller-00025-gfeffde684ac2 #0
[  179.821535][T12424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  179.831609][T12424] ==================================================================
[  184.030554][   T24] net_ratelimit: 30 callbacks suppressed
[  184.030582][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  185.070725][   T35] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  185.548838][    T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  186.118688][   T35] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  187.149922][    T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  187.158111][    T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  187.793653][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  188.189301][   T35] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  188.598724][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  189.228811][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog