last executing test programs:

4.106390355s ago: executing program 2 (id=3995):
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f00000003c0)=ANY=[@ANYBLOB="18050000000000000000000000000000b708000000005aab7b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRESDEC=r0, @ANYBLOB="0000000000000000b704000008000000850000009500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000340)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$inet(r5, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)

3.023696594s ago: executing program 0 (id=4006):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000040)={'batadv_slave_0\x00', <r1=>0x0})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f00000000c0)={'batadv0\x00', <r3=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000540)=ANY=[@ANYBLOB="4000000010000305000000000000000000000700", @ANYRES32=0x0, @ANYBLOB="00000000000000002000128008000100687372001400028008000200", @ANYRES32=r1, @ANYBLOB="08000100", @ANYRES32=r3], 0x40}}, 0x0) (fail_nth: 1)

2.996619396s ago: executing program 2 (id=4007):
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x73, 0x101201)
ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="02002303120008ff6000000002000020d3"])
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="060000000400000004000000020000000000"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={0x0}, 0x18)
close(0xffffffffffffffff)
sendmsg$tipc(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = dup2(r1, r2)
syz_genetlink_get_family_id$wireguard(0x0, r3)
sendto$inet(r1, &(0x7f0000000000)="c1", 0x1, 0x34028815, 0x0, 0x0)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6}]})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000002c00)={'ip6gretap0\x00', <r5=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)=ANY=[@ANYBLOB="480000001000030400000000000000000000000073b26fc4eedeb7e52765a17c89eca12e8872686966a42418488d0da5bd971388f6764c14c7128612d7e74b5697862b1d1f3c024df4f6584838a6949e4127eb1caf585c9f73309336afcf636289e4a00146867f58ce59a71a09c44241839b340147cd", @ANYRES32=0x0, @ANYBLOB="0000000000000000200012800b0001006d61637365630000100002800c000100ffffffffffffffff08000500", @ANYRES32=r5, @ANYBLOB], 0x48}}, 0x0)
close_range(r4, 0xffffffffffffffff, 0x0)
socket$inet_sctp(0x2, 0x5, 0x84)

2.746020429s ago: executing program 1 (id=4010):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
recvmmsg(r0, &(0x7f0000003380)=[{{0x0, 0x0, 0x0}}], 0x1, 0x22, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0x32, &(0x7f0000000600)=ANY=[@ANYBLOB="aaaaaaaaaaaaafb7cd1eb8be0800450000240000000000119078000000fe17ffffff00004e200010907802000000000000007962d71db0e50fff36aa271e34ffcbd2a77d22c8e3bed4fe3819a21f286b1014fab8c2df9cf67a71a1459d1971d0cbe34880113c57795724f8ecfb5ccad5d647cbafaa19e2b9faa9"], 0x0)
read(r0, &(0x7f0000000140)=""/183, 0xb7)
r1 = socket$kcm(0x10, 0x2, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000f80)=@raw={'raw\x00', 0x3c1, 0x3, 0x318, 0x160, 0x2b8, 0x25c, 0x0, 0x7, 0x248, 0x3a8, 0x3a8, 0x248, 0x3a8, 0x7fffffe, 0x0, {[{{@uncond, 0x16c, 0xf8, 0x160, 0xa010000, {}, [@inet=@rpfilter={{0x28}}, @common=@inet=@ecn={{0x28}, {0x10, 0x3, 0x5, 0x5b}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x14, 0x0, 0x0, 0x0, 'snmp_trap\x00', 'syz0\x00'}}}, {{@ipv6={@rand_addr=' \x01\x00', @local, [], [], 'sit0\x00', 'veth0_to_bond\x00'}, 0x0, 0xa8, 0xe8}, @common=@inet=@TCPOPTSTRIP={0x40}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x378)
prctl$PR_SET_NAME(0xf, &(0x7f0000000240)='+}[@\x00')
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000e00)=ANY=[@ANYBLOB="bf16000000000000b7070000010000004070000000000000500000000000e1ff95000000000000002ba76bb33123751c4e345c652fbc1626cca2a2ad75806150ae0209e62751ee04000000670d25010000020000040000009fc404000000c788b277beee11bf9b0a4def23d410f6accd3641110bec4e90a6341965dac03d04683712a0b09edc9e9ef8f6e396ad200e011ea665c45a3449abe802f5ab3e89cf40b8580218ce740068720000074e3e8eea3fd8cf49827ca311f5b87e1ca8433a8acd715f5888b2007f0000000000000000010000000000fb00010000000000414027efc84293af6a22000000005335001db43a5c000000000000000024000000000000000000e75a89faff01210cce39bf405f1e846c1242000000000000cad326ad7add65873d9f87463ad6f7c2e8ee1a39244960b318778f2a047f6d5bc24fef5d7d617da7fb5e2a431ab9142f3a06d55740a43088696daaed74b9c5c29647d2f950a959cf9938d6df8600a62e96b7cb8e52cbdc2ba9d580609e31c30891f7e5ff7fd6fce424c2200af6c3784a1975fa657de38a3a32a4fd67ce446ac5431d07db79240acaf091231b986e77d05d988d6edc71df48dca02113a38300c2bf2b5543ffc1669557b3819d8c396d2c2361629d1022f722ec23812770d72cd0010000007889b8c7044f563a1f68d4eff895fdbc463f747c08f40105869035000000000000000000000000000000000000000000000000080000003ddf4aa4b1c8baa0ae6feb6737c275dc2740f742b5425f1d581961471cdb0500000000000000d4123f955267fe4a75c114f874e086287547d4099aeec9f1538ee25a365ccf4a9b604e88e12ff25184d4e3c6f7f623559435b26b50fb7113000000f0bc440550ee91302f5a000000000000000000000000006d0000e67ccc00148ac4c43021cce9f24f4b2f9492c32e7af05c648978d9980ba49789906d923e4916f390ab7edcd3f5b9fe14446dd446a52131c464f2c08efb46d934615c8631b7c42efd0294bea179b0433f5c899119ec2c3f4523110c0acef5383b5a2720caeb68f1e9c05b05d89467ded84da093dea262e51811e2d7fa515722516bd5ef6c8c4966e5937562a5648a696ad3a042a7097ddefe0671f977fb145890f5bf41ba92b8c4c8b14f0d4a880ef4518bb32881dfd15dc84e79d326337e21e041654f06bd7f000000000000000000000000000000282ffe0000000009350cfa3ab109ab4a7d95938c5334a0dd177f1a7389ee570d95e543a27546d3770740f354df6dd6b1bfe4104d2262f33f596d606ccce75a3c3d5f9ad94a7316b0c6ad14f1398a6b39b07121f636da418b34d48677cf8d2d99ee8ac50142bcdcc73dd73cc6ec46896ffb35ac82ac7a9309ea07396d2814dc630ad1a9913934849be25f7b81b59aaa9fa2e9d6ecafcfa1de81b2d3581ab1138537f98d2240b6c2bf40569da4e2bb77532ab9220347d78319617d17e14f7331486e86b2145980b95c88ae11b1c6b6ea6c2b2311d6ce6315cc451dd50ac746acd59d075b41f9a747894956b10453ccf6527d8f579256e9849bbaf6c7c84362209d3d2320101d57"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000940)={r4, 0xc0, &(0x7f0000000880)={0x0, <r5=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x54)
r6 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000140)={r5}, 0x4)
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000000)=r6, 0x4)
sendmsg$inet(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000100)="5c00000014006b05c84e21000af32c6e021e75f802000000400002007a17d30360bc24eab556a705251e6182949a36c23d3b48dfd8cdbf9367b498fa51f60a64c9f4d4938037e786a6d0bdd7004cb6c0504bb9189d9193e9bd1c1b78", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0000000004000000050000000200000000100000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="050000000200"/28], 0x50)
setsockopt$SO_ATTACH_FILTER(r7, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10)
bind$bt_hci(r7, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6)

2.745445939s ago: executing program 0 (id=4011):
bpf$MAP_CREATE(0x0, 0x0, 0x15)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.current\x00', 0x275a, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r0}, 0x10)
ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(r0, 0xc0105303, &(0x7f00000001c0)={0x0, 0x16, 0x8})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000240)={0x2, &(0x7f0000000280)=[{0x5}, {0x9, 0x3, 0x5, 0x1}]})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000100)=ANY=[@ANYRES16=r0], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000080)='netlink_extack\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000081000000bfa300000000000007030000f1feffff720a05fef8ffffff71a400fe0000000071101000000000001d300200000000004704000001ed00000f030000000000001d44000000000000730a04fe0000000072030000000a0000b500f9ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616276fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a26048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef77997e344e61482808c02b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdec86f9b1eb93d491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f806694d461b76a58d88cf0f520310a1e80dc18cde9ad662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a090f3b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r3, &(0x7f0000000000)={0x1f, @none}, 0x8)
listen(r3, 0x0)
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r4, &(0x7f0000000680)={0x1f, @none}, 0x8)
listen(r4, 0x0)
r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="0100000000380b00000017000000400006803c0004"], 0x54}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r6 = syz_open_dev$loop(&(0x7f0000000380), 0x0, 0x0)
r7 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
setns(r7, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
r8 = socket(0x11, 0x80a, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000180)={'virt_wifi0\x00'})
ioctl$LOOP_GET_STATUS(r6, 0x4c07, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000600)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000c40)={'#! ', './file0/file0', [], 0xa, "36049a46ddf6711bda28ce620d334b2e0787cb9deb10cb16df793fc67b08f0a7de651548ba30ff8d223f992fec46abb8861645bc52"}, 0x46)

2.529406139s ago: executing program 0 (id=4012):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x2, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f0000000000)=@nat={'nat\x00', 0x6a0, 0x5, 0x408, 0x160, 0x0, 0xfeffffff, 0x160, 0x370, 0x370, 0x370, 0xffffffff, 0x370, 0x370, 0x5, 0x0, {[{{@uncond, 0x3e7, 0x70, 0xb8, 0xe000000}, @unspec=@SNAT1={0x48, 'SNAT\x00', 0x1, {0x0, @ipv4=@broadcast, @ipv4=@remote, @gre_key}}}, {{@ip={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'veth1_to_batadv\x00', 'xfrm0\x00'}, 0x0, 0x70, 0xa8, 0x0, {0x0, 0x7}}, @SNAT0={0x38, 'SNAT\x00', 0x0, {0x1, {0x0, @local, @rand_addr, @icmp_id, @icmp_id}}}}, {{@uncond, 0x0, 0x70, 0xa8}, @REDIRECT={0x38, 'REDIRECT\x00', 0x0, {0x1, {0x0, @broadcast, @remote, @gre_key}}}}, {{@ip={@dev, @multicast1, 0x0, 0x0, 'macvlan0\x00', 'ipvlan1\x00'}, 0x0, 0x130, 0x168, 0x0, {}, [@common=@unspec=@conntrack2={{0xc0}, {{@ipv4=@empty, [], @ipv4=@dev, [], @ipv6=@mcast1, [], @ipv4=@local}}}]}, @NETMAP={0x38, 'NETMAP\x00', 0x0, {0x1, {0x0, @remote, @loopback}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x468)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5, 0x0, 0x4}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32, @ANYRESOCT=r0, @ANYRES64=r4], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x74, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = socket(0x11, 0x800000003, 0x1)
ioctl$ifreq_SIOCGIFINDEX_team(r6, 0x8933, &(0x7f0000000600)={'team0\x00', <r7=>0x0})
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900010000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r8, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r8, <r9=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r10}, 0x10)
r11 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r11, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000001000)=@newqdisc={0x94, 0x24, 0xf0b, 0x2000, 0x2000000, {0x0, 0x0, 0x12, r7, {0x0, 0x10}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x64, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x1, [], 0x0, [0x8]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x8, 0x2, 0x0, 0x1, [{0x4}]}]}}]}, 0x94}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000006000000040000000800000000000000", @ANYRES32, @ANYBLOB, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)

2.028592015s ago: executing program 2 (id=4017):
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f00000003c0)=ANY=[@ANYBLOB="18050000000000000000000000000000b708000000005aab7b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRESDEC=r0, @ANYBLOB="0000000000000000b704000008000000850000009500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000340)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$inet(r5, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)

1.895271367s ago: executing program 1 (id=4018):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000380)=ANY=[@ANYBLOB="5fa3c0c7155a80729227062e5295c8fbcb7298950573fa6e33f6adaf87d03668370b8b5c40c463c6081c6b68f917aea0080543fdfa2d274fb4d534efafbbad63f6e31033ad553d6ba4c2d2d86d1740af"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000180)='mmc_request_done\x00', r0, 0x0, 0x1}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="000000000000000000000000000000000000ff07", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x0, 0xc, &(0x7f0000000b40)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYBLOB="b6859a168dd6d1e7af8bd7001c8fae6be4a335b78a746d922c286081f8913f55e89597f7bda4cda10f05afd4e267f4830533eeb1313a757c546ec4608f2f250d989dd0ca912bc699c5530b8cd42cd8409e295ec7973b1766b147af3ad165295ba263bbfc4eb2a025866245741c6860a33759f811f95a8888c48e41aa70ccda51c0940015ee080d43b298248da798c7561abbc94a7d51f83f9a0eb0168d38b227d565e7a21d5982e6ae2d8d7cca16b9aef045413e26310904b32c3ef8f13294216047898a63a47128700a22c13bf4d57929d3fee5a4d2a653d2f45244bdeb2ab4dbeb22f0cea713be14dff5"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bind$inet6(0xffffffffffffffff, &(0x7f0000001700)={0xa, 0x4e21, 0xbc91, @private0={0xfc, 0x0, '\x00', 0x1}, 0x1000}, 0x1c)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='setgroups\x00')
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x10)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
ioctl$PPPIOCNEWUNIT(r4, 0xc004743e, &(0x7f00000000c0))
r5 = socket$pptp(0x18, 0x1, 0x2)
bind$pptp(r5, &(0x7f0000000000)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x10}}}, 0x1e)
connect$pptp(r5, &(0x7f0000000700)={0x18, 0x2, {0x0, @multicast1}}, 0x1e)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r6 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000600), 0x0, 0x0)
ioctl$EVIOCGPROP(r6, 0x40047438, &(0x7f0000000180)=""/246)
ioctl$PPPIOCSFLAGS1(r6, 0x4004743a, &(0x7f0000000300))
close_range(r2, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0xe, &(0x7f00000000c0)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x1}}, {@resuid={'resuid', 0x3d, 0xee01}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@nombcache}, {@errors_remount}]}, 0x3, 0x449, &(0x7f00000006c0)="$eJzs28tvG0UYAPBv7SR9E1OVQh9AoCDCK2nSUnrgAgKJA0hIcCjHkKRVqNugJki0iiAgVI6oEicuiCMSfwEnuCDghMS13FGlCuXSwslo7XXiOLYbu0kc6t9PWndmd+qZz7tjz+xkA+hZQ+lLErE3Iq5HxGAlu7rAUOWf20sLk/8sLUwmUSq9/XdSLndraWGyWrT6//ZUM30Ruc+TONKg3rnLV85PFIvTl7L86PyFD0bnLl95fubCxLnpc9MXx0+fPnli7MVT4y9sSJxpXLcOfzx79NDr7157c/LMtfd+/T6pxl8XR3P97VQ51Orgk6VSO++17e2rSSd9XWwIbclXumn5yr4eg5GPlZM3GK991tXGAZuqVCqVDkbsaHJ4sbSzpiBwj0l0behR1R/6dP5b3bZm5LE93Hy5MgFK476dbZUjfZHLyvTXzW830lBEnFn895t0i3XfhwAA6NyP6fjnuUbjv1wcrCl3X7aGUoiI+yNif0SciogDEfFARLnsgxHxUJv11y+SrB3/5G50FNg6peO/l7K1rdXjv+roLwr5LLevHH9/cnamOH08+0yGo39Hmh9rUcdPr/7xZbNjteO/dEvrr44Fs3bc6Ku7Ozc1MT9xNzHXuvlpxOG+RvEnyysBSUQciojDHdYx88x3R5sdu3P8LWzAOlPp24inKud/Merir0par0+O7ozi9PHR6lWx1m+/X32rWf13Ff8GSM//7obX/3L8haR2vXaunXf/+un09eqfXzSd03R6/Q8k76za99HE/PylsYiB5I1Ko2v3j9eVG18pn8Y/fKxx/98fK5/EkYhIL+KHI+KRiHg0a/tjEfF4RBxr8Sn88soT73ce/+ZK459q6/yvJAaifk/jRP78zz+sqrTQTvzp+T9ZTg1ne9bz/beedrV7NQMAAMD/VS4i9kaSG1lO53IjI5W/4T8Qu3PF2bn5Z8/OfnhxqvKMQCH6c9U7XYM190PHsml9IaKcH1/OV46fyO4bf5XfVc6PTM4Wp7odPPS4PU36f+qvfLdbB2w6z2tB79L/oXfp/9C79H/oXQ36/65utAPYeo1+/z/pQjuArVfX/y37QQ8x/4fe1Un/950B94aWfXlg69oBbKm5XXHnh+QlJNYkIrctmiGxSYlufzMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABsjP8CAAD//8Nb37k=")
r7 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r7, 0x84, 0x9, &(0x7f00000000c0)={0x0, @in={{0x2, 0x0, @multicast2}}, 0x0, 0x0, 0x3fc, 0x1000, 0x36, 0x0, 0x9}, 0x9c)
msgsnd(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0300000000000000125604a46ec289fa88960407c5279d9b55bd08110a129aebd0352bd9d0be551ed11ee24596975af447a3a73ecdb2630351eb3c71de0d27f9a3b22e00274e218d49a07d664c5ac5072efe5bd8a797c2183fc45a797a5bb4f65059ee351c71b0b8a32440ca3a5cfaaac5d26c26ac988cc5f72b7443109e7afe08cda184cccab93bbaff217b504b59ea96ec6856b8181010cc471f33d945aa3f999cd3ea66a94dfb5a2a06d079575757557def90cc834717973d6ee4a5b805501d320f8a32e5317067f201870ae3c1bb17fef0263f7cc1ed8025f4c8d9b619b7b54ec9e918d8066c9e5f8a01906aa4578da1a64b91474f182e536d63679ccfe90f48fc787d"], 0x105, 0x800)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r7, 0x84, 0x9, &(0x7f0000000000)={0x0, @in6={{0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x43}}}, 0x0, 0x0, 0x0, 0x0, 0x8a}, 0x9c)
bind$inet6(r7, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000017850000004300000095"], 0x0, 0x4000, 0x0, 0x0, 0x61680, 0x1, '\x00', 0x0, @fallback=0xd, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

1.786051497s ago: executing program 4 (id=3978):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x0, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000108500000075000000a40000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x90)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000040)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f00000000c0)='netlink_extack\x00', r2}, 0x11)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ENABLE(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01000000000000000000020000004c0001800d0001"], 0x60}}, 0x0)
r5 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r5, 0x1, 0xf, &(0x7f0000000000)=0x6, 0xa)
r6 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r6, &(0x7f0000000040)={0xa, 0x4e20, 0x20, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)

1.74558036s ago: executing program 1 (id=4019):
r0 = syz_open_dev$usbfs(&(0x7f0000000480), 0xf, 0x141341)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, 0x0)
preadv2(r0, &(0x7f00000004c0)=[{&(0x7f0000000040)=""/161, 0xa1}, {&(0x7f0000000100)=""/201, 0xc9}, {&(0x7f0000000240)=""/252, 0xfc}, {&(0x7f0000000340)=""/235, 0xeb}, {&(0x7f0000000440)=""/17, 0x11}], 0x5, 0x0, 0xca1, 0x0)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)

1.74483977s ago: executing program 1 (id=4020):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000300)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
mremap(&(0x7f0000144000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x800000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000800)=ANY=[@ANYBLOB="5c0000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800e00010069703665727370616e0000002000028006000200300000001400060000000000000000000000ffff7f00000108000a00", @ANYRES32], 0x5c}}, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_QUERY(r3, &(0x7f0000000240)={0x13, 0x10, 0xfa00, {&(0x7f0000000040)}}, 0x18)
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, &(0x7f00000003c0)={[{@init_itable_val={'init_itable', 0x3d, 0x1}}, {@discard}]}, 0x2, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
sendmmsg(0xffffffffffffffff, &(0x7f0000007fc0), 0x2d, 0x0)
set_mempolicy(0x4000, 0x0, 0xfffffffffffffffd)
shmat(0x0, &(0x7f0000233000/0x2000)=nil, 0x3000)
r4 = shmat(0x0, &(0x7f0000ffd000/0x1000)=nil, 0x7000)
shmctl$IPC_RMID(0x0, 0x0)
r5 = shmget$private(0x0, 0x3000, 0x800, &(0x7f000020c000/0x3000)=nil)
mmap$binder(&(0x7f0000395000/0x4000)=nil, 0x4000, 0x1, 0x11, 0xffffffffffffffff, 0xec07)
set_mempolicy(0x1, &(0x7f0000000040)=0x200000000, 0x80)
mlockall(0x1)
shmdt(r4)
shmat(r5, &(0x7f00003b7000/0x1000)=nil, 0x6000)
mlockall(0x7)

1.688098056s ago: executing program 4 (id=4021):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000100)=[{0x80000006}]}, 0x10)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000240)={'syz_tun\x00', <r2=>0x0})
bind$packet(r1, &(0x7f0000000300)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @remote}, 0x14)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x7, 0x8, 0x8, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
syz_emit_ethernet(0x4a, &(0x7f0000000440)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @initdev={0xfe, 0x88, '\x00', 0x9, 0x0}, @local, {[], {{0x100, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x120, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4, @perf_bp={0x0, 0x1}, 0x0, 0x0, 0x0, 0x3, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x1)
socket$nl_route(0x10, 0x3, 0x0)

1.676550517s ago: executing program 4 (id=4022):
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f00000003c0)=ANY=[@ANYBLOB="18050000000000000000000000000000b708000000005aab7b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRESDEC=r0, @ANYBLOB="0000000000000000b704000008000000850000009500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000340)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$inet(r5, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)

1.553744608s ago: executing program 0 (id=4023):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001480), 0x42002, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x20000023896)
getresgid(&(0x7f0000000c40), &(0x7f0000000140), &(0x7f0000000240)=<r2=>0x0)
syz_mount_image$msdos(&(0x7f00000000c0), &(0x7f0000000200)='./file0\x00', 0x10814, &(0x7f0000000700)=ANY=[@ANYBLOB='umask=00000000000000000000000,flush,nodots,dots,gid=', @ANYRESHEX=r2, @ANYBLOB="00006b746769643d0092", @ANYRESDEC, @ANYBLOB="1500bba7d41fabba4332de3ca642acf6f8de847e3f21783608008708a887d30aaf0a14b0691d48445fe3b4d1ddde1b81337b2c3b5f88535d7f6fa931b84783704494cebe49ca9f6269b05edde0246c360d0566b4056f0f02ccab035d3d0a5cde0b31bd424949fe23c0a0a25691738006c5c6acdf101fecdb4f79abdfb95c6afaea03dd5903b5240565f31504c207a9a2aa6c8108fb973081e90412a3c6cfa3b2513693727fad9acd8108acb8b90fab033c9dac0dc3e5a61c513e7b5edc5d76320f0e54045ea2b7b8fb1f78d3d346e26ee5ed6926cea1ffe0a1"], 0x1, 0x1fa, &(0x7f0000000500)="$eJzs2zFrE2EYB/Dn2rRe7GAHJ1E4cHEK6icwSAUxIEQy6GSgurQipEsUxH4eZz+EX8alg2SLXO5om2sLjWdyEn8/ON6H/O/guSF53uHN27sfDvY/Hr3f+nISaZLFRsSTmETs5lUpKdd0Vm/HnCTq+FXraQDgj/T7w27TPbBco1F3eDsidi4kg2+NNAQAAAAAAAAAAEBti5z/34j4Wj3/f7zifgGA+pz/X1/tch2NusN7xf6twvl/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDmT6fTWNL/Sci2vGxGRRkQ7Im5GRCsi8s+b7hcAqG8ynZ/7V83/iEgiwvwHgDXw6vWbF91eb6+fZWnEz+PxYDwo1iJ/9ry39zCb2T176mQ8Hmye5o+KPJvPt2b7hjx/fGm+HQ/uF3mePX3Zq+Q7sb/81weA/1InO3Vuvm+WV0Snc1mez+eiOrc/qMzvVtxprew1AIAFHH36fDA8PHw3+utFsthT7bKhq+/53lpWq4prFT+Sf6INRd0ivc7NDf8wAUt39qWvJmkzDQEAAAAAAAAAAAAAABes4i9HTb8jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADr53cAAAD//8h6UUs=")
bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f0000000180)={0x0, r1}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340), 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {}, 0x2c, {[{@cache_none}, {@version_u}, {@dfltgid={'dfltgid', 0x3d, r2}}], [], 0x6b}})

1.250601125s ago: executing program 3 (id=4026):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'rose0\x00', 0x1})
ioctl$TUNSETOFFLOAD(r0, 0x400454c9, 0x13)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x6)
socketpair(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x89a1, 0x0)
sendmsg$qrtr(r1, &(0x7f0000000440)={&(0x7f0000000380)={0x2a, 0x2, 0xfffffffe}, 0xc, &(0x7f0000000400)=[{&(0x7f00000003c0)="25076c865747dc0cf8aaa2acf9b24b03229ecbbafbbee17c19f2b8e5", 0x1c}, {&(0x7f0000000580)="b849c2858bd9e16672b7f1410b061924b70e954a622a197018fe8434ebfc958da4d264ab1b7a5a58badc3345cfd5a7e65b010f758b89c56a7b07c06f7339dc554214d81f71292b27b87c6cb511633281a06e7a88f9660fed17c0443314c1002d8dc017bc30df42b05b30e7668857e9f371f93b322cdc5e695e690dea555ec4857c8e592e867d535ba93d8dcd647c2efd070667e8f0befcb28c284a16adcac423572678ed7d217bed67964a86dd41f3f3daf7368205cbd0c84ee58f0ebede0e7f27f48ea77417f420d465dc3bd1bca19f28d4606d65ada8013e0a1060595f734dabb3ff9610e0fcdd385fc439ed509137b850395ee89ff25133d5867383fd55", 0xff}], 0x2, &(0x7f0000000880)=[{0xc0, 0x110, 0x2, "adb0ea4de64a7afbd8ebecda6e3778ca940903df34164b76ff5f45f3a5ea003d8e093ecbb1d43c72644aa15e6c1bb2ac96ccfc4c43dc389b394628b24087b3f519b68a9c5f40fc5cf4906d0262cbb1b98d597f9ecb01b474156802a40900c14fed803724ba2efec02109f7c7fb21d9f2f695ed4a583b64932dfc805e254ff12ea75cd94a1918b6ef187075a22f5d6eb50d0f3bd1fa388572ac909bdd126b40b454399cb49c14486307e680cc04a13d"}, {0x50, 0x101, 0x1000, "1dd8019cfe4eb4c5a799b0af5b877638fbca1e17412d3b28192e2d5f9aa354cffc320743dca6b5d4a76e93019f0312ef845c6904d4120ccf4355a1"}, {0x20, 0x10e, 0x6, "24c3a8929dc737b45142c906"}, {0x58, 0x117, 0x0, "e4cea8aa4a46e68769a824b80204823d418950bfe1646a3595eb9130d75bf0b840c3c9ac26ae5616be5ea64817ff6ee1a7f396f727a5cc333f990e45b543e622c58836d6f6e0b953"}], 0x188, 0x24000000}, 0x38)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x1)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='map_files\x00')
unlinkat(r2, &(0x7f0000000040)='./file0\x00', 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r3}, 0x4)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
unshare(0x600)
preadv(r4, &(0x7f0000001300)=[{&(0x7f00000000c0)=""/124, 0x4}], 0x3e8, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r5}, 0x10)
openat$uhid(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r6 = socket$key(0xf, 0x3, 0x2)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
sendmsg$nl_xfrm(r2, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000180)={&(0x7f0000000280)=@getsadinfo={0xb4, 0x23, 0x100, 0x70bd2c, 0x25dfdbfe, 0x0, [@policy_type={0xa}, @XFRMA_SET_MARK_MASK={0x8, 0x1e, 0x4}, @XFRMA_SET_MARK={0x8, 0x1d, 0x1f}, @replay_val={0x10, 0xa, {0x70bd2a, 0x70bd28, 0x101}}, @offload={0xc, 0x1c, {0x0, 0x1}}, @encap={0x1c, 0x4, {0xfffffffffffffffd, 0x4e22, 0x4e21, @in6=@mcast1}}, @lifetime_val={0x24, 0x9, {0x1, 0x5, 0x4, 0x8}}, @proto={0x5, 0x19, 0xff}, @policy_type={0xa, 0x10, {0x1}}, @coaddr={0x14, 0xe, @in6=@loopback}]}, 0xb4}, 0x1, 0x0, 0x0, 0x4000000}, 0x20000010)
r8 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00', r7}, 0x10)
r9 = socket$nl_route(0x10, 0x3, 0x0)
r10 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r10, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r11=>0x0})
sendmsg$nl_route(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="200000006800e97800000000000000000a0000000000000008000500", @ANYRES32=r11], 0x20}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'bond_slave_1\x00', <r12=>0x0})
sendmsg$nl_route(r8, &(0x7f0000000dc0)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000d80)={&(0x7f0000000cc0)=@RTM_NEWMDB={0x98, 0x54, 0x400, 0x70bd2b, 0x25dfdbfd, {}, [@MDBA_SET_ENTRY={0x20, 0x1, {0x0, 0x1, 0x4, 0x2, {@ip4=@empty, 0x8edd}}}, @MDBA_SET_ENTRY={0x20, 0x1, {0x0, 0x1, 0x1, 0x0, {@ip4=@rand_addr=0x64010100, 0x8edd}}}, @MDBA_SET_ENTRY={0x20, 0x1, {r11, 0x0, 0x1, 0x3, {@in6_addr=@private2, 0x8edd}}}, @MDBA_SET_ENTRY={0x20, 0x1, {r12, 0x1e09dd2f4372b488, 0x4, 0x0, {@in6_addr=@private0={0xfc, 0x0, '\x00', 0x1}, 0x18b67}}}]}, 0x98}, 0x1, 0x0, 0x0, 0x4000004}, 0x8000)
sendmsg$key(r6, &(0x7f0000000040)={0xa, 0x0, &(0x7f0000000340)={&(0x7f0000000b00)=ANY=[@ANYBLOB="020300000b0000000000000000000000030006000000000002000000e000000100000000000000000200010000001c000000fb18000000000300050000000000020000007f0000010000000000000000010018"], 0x58}, 0x1, 0x7}, 0x0)
syz_usbip_server_init(0x4)

995.882399ms ago: executing program 0 (id=4027):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="00000042eebe2f000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000074f1de926c01fda103000000950000000000000073c5a4c04e9ebfbcde46d0ce87037a5b4923"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = openat$selinux_user(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$selinux_user(r2, &(0x7f0000000040)={'system_u:object_r:syslogd_var_run_t:s0', 0x20, 'root\x00'}, 0x2c)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000000980), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000000))
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TCSETS(r4, 0x40045431, &(0x7f0000000100)={0x2000000, 0x0, 0x0, 0x0, 0x0, "2af01c3d0040fbffffffffffffff00"})
r5 = syz_open_pts(r4, 0x0)
ioctl$TCSETS(r5, 0x5402, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r7}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r8 = syz_io_uring_setup(0x207, &(0x7f0000000340)={0x0, 0x0, 0x10100}, &(0x7f0000000300), &(0x7f0000000100)=<r9=>0x0)
syz_io_uring_setup(0x6d3, &(0x7f00000008c0), &(0x7f0000000040)=<r10=>0x0, &(0x7f00000002c0))
syz_io_uring_submit(r10, r9, &(0x7f00000001c0)=@IORING_OP_SYMLINKAT={0x26, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000047c0)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00'})
io_uring_enter(r8, 0x1849, 0x0, 0x0, 0x0, 0x0)
r11 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r12=>0xffffffffffffffff, <r13=>0xffffffffffffffff})
recvmsg(r12, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r13, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
setsockopt$sock_attach_bpf(r12, 0x1, 0xd, &(0x7f0000000540), 0x4)
write$binfmt_elf64(r11, &(0x7f0000000400)=ANY=[@ANYBLOB="7f454c4600000000000000000000000003003e00000000000000000000000000400000000000000000000000000000100000000000003800010000000000000003000000000000000000000000000000000000000000000000000000000000000008"], 0x78)
write$binfmt_elf32(r11, &(0x7f0000001940)=ANY=[], 0x788)

958.582702ms ago: executing program 1 (id=4028):
syz_genetlink_get_family_id$wireguard(0x0, 0xffffffffffffffff)
r0 = socket$phonet_pipe(0x23, 0x5, 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@bloom_filter={0x1e, 0xeef7, 0x8, 0xfffffffe, 0x10380, 0xffffffffffffffff, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x4, 0x3, 0x5, @void, @value, @value}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000002c0)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x3, 0x7ffc1ffb}]})
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f00000005c0)='mm_page_free\x00', r3}, 0x10)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x4880, 0x0)
r4 = epoll_create1(0x0)
epoll_pwait(r4, &(0x7f00000000c0)=[{}], 0x1, 0x2, 0x0, 0x0)
openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f00000006c0)='kmem_cache_free\x00', r5}, 0x10)
connect$phonet_pipe(r0, &(0x7f0000000040)={0x23, 0x0, 0x0, 0x5}, 0x10)
ioctl$SIOCPNENABLEPIPE(r0, 0x89ed, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000580)='net/tcp6\x00')
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000d00)='sched_switch\x00', r7}, 0x10)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
open(&(0x7f0000000080)='./bus\x00', 0x80, 0x1)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x1)
preadv(r6, &(0x7f0000000240)=[{&(0x7f0000000440)=""/95, 0x5f}], 0x1, 0x90, 0x800000)

773.842529ms ago: executing program 1 (id=4029):
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000ffffffffffffffff00"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x10)
r3 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
fallocate(r3, 0x0, 0x0, 0x1000f4)
r4 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r4, 0x0)
r5 = dup2(r0, r0)
fchmodat(r5, &(0x7f0000000340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x12)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000940)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000160000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x4, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x2d)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000001040)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xe, &(0x7f0000000440), 0x3, 0x440, &(0x7f00000006c0)="$eJzs28tvG8UfAPDvrpP019cvoZRHH0CgICIeSZMW6IEDIJA4FAkJDnCMkrQqdRvUBIlWFRSEygkhJO6II/8CJ7ggxAmJK9xRpQr10paT0dq7ie3YbuLaNcWfj7TtzO5sZr7eHXtmxw5gaE1m/yQRuyLi94gYr2UbC0zW/rtx7eLCzWsXF5KoVN76K6mWu37t4kJRtDhvZ56ZSiPSz5I40KLelfMXTs+Xy0vn8vzM6pn3Z1bOX3j21Jn5k0snl87OHTt29MjsC8/PPdeTOLM2Xd//0fLBfa+/+9Ubx79oiL8pjh6Z7HTwiUqlx9UN1u66dDIywIawJaWIyC7XaLX/j0cp1i/eeLz26UAbB/RVpVKp7Gx/+FIF+A9LojGvy8OwKD7os/lvsTUPAl7q3/Bj4K6+XJsAZXHfyLfakZFI8zKjTfPbXpqMiHcu/f1NtkV/nkMAADT4IRv/PNNq/JfG/XXl/p+vDU1ExD0RsSci7o2IvRFxX0S17AMR8eAW629eJNk4/kmvdBXYJmXjvxfzta3G8V8x+ouJUp7bXY1/NDlxqrx0OH9NpmJ0W5af7VDHj6/+9mW7Y/Xjv2zL6i/Ggnk7roxsazxncX51/nZirnf1k4j9I63iT9ZWApKI2BcR+7us49RT3x1sd+zW8XfQg3WmyrcRT9au/6Voir+QdF6fnPlflJcOzxR3xUa//Hr5zXb131b8PZBd/x0t7/+1+CeS+vXala3XcfmPz9vOabq9/8eSt6vpsXzfh/Orq+dmI8aS47VG1++fWz+3yBfls/inDrXu/3ti/ZU4EBHZTfxQRDwcEY/kbX80Ih6LiEMd4v/5lcff6z7+/sriX9zS9V9PjEXzntaJ0umfvm+odGJD/Dc7X/+j1dRUvmcz73+baVd3dzMAAADcfdKI2BVJOr2WTtPp6dr35ffGjrS8vLL69InlD84u1n4jMBGjafGka7zueehsPq0v8nNR+2pBkT+SPzf+urS9mp9eWC4vDjp4GHI72/T/zJ+lQbcO6Du/14Lhpf/D8NL/YXjp/zC8WvT/7YNoB3Dntfr8/3gA7QDuvKb+b9kPhoj5Pwwv/R+Gl/4PQ2lle9z6R/IdE8Vf6vJ0ibs0Eem/ohkSfUoM9n0JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgV/4JAAD//3sE4iY=")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
mount$bind(0x0, 0x0, 0x0, 0x8b105a, 0x0)
r8 = getpid()
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r8, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pipe(&(0x7f0000000080)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
write$binfmt_elf64(r10, 0x0, 0xfffffd88)
readv(r9, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/243, 0xfffffdef}], 0x1)
r11 = gettid()
process_vm_writev(r11, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/232, 0xe8}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xe7}], 0x1, 0x0)

682.893927ms ago: executing program 2 (id=4030):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xcc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
r1 = socket$inet6(0xa, 0x80002, 0x4)
setsockopt$inet6_int(r1, 0x29, 0x3, &(0x7f0000004240)=0x40000006, 0xffffffffffffffe2)
recvmmsg(r1, &(0x7f0000000a40)=[{{&(0x7f00000006c0)=@vsock={0x28, 0x0, 0x0, @my}, 0x80, &(0x7f0000000980)=[{&(0x7f0000000740)=""/55, 0x37}, {&(0x7f0000000a80)=""/194, 0xc2}, {&(0x7f00000008c0)=""/144, 0x90}], 0x3, &(0x7f00000009c0)=""/115, 0x73}, 0x3}], 0x1, 0x2, 0x0)
r2 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000500000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000440)={r3}, 0xc)
setsockopt$inet6_IPV6_HOPOPTS(r1, 0x29, 0x36, &(0x7f00000000c0)=ANY=[], 0x8)
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./bus\x00', 0x400e, &(0x7f0000000280)={[{@i_version}, {@nobh}, {@data_err_ignore}, {@nolazytime}, {@init_itable_val={'init_itable', 0x3d, 0x4}}, {@acl}]}, 0x1, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r4, 0x0)
socket$l2tp(0x2, 0x2, 0x73)
fdatasync(r4)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
ftruncate(r4, 0x13)
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000000)={0x6, &(0x7f0000000080)=[{0x1, 0x6, 0xf2, 0x6}, {0x97, 0x1, 0x9, 0x57f}, {0x1000, 0xcc, 0xfc, 0x1}, {0x69e0, 0x7, 0x9, 0x7}, {0x84c, 0x7, 0x16, 0x6}, {0x4, 0x5, 0x1, 0x2c4}]})
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000f57f20207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300009500"/81], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x63bedbc0, @void, @value}, 0x94)
rseq(0x0, 0x0, 0x0, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x4, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
getpgid(0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x2, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)

520.054413ms ago: executing program 4 (id=4031):
r0 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000200)={0x32, @remote, 0x4e20, 0x0, 'ovf\x00', 0x1c, 0x8, 0x7d}, 0x2c)
sendmsg$nl_route_sched(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=@newtaction={0x8c, 0x30, 0x1, 0x0, 0x0, {}, [{0x78, 0x1, [@m_ct={0x2c, 0x2, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc}, {0xc}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x8c}}, 0x0)
syz_read_part_table(0x5fd, &(0x7f0000000d00)="$eJzs2z9olGccB/DvxVzOP9B0cHKpcegkFMXRDFWSU7EQTqUQHLS1iJgpQuCkhwc6tBkUM0jHLlK4ReNkzOBQFIXORRxahAwuBV2kdshbrvc2rfaPR8kNxc9n+T338rvn+/zgWZ/wvzaUarkqar+VDz751/5i9I91O8c6E5MHi6IojiaVHE81Y9++s5hkOK/umh1JRv60z/WvNy9/+fxAtfP4yIv3T9ybH1rbs5Z3k2wZeePRa/1PyaDcGL8/evHSbP1y90e9tbL6cXLz2URj6fD8wuKh6v5T3e8Xkgdlf+9ibMq5NHM+Z3Ny+L+kVl7Jb3fzm+NnHtVbK191nuxa3Vbv3D699+X25St3dydz3Yip1/6XN9+vvqzNX+bPjV2dXmjt23lr67U9zTsPG083/Fz0lJHV9ckFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAwbozfH714abZ+uTl+5lG9tfLF9999dPPZRGPp8PzC4qGR/afKvgdlHS7ruTRzPmdzMjOZyWeZ7T9yuvKP+b9sTp7sWt1W79w+vffl5PKVu7vLvqn1GPZvvD7/3NjV6YXWvp23tl7b07zzsPF0Q69vppZPU+2tawM6CwAAAAAAAAAAAAAAAAAAAG+vicmD26c+bBxNKjm+MclPnw91vxflI/ff3+rvKOsPtWRTkusbk/bzA9XO4yMvRk7cm/+x7G+nlnaSLd8sHUveW8u58JfkyqBHow+/BgAA//8hVpWc")
mount(0x0, 0x0, 0x0, 0x1000, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000080850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000240)=0x214)
read(r2, &(0x7f0000000080)=""/241, 0xf1)
ioctl$TCSETAF(r2, 0x5402, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "9f762f0bc5e584a2"})
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='sys_enter\x00', r3}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, r0, 0x0)
unshare(0x8000000)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r5=>0xffffffffffffffff, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1e00000000000000050000000600000000000000", @ANYRES32=0x1, @ANYBLOB="feffffff00"/20, @ANYRES32=0x0, @ANYRES32], 0x50)
r7 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0x3, 0xc, &(0x7f00000002c0)=ANY=[@ANYRES64=r5, @ANYRES32=r6], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
unshare(0x2c040000)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYRESHEX=r7], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0a0700f704000000000400000900000000000000", @ANYRES32, @ANYBLOB="000000000000010000000000000000", @ANYRES32=0x0, @ANYRES32, @ANYRES8=r4], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00'}, 0x10)
unshare(0x2a020400)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x0)
pwritev2(r8, 0x0, 0x0, 0x10001, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

343.030618ms ago: executing program 3 (id=4032):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x0, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000108500000075000000a40000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x90)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000040)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f00000000c0)='netlink_extack\x00', r2}, 0x11)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ENABLE(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01000000000000000000020000004c0001800d0001"], 0x60}}, 0x0)
r5 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r5, 0x1, 0xf, &(0x7f0000000000)=0x6, 0xa)
r6 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r6, &(0x7f0000000040)={0xa, 0x4e20, 0x20, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)

287.448993ms ago: executing program 3 (id=4033):
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000034c0)={&(0x7f0000003740)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x48, 0x48, 0x8, [@func_proto={0x0, 0x1, 0x0, 0xd, 0x0, [{0x1, 0x4}]}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x2, 0x3, 0x18}}, @var={0x6, 0x0, 0x0, 0xe, 0x3}, @volatile={0x0, 0x0, 0x0, 0x9, 0x4}]}, {0x0, [0x61, 0x5f, 0x5f, 0x0, 0x0, 0x5f]}}, 0x0, 0x68, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28)

286.656364ms ago: executing program 3 (id=4034):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = socket(0x10, 0x803, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="240000002100010900000000ffdbdf250200000800000000000000000500150004"], 0x24}}, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000003c0)=@getchain={0x24}, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000740)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000700)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x8, 0x2, 0x0, 0x1, [@IFLA_IPTUN_COLLECT_METADATA={0x4}]}}}]}, 0x38}}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="00000000000000000000000000f9940000010000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000050000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="00000000000000860000009500"/25], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{0xffffffffffffffff, <r6=>0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000080)}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{0x1, <r7=>0xffffffffffffffff}, &(0x7f0000000540), &(0x7f0000000580)=r0}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x2, 0x16, &(0x7f0000000800)=ANY=[@ANYBLOB="611234000000000061134c0000000000bf3000000000000015000200000000103d030100000000009500000000000000bc26080000000000bf67000000000000070300000fff07006702000003000000160600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f909ad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe70305865050df26469fac5202d6293c3d5e11f4f83e7455baeeba4f"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00', r8}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="f9ffffff00000000000000000000000085a0e8e5", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r8, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000680)={{0xffffffffffffffff, <r9=>0xffffffffffffffff}, &(0x7f0000000600), &(0x7f0000000640)=r0}, 0x20)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=@bloom_filter={0x1e, 0x101, 0x6, 0x3ab, 0x28900, 0x1, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x2, 0x0, 0x1, @value, @void, @void, @value}, 0x50)
r11 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r11, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008088100b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x7, 0x18, &(0x7f0000000380)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x3}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [@func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffff8}, @tail_call={{0x18, 0x2, 0x1, 0x0, r6}}, @generic={0x67, 0x3, 0x2, 0xb, 0x9}, @btf_id={0x18, 0xb, 0x3, 0x0, 0x1}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000001c0)='GPL\x00', 0x1, 0xf4, &(0x7f0000000440)=""/244, 0x41000, 0x7113d7d08932a8b5, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x4, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, r0, 0x0, &(0x7f0000000740)=[r7, r9, r10, r11], 0x0, 0x10, 0x7, @void, @value}, 0x94)
ioctl$EXT4_IOC_GETSTATE(r12, 0x40046629, &(0x7f00000008c0))
r13 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r13}, 0x10)
creat(0x0, 0x0)
r14 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r14, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r14, &(0x7f0000001b80)={0x0, 0x0, &(0x7f0000001b40)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a38000000030a05000000000000000000020000000c00024000000000000000010900010073797a30"], 0x60}}, 0x0)

213.47905ms ago: executing program 4 (id=4035):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000180000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000f0850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000680)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000034c0)={&(0x7f0000003740)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x50, 0x50, 0x8, [@func_proto={0x0, 0x2, 0x0, 0xd, 0x0, [{0x1, 0x4}, {}]}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x2, 0x3, 0x18}}, @var={0x6, 0x0, 0x0, 0xe, 0x3}, @volatile={0x0, 0x0, 0x0, 0x9, 0x4}]}, {0x0, [0x61, 0x5f, 0x5f, 0x0, 0x0, 0x5f]}}, &(0x7f0000003440)=""/67, 0x70, 0x43, 0x1, 0x0, 0x0, @void, @value}, 0x28)

177.030713ms ago: executing program 3 (id=4036):
socket$nl_generic(0x10, 0x3, 0x10)
socket$kcm(0x10, 0x3, 0x10)
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x4000)
socket$tipc(0x1e, 0x5, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000))
socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$RDS_CONG_MONITOR(r0, 0x114, 0x6, &(0x7f0000000680)=0x1, 0x4)
pselect6(0x40, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000, 0x4}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, &(0x7f0000000300)={0x0, 0x3938700}, 0x0)
msgget(0x3, 0x48)

175.228603ms ago: executing program 4 (id=4037):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000680)={{r0}, &(0x7f0000000600), &(0x7f0000000640)=r1}, 0x20)
setitimer(0x0, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000580)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd70a5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c707647fa8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa60e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b0a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000f841b35af2e300"/3601], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r3}, 0x10)
write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x10034)
r4 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x802)
write$evdev(r4, &(0x7f0000000000), 0x100000008)
ioctl$EXT4_IOC_GROUP_EXTEND(r4, 0x40044582, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000d40)={{r2}, &(0x7f0000000cc0), &(0x7f0000000d00)='%-5lx  \x00'}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x13, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x2, 0xc, 0x1400, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r7}, 0x10)
write$UHID_CREATE2(0xffffffffffffffff, 0x0, 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, 0xffffffffffffffff, 0x0)
socket$can_raw(0x1d, 0x3, 0x1)
r8 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
ioctl$SG_NEXT_CMD_LEN(r8, 0x2284, &(0x7f0000000000))
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x19, 0x4, 0x8, 0x7fff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r10}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r9}, &(0x7f0000000800), &(0x7f0000000840)=r10}, 0x20)

128.271938ms ago: executing program 0 (id=4038):
r0 = io_uring_setup(0x3e76, &(0x7f0000000000))
r1 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
bind$llc(r1, &(0x7f0000000040)={0x1a, 0x0, 0x0, 0x54}, 0x10)
getsockname$llc(r1, 0x0, &(0x7f0000000280))
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
setsockopt$sock_linger(r2, 0x1, 0xd, &(0x7f0000000000)={0x1, 0x10000}, 0x8)
shutdown(r2, 0x2)
close_range(r0, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, 0x0})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x4, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x0, &(0x7f0000000080), 0x64, 0x518, &(0x7f0000000200)="$eJzs3c9vG1kdAPDvOHa3adNNFjjASiwLuyitoHayYXcjDssiITitBCz3EhIniuLEUezsNlFFU/EHICEESJzgwgWJPwAJVeLCESFVgjMIEAhBCwcO0EG2J2l+jBO3uHEafz7SZN57M+Pve45mPG/maSaAofVyRLwdEQ/TNL0WEeNZeSGbYqcztdZ7cP/WfGtKIk3f/XsSSVa2+1lJNr+cbXYxIr76pYhvJEfjNra2V+ZqtepGlq80V9crja3t68urc0vVperazMz0G7Nvzr4+O9WXdl6JiLe+8OfvffsnX3zrF59+/w83/nr1m61qjWXL97fjMRWPW9hpeqn9XezfYOMJg51FxXYLM6N5a4wcKbnzlOsEAEC+1jn+ByLiExFxLcZj5PjTWQAAAOAZlH5uLP6TRKT5LnQpBwAAAJ4hhfYY2KRQzsYCjEWhUC53xvB+KC4VavVG81OL9c21hc5Y2YkoFRaXa9WpbKzwRJSSVn66nX6Uf+1QfiYiXoiI746PtvPl+XptYdAXPwAAAGBIXD7U///XeKf/DwAAAJwzE4OuAAAAAPDU6f8DAADA+af/DwAAAOfal995pzWlu++/Xnhva3Ol/t71hWpjpby6OV+er2+sl5fq9aX2M/tWT/q8Wr2+/plY27xZaVYbzUpja/vGan1zrXlj+cArsAEAAIBT9MLH7v4uiYidz462p5YLvW3a42rAWVXcSyXZPGe3/v3znfmfTqlSwKkYGXQFgIEpDroCwMCUBl0BYOCSg9kj3YKug3d+nc0/3v86AQAA/TX5ke73/wvHbrlz/GLgzLMTw/By/x+GV/v+f68jeZ0swLlScgYAQ2/f/f/0ds7yE+//nyhNH79WAABAP421p6RQzi7vjUWhUC5HXGm/FqCULC7XqlMR8XxE/Ha89FwrP93eMjk8ZhgAAAAAAAAAAAAAAAAAAAAAAAAA6CJNk0gBAACAcy2i8Jfkl51n+U+Ovzp2+PrAheTf45G9IvT9H777/ZtzzebGdKv8H3vlzR9k5a8N4goGAAAADIXHeoH/bj99tx8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP304P6t+d3pNOP+7fMRMZEXvxgX2/OLUYqIS/9MorhvuyQiRvoQf7T158N58ZNWtfZC5sUf7UP8nTvHxo+J7FvIi3+5D/FhmN1tHX/eztv/CvFye56//xUjDuSfVPfjX+wd/0a67P9Xeozx4r2fVbrGvxPxYjH/+LMbP+kS/5Ue43/9a9vb3ZalP4qYzP39SQ7EqjRX1yuNre3ry6tzS9Wl6trMzPQbs2/Ovj47VVlcrlWzv/FcTozvfPTnD49r/6Uu8SdOaP+rPbb/v/du3v9gJ1nKi3/1lZz4v/pxtsbR+IXst++TWbq1fHI3vdNJ7/fST3/z0nHtX+jS/pP+/1d7bP+1r3zrjz2uCgCcgsbW9spcrVbdOLeJVi/9DFRD4gwmbvf1A9M0TVv71P/xOUmcha+lnRj0kQkAAOi3Ryf9g64JAAAAAAAAAAAAAAAAAAAADK/TeJzY4Zg7e6mkH4/QBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoi/8FAAD//z742t0=")
llistxattr(&(0x7f0000000140)='./file1\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)

79.962462ms ago: executing program 2 (id=4039):
socketpair$unix(0x1, 0x1, 0x0, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000000)=<r0=>0x0)
prctl$PR_SCHED_CORE(0x3e, 0x0, r0, 0x2, &(0x7f0000000080))
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000013c0)=@base={0x5, 0x1, 0xfff, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000540)={{r1}, &(0x7f00000004c0), &(0x7f0000000500)='%-5lx  \x00'}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1e, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
msgget$private(0x0, 0x214)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000a80)={{r5}, &(0x7f0000000a00), &(0x7f0000000a40)=r4}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r2}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff00000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000ddffffff0000100000f30600000000000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
fspick(0xffffffffffffff9c, &(0x7f00000000c0)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x1)
openat$dir(0xffffffffffffff9c, 0x0, 0x202000, 0x20)
r6 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r6, 0x11b, 0x4, &(0x7f0000001180)={&(0x7f00000010c0)=""/190, 0x1000, 0x800, 0xb2c, 0x2}, 0x20)
syz_clone(0x22023500, 0x0, 0x0, 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)

33.110187ms ago: executing program 3 (id=4040):
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f00000003c0)=ANY=[@ANYBLOB="18050000000000000000000000000000b708000000005aab7b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRESDEC=r0, @ANYBLOB="0000000000000000b704000008000000850000009500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000340)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$inet(r5, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)

0s ago: executing program 2 (id=4041):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800"/12], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r0}, 0x18)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000d7c900000900000001000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00'], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000000440), &(0x7f00000005c0)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
mount(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='sysfs\x00', 0x0, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x10)
ioctl$KDFONTOP_SET(0xffffffffffffffff, 0x4b72, &(0x7f0000000000)={0x0, 0x0, 0x8, 0x1e, 0x200, 0x0})
pivot_root(&(0x7f0000000040)='./file0/../file0/../file0\x00', &(0x7f0000000200)='./file0/../file0\x00')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
sendmmsg$inet(r1, &(0x7f0000004540)=[{{&(0x7f0000000040)={0x2, 0x4e22, @multicast1}, 0x10, 0x0}}, {{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000180)="15b26f226e2966667482d50703b0a8d92ccd9e69d5cc4cb3d467a670b237a9225fb56c0f7ea725dee27c4bb43bb50c6748c83b71d59f0537405dfab648c096607340fac939a2efd31cbe2f8ca29c409e87ea0974b7bceff9afef5dffd691575f5115f2f961ad488e3386036913e98181a6034febaab853a3e928b9035b0e3a8e1cb393c70f6d0448970e0af2476f8b923ee09c19deca55d58f70e8eeff55dda6381cb96afe97196c0af0a8fd450a1447a1a521e2c211fb84cbcf4aebd31298972ec6be", 0xc3}, {&(0x7f0000000d80)="7d68e6de85f9b0cbc9d710267f321ec64eab043ecad9af7e01e9463218ec45924a99867163e468d36a682fadd749caa325e685d75559a87139e02fae7271be8f55671cfd32a09896278d1941370174720838039d0989bc3394b8a4c4f4a30f0496be313d6d60fe47966c634a3ee1f659e8ef310647725bda0130d5de5028220a4cf5fc808a75694738ee26cb21302b4bba4265b845a5d5dce706d9820c6936b122f9658446d74a9016b94424971dd443a6907eb5c73b6b200e92b23f2c36a214729b0bc231", 0xc5}, {&(0x7f0000000380)="73fd71361e8d6c80ae1bc9953e2a4aeac7a314273066fc7f65a51969b46df1774bb0be94ccd4824f2d57ad2cd37242b1258402395481f9f07e067652e52aa8ccefcd0962ba0c48757b68d493f3ad702e65d4daa7dfc1605a173185472ae12470eea64c70ef4e64793b8a830447de0f423bef3964934eef4243cac42939ba6fa68d821b9373b5f3e2c26e7ca75ed8fb3203aef3a6637cecdd0251532b99537e02f604058f50e66c8a657d59beeed127695475f082d3d2b9790181fc987ad000ac00887d1506be89f388ecb405660b4ea196ee8f5a92b12ec43bbf49567db613d478ebe2358364f7600bf4f80ef4b2756fb13416c4fa22880cc96a03f07888575aedb001d5a74bb2f906797912b5ac080a0a3d361425f1a92ab03bbe65d5dcb235f43b5ad1162a16ebdc647baac013bf076945126cdd5a080853976a97ad55184601102fbb8df86b21aa8162858d74465c5fb7dc766602a3567f6eaf441f85ec50ca7fb3a4fdb450d1420531da25d01a412958a5e3895c59542238cf8e188e7fb5641eb24a5f1819bf8d2e9dd6c1d0e93564d723e311db9cd268bb1e477036e822b135cdbaf40f812aa7db01d22c829ab01ae24997dae96ddeed49e62d285701d5419e3f94a8b95790cf5a296ed15bffae1f71470c6a6eda872528844a2df42590d898630263cab5cccec57b7cea365ad8c91bfbe7cb419635ce6bf340a56115c0ad922b6fade9538e543bc5def2a85d35ab16d20c219c4733837be2c14ba4d3d32c3a6882ce6857626f55109b4cdcb634425d710bf3108f9b31b4af0cc17a58e49e871a56126dd8bed08e038ba64008587237b3442d28032e52fc9fae1a5784ba59d0edfa03d38352724903ed6f6970b3f4dfa6e40bf933b6765c6ee648174765f1e8ec71b80cac86abd065a3005b40a43a665707cc590997c5048183006a9dd8026d39def05950183b3d4f12f4e1644ef78cddac7c5569985c2c232bb350f28857675339e53f63a868704d2e0b38993dc57a02d3e297fc9a5b9384622841018c303a05bac25d509df5a2d0e3232927283fcc3ec67e4fa7b71d22f115cf693851dcceab4bce38cbfbb32829e211cdcb6a359e14fe416663541050d340aef2555dbd292bd9cbab8fcf20378149cc994569c2bc95fb33fd2d9321b8ac8e5160b02e202492f470eb719a8f2ac3a4be37ea0918b54b14789b7aa228d47f7b13fd9af608740c5a8fe02109a7cc0e555b22628ef790e513ecadfd338d30aed8ca219e64ee4fb0bd0e21e5101bf2072ffa071eb1aa0454caccc015ff1e166813f819a142b56a22e4ff387bb319288a0ef747c6fc8fdee3a0e193b0d086eb816e97e0322fcdaa30da61cd26ac9d8d0748fccd911ce0fd4adc953e9486e137fe66bc8aedfd5b78c562ebfc578ac9f96a453311766564541e16955e30b95914e9411a0b4cd95e0d8732d5ff7a4f921ef41d986a195334266585353b16b9449955523913a30c087532bcb899f733af3abea59baea174cf04359547a633b5f8a582ae3ef12a1d0125bef8c6e8c9fb589d3597c5ab3879491b0c5e3607203f06836a6805d3f7979c4325f9fecb2aceddedb272237132460cda812ef7d613a585898d59f92ef68ec95f12b47b440f6d899ecbfab48055e0c1605ba4cd9dbc17c4cbfec8a953ebbd38c45a6737a57ee58e21a20e530171137968ae4f0d0366cdb0b9d6a4667b011fcd7cd9e77364e5221989d8f0d80793260e748e3bd394849c090c744f6044328304cd6f02e941c5405647daffc1fd2f2864b37f92bbf4931c8e4a7c6bafd0ea79d39d330e70e6776bf6a926de227e5a43653bba04883e98d67bb64aa86e8bf271ba87604bc598e47f2992c7618ad25068860a481554b53352c7339de7e79c3bd1aed5bef8f398432858c888a5d8651969ea40eb3d486e9fe61d49b20500fdfd1548f567da970103d36730657c35d03d2c36b142665f62203b1fb12d616478cfef6f38b34cda87a634dd06d359f33e98b94a5e5b46b2a8d73126352d1d5b65af75055455cc903e384c41876fbdff935d047284d9d203b147a6ba0e9cb50beef7798886c33d2f2f0c0d9abe0e32c7c809f8b0b28fc59471987353c862a311776b8275bf319d5cb9a59f8f103b6e567ef5dd8859973cc3fe41e356bf5bd3186240e49286977eca36a8ad44185973b276cd7958b73e14a221b7fd567818bebf54ad27ee95161bd2aeeb356482ff467500a7d36f0464f58a591ec6b728f984ec78d0abe14c6d3411ac3ffc4c3179d1f95d029f26cceb545723519d3d4209a2b1243e78767273c13dc2bd320512674b6f1a50313bae7b9d16aebb476dbc829e8fd8dd46a1696efaff5795cf75de57c90f05ed9ef4a5cdfbf20d3d9ed95fb4114b1d5c9ade0856212e7ba330ce5bccf2c993dff89112b28bd3b17d3fcfacef7590f62bf948977dd79e2d8025946c80bf263e34035409b5ba1443d4929727180761bd56d258c3670a0aa4de21111fc3172367582de2d164ff3a18d0696b8dd8e5c1423b2ea1e2c0cfe141e4cf04f8cdaed48976b94c40d6a581300458661bbdbfeeb4969af6319eb1798843d0872f68f0c6537bbc9c7dd1e9b0564bf442d8d25f8aa884aba1df074d374f99750d9227bb821ba0355f60de2829a5c8cd47c89d29a2e3d7d53d59db5c3ace8f484664202c210c68a3b33076fb00d59938e84fbad6d6618c0bb89cf94035fa2de4da351e0d71df416450ea7ec3af33aa5c0313c63e654bd79c73b39dc1933636956761058d76648746daca469f8fce62c17a8160cdefc6a927eef9ec4a8dd684e46f35282546ce2362ab8afedd39bf699fd7c2cde538f52ea43c08558f42ba77b2986b800c45fa76a130b30919b3e1d504573e3c1e7dd2dc5d81379df53d736511f1da4ad8791e46adb27bb5c38129e89edda0aed99dcc03fe400f7d05d48e3e9e17744e8487f8ac464c86f7332211fb9799e9d27a6832d5f17ccd1a2da255f6da047e4728dd80860c04391bca4b7833f0346866401ec20033bcf6dfa85fd1520de5a03b4f9f6f5d2f8d7b6e7d7df1cbe5c05e23e080cf335639c94c48aaeb0bfebbe79530d67d35fb101c91839954c0e50dd4b90a86428b22b0be1e906fee30f68d7ce4bf9c68eafe695f07f5e4e4d473d77104b7b1b5dcfeb84e8c83624c0068d4e1cccfe740f8e5d5699603f8481ef2a1f2d4b8fd2314c5cb1985fe34cf8ede7d2e8bddea269422490903489c7f5951114d7ccb29a19455a987d538955712a460243105b25ccb6e6f34c370a6bbb234bee150dbcea5188e45305253f1014f7c0b5d60d517d2d05707f5ca9249a921d6c5307caf41deca0509b49102d801320db65c00f6e1c05fb8c2e1cc554673bf6168dd64086b19af28eec508fd0c304837e802173ac9947c4d73929c61d9632ab929a25f2a04350954612c2de705c1c25215284fe933fc8ccfd30ab3fc9ff5e04dd68d4720d95a29d6da176ac9d332c9ce77358f3c262777ea828fe6473638bc77be2aa586a3733e275744bc42c3742c1ad8f89d25c31958902f2f498c58fc85e9b78fb7a331734cb081cfa9ccfd262df927c0ff46983f8765af4add3532de2b91f2436df028", 0x9fd}], 0x3}}, {{0x0, 0x0, &(0x7f00000017c0)=[{&(0x7f0000001700)="c9", 0x1}], 0x1}}], 0x3, 0x240080e4)

kernel console output (not intermixed with test programs):

s an invalid length.
[  283.409011][T14504] netlink: 152 bytes leftover after parsing attributes in process `syz.2.3358'.
[  283.471471][T14517] loop2: detected capacity change from 0 to 512
[  283.483389][T14521] loop3: detected capacity change from 0 to 512
[  283.491545][T14521] EXT4-fs error (device loop3): ext4_orphan_get:1417: comm syz.3.3367: bad orphan inode 17
[  283.501955][T14521] ext4_test_bit(bit=16, block=4) = 1
[  283.507321][T14521] is_bad_inode(inode)=0
[  283.511465][T14521] NEXT_ORPHAN(inode)=0
[  283.515726][T14521] max_ino=32
[  283.518929][T14521] i_nlink=1
[  283.524877][T14521] syz.3.3367[14521] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  283.524981][T14521] syz.3.3367[14521] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  283.533918][T14517] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.3365: bg 0: block 248: padding at end of block bitmap is not set
[  283.564300][T14517] EXT4-fs error (device loop2): ext4_acquire_dquot:6848: comm syz.2.3365: Failed to acquire dquot type 1
[  283.576981][T14517] EXT4-fs (loop2): 1 truncate cleaned up
[  283.585076][T14517] ext4 filesystem being mounted at /35/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  283.616638][T14527] loop3: detected capacity change from 0 to 2048
[  283.624093][ T5891] EXT4-fs error (device loop2): ext4_release_dquot:6871: comm kworker/u8:15: Failed to release dquot type 1
[  283.654980][T14529] loop2: detected capacity change from 0 to 2048
[  283.675458][T14527]  loop3: p1 < > p4
[  283.679851][T14527] loop3: p4 size 8388608 extends beyond EOD, truncated
[  283.695494][T14529]  loop2: p1 < > p4
[  283.700742][T14529] loop2: p4 size 8388608 extends beyond EOD, truncated
[  283.803914][T14540] xt_connbytes: Forcing CT accounting to be enabled
[  283.811168][T14540] Cannot find add_set index 0 as target
[  283.968605][T14551] loop3: detected capacity change from 0 to 512
[  283.983719][T14553] loop1: detected capacity change from 0 to 512
[  284.006459][T14551] EXT4-fs error (device loop3): ext4_orphan_get:1417: comm syz.3.3378: bad orphan inode 17
[  284.008096][T14553] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.3379: bg 0: block 248: padding at end of block bitmap is not set
[  284.034429][T14553] EXT4-fs error (device loop1): ext4_acquire_dquot:6848: comm syz.1.3379: Failed to acquire dquot type 1
[  284.041926][T14560] netlink: '+}[@': attribute type 2 has an invalid length.
[  284.047422][T14553] EXT4-fs (loop1): 1 truncate cleaned up
[  284.058802][T14551] ext4_test_bit(bit=16, block=4) = 1
[  284.059187][T14553] ext4 filesystem being mounted at /79/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  284.064109][T14551] is_bad_inode(inode)=0
[  284.078575][T14551] NEXT_ORPHAN(inode)=0
[  284.082751][T14551] max_ino=32
[  284.086023][T14551] i_nlink=1
[  284.112059][T14567] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  284.120589][T14551] syz.3.3378[14551] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  284.121749][T14551] syz.3.3378[14551] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  284.133507][ T5907] EXT4-fs error (device loop1): ext4_release_dquot:6871: comm kworker/u8:29: Failed to release dquot type 1
[  284.175350][ T5891] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  284.218407][ T5891] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  284.256732][T14555] gre0 speed is unknown, defaulting to 1000
[  284.270363][ T5891] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  284.285887][T14579] vlan2: entered allmulticast mode
[  284.340578][ T5891] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  284.394877][T14586] loop2: detected capacity change from 0 to 2048
[  284.430709][T14555] chnl_net:caif_netlink_parms(): no params data found
[  284.443728][T14586]  loop2: p1 < > p4
[  284.461511][T14586] loop2: p4 size 8388608 extends beyond EOD, truncated
[  284.488966][ T5891] team0: left allmulticast mode
[  284.493873][ T5891] team_slave_0: left allmulticast mode
[  284.499506][ T5891] team_slave_1: left allmulticast mode
[  284.505028][ T5891] team0: left promiscuous mode
[  284.509787][ T5891] team_slave_0: left promiscuous mode
[  284.515402][ T5891] team_slave_1: left promiscuous mode
[  284.520908][ T5891] bridge0: port 3(team0) entered disabled state
[  284.537724][ T5891] bridge_slave_1: left allmulticast mode
[  284.543438][ T5891] bridge_slave_1: left promiscuous mode
[  284.549237][ T5891] bridge0: port 2(bridge_slave_1) entered disabled state
[  284.558367][ T5891] bridge_slave_0: left allmulticast mode
[  284.564037][ T5891] bridge_slave_0: left promiscuous mode
[  284.570023][ T5891] bridge0: port 1(bridge_slave_0) entered disabled state
[  284.758613][ T5891] @ (unregistering): (slave bond_slave_0): Releasing backup interface
[  284.776506][ T5891] @ (unregistering): (slave bond_slave_1): Releasing backup interface
[  284.787798][ T5891] @ (unregistering): Released all slaves
[  284.847529][ T5891] tipc: Disabling bearer <eth:veth0_to_batadv>
[  284.861475][ T5891] tipc: Left network mode
[  284.864954][T14555] bridge0: port 1(bridge_slave_0) entered blocking state
[  284.872868][T14555] bridge0: port 1(bridge_slave_0) entered disabled state
[  284.893232][T14555] bridge_slave_0: entered allmulticast mode
[  284.901373][T14555] bridge_slave_0: entered promiscuous mode
[  284.908399][T14555] bridge0: port 2(bridge_slave_1) entered blocking state
[  284.915522][T14555] bridge0: port 2(bridge_slave_1) entered disabled state
[  284.922652][T14555] bridge_slave_1: entered allmulticast mode
[  284.929118][T14555] bridge_slave_1: entered promiscuous mode
[  284.947325][T14603] batman_adv: batadv0: Adding interface: gretap1
[  284.953757][T14603] batman_adv: batadv0: Interface activated: gretap1
[  284.977111][T14555] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  284.998424][ T5891] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  285.005918][ T5891] batman_adv: batadv0: Removing interface: batadv_slave_0
[  285.013570][ T5891] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  285.021600][ T5891] batman_adv: batadv0: Removing interface: batadv_slave_1
[  285.031599][ T5891] veth1_macvtap: left promiscuous mode
[  285.037242][ T5891] veth0_macvtap: left promiscuous mode
[  285.042906][ T5891] veth1_vlan: left promiscuous mode
[  285.048249][ T5891] veth0_vlan: left promiscuous mode
[  285.145565][ T5891] team0 (unregistering): Port device team_slave_1 removed
[  285.158299][ T5891] team0 (unregistering): Port device team_slave_0 removed
[  285.206035][T14555] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  285.233622][T14617] syz.1.3397[14617] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  285.233697][T14617] syz.1.3397[14617] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  285.236787][T14555] team0: Port device team_slave_0 added
[  285.246222][T14616] loop2: detected capacity change from 0 to 512
[  285.259360][T14555] team0: Port device team_slave_1 added
[  285.297896][T14616] ext4 filesystem being mounted at /45/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  285.346059][T14555] batman_adv: batadv0: Adding interface: batadv_slave_0
[  285.353167][T14555] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  285.379117][T14555] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  285.405409][T14555] batman_adv: batadv0: Adding interface: batadv_slave_1
[  285.412447][T14555] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  285.438419][T14555] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  285.468782][T14629] loop4: detected capacity change from 0 to 512
[  285.491257][T14555] hsr_slave_0: entered promiscuous mode
[  285.498522][T14555] hsr_slave_1: entered promiscuous mode
[  285.504917][T14555] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  285.512836][T14555] Cannot create hsr debugfs directory
[  285.535942][T14629] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.3403: bg 0: block 248: padding at end of block bitmap is not set
[  285.536414][T14631] loop2: detected capacity change from 0 to 2048
[  285.561102][T14629] EXT4-fs error (device loop4): ext4_acquire_dquot:6848: comm syz.4.3403: Failed to acquire dquot type 1
[  285.574618][T14629] EXT4-fs (loop4): 1 truncate cleaned up
[  285.582824][T14629] ext4 filesystem being mounted at /473/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  285.593162][T14636] netlink: '+}[@': attribute type 2 has an invalid length.
[  285.600781][T14636] __nla_validate_parse: 4 callbacks suppressed
[  285.600792][T14636] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  285.616748][T14631]  loop2: p1 < > p4
[  285.626695][T14631] loop2: p4 size 8388608 extends beyond EOD, truncated
[  285.647914][ T5907] EXT4-fs error (device loop4): ext4_release_dquot:6871: comm kworker/u8:29: Failed to release dquot type 1
[  285.740189][T14642] FAULT_INJECTION: forcing a failure.
[  285.740189][T14642] name failslab, interval 1, probability 0, space 0, times 0
[  285.752961][T14642] CPU: 0 UID: 0 PID: 14642 Comm: syz.4.3405 Not tainted 6.11.0-syzkaller-07341-gbaeb9a7d8b60 #0
[  285.763374][T14642] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  285.773430][T14642] Call Trace:
[  285.776707][T14642]  <TASK>
[  285.779632][T14642]  dump_stack_lvl+0xf2/0x150
[  285.784240][T14642]  dump_stack+0x15/0x20
[  285.788418][T14642]  should_fail_ex+0x229/0x230
[  285.793169][T14642]  ? audit_log_start+0x34c/0x6b0
[  285.798109][T14642]  should_failslab+0x8f/0xb0
[  285.802789][T14642]  kmem_cache_alloc_noprof+0x4c/0x290
[  285.808165][T14642]  audit_log_start+0x34c/0x6b0
[  285.812986][T14642]  audit_seccomp+0x4b/0x130
[  285.817534][T14642]  __seccomp_filter+0x6fa/0x1180
[  285.822495][T14642]  ? proc_fail_nth_write+0x12a/0x150
[  285.827802][T14642]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  285.833579][T14642]  ? vfs_write+0x580/0x910
[  285.838066][T14642]  ? __fget_files+0x1d4/0x210
[  285.842769][T14642]  __secure_computing+0x9f/0x1c0
[  285.847724][T14642]  syscall_trace_enter+0xd1/0x1f0
[  285.852782][T14642]  ? fpregs_assert_state_consistent+0x83/0xa0
[  285.858871][T14642]  do_syscall_64+0xaa/0x1c0
[  285.863389][T14642]  ? clear_bhb_loop+0x55/0xb0
[  285.868163][T14642]  ? clear_bhb_loop+0x55/0xb0
[  285.872952][T14642]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  285.879035][T14642] RIP: 0033:0x7f022dcedef9
[  285.883536][T14642] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  285.903218][T14642] RSP: 002b:00007f022c967038 EFLAGS: 00000246 ORIG_RAX: 0000000000000034
[  285.911708][T14642] RAX: ffffffffffffffda RBX: 00007f022dea5f80 RCX: 00007f022dcedef9
[  285.919681][T14642] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000
[  285.927710][T14642] RBP: 00007f022c967090 R08: 0000000000000000 R09: 0000000000000000
[  285.935680][T14642] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  285.943706][T14642] R13: 0000000000000000 R14: 00007f022dea5f80 R15: 00007fff22a4cbf8
[  285.951680][T14642]  </TASK>
[  285.954918][T14642] audit_log_lost: 601 callbacks suppressed
[  285.954931][T14642] audit: audit_lost=3 audit_rate_limit=0 audit_backlog_limit=64
[  285.968725][T14642] audit: out of memory in audit_log_start
[  285.976935][   T29] audit: type=1326 audit(1726838367.147:12785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14641 comm="syz.4.3405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f022dcec93c code=0x7ffc0000
[  286.002809][   T29] audit: type=1326 audit(1726838367.147:12786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14641 comm="syz.4.3405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f022dcec9df code=0x7ffc0000
[  286.026262][   T29] audit: type=1326 audit(1726838367.147:12787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14641 comm="syz.4.3405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f022dcecb8a code=0x7ffc0000
[  286.049723][   T29] audit: type=1326 audit(1726838367.147:12788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14641 comm="syz.4.3405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f022dcedef9 code=0x7ffc0000
[  286.073323][   T29] audit: type=1326 audit(1726838367.147:12789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14641 comm="syz.4.3405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f022dcedef9 code=0x7ffc0000
[  286.123944][   T29] audit: type=1326 audit(1726838367.277:12790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14644 comm="syz.4.3406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f022dcedef9 code=0x7ffc0000
[  286.147601][   T29] audit: type=1326 audit(1726838367.277:12791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14644 comm="syz.4.3406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f022dcedef9 code=0x7ffc0000
[  286.171192][   T29] audit: type=1326 audit(1726838367.277:12792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14644 comm="syz.4.3406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f022dcedef9 code=0x7ffc0000
[  286.258345][T14647] loop2: detected capacity change from 0 to 512
[  286.265994][T14647] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  286.289389][T14647] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.3407: bg 0: block 264: padding at end of block bitmap is not set
[  286.307207][T14647] EXT4-fs (loop2): Remounting filesystem read-only
[  286.313881][T14647] EXT4-fs (loop2): 1 truncate cleaned up
[  286.324931][T14647] SELinux: (dev loop2, type ext4) getxattr errno 5
[  286.348732][T14555] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  286.360157][T14555] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  286.370462][T14555] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  286.379968][T14555] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  286.403651][T14654] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3409'.
[  286.404190][T14651] loop3: detected capacity change from 0 to 2048
[  286.477258][T14651]  loop3: p1 < > p4
[  286.481632][T14651] loop3: p4 size 8388608 extends beyond EOD, truncated
[  286.482730][T14555] 8021q: adding VLAN 0 to HW filter on device bond0
[  286.519275][T14555] 8021q: adding VLAN 0 to HW filter on device team0
[  286.524072][T14658] loop2: detected capacity change from 0 to 2048
[  286.541963][ T5891] bridge0: port 1(bridge_slave_0) entered blocking state
[  286.549057][ T5891] bridge0: port 1(bridge_slave_0) entered forwarding state
[  286.565909][ T5891] bridge0: port 2(bridge_slave_1) entered blocking state
[  286.566137][T14658]  loop2: p1 < > p4
[  286.572995][ T5891] bridge0: port 2(bridge_slave_1) entered forwarding state
[  286.597768][T14658] loop2: p4 size 8388608 extends beyond EOD, truncated
[  286.726776][T14555] 8021q: adding VLAN 0 to HW filter on device batadv0
[  286.806410][T14669] netdevsim netdevsim1 netdevsim1: entered allmulticast mode
[  286.820383][T14669] lo: entered allmulticast mode
[  286.921447][T14555] veth0_vlan: entered promiscuous mode
[  286.940526][T14555] veth1_vlan: entered promiscuous mode
[  286.972479][T14555] veth0_macvtap: entered promiscuous mode
[  286.988907][T14555] veth1_macvtap: entered promiscuous mode
[  287.009175][T14681] usb usb5: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  287.015401][T14555] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  287.027027][T14555] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  287.036917][T14555] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  287.047351][T14555] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  287.057209][T14555] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  287.067698][T14555] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  287.077703][T14555] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  287.088147][T14555] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  287.100678][T14555] batman_adv: batadv0: Interface activated: batadv_slave_0
[  287.111673][T14555] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  287.122193][T14555] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  287.132086][T14555] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  287.142627][T14555] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  287.152549][T14555] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  287.163047][T14555] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  287.172882][T14555] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  287.183317][T14555] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  287.193174][T14555] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  287.203603][T14555] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  287.215266][T14555] batman_adv: batadv0: Interface activated: batadv_slave_1
[  287.231155][T14555] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  287.240126][T14555] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  287.248971][T14555] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  287.257756][T14555] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  287.280835][T14688] loop2: detected capacity change from 0 to 512
[  287.290193][T14688] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  287.304429][T14688] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.3418: bg 0: block 264: padding at end of block bitmap is not set
[  287.321105][T14688] EXT4-fs (loop2): Remounting filesystem read-only
[  287.327946][T14688] EXT4-fs (loop2): 1 truncate cleaned up
[  287.334125][T14688] SELinux: (dev loop2, type ext4) getxattr errno 5
[  287.399722][T14695] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3377'.
[  287.497355][T14710] loop4: detected capacity change from 0 to 2048
[  287.504454][T14715] loop2: detected capacity change from 0 to 2048
[  287.515986][T14716] netlink: '+}[@': attribute type 2 has an invalid length.
[  287.523202][T14716] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  287.532048][T14710]  loop4: p1 < > p4
[  287.537512][T14710] loop4: p4 size 8388608 extends beyond EOD, truncated
[  287.537724][T14715]  loop2: p1 < > p4
[  287.551001][T14717] netlink: '+}[@': attribute type 2 has an invalid length.
[  287.555013][T14715] loop2: p4 size 8388608 extends beyond EOD, truncated
[  287.558261][T14717] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  287.755288][T14721] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3429'.
[  287.782863][T14723] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3430'.
[  287.810105][T14729] loop2: detected capacity change from 0 to 512
[  287.826238][T14729] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.3433: bg 0: block 248: padding at end of block bitmap is not set
[  287.841493][T14729] EXT4-fs error (device loop2): ext4_acquire_dquot:6848: comm syz.2.3433: Failed to acquire dquot type 1
[  287.853442][T14729] EXT4-fs (loop2): 1 truncate cleaned up
[  287.859880][T14729] ext4 filesystem being mounted at /59/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  287.872785][T14729] syz.2.3433[14729] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  287.872873][T14729] syz.2.3433[14729] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  287.910214][ T5891] EXT4-fs error (device loop2): ext4_release_dquot:6871: comm kworker/u8:15: Failed to release dquot type 1
[  287.933639][T14733] loop4: detected capacity change from 0 to 128
[  287.960891][T14733] ext4 filesystem being mounted at /481/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  288.038977][T14734] gre0 speed is unknown, defaulting to 1000
[  288.137023][T14734] chnl_net:caif_netlink_parms(): no params data found
[  288.232991][T14734] bridge0: port 1(bridge_slave_0) entered blocking state
[  288.240093][T14734] bridge0: port 1(bridge_slave_0) entered disabled state
[  288.297970][T14734] bridge_slave_0: entered allmulticast mode
[  288.323003][T14734] bridge_slave_0: entered promiscuous mode
[  288.330105][T14734] bridge0: port 2(bridge_slave_1) entered blocking state
[  288.337188][T14734] bridge0: port 2(bridge_slave_1) entered disabled state
[  288.344591][T14734] bridge_slave_1: entered allmulticast mode
[  288.350970][T14734] bridge_slave_1: entered promiscuous mode
[  288.387616][T14734] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  288.402328][T14734] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  288.442316][T14734] team0: Port device team_slave_0 added
[  288.456292][T14734] team0: Port device team_slave_1 added
[  288.492785][T14763] loop4: detected capacity change from 0 to 2048
[  288.514671][T14734] batman_adv: batadv0: Adding interface: batadv_slave_0
[  288.521639][T14734] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  288.547662][T14734] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  288.550733][T14770] 9pnet_fd: Insufficient options for proto=fd
[  288.561404][T14734] batman_adv: batadv0: Adding interface: batadv_slave_1
[  288.571350][T14734] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  288.597446][T14734] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  288.615216][T14763]  loop4: p1 < > p4
[  288.619452][T14763] loop4: p4 size 8388608 extends beyond EOD, truncated
[  288.643680][T14734] hsr_slave_0: entered promiscuous mode
[  288.650968][T14734] hsr_slave_1: entered promiscuous mode
[  288.657552][T14734] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  288.667502][T14734] Cannot create hsr debugfs directory
[  288.772033][T14734] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  288.856644][T14734] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  288.912156][T14775] usb usb5: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  288.928887][T14734] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  289.017654][T14734] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  289.083227][T14734] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  289.094457][T14782] netlink: '+}[@': attribute type 2 has an invalid length.
[  289.101724][T14782] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  289.111078][T14734] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  289.120102][T14734] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  289.130268][T14734] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  289.138905][T14785] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3447'.
[  289.179026][T14734] 8021q: adding VLAN 0 to HW filter on device bond0
[  289.194409][T14734] 8021q: adding VLAN 0 to HW filter on device team0
[  289.204341][   T40] bridge0: port 1(bridge_slave_0) entered blocking state
[  289.211473][   T40] bridge0: port 1(bridge_slave_0) entered forwarding state
[  289.222928][T14792] loop2: detected capacity change from 0 to 164
[  289.230143][T14792] Unable to read rock-ridge attributes
[  289.235095][T14734] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  289.235984][T14791] Unable to read rock-ridge attributes
[  289.245941][T14734] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  289.263163][T14791] netlink: 'syz.2.3450': attribute type 3 has an invalid length.
[  289.266641][T14792] netlink: 'syz.2.3450': attribute type 3 has an invalid length.
[  289.273864][   T40] bridge0: port 2(bridge_slave_1) entered blocking state
[  289.285815][   T40] bridge0: port 2(bridge_slave_1) entered forwarding state
[  289.323181][T14734] 8021q: adding VLAN 0 to HW filter on device batadv0
[  289.349295][T14798] loop1: detected capacity change from 0 to 512
[  289.356788][T14798] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  289.378557][T14798] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.3451: bg 0: block 248: padding at end of block bitmap is not set
[  289.394929][T14798] EXT4-fs error (device loop1): ext4_acquire_dquot:6848: comm syz.1.3451: Failed to acquire dquot type 1
[  289.398036][T14734] veth0_vlan: entered promiscuous mode
[  289.406801][T14798] EXT4-fs (loop1): 1 truncate cleaned up
[  289.415761][T14734] veth1_vlan: entered promiscuous mode
[  289.424656][T14798] EXT4-fs mount: 121 callbacks suppressed
[  289.424674][T14798] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  289.430921][T14734] veth0_macvtap: entered promiscuous mode
[  289.448825][T14798] ext4 filesystem being mounted at /91/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  289.452803][T14734] veth1_macvtap: entered promiscuous mode
[  289.473263][T14734] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  289.483821][T14734] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  289.493688][T14734] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  289.504110][T14734] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  289.513983][T14734] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  289.524408][T14734] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  289.534334][T14734] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  289.544876][T14734] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  289.554895][T14734] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  289.565441][T14734] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  289.575381][T14798] EXT4-fs error (device loop1): __ext4_remount:6491: comm syz.1.3451: Abort forced by user
[  289.578067][T14734] batman_adv: batadv0: Interface activated: batadv_slave_0
[  289.593989][T14798] EXT4-fs (loop1): Remounting filesystem read-only
[  289.596705][T14734] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  289.611096][T14734] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  289.620979][T14734] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  289.631908][T14734] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  289.641786][T14734] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  289.652212][T14734] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  289.662016][T14734] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  289.672490][T14734] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  289.682292][T14734] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  289.692714][T14734] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  289.702588][T14734] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  289.713072][T14734] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  289.725384][T14734] batman_adv: batadv0: Interface activated: batadv_slave_1
[  289.734503][T14734] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  289.743671][T14734] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  289.752399][T14734] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  289.761224][T14734] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  289.770905][T12611] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  289.867882][T14812] loop1: detected capacity change from 0 to 512
[  289.875212][T14812] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  289.894043][T14812] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.3452: bg 0: block 264: padding at end of block bitmap is not set
[  289.911831][T14812] EXT4-fs (loop1): Remounting filesystem read-only
[  289.942584][T14812] EXT4-fs (loop1): 1 truncate cleaned up
[  289.949228][T14812] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  289.961394][T14812] SELinux: (dev loop1, type ext4) getxattr errno 5
[  289.968657][T14812] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  289.991538][T14828] loop4: detected capacity change from 0 to 2048
[  290.023338][T14831] loop1: detected capacity change from 0 to 764
[  290.056472][T14828]  loop4: p1 < > p4
[  290.060768][T14828] loop4: p4 size 8388608 extends beyond EOD, truncated
[  290.077999][T14836] usb usb5: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  290.146847][T14841] syz.1.3464[14841] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  290.146929][T14841] syz.1.3464[14841] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  290.183836][T14841] loop1: detected capacity change from 0 to 1024
[  290.226682][T14841] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  290.244383][  T986] hid-generic 0000:3000000:0000.0010: unknown main item tag 0x4
[  290.252123][  T986] hid-generic 0000:3000000:0000.0010: unknown main item tag 0x2
[  290.263443][  T986] hid-generic 0000:3000000:0000.0010: unknown main item tag 0x0
[  290.271142][  T986] hid-generic 0000:3000000:0000.0010: unknown main item tag 0x0
[  290.278809][  T986] hid-generic 0000:3000000:0000.0010: unknown main item tag 0x0
[  290.286553][  T986] hid-generic 0000:3000000:0000.0010: unknown main item tag 0x0
[  290.294184][  T986] hid-generic 0000:3000000:0000.0010: unknown main item tag 0x0
[  290.301840][  T986] hid-generic 0000:3000000:0000.0010: unknown main item tag 0x0
[  290.309495][  T986] hid-generic 0000:3000000:0000.0010: unknown main item tag 0x0
[  290.317167][  T986] hid-generic 0000:3000000:0000.0010: unknown main item tag 0x0
[  290.324838][  T986] hid-generic 0000:3000000:0000.0010: unknown main item tag 0x0
[  290.332469][  T986] hid-generic 0000:3000000:0000.0010: unknown main item tag 0x0
[  290.340199][  T986] hid-generic 0000:3000000:0000.0010: unknown main item tag 0x0
[  290.347935][  T986] hid-generic 0000:3000000:0000.0010: unknown main item tag 0x0
[  290.355699][  T986] hid-generic 0000:3000000:0000.0010: unknown main item tag 0x0
[  290.363342][  T986] hid-generic 0000:3000000:0000.0010: unknown main item tag 0x0
[  290.372861][  T986] hid-generic 0000:3000000:0000.0010: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  290.383584][T14851] netlink: 'syz.0.3466': attribute type 2 has an invalid length.
[  290.391383][T14851] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3466'.
[  290.414135][T12611] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  290.458221][T14858] bridge0: port 4(vlan2) entered blocking state
[  290.464614][T14858] bridge0: port 4(vlan2) entered disabled state
[  290.471738][T14858] vlan2: entered allmulticast mode
[  290.479083][T14858] vlan2: left allmulticast mode
[  290.530572][T14864] loop4: detected capacity change from 0 to 256
[  290.543659][T14864] vfat: Unknown parameter '0xffffffffffffffff'
[  290.551711][T14866] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  290.606011][T14871] FAULT_INJECTION: forcing a failure.
[  290.606011][T14871] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  290.619188][T14871] CPU: 1 UID: 0 PID: 14871 Comm: syz.4.3475 Not tainted 6.11.0-syzkaller-07341-gbaeb9a7d8b60 #0
[  290.629666][T14871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  290.639719][T14871] Call Trace:
[  290.642992][T14871]  <TASK>
[  290.645963][T14871]  dump_stack_lvl+0xf2/0x150
[  290.650586][T14871]  dump_stack+0x15/0x20
[  290.654794][T14871]  should_fail_ex+0x229/0x230
[  290.659483][T14871]  should_fail+0xb/0x10
[  290.663665][T14871]  should_fail_usercopy+0x1a/0x20
[  290.668700][T14871]  _copy_from_user+0x1e/0xd0
[  290.673369][T14871]  copy_msghdr_from_user+0x54/0x2a0
[  290.678643][T14871]  __sys_sendmsg+0x171/0x270
[  290.683264][T14871]  __x64_sys_sendmsg+0x46/0x50
[  290.688102][T14871]  x64_sys_call+0x2689/0x2d60
[  290.692778][T14871]  do_syscall_64+0xc9/0x1c0
[  290.697270][T14871]  ? clear_bhb_loop+0x55/0xb0
[  290.701979][T14871]  ? clear_bhb_loop+0x55/0xb0
[  290.706654][T14871]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  290.712541][T14871] RIP: 0033:0x7f022dcedef9
[  290.716944][T14871] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  290.736597][T14871] RSP: 002b:00007f022c967038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  290.745001][T14871] RAX: ffffffffffffffda RBX: 00007f022dea5f80 RCX: 00007f022dcedef9
[  290.752991][T14871] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000005
[  290.761025][T14871] RBP: 00007f022c967090 R08: 0000000000000000 R09: 0000000000000000
[  290.768991][T14871] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  290.777037][T14871] R13: 0000000000000000 R14: 00007f022dea5f80 R15: 00007fff22a4cbf8
[  290.785005][T14871]  </TASK>
[  290.808725][T14874] loop4: detected capacity change from 0 to 512
[  290.827582][T14874] EXT4-fs error (device loop4): ext4_orphan_get:1417: comm syz.4.3476: bad orphan inode 17
[  290.840343][T14874] ext4_test_bit(bit=16, block=4) = 1
[  290.845823][T14874] is_bad_inode(inode)=0
[  290.849981][T14874] NEXT_ORPHAN(inode)=0
[  290.854158][T14874] max_ino=32
[  290.857497][T14874] i_nlink=1
[  290.862915][T14874] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  290.880828][T14874] syz.4.3476[14874] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  290.881057][T14874] syz.4.3476[14874] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  290.901981][T14874] batadv0: entered promiscuous mode
[  290.923968][T14874] batadv_slave_0: entered promiscuous mode
[  290.929992][T14874] batadv_slave_0: left promiscuous mode
[  290.944710][T14874] batadv0: left promiscuous mode
[  291.011844][ T8111] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  291.062618][T14886] loop2: detected capacity change from 0 to 2048
[  291.086419][   T29] kauditd_printk_skb: 146 callbacks suppressed
[  291.086477][   T29] audit: type=1400 audit(1726838372.247:12934): avc:  denied  { write } for  pid=14881 comm="syz.4.3478" name="sg0" dev="devtmpfs" ino=111 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  291.116896][T14888] sg_write: data in/out 209152/1 bytes for SCSI command 0xf2-- guessing data in;
[  291.116896][T14888]    program syz.4.3478 not setting count and/or reply_len properly
[  291.134043][T14883] sg_write: data in/out 209152/1 bytes for SCSI command 0xf2-- guessing data in;
[  291.134043][T14883]    program syz.4.3478 not setting count and/or reply_len properly
[  291.163808][T14886]  loop2: p1 < > p4
[  291.168827][T14886] loop2: p4 size 8388608 extends beyond EOD, truncated
[  291.224580][T14906] usb usb5: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  291.259070][T14903] hub 2-0:1.0: USB hub found
[  291.264081][T14903] hub 2-0:1.0: 8 ports detected
[  291.284363][   T29] audit: type=1326 audit(1726838372.447:12935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14905 comm="syz.3.3487" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fdb3e94def9 code=0x0
[  291.313754][T14913] tmpfs: Bad value for 'huge'
[  291.325204][T14913] netlink: 'syz.4.3489': attribute type 10 has an invalid length.
[  291.326074][   T29] audit: type=1326 audit(1726838372.497:12936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14914 comm="syz.0.3490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f633a99def9 code=0x7ffc0000
[  291.361918][   T29] audit: type=1326 audit(1726838372.527:12937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14914 comm="syz.0.3490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f633a99def9 code=0x7ffc0000
[  291.385531][   T29] audit: type=1326 audit(1726838372.527:12938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14914 comm="syz.0.3490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f633a99def9 code=0x7ffc0000
[  291.409219][   T29] audit: type=1326 audit(1726838372.527:12939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14914 comm="syz.0.3490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=208 compat=0 ip=0x7f633a99def9 code=0x7ffc0000
[  291.432955][   T29] audit: type=1326 audit(1726838372.527:12940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14914 comm="syz.0.3490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f633a99def9 code=0x7ffc0000
[  291.442204][T14917] loop4: detected capacity change from 0 to 2048
[  291.456776][   T29] audit: type=1326 audit(1726838372.527:12941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14914 comm="syz.0.3490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f633a99def9 code=0x7ffc0000
[  291.456816][   T29] audit: type=1326 audit(1726838372.527:12942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14914 comm="syz.0.3490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f633a99def9 code=0x7ffc0000
[  291.456857][   T29] audit: type=1326 audit(1726838372.527:12943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14914 comm="syz.0.3490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f633a99def9 code=0x7ffc0000
[  291.565490][T14917]  loop4: p1 < > p4
[  291.569894][T14917] loop4: p4 size 8388608 extends beyond EOD, truncated
[  291.858378][T14945] usb usb7: usbfs: process 14945 (syz.4.3503) did not claim interface 0 before use
[  291.873395][T14945] loop4: detected capacity change from 0 to 512
[  291.880554][T14945] EXT4-fs (loop4): blocks per group (95) and clusters per group (32768) inconsistent
[  292.216601][T14960] netlink: '+}[@': attribute type 2 has an invalid length.
[  292.223941][T14960] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  292.528943][T14967] IPVS: length: 214 != 24
[  292.549683][T14970] loop2: detected capacity change from 0 to 512
[  292.556599][T14970] EXT4-fs: Ignoring removed nomblk_io_submit option
[  292.563526][T14970] EXT4-fs (loop2): VFS: Can't find ext4 filesystem
[  292.574750][T14970] devtmpfs: Unknown parameter 'di���'
[  292.601001][T14975] netlink: '+}[@': attribute type 2 has an invalid length.
[  292.608264][T14975] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  292.659559][T14974] syz.2.3512[14974] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  292.659656][T14974] syz.2.3512[14974] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  292.673482][T14979] netlink: zone id is out of range
[  292.691497][T14979] netlink: zone id is out of range
[  292.696717][T14979] netlink: zone id is out of range
[  292.701838][T14979] netlink: zone id is out of range
[  292.707391][T14979] netlink: zone id is out of range
[  292.712501][T14979] netlink: zone id is out of range
[  292.717685][T14979] netlink: zone id is out of range
[  292.726573][T14979] netlink: zone id is out of range
[  292.732129][T14979] netlink: zone id is out of range
[  292.737464][T14979] netlink: zone id is out of range
[  292.760285][T14984] usb usb5: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  292.869658][T14999] loop2: detected capacity change from 0 to 1024
[  292.876566][T14999] EXT4-fs: test_dummy_encryption option not supported
[  292.978409][T15005] Cannot find set identified by id 0 to match
[  292.985392][T15005] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3523'.
[  293.131557][T15026] netlink: 268 bytes leftover after parsing attributes in process `syz.3.3533'.
[  293.140784][T15026] unsupported nla_type 65024
[  293.249338][T15041] bond_slave_0: entered promiscuous mode
[  293.255091][T15041] bond_slave_1: entered promiscuous mode
[  293.264054][T15040] bond_slave_0: left promiscuous mode
[  293.269557][T15040] bond_slave_1: left promiscuous mode
[  293.276576][T15042] netlink: '+}[@': attribute type 2 has an invalid length.
[  293.283915][T15042] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  293.300839][T15044] loop3: detected capacity change from 0 to 512
[  293.309012][T15044] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  293.320454][T15044] EXT4-fs (loop3): 1 truncate cleaned up
[  293.327880][T15044] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  293.355383][T15044] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  293.364882][T15044] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  293.379801][T15044] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  293.389767][T15044] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  293.407563][T15044] SELinux:  Context #! ./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  293.473551][T15054] loop1: detected capacity change from 0 to 2048
[  293.615201][T15054]  loop1: p1 < > p4
[  293.619553][T15054] loop1: p4 size 8388608 extends beyond EOD, truncated
[  293.908604][T15072] loop4: detected capacity change from 0 to 512
[  293.915642][T15072] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  293.927871][T15072] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.3552: bg 0: block 264: padding at end of block bitmap is not set
[  293.942924][T15072] EXT4-fs (loop4): Remounting filesystem read-only
[  293.949671][T15072] EXT4-fs (loop4): 1 truncate cleaned up
[  293.955639][T15072] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  293.967936][T15072] SELinux: (dev loop4, type ext4) getxattr errno 5
[  293.979703][T15072] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  293.991649][T14734] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  294.369203][T15197] loop3: detected capacity change from 0 to 2048
[  294.425129][T15197]  loop3: p1 < > p4
[  294.429590][T15197] loop3: p4 size 8388608 extends beyond EOD, truncated
[  294.496922][T15209] netlink: '+}[@': attribute type 2 has an invalid length.
[  294.504221][T15209] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  294.739420][T15214] usb usb5: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  295.009093][T15221] loop2: detected capacity change from 0 to 512
[  295.017013][T15221] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  295.034947][T15221] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.3615: bg 0: block 264: padding at end of block bitmap is not set
[  295.050032][T15221] EXT4-fs (loop2): Remounting filesystem read-only
[  295.058374][T15221] EXT4-fs (loop2): 1 truncate cleaned up
[  295.064604][T15221] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  295.076745][T15221] SELinux: (dev loop2, type ext4) getxattr errno 5
[  295.083940][T15221] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  295.272339][T15246] gre0 speed is unknown, defaulting to 1000
[  295.317954][T15247] netlink: 'syz.4.3626': attribute type 10 has an invalid length.
[  295.330695][T15247] team0: left allmulticast mode
[  295.335629][T15247] team_slave_0: left allmulticast mode
[  295.341161][T15247] team_slave_1: left allmulticast mode
[  295.346775][T15247] team0: left promiscuous mode
[  295.351544][T15247] team_slave_0: left promiscuous mode
[  295.357071][T15247] team_slave_1: left promiscuous mode
[  295.362637][T15247] bridge0: port 3(team0) entered disabled state
[  295.375331][T15247] 8021q: adding VLAN 0 to HW filter on device team0
[  295.383250][T15247] @: (slave team0): Enslaving as an active interface with an up link
[  295.438791][T15249] netlink: 'syz.4.3626': attribute type 10 has an invalid length.
[  295.465670][T15249] @: (slave team0): Releasing backup interface
[  295.474262][T15249] bridge0: port 3(team0) entered blocking state
[  295.480699][T15249] bridge0: port 3(team0) entered disabled state
[  295.488429][T15249] team0: entered allmulticast mode
[  295.493631][T15249] team_slave_0: entered allmulticast mode
[  295.499646][T15249] team_slave_1: entered allmulticast mode
[  295.510072][T15249] team0: entered promiscuous mode
[  295.515156][T15249] team_slave_0: entered promiscuous mode
[  295.520964][T15249] team_slave_1: entered promiscuous mode
[  295.637846][T15254] loop4: detected capacity change from 0 to 512
[  295.645854][T15254] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  295.646999][T15263] loop1: detected capacity change from 0 to 2048
[  295.674488][T15254] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.3628: bg 0: block 264: padding at end of block bitmap is not set
[  295.696952][T15254] EXT4-fs (loop4): Remounting filesystem read-only
[  295.703566][T15254] EXT4-fs (loop4): 1 truncate cleaned up
[  295.716304][T15254] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  295.728770][T15254] SELinux: (dev loop4, type ext4) getxattr errno 5
[  295.737124][T15254] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  295.756320][T15263] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  295.801938][T12611] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  295.958207][T15299] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3645'.
[  296.000114][T15304] usb usb5: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  296.066939][T15308] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3648'.
[  296.076970][T15310] netlink: '+}[@': attribute type 2 has an invalid length.
[  296.084205][T15310] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  296.182898][T15324] loop2: detected capacity change from 0 to 2048
[  296.226347][T15324]  loop2: p1 < > p4
[  296.230731][T15324] loop2: p4 size 8388608 extends beyond EOD, truncated
[  296.543542][T15336] loop2: detected capacity change from 0 to 512
[  296.550466][T15336] EXT4-fs: Ignoring removed orlov option
[  296.556619][T15336] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  296.569634][T15336] EXT4-fs (loop2): 1 orphan inode deleted
[  296.575474][T15336] EXT4-fs (loop2): 1 truncate cleaned up
[  296.581735][T15336] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  296.601683][T15336] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  296.640588][T14087] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  296.659491][T15339] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3659'.
[  296.702904][T15341] loop2: detected capacity change from 0 to 2048
[  296.732439][T15343] hsr0: entered promiscuous mode
[  296.740598][T15341]  loop2: p1 < > p4
[  296.746502][T15341] loop2: p4 size 8388608 extends beyond EOD, truncated
[  296.889481][   T29] kauditd_printk_skb: 186 callbacks suppressed
[  296.889496][   T29] audit: type=1400 audit(1726838378.057:13130): avc:  denied  { map } for  pid=15360 comm="syz.1.3668" path="/dev/sg0" dev="devtmpfs" ino=111 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  296.932655][   T29] audit: type=1326 audit(1726838378.097:13131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15366 comm="syz.3.3672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb3e94def9 code=0x7ffc0000
[  296.958432][   T29] audit: type=1326 audit(1726838378.097:13132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15366 comm="syz.3.3672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb3e94def9 code=0x7ffc0000
[  296.982074][   T29] audit: type=1326 audit(1726838378.097:13133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15366 comm="syz.3.3672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdb3e94def9 code=0x7ffc0000
[  297.005803][   T29] audit: type=1326 audit(1726838378.097:13134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15366 comm="syz.3.3672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb3e94def9 code=0x7ffc0000
[  297.029430][   T29] audit: type=1326 audit(1726838378.097:13135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15366 comm="syz.3.3672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdb3e94def9 code=0x7ffc0000
[  297.053200][   T29] audit: type=1326 audit(1726838378.097:13136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15366 comm="syz.3.3672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb3e94def9 code=0x7ffc0000
[  297.076890][   T29] audit: type=1326 audit(1726838378.097:13137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15366 comm="syz.3.3672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7fdb3e94def9 code=0x7ffc0000
[  297.100467][   T29] audit: type=1326 audit(1726838378.097:13138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15366 comm="syz.3.3672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb3e94def9 code=0x7ffc0000
[  297.124037][   T29] audit: type=1326 audit(1726838378.097:13139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15366 comm="syz.3.3672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7fdb3e94def9 code=0x7ffc0000
[  297.321999][T15391] netlink: '+}[@': attribute type 2 has an invalid length.
[  297.329350][T15391] __nla_validate_parse: 3 callbacks suppressed
[  297.329363][T15391] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  297.364242][T15394] 9pnet_fd: Insufficient options for proto=fd
[  297.455130][T15400] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3682'.
[  297.537870][T15404] loop1: detected capacity change from 0 to 512
[  297.546494][T15404] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  297.567816][T15404] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.3684: bg 0: block 264: padding at end of block bitmap is not set
[  297.582442][T15404] EXT4-fs (loop1): Remounting filesystem read-only
[  297.590402][T15404] EXT4-fs (loop1): 1 truncate cleaned up
[  297.596839][T15404] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  297.610233][T15404] SELinux: (dev loop1, type ext4) getxattr errno 5
[  297.617382][T15404] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  297.655708][T15407] loop1: detected capacity change from 0 to 2048
[  297.694762][T15407]  loop1: p1 < > p4
[  297.699119][T15407] loop1: p4 size 8388608 extends beyond EOD, truncated
[  297.816792][T15412] loop4: detected capacity change from 0 to 2048
[  297.865023][T15412]  loop4: p1 < > p4
[  297.871252][T15412] loop4: p4 size 8388608 extends beyond EOD, truncated
[  298.021169][T15429] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3694'.
[  298.055679][T15433] hub 5-0:1.0: USB hub found
[  298.061374][T15433] hub 5-0:1.0: 8 ports detected
[  298.078698][T15435] loop2: detected capacity change from 0 to 1024
[  298.085624][T15435] EXT4-fs: quotafile must be on filesystem root
[  298.107580][T15440] loop3: detected capacity change from 0 to 2048
[  298.154845][T15440]  loop3: p1 < > p4
[  298.159492][T15440] loop3: p4 size 8388608 extends beyond EOD, truncated
[  298.247910][T15449] usb usb5: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  298.367611][T15463] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3708'.
[  298.552757][T15485] loop4: detected capacity change from 0 to 512
[  298.560886][T15485] EXT4-fs: Ignoring removed nomblk_io_submit option
[  298.567770][T15485] EXT4-fs (loop4): VFS: Can't find ext4 filesystem
[  298.585500][T15485] devtmpfs: Unknown parameter 'di���'
[  298.676623][T15492] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3719'.
[  298.752305][T15496] loop3: detected capacity change from 0 to 2048
[  298.805034][T15496]  loop3: p1 < > p4
[  298.812661][T15496] loop3: p4 size 8388608 extends beyond EOD, truncated
[  298.949951][T15503] loop1: detected capacity change from 0 to 128
[  299.118263][T15468] coredump: 1345(syz.4.3709): written to core: VMAs: 31, size 85229568; core: 56017694 bytes, pos 85237760
[  299.177883][T15507] netlink: 30 bytes leftover after parsing attributes in process `syz.2.3724'.
[  299.253284][T15509] syz.3.3725[15509] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  299.253412][T15509] syz.3.3725[15509] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  299.329500][T15509] loop3: detected capacity change from 0 to 512
[  299.408209][T15509] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  299.450479][T15509] ext4 filesystem being mounted at /57/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  299.514200][T15521] netlink: 'syz.2.3730': attribute type 5 has an invalid length.
[  299.551170][T14734] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  299.607118][T15537] loop1: detected capacity change from 0 to 512
[  299.623947][T15530] loop2: detected capacity change from 0 to 2048
[  299.631482][T15537] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  299.646129][T15537] ext4 filesystem being mounted at /141/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  299.661438][T15543] netlink: '+}[@': attribute type 2 has an invalid length.
[  299.668712][T15543] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  299.695183][T15530]  loop2: p1 < > p4
[  299.699561][T15530] loop2: p4 size 8388608 extends beyond EOD, truncated
[  299.736085][T12611] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  299.790027][T15557] loop3: detected capacity change from 0 to 512
[  299.797062][T15557] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  299.816513][T15557] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.3741: bg 0: block 264: padding at end of block bitmap is not set
[  299.846915][T15557] EXT4-fs (loop3): Remounting filesystem read-only
[  299.853579][T15557] EXT4-fs (loop3): 1 truncate cleaned up
[  299.866092][T15557] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  299.878174][T15557] SELinux: (dev loop3, type ext4) getxattr errno 5
[  299.890881][T15557] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  299.943134][T15564] loop3: detected capacity change from 0 to 2048
[  299.985963][T15564]  loop3: p1 < > p4
[  299.990481][T15564] loop3: p4 size 8388608 extends beyond EOD, truncated
[  300.251410][T15559] coredump: 358(syz.1.3740): written to core: VMAs: 29, size 89030656; core: 60012914 bytes, pos 89038848
[  300.337019][T15581] syz.3.3747[15581] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  300.337092][T15581] syz.3.3747[15581] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  300.417828][T15589] netlink: 'syz.3.3751': attribute type 10 has an invalid length.
[  300.439835][T15589] team0: Device hsr_slave_0 failed to register rx_handler
[  300.570933][T15606] usb usb5: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  300.692678][T15612] loop3: detected capacity change from 0 to 256
[  300.715704][T15612] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000001)
[  300.723660][T15612] FAT-fs (loop3): Filesystem has been set read-only
[  300.855216][T15617] netlink: '+}[@': attribute type 2 has an invalid length.
[  300.862578][T15617] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  301.397842][T15628] loop1: detected capacity change from 0 to 512
[  301.418921][T15628] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  301.436028][T15628] ext4 filesystem being mounted at /145/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  301.475768][T12611] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  301.497389][T15634] loop4: detected capacity change from 0 to 512
[  301.504447][T15634] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  301.517753][T15634] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.3766: bg 0: block 264: padding at end of block bitmap is not set
[  301.526235][T15643] 9pnet_fd: Insufficient options for proto=fd
[  301.538879][T15634] EXT4-fs (loop4): Remounting filesystem read-only
[  301.545923][T15634] EXT4-fs (loop4): 1 truncate cleaned up
[  301.551956][T15634] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  301.564175][T15634] SELinux: (dev loop4, type ext4) getxattr errno 5
[  301.571379][T15634] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  301.604609][T15651] loop4: detected capacity change from 0 to 764
[  301.656764][T15654] loop3: detected capacity change from 0 to 512
[  301.669481][T15654] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  301.699621][T15654] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.3775: bg 0: block 248: padding at end of block bitmap is not set
[  301.719124][T15654] EXT4-fs (loop3): Remounting filesystem read-only
[  301.722128][T15664] loop4: detected capacity change from 0 to 1024
[  301.730256][T15654] EXT4-fs (loop3): 1 truncate cleaned up
[  301.739492][T15654] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  301.752205][T15654] SELinux: (dev loop3, type ext4) getxattr errno 5
[  301.761126][T15654] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  301.768111][T15664] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  301.853306][ T8111] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  301.879996][    C0] net_ratelimit: 77 callbacks suppressed
[  301.880019][    C0] TCP: request_sock_subflow_v6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  301.903638][T15677] loop4: detected capacity change from 0 to 2048
[  301.927135][    C1] TCP: request_sock_subflow_v6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  301.939687][T15679] FAULT_INJECTION: forcing a failure.
[  301.939687][T15679] name failslab, interval 1, probability 0, space 0, times 0
[  301.944828][T15677]  loop4: p1 < > p4
[  301.952421][T15679] CPU: 1 UID: 0 PID: 15679 Comm: syz.3.3783 Not tainted 6.11.0-syzkaller-07341-gbaeb9a7d8b60 #0
[  301.964675][T15677] loop4: p4 size 8388608 extends beyond EOD, 
[  301.966537][T15679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  301.966552][T15679] Call Trace:
[  301.966558][T15679]  <TASK>
[  301.966566][T15679]  dump_stack_lvl+0xf2/0x150
[  301.972639][T15677] truncated
[  301.996746][T15679]  dump_stack+0x15/0x20
[  302.001022][T15679]  should_fail_ex+0x229/0x230
[  302.005867][T15679]  ? __alloc_skb+0x10b/0x310
[  302.010528][T15679]  should_failslab+0x8f/0xb0
[  302.015116][T15679]  kmem_cache_alloc_node_noprof+0x51/0x2b0
[  302.020915][T15679]  __alloc_skb+0x10b/0x310
[  302.025389][T15679]  tcp_send_active_reset+0x61/0x370
[  302.030588][T15679]  tcp_disconnect+0x269/0xd70
[  302.035257][T15679]  inet_child_forget+0x40/0x180
[  302.040243][T15679]  inet_csk_listen_stop+0x294/0x920
[  302.045520][T15679]  ? _raw_spin_unlock_bh+0x36/0x40
[  302.050624][T15679]  ? inet_csk_listen_stop+0xf5/0x920
[  302.055974][T15679]  mptcp_check_listen_stop+0x181/0x1f0
[  302.061428][T15679]  __mptcp_close+0xa3/0x970
[  302.065948][T15679]  ? lock_sock_nested+0x10f/0x140
[  302.071065][T15679]  ? 0xffffffff81000000
[  302.075219][T15679]  ? __rcu_read_unlock+0x4e/0x70
[  302.080264][T15679]  mptcp_close+0x28/0x140
[  302.084589][T15679]  inet_release+0xce/0xf0
[  302.088907][T15679]  inet6_release+0x3e/0x60
[  302.093321][T15679]  sock_close+0x68/0x150
[  302.097552][T15679]  ? __pfx_sock_close+0x10/0x10
[  302.102399][T15679]  __fput+0x17a/0x6d0
[  302.106369][T15679]  __fput_sync+0x43/0x60
[  302.110637][T15679]  __se_sys_close+0xf9/0x1a0
[  302.115215][T15679]  __x64_sys_close+0x1f/0x30
[  302.119793][T15679]  x64_sys_call+0x25cb/0x2d60
[  302.124465][T15679]  do_syscall_64+0xc9/0x1c0
[  302.128958][T15679]  ? clear_bhb_loop+0x55/0xb0
[  302.133687][T15679]  ? clear_bhb_loop+0x55/0xb0
[  302.138358][T15679]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  302.144369][T15679] RIP: 0033:0x7fdb3e94def9
[  302.148773][T15679] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  302.168373][T15679] RSP: 002b:00007fdb3d5c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  302.176837][T15679] RAX: ffffffffffffffda RBX: 00007fdb3eb05f80 RCX: 00007fdb3e94def9
[  302.184838][T15679] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006
[  302.192830][T15679] RBP: 00007fdb3d5c7090 R08: 0000000000000000 R09: 0000000000000000
[  302.200803][T15679] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  302.208763][T15679] R13: 0000000000000000 R14: 00007fdb3eb05f80 R15: 00007fff4e934a48
[  302.216798][T15679]  </TASK>
[  302.256646][T15682] gre0 speed is unknown, defaulting to 1000
[  302.357768][T15688] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3786'.
[  302.404595][T15690] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3787'.
[  302.483617][   T29] kauditd_printk_skb: 284 callbacks suppressed
[  302.483631][   T29] audit: type=1326 audit(1726838383.647:13422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15693 comm="syz.2.3790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9758a7def9 code=0x7ffc0000
[  302.515903][   T29] audit: type=1326 audit(1726838383.687:13423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15693 comm="syz.2.3790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9758a7def9 code=0x7ffc0000
[  302.522252][T15701] ALSA: seq fatal error: cannot create timer (-22)
[  302.539624][   T29] audit: type=1326 audit(1726838383.687:13424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15693 comm="syz.2.3790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9758a7def9 code=0x7ffc0000
[  302.573505][   T29] audit: type=1326 audit(1726838383.687:13425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15693 comm="syz.2.3790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9758a7def9 code=0x7ffc0000
[  302.597268][   T29] audit: type=1326 audit(1726838383.737:13426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15693 comm="syz.2.3790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9758a7def9 code=0x7ffc0000
[  302.621029][   T29] audit: type=1326 audit(1726838383.737:13427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15693 comm="syz.2.3790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9758a7def9 code=0x7ffc0000
[  302.644605][   T29] audit: type=1326 audit(1726838383.737:13428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15693 comm="syz.2.3790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9758a7def9 code=0x7ffc0000
[  302.668366][   T29] audit: type=1326 audit(1726838383.737:13429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15693 comm="syz.2.3790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9758a7def9 code=0x7ffc0000
[  302.672702][T15701] macvlan2: entered promiscuous mode
[  302.691955][   T29] audit: type=1326 audit(1726838383.737:13430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15693 comm="syz.2.3790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9758a7def9 code=0x7ffc0000
[  302.697286][T15701] macvlan2: entered allmulticast mode
[  302.720908][   T29] audit: type=1326 audit(1726838383.737:13431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15693 comm="syz.2.3790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9758a7def9 code=0x7ffc0000
[  302.760196][T15694] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3790'.
[  302.784420][T15706] loop3: detected capacity change from 0 to 512
[  302.795394][T15694] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3790'.
[  302.815778][T15706] EXT4-fs error (device loop3): ext4_ext_check_inode:520: inode #4: comm syz.3.3793: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[  302.836086][T15706] EXT4-fs error (device loop3): ext4_quota_enable:7025: comm syz.3.3793: Bad quota inode: 4, type: 1
[  302.848404][T15706] EXT4-fs warning (device loop3): ext4_enable_quotas:7066: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  302.866297][T15706] EXT4-fs (loop3): mount failed
[  302.867327][T15712] netlink: '+}[@': attribute type 2 has an invalid length.
[  302.878401][T15712] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  302.984359][T15718] loop3: detected capacity change from 0 to 1024
[  303.065090][T15718] EXT4-fs (loop3): mounted filesystem 00000000-0000-0008-0000-000000000000 r/w without journal. Quota mode: none.
[  303.105055][T14734] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0008-0000-000000000000.
[  303.118777][T15725] loop1: detected capacity change from 0 to 512
[  303.125284][T15727] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3797'.
[  303.126142][T15725] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  303.160014][T15730] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3799'.
[  303.184011][T15732] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3800'.
[  303.190863][T15725] EXT4-fs (loop1): 1 truncate cleaned up
[  303.193054][T15732] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3800'.
[  303.199031][T15725] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  303.214159][T15732] loop3: detected capacity change from 0 to 512
[  303.226718][T15732] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  303.237699][T15732] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002]
[  303.245823][T15732] System zones: 1-12
[  303.262151][T15732] EXT4-fs (loop3): 1 truncate cleaned up
[  303.268273][T15732] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  303.281348][T15738] dccp_invalid_packet: P.Data Offset(5) too small
[  303.322015][T14734] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  303.351822][T15744] loop3: detected capacity change from 0 to 2048
[  303.359879][T15746] usb usb5: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  303.361270][T12611] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  303.403971][T15751] loop1: detected capacity change from 0 to 1024
[  303.410846][T15744]  loop3: p1 < > p4
[  303.411457][T15751] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  303.416500][T15744] loop3: p4 size 8388608 extends beyond EOD, truncated
[  303.426295][T15751] EXT4-fs (loop1): can't mount with journal_checksum, fs mounted w/o journal
[  303.448325][T15751] loop1: detected capacity change from 0 to 512
[  303.455553][T15751] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  303.477880][T15758] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=15758 comm=syz.2.3810
[  303.478134][T15751] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  303.505214][T15751] EXT4-fs (loop1): 1 truncate cleaned up
[  303.511442][T15751] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  303.527141][T15751] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  303.550700][T15762] loop2: detected capacity change from 0 to 2048
[  303.605157][T15762]  loop2: p1 < > p4
[  303.614668][T15762] loop2: p4 size 8388608 extends beyond EOD, truncated
[  303.780842][T15782] loop3: detected capacity change from 0 to 128
[  303.788433][T15779] loop4: detected capacity change from 0 to 512
[  303.796108][T15779] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  303.807640][T15782] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  303.822817][T15779] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.3818: bg 0: block 264: padding at end of block bitmap is not set
[  303.837353][T15782] ext4 filesystem being mounted at /89/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  303.847935][T15779] EXT4-fs (loop4): Remounting filesystem read-only
[  303.854685][T15779] EXT4-fs (loop4): 1 truncate cleaned up
[  303.861943][T15779] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  303.882055][T15779] SELinux: (dev loop4, type ext4) getxattr errno 5
[  303.896802][T15779] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  303.921731][T14734] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  303.950267][T15793] netlink: 140 bytes leftover after parsing attributes in process `syz.4.3822'.
[  304.301939][T15821] syz.0.3831[15821] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  304.302065][T15821] syz.0.3831[15821] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  304.323993][T15816] loop3: detected capacity change from 0 to 1024
[  304.468801][T15816] EXT4-fs: Ignoring removed oldalloc option
[  304.504308][T15824] loop4: detected capacity change from 0 to 2048
[  304.511352][T15816] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  304.542033][T14734] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  304.555103][T15824]  loop4: p1 < > p4
[  304.559617][T15824] loop4: p4 size 8388608 extends beyond EOD, truncated
[  304.728211][T15846] usb usb5: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  304.763327][T15847] loop3: detected capacity change from 0 to 512
[  304.797497][T15847] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.3840: bg 0: block 248: padding at end of block bitmap is not set
[  304.821868][T15847] EXT4-fs error (device loop3): ext4_acquire_dquot:6848: comm syz.3.3840: Failed to acquire dquot type 1
[  304.855568][T15847] EXT4-fs (loop3): 1 truncate cleaned up
[  304.861509][T15847] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  304.880614][T15847] ext4 filesystem being mounted at /96/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  304.902074][T15856] hub 5-0:1.0: USB hub found
[  304.911104][T15843] syz.3.3840[15843] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  304.911194][T15843] syz.3.3840[15843] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  304.923021][T15856] hub 5-0:1.0: 8 ports detected
[  304.951631][T14734] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  304.962681][T15857] netlink: '+}[@': attribute type 2 has an invalid length.
[  304.970253][   T11] EXT4-fs error (device loop3): ext4_release_dquot:6871: comm kworker/u8:0: Failed to release dquot type 1
[  305.048141][T15869] syz.1.3846[15869] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  305.048413][T15869] syz.1.3846[15869] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  305.095642][T15869] loop1: detected capacity change from 0 to 512
[  305.136926][T15882] syz.3.3851[15882] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  305.137023][T15882] syz.3.3851[15882] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  305.150665][T15869] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  305.185392][T15869] ext4 filesystem being mounted at /160/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  305.188434][T15884] loop2: detected capacity change from 0 to 2048
[  305.205901][T15884]  loop2: p1 < > p4
[  305.210003][T15884] loop2: p4 size 8388608 extends beyond EOD, truncated
[  305.227892][T12611] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  305.249047][T15888] loop1: detected capacity change from 0 to 512
[  305.298012][T15890] loop1: detected capacity change from 0 to 512
[  305.308419][T15890] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  305.331649][T15890] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.3855: bg 0: block 264: padding at end of block bitmap is not set
[  305.351935][T15890] EXT4-fs (loop1): Remounting filesystem read-only
[  305.361799][T15890] EXT4-fs (loop1): 1 truncate cleaned up
[  305.368124][T15890] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  305.380567][T15890] SELinux: (dev loop1, type ext4) getxattr errno 5
[  305.395414][T15890] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  305.447380][T15896] hub 5-0:1.0: USB hub found
[  305.458699][T15896] hub 5-0:1.0: 8 ports detected
[  305.480818][T15900] loop2: detected capacity change from 0 to 128
[  305.489325][T15900] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  305.501595][T15900] ext4 filesystem being mounted at /130/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  305.517199][T15905] loop1: detected capacity change from 0 to 512
[  305.541114][T14087] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  305.547571][T15905] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  305.563019][T15905] ext4 filesystem being mounted at /165/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  305.581664][T15905] 9pnet_fd: Insufficient options for proto=fd
[  305.610593][T12611] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  305.711204][T15924] loop4: detected capacity change from 0 to 2048
[  305.725376][T15924]  loop4: p1 < > p4
[  305.730015][T15924] loop4: p4 size 8388608 extends beyond EOD, truncated
[  305.751782][T15930] loop1: detected capacity change from 0 to 2048
[  305.804937][T15930]  loop1: p1 < > p4
[  305.812218][T15930] loop1: p4 size 8388608 extends beyond EOD, truncated
[  306.020779][T15936] usb usb5: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  306.306570][T15957] loop3: detected capacity change from 0 to 512
[  306.315627][T15963] Invalid ELF header magic: != ELF
[  306.325090][T15957] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  306.374737][T15957] EXT4-fs (loop3): 1 truncate cleaned up
[  306.385087][T15957] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  306.661729][T15972] loop1: detected capacity change from 0 to 512
[  306.831690][T15949] coredump: 1(syz.3.3876): written to core: VMAs: 29, size 89030656; core: 60138158 bytes, pos 89038848
[  306.841522][T15978] loop1: detected capacity change from 0 to 8192
[  306.942029][T15994] loop2: detected capacity change from 0 to 512
[  306.961694][T15994] EXT4-fs: Ignoring removed orlov option
[  306.968066][T15994] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  306.989309][T15994] EXT4-fs (loop2): 1 orphan inode deleted
[  306.995119][T15994] EXT4-fs (loop2): 1 truncate cleaned up
[  307.034442][T15994] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  307.067851][T16001] loop1: detected capacity change from 0 to 1024
[  307.081394][T15994] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  307.099211][T16001] EXT4-fs: Ignoring removed oldalloc option
[  307.114293][T14087] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  307.137073][T14734] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  307.209432][T16009] loop3: detected capacity change from 0 to 2048
[  307.236451][T16015] loop1: detected capacity change from 0 to 512
[  307.243098][T16015] EXT4-fs: Ignoring removed orlov option
[  307.249194][T16015] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  307.262288][T16015] EXT4-fs (loop1): 1 orphan inode deleted
[  307.268131][T16015] EXT4-fs (loop1): 1 truncate cleaned up
[  307.276013][T16009]  loop3: p1 < > p4
[  307.280769][T16009] loop3: p4 size 8388608 extends beyond EOD, truncated
[  307.314580][T16015] loop1: detected capacity change from 512 to 0
[  307.372756][T12611] bio_check_eod: 36 callbacks suppressed
[  307.372786][T12611] syz-executor: attempt to access beyond end of device
[  307.372786][T12611] loop1: rw=12288, sector=26, nr_sectors = 2 limit=0
[  307.424261][T12611] EXT4-fs warning (device loop1): htree_dirblock_to_tree:1083: inode #2: lblock 0: comm syz-executor: error -5 reading directory block
[  307.443089][T12611] syz-executor: attempt to access beyond end of device
[  307.443089][T12611] loop1: rw=524288, sector=12, nr_sectors = 2 limit=0
[  307.457152][T12611] syz-executor: attempt to access beyond end of device
[  307.457152][T12611] loop1: rw=524288, sector=14, nr_sectors = 2 limit=0
[  307.474095][T12611] syz-executor: attempt to access beyond end of device
[  307.474095][T12611] loop1: rw=524288, sector=16, nr_sectors = 2 limit=0
[  307.488484][T12611] syz-executor: attempt to access beyond end of device
[  307.488484][T12611] loop1: rw=524288, sector=18, nr_sectors = 2 limit=0
[  307.502133][T12611] syz-executor: attempt to access beyond end of device
[  307.502133][T12611] loop1: rw=12288, sector=10, nr_sectors = 2 limit=0
[  307.533467][T12611] EXT4-fs error (device loop1): ext4_get_inode_loc:4571: inode #2: block 5: comm syz-executor: unable to read itable block
[  307.562911][T12611] syz-executor: attempt to access beyond end of device
[  307.562911][T12611] loop1: rw=145409, sector=2, nr_sectors = 2 limit=0
[  307.576382][T12611] Buffer I/O error on dev loop1, logical block 1, lost sync page write
[  307.610443][T12611] EXT4-fs (loop1): I/O error while writing superblock
[  307.617418][T12611] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5807: IO failure
[  307.628934][T16034] loop4: detected capacity change from 0 to 256
[  307.653253][T16034] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  307.654548][T12611] syz-executor: attempt to access beyond end of device
[  307.654548][T12611] loop1: rw=145409, sector=2, nr_sectors = 2 limit=0
[  307.677233][T12611] Buffer I/O error on dev loop1, logical block 1, lost sync page write
[  307.688291][T12611] EXT4-fs (loop1): I/O error while writing superblock
[  307.695159][T12611] EXT4-fs error (device loop1): ext4_dirty_inode:6011: inode #2: comm syz-executor: mark_inode_dirty error
[  307.707653][T12611] syz-executor: attempt to access beyond end of device
[  307.707653][T12611] loop1: rw=145409, sector=2, nr_sectors = 2 limit=0
[  307.721097][T12611] Buffer I/O error on dev loop1, logical block 1, lost sync page write
[  307.730367][T12611] EXT4-fs (loop1): I/O error while writing superblock
[  307.743271][ T5908] kworker/u8:30: attempt to access beyond end of device
[  307.743271][ T5908] loop1: rw=524288, sector=12, nr_sectors = 2 limit=0
[  307.758183][ T5908] EXT4-fs error (device loop1): __ext4_get_inode_loc_noinmem:4556: inode #2: block 5: comm kworker/u8:30: unable to read itable block
[  307.772382][ T5908] Buffer I/O error on dev loop1, logical block 1, lost sync page write
[  307.783174][ T5908] EXT4-fs (loop1): I/O error while writing superblock
[  307.790715][T12611] Buffer I/O error on dev loop1, logical block 1, lost sync page write
[  307.799125][T12611] EXT4-fs (loop1): I/O error while writing superblock
[  307.884867][T16043] loop4: detected capacity change from 0 to 2048
[  307.905823][   T29] kauditd_printk_skb: 534 callbacks suppressed
[  307.905837][   T29] audit: type=1326 audit(1726838389.077:13963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16048 comm="syz.0.3919" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f633a99def9 code=0x7ffc0000
[  307.949141][T16043]  loop4: p1 < > p4
[  307.954668][T16043] loop4: p4 size 8388608 extends beyond EOD, truncated
[  307.962437][   T29] audit: type=1326 audit(1726838389.077:13964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16048 comm="syz.0.3919" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f633a99def9 code=0x7ffc0000
[  307.986086][   T29] audit: type=1326 audit(1726838389.077:13965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16048 comm="syz.0.3919" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f633a99def9 code=0x7ffc0000
[  308.009721][   T29] audit: type=1326 audit(1726838389.077:13966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16048 comm="syz.0.3919" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f633a99def9 code=0x7ffc0000
[  308.033378][   T29] audit: type=1326 audit(1726838389.077:13967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16048 comm="syz.0.3919" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f633a99def9 code=0x7ffc0000
[  308.057087][   T29] audit: type=1326 audit(1726838389.077:13968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16048 comm="syz.0.3919" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f633a99def9 code=0x7ffc0000
[  308.080765][   T29] audit: type=1326 audit(1726838389.077:13969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16048 comm="syz.0.3919" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f633a99def9 code=0x7ffc0000
[  308.104939][   T29] audit: type=1326 audit(1726838389.077:13970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16048 comm="syz.0.3919" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f633a99def9 code=0x7ffc0000
[  308.128533][   T29] audit: type=1326 audit(1726838389.077:13971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16048 comm="syz.0.3919" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f633a99def9 code=0x7ffc0000
[  308.152136][   T29] audit: type=1326 audit(1726838389.077:13972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16048 comm="syz.0.3919" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f633a99def9 code=0x7ffc0000
[  308.239161][ T5908] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  308.329432][ T5908] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  308.399588][ T5908] netdevsim netdevsim1 netdevsim1 (unregistering): left allmulticast mode
[  308.412389][ T5908] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  308.434045][T16071] netlink: 'syz.2.3922': attribute type 2 has an invalid length.
[  308.441961][T16071] __nla_validate_parse: 6 callbacks suppressed
[  308.441975][T16071] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3922'.
[  308.471720][T16074] loop4: detected capacity change from 0 to 164
[  308.516278][T16067] gre0 speed is unknown, defaulting to 1000
[  308.552031][ T5908] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  308.613885][T16084] netlink: 'syz.4.3929': attribute type 4 has an invalid length.
[  308.639246][T16084] netlink: 'syz.4.3929': attribute type 4 has an invalid length.
[  308.657598][T16067] chnl_net:caif_netlink_parms(): no params data found
[  308.692949][ T5908] team0: left allmulticast mode
[  308.697854][ T5908] team_slave_0: left allmulticast mode
[  308.703430][ T5908] team_slave_1: left allmulticast mode
[  308.708919][ T5908] team0: left promiscuous mode
[  308.713676][ T5908] team_slave_0: left promiscuous mode
[  308.719148][ T5908] team_slave_1: left promiscuous mode
[  308.724645][ T5908] bridge0: port 3(team0) entered disabled state
[  308.753684][ T5908] bridge_slave_1: left allmulticast mode
[  308.759436][ T5908] bridge_slave_1: left promiscuous mode
[  308.765218][ T5908] bridge0: port 2(bridge_slave_1) entered disabled state
[  308.778957][ T5908] bridge_slave_0: left allmulticast mode
[  308.784925][ T5908] bridge_slave_0: left promiscuous mode
[  308.790640][ T5908] bridge0: port 1(bridge_slave_0) entered disabled state
[  308.889210][ T5908] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  308.906402][ T5908] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  308.917301][ T5908] bond0 (unregistering): Released all slaves
[  308.988163][T16102] netlink: 56 bytes leftover after parsing attributes in process `syz.4.3934'.
[  309.048001][ T5908] hsr_slave_0: left promiscuous mode
[  309.050642][T16106] FAULT_INJECTION: forcing a failure.
[  309.050642][T16106] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  309.066482][T16106] CPU: 1 UID: 0 PID: 16106 Comm: syz.0.3936 Not tainted 6.11.0-syzkaller-07341-gbaeb9a7d8b60 #0
[  309.076908][T16106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  309.086961][T16106] Call Trace:
[  309.090238][T16106]  <TASK>
[  309.093157][T16106]  dump_stack_lvl+0xf2/0x150
[  309.097828][T16106]  dump_stack+0x15/0x20
[  309.102249][T16106]  should_fail_ex+0x229/0x230
[  309.106978][T16106]  should_fail+0xb/0x10
[  309.111136][T16106]  should_fail_usercopy+0x1a/0x20
[  309.116188][T16106]  strncpy_from_user+0x25/0x270
[  309.121036][T16106]  ? __fget_files+0x1d4/0x210
[  309.125789][T16106]  __se_sys_add_key+0x81/0x320
[  309.130562][T16106]  ? fput+0x14e/0x190
[  309.134622][T16106]  __x64_sys_add_key+0x67/0x80
[  309.139511][T16106]  x64_sys_call+0x157d/0x2d60
[  309.144260][T16106]  do_syscall_64+0xc9/0x1c0
[  309.148786][T16106]  ? clear_bhb_loop+0x55/0xb0
[  309.153463][T16106]  ? clear_bhb_loop+0x55/0xb0
[  309.158145][T16106]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  309.164035][T16106] RIP: 0033:0x7f633a99def9
[  309.168447][T16106] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  309.188046][T16106] RSP: 002b:00007f6339617038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f8
[  309.196526][T16106] RAX: ffffffffffffffda RBX: 00007f633ab55f80 RCX: 00007f633a99def9
[  309.204488][T16106] RDX: 0000000020000140 RSI: 0000000000000000 RDI: 0000000020000100
[  309.212466][T16106] RBP: 00007f6339617090 R08: 000000001c65c28d R09: 0000000000000000
[  309.220426][T16106] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[  309.228468][T16106] R13: 0000000000000000 R14: 00007f633ab55f80 R15: 00007fffec205418
[  309.236490][T16106]  </TASK>
[  309.241159][ T5908] hsr_slave_1: left promiscuous mode
[  309.264782][ T5908] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  309.272217][ T5908] batman_adv: batadv0: Removing interface: batadv_slave_0
[  309.281300][ T5908] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  309.288771][ T5908] batman_adv: batadv0: Removing interface: batadv_slave_1
[  309.310769][ T5908] veth1_macvtap: left promiscuous mode
[  309.316422][ T5908] veth0_macvtap: left promiscuous mode
[  309.321954][ T5908] veth1_vlan: left promiscuous mode
[  309.322157][T16117] loop4: detected capacity change from 0 to 512
[  309.327191][ T5908] veth0_vlan: left promiscuous mode
[  309.335404][T16117] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  309.351478][T16117] EXT4-fs (loop4): 1 truncate cleaned up
[  309.429221][ T5908] team0 (unregistering): Port device team_slave_1 removed
[  309.440767][ T5908] team0 (unregistering): Port device team_slave_0 removed
[  309.468833][T16130] loop2: detected capacity change from 0 to 2048
[  309.484776][ T5908] lo (unregistering): left allmulticast mode
[  309.492673][T16067] bridge0: port 1(bridge_slave_0) entered blocking state
[  309.499816][T16067] bridge0: port 1(bridge_slave_0) entered disabled state
[  309.507063][T16067] bridge_slave_0: entered allmulticast mode
[  309.513591][T16067] bridge_slave_0: entered promiscuous mode
[  309.520503][T16125] netlink: 56 bytes leftover after parsing attributes in process `syz.0.3944'.
[  309.529934][T16067] bridge0: port 2(bridge_slave_1) entered blocking state
[  309.537169][T16067] bridge0: port 2(bridge_slave_1) entered disabled state
[  309.546360][T16130]  loop2: p1 < > p4
[  309.553538][T16067] bridge_slave_1: entered allmulticast mode
[  309.555155][T16130] loop2: p4 size 8388608 extends beyond EOD, truncated
[  309.560485][T16067] bridge_slave_1: entered promiscuous mode
[  309.593652][T16067] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  309.604428][T16067] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  309.623919][T16067] team0: Port device team_slave_0 added
[  309.631085][T16067] team0: Port device team_slave_1 added
[  309.647165][T16067] batman_adv: batadv0: Adding interface: batadv_slave_0
[  309.654167][T16067] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  309.680231][T16067] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  309.693078][T16067] batman_adv: batadv0: Adding interface: batadv_slave_1
[  309.700077][T16067] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  309.726040][T16067] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  309.767078][T16134] syz.0.3946[16134] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  309.767154][T16134] syz.0.3946[16134] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  309.812301][T16067] hsr_slave_0: entered promiscuous mode
[  309.840214][T16067] hsr_slave_1: entered promiscuous mode
[  309.846358][T16067] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  309.853955][T16067] Cannot create hsr debugfs directory
[  310.066798][T16148] loop2: detected capacity change from 0 to 2048
[  310.081881][T16150] loop4: detected capacity change from 0 to 512
[  310.088563][T16148]  loop2: p1 < > p4
[  310.092915][T16148] loop2: p4 size 8388608 extends beyond EOD, truncated
[  310.100069][T16150] EXT4-fs error (device loop4): ext4_orphan_get:1417: comm syz.4.3953: bad orphan inode 17
[  310.110570][T16150] ext4_test_bit(bit=16, block=4) = 1
[  310.115988][T16150] is_bad_inode(inode)=0
[  310.120126][T16150] NEXT_ORPHAN(inode)=0
[  310.124272][T16150] max_ino=32
[  310.127515][T16150] i_nlink=1
[  310.133392][T16150] syz.4.3953[16150] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  310.133537][T16150] syz.4.3953[16150] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  310.148116][T16150] batadv0: entered promiscuous mode
[  310.166497][T16150] batadv_slave_0: entered promiscuous mode
[  310.172469][T16150] batadv_slave_0: left promiscuous mode
[  310.178600][T16150] batadv0: left promiscuous mode
[  310.202138][T16067] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  310.212580][T16067] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  310.221888][T16067] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  310.243024][T16067] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  310.268436][T16154] netlink: 'syz.4.3954': attribute type 10 has an invalid length.
[  310.279507][T16154] 8021q: adding VLAN 0 to HW filter on device batadv0
[  310.309095][T16156] netlink: 56 bytes leftover after parsing attributes in process `syz.4.3955'.
[  310.333130][T16067] 8021q: adding VLAN 0 to HW filter on device bond0
[  310.353121][T16067] 8021q: adding VLAN 0 to HW filter on device team0
[  310.363336][ T5908] bridge0: port 1(bridge_slave_0) entered blocking state
[  310.370451][ T5908] bridge0: port 1(bridge_slave_0) entered forwarding state
[  310.382246][ T5907] bridge0: port 2(bridge_slave_1) entered blocking state
[  310.389331][ T5907] bridge0: port 2(bridge_slave_1) entered forwarding state
[  310.426054][T16165] loop2: detected capacity change from 0 to 512
[  310.434029][T16165] EXT4-fs: Ignoring removed orlov option
[  310.441230][T16168] syz.4.3960[16168] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  310.441436][T16168] syz.4.3960[16168] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  310.469942][T16165] EXT4-fs error (device loop2): ext4_quota_enable:7022: inode #4: comm syz.2.3959: iget: immutable or append flags not allowed on symlinks
[  310.487341][T16067] 8021q: adding VLAN 0 to HW filter on device batadv0
[  310.529362][T16168] loop4: detected capacity change from 0 to 512
[  310.567350][T16168] ext4 filesystem being mounted at /608/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  310.593643][T16067] veth0_vlan: entered promiscuous mode
[  310.599449][T16165] EXT4-fs error (device loop2): ext4_quota_enable:7025: comm syz.2.3959: Bad quota inode: 4, type: 1
[  310.603235][T16067] veth1_vlan: entered promiscuous mode
[  310.618870][T16165] EXT4-fs warning (device loop2): ext4_enable_quotas:7066: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  310.623973][T16067] veth0_macvtap: entered promiscuous mode
[  310.644904][T16067] veth1_macvtap: entered promiscuous mode
[  310.651573][T16165] EXT4-fs (loop2): mount failed
[  310.664739][T16067] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  310.675231][T16067] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  310.685090][T16067] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  310.695548][T16067] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  310.705446][T16067] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  310.715888][T16067] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  310.725703][T16067] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  310.736142][T16067] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  310.746020][T16067] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  310.756446][T16067] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  310.771293][T16190] syz.0.3964[16190] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  310.771371][T16190] syz.0.3964[16190] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  310.776145][T16067] batman_adv: batadv0: Interface activated: batadv_slave_0
[  310.808306][T16067] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  310.818920][T16067] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  310.828753][T16067] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  310.839191][T16067] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  310.849023][T16067] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  310.859491][T16067] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  310.869348][T16067] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  310.879772][T16067] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  310.889651][T16067] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  310.900085][T16067] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  310.909914][T16067] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  310.920424][T16067] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  310.932101][T16067] batman_adv: batadv0: Interface activated: batadv_slave_1
[  310.969540][T16067] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  310.978412][T16067] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  310.987157][T16067] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  310.996008][T16067] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  311.090453][T16213] loop3: detected capacity change from 0 to 512
[  311.097512][T16213] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  311.109711][T16213] EXT4-fs (loop3): 1 orphan inode deleted
[  311.115510][T16213] EXT4-fs (loop3): 1 truncate cleaned up
[  311.144295][T16220] loop1: detected capacity change from 0 to 512
[  311.180999][T16220] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.3971: bg 0: block 248: padding at end of block bitmap is not set
[  311.200429][T16220] EXT4-fs error (device loop1): ext4_acquire_dquot:6848: comm syz.1.3971: Failed to acquire dquot type 1
[  311.212330][T16220] EXT4-fs (loop1): 1 truncate cleaned up
[  311.220704][T16220] ext4 filesystem being mounted at /1/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  311.254237][T16220] syz.1.3971[16220] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  311.254454][T16220] syz.1.3971[16220] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  311.792369][T16254] loop3: detected capacity change from 0 to 512
[  311.805250][T16240] gre0 speed is unknown, defaulting to 1000
[  311.846346][T16254] EXT4-fs error (device loop3): ext4_orphan_get:1417: comm syz.3.3982: bad orphan inode 17
[  311.869154][T16254] ext4_test_bit(bit=16, block=4) = 1
[  311.874591][T16254] is_bad_inode(inode)=0
[  311.878743][T16254] NEXT_ORPHAN(inode)=0
[  311.882885][T16254] max_ino=32
[  311.886097][T16254] i_nlink=1
[  311.932067][ T5907] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  311.950829][ T5908] EXT4-fs error (device loop1): ext4_release_dquot:6871: comm kworker/u8:30: Failed to release dquot type 1
[  311.982895][T16254] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.3982: bg 0: block 7: invalid block bitmap
[  312.028722][T16254] batadv0: entered promiscuous mode
[  312.050584][T16254] batadv_slave_0: entered promiscuous mode
[  312.056651][T16254] batadv_slave_0: left promiscuous mode
[  312.062608][T16254] batadv0: left promiscuous mode
[  312.076156][T16265] can0: slcan on ttyS3.
[  312.083121][ T5907] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  312.109872][T16240] chnl_net:caif_netlink_parms(): no params data found
[  312.159725][T16268] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=16268 comm=syz.1.3984
[  312.181934][T16273] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[  312.188540][T16273] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  312.196304][T16273] vhci_hcd vhci_hcd.0: Device attached
[  312.205963][ T5907] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  312.221189][T16240] bridge0: port 1(bridge_slave_0) entered blocking state
[  312.228334][T16240] bridge0: port 1(bridge_slave_0) entered disabled state
[  312.243601][T16240] bridge_slave_0: entered allmulticast mode
[  312.244770][T16269] loop2: detected capacity change from 0 to 512
[  312.253781][T16240] bridge_slave_0: entered promiscuous mode
[  312.263610][T16274] vhci_hcd: connection closed
[  312.263805][ T5908] vhci_hcd: stop threads
[  312.272757][ T5908] vhci_hcd: release socket
[  312.277286][ T5908] vhci_hcd: disconnect device
[  312.282287][T16240] bridge0: port 2(bridge_slave_1) entered blocking state
[  312.289495][T16240] bridge0: port 2(bridge_slave_1) entered disabled state
[  312.291143][T16269] ext4 filesystem being mounted at /158/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  312.298281][T16240] bridge_slave_1: entered allmulticast mode
[  312.313325][T16240] bridge_slave_1: entered promiscuous mode
[  312.322754][ T5907] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  312.334915][T16264] can0 (unregistered): slcan off ttyS3.
[  312.355473][T16240] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  312.366727][T16240] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  312.392805][T16240] team0: Port device team_slave_0 added
[  312.412396][T16240] team0: Port device team_slave_1 added
[  312.438389][T16285] netlink: 'syz.2.3990': attribute type 32 has an invalid length.
[  312.450006][T16240] batman_adv: batadv0: Adding interface: batadv_slave_0
[  312.457052][T16240] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  312.483101][T16240] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  312.494467][T16240] batman_adv: batadv0: Adding interface: batadv_slave_1
[  312.501545][T16240] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  312.527530][T16240] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  312.546832][T16285] loop2: detected capacity change from 0 to 512
[  312.560436][T16240] hsr_slave_0: entered promiscuous mode
[  312.566711][T16240] hsr_slave_1: entered promiscuous mode
[  312.568716][T16285] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.3990: corrupted in-inode xattr: invalid ea_ino
[  312.588213][T16285] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.3990: couldn't read orphan inode 15 (err -117)
[  312.595427][T16240] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  312.609024][T16240] Cannot create hsr debugfs directory
[  312.610350][T16285] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.3990: invalid indirect mapped block 234881024 (level 0)
[  312.647136][ T5907] team0: left allmulticast mode
[  312.652053][ T5907] team_slave_0: left allmulticast mode
[  312.657655][ T5907] team_slave_1: left allmulticast mode
[  312.663113][ T5907] team0: left promiscuous mode
[  312.668035][ T5907] team_slave_0: left promiscuous mode
[  312.673477][ T5907] team_slave_1: left promiscuous mode
[  312.679208][ T5907] bridge0: port 3(team0) entered disabled state
[  312.689909][T16290] loop1: detected capacity change from 0 to 512
[  312.690312][ T5907] bridge_slave_1: left allmulticast mode
[  312.696889][T16290] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  312.701872][ T5907] bridge_slave_1: left promiscuous mode
[  312.717402][ T5907] bridge0: port 2(bridge_slave_1) entered disabled state
[  312.724220][T16290] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.3991: bg 0: block 264: padding at end of block bitmap is not set
[  312.739091][T16290] EXT4-fs (loop1): Remounting filesystem read-only
[  312.745967][T16290] EXT4-fs (loop1): 1 truncate cleaned up
[  312.746023][ T5907] bridge_slave_0: left allmulticast mode
[  312.751889][T16290] SELinux: (dev loop1, type ext4) getxattr errno 5
[  312.757378][ T5907] bridge_slave_0: left promiscuous mode
[  312.769547][ T5907] bridge0: port 1(bridge_slave_0) entered disabled state
[  312.774734][T16294] loop2: detected capacity change from 0 to 764
[  312.783206][T16294] iso9660: Unknown parameter 'Fc���c"��\��K��?MlU������N�ݜ�Y����CQ��#�WGF��b���{�h�����a��q).�s�k�������c�ֶ�Y4#�}��R��!i�щV�131�x&N�|t"���c1�����D7�r�jD;��G7Zю4ND#NF՘�٘�4����ъ�h�B�E�l�|\(����~���g��?z��_	�� I�a���A�d�`�@�D���5'
[  312.812310][ T5907] batman_adv: batadv0: Interface deactivated: gretap1
[  312.852319][ T5907] infiniband syz2: set down
[  312.878628][T16304] loop1: detected capacity change from 0 to 2048
[  312.908202][ T5907] batman_adv: batadv0: Removing interface: gretap1
[  312.916858][   T29] kauditd_printk_skb: 477 callbacks suppressed
[  312.916873][   T29] audit: type=1400 audit(1726838394.087:14447): avc:  denied  { write } for  pid=16302 comm="syz.0.3996" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  312.918471][ T5908] smc: removing ib device syz2
[  312.949236][T16304]  loop1: p1 < > p4
[  312.958220][T16304] loop1: p4 size 8388608 extends beyond EOD, truncated
[  312.969586][   T29] audit: type=1400 audit(1726838394.137:14448): avc:  denied  { setopt } for  pid=16302 comm="syz.0.3996" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  313.020694][   T29] audit: type=1326 audit(1726838394.157:14449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16307 comm="syz.3.3998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb3e94def9 code=0x7ffc0000
[  313.021064][ T5907] @ (unregistering): (slave bond_slave_0): Releasing backup interface
[  313.044378][   T29] audit: type=1326 audit(1726838394.157:14450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16307 comm="syz.3.3998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb3e94def9 code=0x7ffc0000
[  313.044403][   T29] audit: type=1326 audit(1726838394.157:14451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16307 comm="syz.3.3998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdb3e94def9 code=0x7ffc0000
[  313.099732][   T29] audit: type=1326 audit(1726838394.157:14452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16307 comm="syz.3.3998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb3e94def9 code=0x7ffc0000
[  313.123394][   T29] audit: type=1326 audit(1726838394.157:14453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16307 comm="syz.3.3998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb3e94def9 code=0x7ffc0000
[  313.147034][   T29] audit: type=1326 audit(1726838394.167:14454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16307 comm="syz.3.3998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdb3e94def9 code=0x7ffc0000
[  313.170603][   T29] audit: type=1326 audit(1726838394.167:14455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16307 comm="syz.3.3998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb3e94def9 code=0x7ffc0000
[  313.194174][   T29] audit: type=1326 audit(1726838394.167:14456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16307 comm="syz.3.3998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb3e94def9 code=0x7ffc0000
[  313.231533][ T5907] @ (unregistering): (slave bond_slave_1): Releasing backup interface
[  313.263649][ T5907] @ (unregistering): Released all slaves
[  313.333740][  T986] gre0 speed is unknown, defaulting to 1000
[  313.407232][ T5907] hsr_slave_0: left promiscuous mode
[  313.423284][ T5907] hsr_slave_1: left promiscuous mode
[  313.433004][ T5907] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  313.440662][ T5907] batman_adv: batadv0: Removing interface: batadv_slave_0
[  313.476520][ T5907] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  313.483997][ T5907] batman_adv: batadv0: Removing interface: batadv_slave_1
[  313.528839][ T5907] veth1_macvtap: left promiscuous mode
[  313.534419][ T5907] veth0_macvtap: left promiscuous mode
[  313.540055][ T5907] veth1_vlan: left promiscuous mode
[  313.545469][ T5907] veth0_vlan: left promiscuous mode
[  313.681353][ T5907] team0 (unregistering): Port device team_slave_1 removed
[  313.703637][ T5907] team0 (unregistering): Port device team_slave_0 removed
[  313.736980][T16335] loop1: detected capacity change from 0 to 512
[  313.758328][T16335] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  313.804136][T16335] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.4002: bg 0: block 264: padding at end of block bitmap is not set
[  313.847117][T16333] batadv0: entered promiscuous mode
[  313.853526][T16333] batadv_slave_0: entered promiscuous mode
[  313.859677][T16333] batadv_slave_0: left promiscuous mode
[  313.867974][T16333] batadv0: left promiscuous mode
[  313.873448][T16335] EXT4-fs (loop1): Remounting filesystem read-only
[  313.883957][T16339] netlink: 'syz.0.4005': attribute type 10 has an invalid length.
[  313.894213][T16335] EXT4-fs (loop1): 1 truncate cleaned up
[  313.916901][T16335] SELinux: (dev loop1, type ext4) getxattr errno 5
[  313.924876][T16339] 8021q: adding VLAN 0 to HW filter on device batadv0
[  314.002345][T16341] FAULT_INJECTION: forcing a failure.
[  314.002345][T16341] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  314.015593][T16341] CPU: 1 UID: 0 PID: 16341 Comm: syz.0.4006 Not tainted 6.11.0-syzkaller-07341-gbaeb9a7d8b60 #0
[  314.021146][T16343] usb usb5: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  314.026108][T16341] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  314.026177][T16341] Call Trace:
[  314.026184][T16341]  <TASK>
[  314.026191][T16341]  dump_stack_lvl+0xf2/0x150
[  314.026224][T16341]  dump_stack+0x15/0x20
[  314.058599][T16341]  should_fail_ex+0x229/0x230
[  314.063357][T16341]  should_fail+0xb/0x10
[  314.067541][T16341]  should_fail_usercopy+0x1a/0x20
[  314.072579][T16341]  _copy_from_user+0x1e/0xd0
[  314.077218][T16341]  copy_msghdr_from_user+0x54/0x2a0
[  314.082429][T16341]  __sys_sendmsg+0x171/0x270
[  314.087067][T16341]  __x64_sys_sendmsg+0x46/0x50
[  314.091973][T16341]  x64_sys_call+0x2689/0x2d60
[  314.096668][T16341]  do_syscall_64+0xc9/0x1c0
[  314.101336][T16341]  ? clear_bhb_loop+0x55/0xb0
[  314.106034][T16341]  ? clear_bhb_loop+0x55/0xb0
[  314.110818][T16341]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  314.116734][T16341] RIP: 0033:0x7f633a99def9
[  314.121154][T16341] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  314.140782][T16341] RSP: 002b:00007f6339617038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  314.149202][T16341] RAX: ffffffffffffffda RBX: 00007f633ab55f80 RCX: 00007f633a99def9
[  314.157179][T16341] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003
[  314.165163][T16341] RBP: 00007f6339617090 R08: 0000000000000000 R09: 0000000000000000
[  314.173181][T16341] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  314.181207][T16341] R13: 0000000000000000 R14: 00007f633ab55f80 R15: 00007fffec205418
[  314.189193][T16341]  </TASK>
[  314.201131][T16322] coredump: 320(syz.3.4000): written to core: VMAs: 31, size 91258880; core: 62128926 bytes, pos 91267072
[  314.248137][T16240] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  314.260558][T16240] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  314.271387][T16240] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  314.283972][T16240] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  314.369040][T16357] netlink: '+}[@': attribute type 2 has an invalid length.
[  314.376332][T16357] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  314.393622][T16240] 8021q: adding VLAN 0 to HW filter on device bond0
[  314.423762][T16240] 8021q: adding VLAN 0 to HW filter on device team0
[  314.447309][ T5907] bridge0: port 1(bridge_slave_0) entered blocking state
[  314.454405][ T5907] bridge0: port 1(bridge_slave_0) entered forwarding state
[  314.465746][ T5907] bridge0: port 2(bridge_slave_1) entered blocking state
[  314.472883][ T5907] bridge0: port 2(bridge_slave_1) entered forwarding state
[  314.527478][T16363] netlink: 'syz.3.4013': attribute type 10 has an invalid length.
[  314.535441][T16363] bridge0: port 3(team0) entered blocking state
[  314.541737][T16363] bridge0: port 3(team0) entered disabled state
[  314.549527][T16363] team0: entered allmulticast mode
[  314.554696][T16363] team_slave_0: entered allmulticast mode
[  314.560432][T16363] team_slave_1: entered allmulticast mode
[  314.569913][T16363] team0: entered promiscuous mode
[  314.575219][T16363] team_slave_0: entered promiscuous mode
[  314.581001][T16363] team_slave_1: entered promiscuous mode
[  314.587548][T16363] bridge0: port 3(team0) entered blocking state
[  314.593876][T16363] bridge0: port 3(team0) entered forwarding state
[  314.620954][T16370] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  314.629998][T16370] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  314.638408][T16370] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  314.646836][T16373] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  314.660193][T16240] 8021q: adding VLAN 0 to HW filter on device batadv0
[  314.669409][T16370] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  314.685591][T16373] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  314.800060][T16240] veth0_vlan: entered promiscuous mode
[  314.810203][T16240] veth1_vlan: entered promiscuous mode
[  314.826654][T16240] veth0_macvtap: entered promiscuous mode
[  314.833890][T16240] veth1_macvtap: entered promiscuous mode
[  314.845197][T16240] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  314.855741][T16240] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  314.865603][T16240] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  314.876075][T16240] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  314.885907][T16240] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  314.896438][T16240] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  314.906461][T16240] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  314.916901][T16240] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  314.926746][T16240] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  314.937221][T16240] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  314.955740][T16240] batman_adv: batadv0: Interface activated: batadv_slave_0
[  314.964332][T16240] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  314.974921][T16240] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  314.984836][T16240] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  314.995360][T16240] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  315.005223][T16240] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  315.015711][T16240] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  315.025524][T16240] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  315.036010][T16240] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  315.045921][T16240] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  315.056398][T16240] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  315.066221][T16240] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  315.076679][T16240] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  315.088540][T16240] batman_adv: batadv0: Interface activated: batadv_slave_1
[  315.096813][T16394] netlink: '+}[@': attribute type 2 has an invalid length.
[  315.104190][T16394] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  315.128780][T16240] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  315.137703][T16240] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  315.146500][T16240] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  315.155357][T16240] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  315.212631][T16403] netlink: 56 bytes leftover after parsing attributes in process `syz.4.3978'.
[  315.375666][T16408] loop1: detected capacity change from 0 to 128
[  315.405671][T16408] ext4 filesystem being mounted at /12/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  315.490895][T16417] 9pnet_fd: Insufficient options for proto=fd
[  315.647911][T16423] bpf_get_probe_write_proto: 10 callbacks suppressed
[  315.647932][T16423] syz.3.4025[16423] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  315.663304][T16423] syz.3.4025[16423] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  315.760403][T16426] rose0: tun_chr_ioctl cmd 1074025677
[  315.819417][T16426] rose0: linktype set to 6
[  315.830846][T16426] rose0: tun_chr_ioctl cmd 1074025677
[  315.844626][T16426] rose0: linktype set to 1
[  315.913194][T16427] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(9)
[  315.919715][T16427] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  315.927244][T16427] vhci_hcd vhci_hcd.0: Device attached
[  316.044782][T16447] syz.1.4028[16447] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  316.044888][T16447] syz.1.4028[16447] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  316.093924][T16432] vhci_hcd: connection closed
[  316.114746][   T35] vhci_hcd: vhci_device speed not set
[  316.128044][   T40] vhci_hcd: stop threads
[  316.132293][   T40] vhci_hcd: release socket
[  316.136739][   T40] vhci_hcd: disconnect device
[  316.188739][   T35] usb 7-1: new full-speed USB device number 2 using vhci_hcd
[  316.210224][   T35] usb 7-1: enqueue for inactive port 0
[  316.227956][   T35] usb 7-1: enqueue for inactive port 0
[  316.233451][   T35] usb 7-1: enqueue for inactive port 0
[  316.257871][T16452] loop1: detected capacity change from 0 to 512
[  316.274989][T16452] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  316.302587][T16452] EXT4-fs (loop1): 1 truncate cleaned up
[  316.325518][   T35] vhci_hcd: vhci_device speed not set
[  316.488491][T16460] loop4: detected capacity change from 0 to 2048
[  316.524804][T16460]  loop4: p1 < > p4
[  316.529065][T16460] loop4: p4 size 8388608 extends beyond EOD, truncated
[  316.655739][T16463] netlink: 56 bytes leftover after parsing attributes in process `syz.3.4032'.
[  316.758842][T16467] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4034'.
[  316.829713][T16455] coredump: 405(syz.2.4030): written to core: VMAs: 29, size 89030656; core: 60017010 bytes, pos 89038848
[  316.965985][T16476] syz.0.4038[16476] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  316.966058][T16476] syz.0.4038[16476] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  316.994546][T14087] ==================================================================
[  317.013949][T14087] BUG: KCSAN: assert: race in dequeue_entities+0x6df/0x760
[  317.021131][T14087] 
[  317.023449][T14087] race at unknown origin, with assert no writes to 0xffff888101e6b1e8 of 4 bytes by task 14087 on cpu 1:
[  317.034618][T14087]  dequeue_entities+0x6df/0x760
[  317.039446][T14087]  pick_next_task_fair+0x7d/0x410
[  317.044446][T14087]  __schedule+0x27c/0x940
[  317.048755][T14087]  schedule+0x55/0xc0
[  317.052710][T14087]  do_nanosleep+0xa3/0x300
[  317.057100][T14087]  hrtimer_nanosleep+0xc4/0x1c0
[  317.061932][T14087]  common_nsleep+0x68/0x90
[  317.066324][T14087]  __se_sys_clock_nanosleep+0x20a/0x240
[  317.071863][T14087]  __x64_sys_clock_nanosleep+0x55/0x70
[  317.077298][T14087]  x64_sys_call+0x253f/0x2d60
[  317.081951][T14087]  do_syscall_64+0xc9/0x1c0
[  317.086427][T14087]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  317.092301][T14087] 
[  317.094599][T14087] value changed: 0x00000000 -> 0x00000001
[  317.100293][T14087] 
[  317.102590][T14087] Reported by Kernel Concurrency Sanitizer on:
[  317.108712][T14087] CPU: 1 UID: 0 PID: 14087 Comm: syz-executor Not tainted 6.11.0-syzkaller-07341-gbaeb9a7d8b60 #0
[  317.119290][T14087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  317.129320][T14087] ==================================================================
[  322.297606][   T29] kauditd_printk_skb: 257 callbacks suppressed
[  322.297619][   T29] audit: type=1400 audit(1726838403.467:14714): avc:  denied  { read } for  pid=2946 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[  322.326025][   T29] audit: type=1400 audit(1726838403.467:14715): avc:  denied  { search } for  pid=2946 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  322.347679][   T29] audit: type=1400 audit(1726838403.467:14716): avc:  denied  { append } for  pid=2946 comm="syslogd" name="messages" dev="tmpfs" ino=11 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  322.370152][   T29] audit: type=1400 audit(1726838403.467:14717): avc:  denied  { open } for  pid=2946 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=11 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  322.393006][   T29] audit: type=1400 audit(1726838403.467:14718): avc:  denied  { getattr } for  pid=2946 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=11 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1