last executing test programs:

3m34.22090861s ago: executing program 4 (id=4955):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000200)={0xa, &(0x7f0000000280)=[{0x2, 0x7, 0xfb}, {0x6, 0xff, 0x0, 0x80000000}, {0x10, 0x7, 0x4, 0x5}, {0x4, 0x3, 0x81, 0x6}, {0x0, 0x4, 0xa, 0x13}, {0x8, 0x9, 0x20, 0xd}, {0x9, 0x6, 0xf, 0x35}, {0x93c, 0x4, 0xa, 0x3}, {0x5, 0x6, 0x6, 0x2}, {0xfffb, 0x7, 0x51, 0x409}]})
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000300), 0x2, 0x0)
accept$inet6(0xffffffffffffffff, 0x0, &(0x7f0000000340))
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r2 = dup(0xffffffffffffffff)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYRES16=r1, @ANYRESHEX=r2])
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000280)={<r5=>0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x4e22, @rand_addr=0x64010102}]}, &(0x7f00000002c0)=0x10)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r4, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r6=>0x0}, &(0x7f00000004c0)=0x27)
getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r3, 0x84, 0x71, &(0x7f0000000080)={r6, 0xa}, &(0x7f00000000c0)=0x8)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r2, 0x84, 0x1a, &(0x7f00000001c0)={r6}, &(0x7f0000000440)=0x8)
openat$sndseq(0xffffffffffffff9c, &(0x7f00000003c0), 0x4a0e80)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000100)=@abs={0x1, 0x0, 0x4e26}, 0x6e, 0x0, 0x0, &(0x7f0000000380)=ANY=[@ANYRES64=r2, @ANYRESOCT, @ANYRES32=r0, @ANYRES32, @ANYRESHEX=r4], 0x20, 0x40005}, 0x10044010)
r7 = syz_open_procfs(0x0, &(0x7f0000019080)='environ\x00')
ioctl$HIDIOCGUCODE(r7, 0xc018480d, &(0x7f0000000080)={0x2, 0x2, 0x1c, 0x5, 0xfffff8f1, 0xfff})
r8 = socket$pppl2tp(0x18, 0x1, 0x1)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x17, 0x36, &(0x7f0000000480)=ANY=[@ANYRESHEX=r5], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @cgroup_sysctl, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r9}, 0x10)
sendfile(r8, r9, 0x0, 0x5)
r10 = socket$inet6(0xa, 0x2, 0x0)
r11 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r11)
getsockname$packet(r11, &(0x7f0000000180)={0x11, 0x0, <r12=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmmsg$inet(r10, &(0x7f0000000880)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r12, @empty, @multicast1}}}], 0x20}}], 0x1, 0x4880)
ioctl$SIOCSIFMTU(r8, 0x8923, &(0x7f0000000040)={'vlan0\x00', 0x40})

3m33.319537112s ago: executing program 4 (id=4971):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000300000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000020000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000240)='./file0\x00', 0x444, &(0x7f0000000940)=ANY=[@ANYBLOB="75746638006d61703d6f983c756661703d6e6f726d616c2c6909000000f2ff00003dda5de4d586f0df206d65656b416d6f64653d3078303030303010303071303030303030302c73657373696f6e3d307830faffffff30303030303030f4e4b4f82c6d61736b3d4d4159574b50be30c8486470722677b93165cfe6f62127553b2017754598752d977369672c7063723d303030303030303030303030303030303030332c64566e745f6d6561737572652c00000000000000006bbf4d6406b59dbc529c00000000000000fada265ab14119997600a2299d2c35a2efc1bf037787a0d801f26d335ef2ba9ac2423a358ccbb776b21e1d3b", @ANYRESDEC, @ANYRESHEX=0x0, @ANYRES64], 0xfe, 0x667, &(0x7f00000002c0)="$eJzs3U1v28gdx/EfZfmxQFC0xSIIsvFs0gUcNFUkeeOFkR7KUpTNrSQKJF3Yp0W6sRdB5GybpEDjy9aXPgDtG+htL3voiyjQc899Az0WWLS3Ar2oIClKskRZip+Sdr8fI9GI/JPzJ4fRhBY5FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAkOXUyuWKpYbX2tk1kzm1wG+eMj9d27zupoW7U+uVrPiPlpZ0PZ10/TuD2e/Ef93WzfTdTS3FL0s6+sY733z47WIhW/6UhM5Cr7vCF6+Onj7qdPafn622rnWW5S7FWCYqzLDUltvyQt9r2luu8ULfbG5slO9v10NT9xpuuBdGbtM4gVuI/MCsOXdNZXNz3bilPX+ntVWzG2428cPvV8vlDfPRYq/5739UCp1tr9HwWltJTDw7jlnsHyGu3TTm4Elnf31aknFQZZag6rSgarlarVSq1crGg80HH5bLxbEJ5REaixgctG9P4+MqXdAnN3B+hbj//7slNbSklna0K5P746imQL6aE+b3ZP3/+/fdU+sd7v+zXv76YPYNJf3/rfTdrUn9/4RcjEyyQN4ca8L0s/280Csd6akeqaOO9vX8Yta7enEZXu7PllSUPIXy5akpW1tyZXpTjDa1oQ2V9bG2VVcoo7o8NeQq1J5CRXLVTNokkCtbkXwFMlqTo7syqmhTm1qXkauS9uRrRy1tqSZb/+52uwd6kuz39VNyVBZUmSWo2D8Gx4Mm9f8//Txd4vX6f/z/6R87M8QAb1y3d/4/2VzexNXLywgAAAAAAFw0K/ntu5V8d/+upK7qXsMtv+m0AAAAAADABUq++b8Zv8zHpXdlTTj/7159bgAAAAAA4GJYyT12lqSV5KJ+a3An1CwXAeTeHAAAAAAAAN4uyff/txakbjK02qqs1zr/BwAAAAAA/wN+OzTGfjEbY7ebfa1fkBS2F60//3NRwbx13N79rnVox3Psw17M2BUAUf2GVVQ6UG8yXu+CpOSd4960euMD9wbBtNKBfaWvDqaN9W8FIwkszGW/vshJ4NrRUAIbxd47/V7vpTHv9ep9fFRQMietZaXuNdyS4zceVmTb1wqRuxv94tmTX0pBfzsPnnT2S5981nmc5HIcTzo+jPP4/EQ6hWm5vEzGW0juucjb4mXVsyp/12quWEm95Wz752QfFoYrmm37f63bacztlfR15ShrAVm/6hUqpaTJBlufjA5hDbKojG55XkNMyGIpyeJOGnNn7U76kuWXtsLS9+akamm8DYLhLKrDWUzfF9a/xvbFlCziY2E9zuIv8YomZLH+elmMtQgAvCkHg14oGcR8fIz90X73LJ9y03v3H56s5eUfu+kNh3NSsffdRHoT4qR+RfEn+loatpCO4l68kfOJXu71K0ua8IlePkfvFtf1p8EzkHpp9+YU+1n8p9vtPqwk9f5hpFf9Il7gi4n1ho3qXLwL7788/FkyAH7s0/1P959Vq+sb5Q/K5QdVzSeb0Xuh7wEA5Jj+jJ2TEUuD/qzfd3/QP6t+/I/309KJfvdb/UsKSvpEn6mjx7qXPUJgNb/elaHLEO6Nn7XGscvSaGxF9yae1SV96VBstR87r2yRk/9fGMSuX3YzAABwpW5P6YdH+/+8c/d72Xn32o3c8+6TffnoE4InxVaueE8AAPD14QZfWSvRb6wg8NofVzY3K3a07ZrAd35sAq+25RqvFbmBs223tlzTDvzId/yGaQda9GpuaMKddtsPIlP3A9P2Q283efK76T36PXSbdivynLDdcO3QNY7fimwnMjUvdEx750cNL9x2g2ThsO06Xt1z7MjzWyb0l+W4JWNC1x0K9GpuK/LqXlxsmXbgNe1gz/zEb+w0XVNzQyfw2pGfrjCry2vV/aCZrLak7mkPOgQA4Gvjxaujp486nf3npxSOlRay69FOCV7IW+Eb3kQAADCCXhoAAAAAAAAAAAAAAAAAAAAAgLffLPf/nVrIbgrMpswrJ1jqT/n5tZnWbGkw5cu/nSvDMxQKo1N6I+12py/+17RQzItZjgsLkjrZ7h+OOb7QrVidKVhpoXjx+3BZyjsSLq3wg4OTx+FYTDwzd9Zivy2K5//nkFd49uWEWdOPqMWT+3DhtA08WShKer5wjia4+s8iAFfrvwEAAP//pJI9bA==")
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup.net/syz0\x00', 0x200002, 0x0)

3m33.272679513s ago: executing program 4 (id=4975):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$USBDEVFS_SUBMITURB(r2, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x80, 0x0, 0x0, 0xfffe, 0x7995}, 0x8, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0})

3m33.225294843s ago: executing program 4 (id=4978):
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0xfffeffff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000dd06c329000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000010000008500000085000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
bind$bt_hci(r0, &(0x7f0000000000)={0x27}, 0x74)
r3 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
r5 = io_uring_setup(0xf08, &(0x7f000000c480)={0x0, 0xeb9e, 0x400, 0x20001, 0x3})
io_uring_register$IORING_REGISTER_BUFFERS(r5, 0x0, &(0x7f0000000540)=[{0x0}], 0x1)
r6 = io_uring_setup(0x7625, &(0x7f0000000600)={0x0, 0x6966, 0x0, 0x3, 0x28b})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'lo\x00'})
getrlimit(0x1, &(0x7f0000000000))
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)
r8 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r8, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
umount2(&(0x7f0000000480)='./file0\x00', 0x0)
io_uring_register$IORING_REGISTER_FILES(r6, 0x1e, &(0x7f0000000000)=[r5], 0x1)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x41, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x800000000001}, 0x1100, 0x5dd8, 0x0, 0x8, 0x0, 0x8, 0xfff9, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_register(r3, &(0x7f0000000440)={0x3a, 'syz1', 0x3a, 'M', 0x3a, 0x0, 0x3a, 'usrjquota=', 0x3a, '', 0x3a, './file2', 0x3a, [0x46]}, 0x32)
getpid()

3m32.645108511s ago: executing program 4 (id=4984):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000400)=@mangle={'mangle\x00', 0x44, 0x6, 0x390, 0x98, 0x260, 0x260, 0x260, 0x1c8, 0x2f8, 0x2f8, 0x2f8, 0x2f8, 0x2f8, 0x6, 0x0, {[{{@ip={@empty, @multicast2, 0x0, 0x0, 'veth0_to_bridge\x00', 'veth0_to_bridge\x00', {}, {}, 0x6, 0x1}, 0x0, 0x70, 0x98}, @ECN={0x28, 'ECN\x00', 0x0, {0x10}}}, {{@uncond, 0x0, 0x70, 0x98}, @TTL={0x28}}, {{@ip={@multicast2, @rand_addr=0x64010182, 0x0, 0x0, 'pim6reg1\x00', 'macvtap0\x00', {0xff}, {}, 0x0, 0x2}, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}, {{@ip={@dev, @private, 0x0, 0x0, 'hsr0\x00', 'ip6tnl0\x00'}, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}, {{@ip={@local, @rand_addr, 0x0, 0x0, 'ip6erspan0\x00', 'batadv_slave_1\x00'}, 0x0, 0x70, 0x98}, @TTL={0x28, 'TTL\x00', 0x0, {0x0, 0x1}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x3f0)
futex_waitv(&(0x7f0000002400)=[{0x80000000000000, &(0x7f00000001c0)=0x5, 0x82}, {0x4, &(0x7f0000000200)=0x1, 0x2}, {0x5, &(0x7f0000000240)=0x10000, 0x2}, {0x1, &(0x7f0000000280)=0x2, 0x82}, {0x1, &(0x7f00000002c0)=0x2, 0x2}, {0x8, &(0x7f0000000300)=0x3, 0x82}, {0x2, &(0x7f0000000340)=0x4c, 0x2}, {0x7f, &(0x7f0000000380)=0x7, 0x2}, {0x100000000, &(0x7f00000003c0)=0x3, 0x82}, {0x8000000000000000, &(0x7f0000000800)=0x3, 0x2}, {0x6, &(0x7f0000000840)=0x3, 0x2}, {0x7, &(0x7f0000000880)=0x7, 0x82}, {0xfffffffffffffffc, &(0x7f00000008c0), 0x2}, {0x0, &(0x7f0000000900)=0x8, 0x2}, {0x3, &(0x7f0000000940)=0xfffffffff3d15ff0, 0x82}, {0x81, &(0x7f0000000980)=0x81, 0x82}, {0x49, &(0x7f00000009c0)=0x6, 0x2}, {0x3, &(0x7f0000000a00)=0x8000000000000001, 0x2}, {0x2, &(0x7f0000000a40)=0x9, 0x2}, {0x5e6, &(0x7f0000000a80)=0x9, 0x2}, {0x8000000000000001, &(0x7f0000000ac0)=0xfff, 0x75535576adb16295}, {0x0, &(0x7f0000000b00)=0x9, 0x2}, {0x7, &(0x7f0000000b40)=0x887b, 0x2}, {0x400, &(0x7f0000000b80)=0x100, 0x82}, {0x3, &(0x7f0000000bc0), 0x82}, {0x2, &(0x7f0000000c00)=0xc882, 0x82}, {0x9, &(0x7f0000000c40)=0x9, 0x82}, {0x2, &(0x7f0000000c80)=0x40, 0x82}, {0x0, &(0x7f0000000cc0)=0x5, 0x82}, {0x87, &(0x7f0000000d00)=0x7fffffffffffffff, 0x82}, {0x400, &(0x7f0000000d40)=0x7fff, 0x2}, {0x2, &(0x7f0000000d80)=0x2e0, 0x82}, {0xffffffff, &(0x7f0000000dc0)=0x1, 0x82}, {0x2, &(0x7f0000000e00)=0x8, 0x82}, {0x9, &(0x7f0000000e40)=0x3, 0x82}, {0xfb, &(0x7f0000000e80)=0x3ff, 0x82}, {0x7, &(0x7f0000000ec0)=0x9, 0x2}, {0x7, &(0x7f0000000f00)=0xc, 0x82}, {0x1, &(0x7f0000000f40), 0x2}, {0x3, &(0x7f0000000f80)=0xfffffffffffffffd, 0x82}, {0x3400000000, &(0x7f0000000fc0)=0xc, 0x82}, {0xffffffffffff8000, &(0x7f0000001000)=0xb, 0x82}, {0x4, &(0x7f0000001040), 0x82}, {0x3, &(0x7f0000001080)=0x74c, 0x2}, {0x401, &(0x7f0000002fc0)=0x2, 0x82}, {0x100000000, &(0x7f0000001100)=0x3}, {0x7, &(0x7f0000001140)=0x7, 0x82}, {0x1, &(0x7f0000001180)=0xff, 0x2}, {0xffff, &(0x7f00000011c0)=0x1, 0x82}, {0x9, &(0x7f0000001200)=0x8, 0x2}, {0x7, &(0x7f0000001280)=0x5, 0x2}, {0x7, &(0x7f00000012c0)=0x3, 0x82}, {0x4, 0x0, 0x82}, {0x8, 0x0, 0x2}, {0xe8, &(0x7f00000013c0)=0x81, 0x80}, {0xffff, &(0x7f0000001400)=0xc, 0x82}, {0x4, 0x0, 0x82}, {0x8, &(0x7f0000001480)=0x6, 0x2}, {0x2, &(0x7f00000014c0)=0x5898, 0x2}, {0x4, &(0x7f0000001500)=0x1, 0x82}, {0xfff, &(0x7f0000001540)=0x581, 0x2}, {0x489ebdd6, &(0x7f0000001580)=0x1, 0x82}, {0x0, &(0x7f00000015c0)=0x3ff, 0x2}, {0x3, &(0x7f0000001600)=0xffffffffffff6f8e, 0x2}, {0x7, &(0x7f0000001640)=0x8000000000000000, 0x82}, {0x1, &(0x7f0000001680)=0x9, 0x82}, {0x9, &(0x7f00000016c0)=0x32, 0x2}, {0x8, &(0x7f0000001700)=0x1, 0x82}, {0x3, &(0x7f0000001740)=0x5, 0x2}, {0xa5, &(0x7f0000001780)=0x8, 0x2}, {0x63f, &(0x7f00000017c0)=0x5, 0x2}, {0x9, &(0x7f0000001800)=0x3, 0x82}, {0x6ff, &(0x7f0000001840)=0xfffffffffffffffe}, {0xdda, &(0x7f0000001880), 0x82}, {0xa, &(0x7f00000018c0)=0xffffffffffffffff, 0x82}, {0x1, &(0x7f0000001900)=0x7fffffff, 0x2}, {0x5, &(0x7f0000001940)=0x100}, {0x8001, &(0x7f0000001980)=0x9, 0x2}, {0x2, &(0x7f00000019c0)=0x3, 0x82}, {0x3, &(0x7f0000001a00)=0x5, 0x82}, {0x7, &(0x7f0000001a40)=0x4, 0x2}, {0x4000000000000, &(0x7f0000001a80)=0x10000, 0x82}, {0x5, &(0x7f0000001ac0)=0xf, 0x82}, {0x5, &(0x7f00000010c0)=0x2, 0x2}, {0x85, &(0x7f0000001b40)=0x5d, 0x2}, {0xe, &(0x7f0000001b80)=0xab, 0x2}, {0x6, &(0x7f0000001bc0)=0x3, 0x82}, {0x8, &(0x7f0000001c00)=0x2, 0x82}, {0x0, &(0x7f0000001c40)=0x401, 0x82}, {0x9, &(0x7f0000001c80)=0x6d, 0x2}, {0xffff, &(0x7f0000001cc0)=0x86, 0x82}, {0x6, &(0x7f0000001d00)=0x8, 0x2}, {0x9, &(0x7f0000001d40)=0x4, 0x2}, {0x9, &(0x7f0000001d80)=0x9, 0x2}, {0xffffffff, &(0x7f0000001dc0)=0x7, 0x82}, {0x9, &(0x7f0000001e00)=0x3, 0x2}, {0x12abc0d6, &(0x7f0000001e40)=0x2, 0x82}, {0x7, &(0x7f0000001e80)=0x2, 0x2}, {0x2, &(0x7f0000001ec0)=0x3, 0x2}, {0x7b08eb49, &(0x7f0000001f00)=0x8000000000000000, 0x82}, {0x7, 0x0, 0x82}, {0x0, &(0x7f0000001fc0)=0x9, 0x2}, {0x9, &(0x7f0000002000)=0x24000, 0x2}, {0x88e, &(0x7f0000002040)=0xfffffffffffffa5b, 0x82}, {0x100, &(0x7f0000002080)=0x2, 0x2}, {0xcd8, &(0x7f00000020c0)=0x2074, 0x82}, {0x5, &(0x7f0000002100)=0x7, 0x82}, {0x6, &(0x7f0000002140)=0x10000, 0x82}, {0x1, &(0x7f0000002180)=0x100000000, 0x2}, {0x9, &(0x7f00000021c0), 0x2}, {0x25, &(0x7f0000002200)=0x1, 0x82}, {0x7, &(0x7f0000002240)=0x6, 0x2}, {0x6, &(0x7f0000002280)=0x7, 0x82}, {0x2, &(0x7f0000002300)=0x66c784e6, 0x82}, {0x3, &(0x7f0000002340)=0x1, 0x82}, {0x54000000, &(0x7f0000002380)=0x7fff, 0x2}, {0x5e3, &(0x7f00000023c0)=0x4, 0x82}], 0x75, 0x0, &(0x7f0000002f80)={0x0, 0x989680}, 0x1)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000000000f6000000006debff00850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r2}, 0x0, 0x0}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
r4 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)
ioctl$USBDEVFS_IOCTL(r4, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r5, <r6=>0xffffffffffffffff}, 0x4)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000a40)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kmem_cache_free\x00', r7}, 0x10)
unshare(0x20000400)
syz_clone(0x2c302080, 0x0, 0x0, 0x0, 0x0, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
io_uring_enter(0xffffffffffffffff, 0x47ba, 0x233a, 0x0, 0x0, 0x41)

3m32.469029714s ago: executing program 4 (id=4988):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f00000001c0)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300", 0xffffffff}, 0x48, 0xffffffffffffffff)
r2 = add_key$fscrypt_v1(&(0x7f0000000040), 0x0, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x48, 0xffffffffffffffff)
r3 = add_key$fscrypt_v1(&(0x7f0000000400), &(0x7f0000000440)={'fscrypt:', @desc2}, &(0x7f00000002c0)={0x0, "6035ae1e0fe721441705322225930e6c1e3e2a51a92fd780bc34d7cf6e0236805b4377f7ab1a9b01c103a4c6a7ef54e6763fd7264c39ea00c508ba6062696138", 0x18}, 0x48, 0xfffffffffffffffe)
keyctl$KEYCTL_MOVE(0x4, r3, r2, r2, 0x0)
keyctl$KEYCTL_MOVE(0x4, r1, r1, 0x0, 0x0)

3m32.468858784s ago: executing program 32 (id=4988):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f00000001c0)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300", 0xffffffff}, 0x48, 0xffffffffffffffff)
r2 = add_key$fscrypt_v1(&(0x7f0000000040), 0x0, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x48, 0xffffffffffffffff)
r3 = add_key$fscrypt_v1(&(0x7f0000000400), &(0x7f0000000440)={'fscrypt:', @desc2}, &(0x7f00000002c0)={0x0, "6035ae1e0fe721441705322225930e6c1e3e2a51a92fd780bc34d7cf6e0236805b4377f7ab1a9b01c103a4c6a7ef54e6763fd7264c39ea00c508ba6062696138", 0x18}, 0x48, 0xfffffffffffffffe)
keyctl$KEYCTL_MOVE(0x4, r3, r2, r2, 0x0)
keyctl$KEYCTL_MOVE(0x4, r1, r1, 0x0, 0x0)

7.17286989s ago: executing program 0 (id=9273):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="19000000040000000800"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r0}, &(0x7f0000000380), &(0x7f0000000200)=r1}, 0x20)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
fsync(0xffffffffffffffff)

7.104934731s ago: executing program 0 (id=9274):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000380)='sys_enter\x00', r1}, 0x10)
r2 = timerfd_create(0x0, 0x0)
read(r2, &(0x7f0000000740)=""/190, 0xbe)
timerfd_settime(r2, 0x0, &(0x7f00000000c0)={{0x77359400}, {0x0, 0x3938700}}, 0x0)

6.928445803s ago: executing program 0 (id=9275):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r0}, &(0x7f0000000380), &(0x7f0000000200)=r1}, 0x20)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x80)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x0, 0x0)
umount2(&(0x7f00000002c0)='./file0\x00', 0x0)

6.855984065s ago: executing program 0 (id=9278):
r0 = socket$packet(0x11, 0x2, 0x300)
accept4(r0, &(0x7f00000003c0), &(0x7f00000002c0)=0x80, 0x0)
setsockopt$packet_tx_ring(r0, 0x107, 0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b00000000000000f54a9b8655000000000080000000000000073105c536f0ef9a34851d1cb941f72e1ae07e3101729b10e1fd3f365e54342085001e9930b6fbeabd17a3024d99a6cd176a0f170757b07fb478b23edc1c41bed7cb153545a711c42db2dd5fa3260104e2effaf48f1fc3b8e12ca443593e1098df0975d41e79f277335bf937e8dbc835a7e0dbcbae4d639d118224247aa34a40b92d7111c76b08aeed8e71c04d9dcdd5bacf18e7ca5c0ba5a331fb795ced9a4c5c1e142072140c86e1d86378e4f38845117af79fbc3171e6959b996e5d08507a9ab6ffee4e7271386ff191b9270f2c8740a0030000000000000086f718200923613a860c9550aa52", @ANYRES32, @ANYBLOB="00000200"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./bus\x00', 0x0, &(0x7f0000000240), 0x21, 0x4a6, &(0x7f0000000a40)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40000100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x7}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000280)='uid_map\x00')
writev(r2, &(0x7f0000001b80)=[{&(0x7f00000005c0)="c9", 0x1}], 0x1)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000200)='kfree\x00', r5, 0x0, 0x80}, 0x18)
add_key(&(0x7f00000001c0)='ceph\x00', 0x0, &(0x7f0000000840)='\x00\x00\x00\x00\x00\x00\x00\x00\x00*\x00\x00', 0xc, 0xffffffffffffffff)
connect$inet(r4, &(0x7f0000000480)={0x2, 0x4e24, @loopback}, 0x10)
sendmmsg$inet(r4, &(0x7f0000000c80)=[{{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000c00)="c8", 0x1}], 0x1}}], 0x1, 0x8890)
recvmmsg(r4, &(0x7f0000003780)=[{{0x0, 0x0, &(0x7f0000000fc0)=[{&(0x7f0000000f40)=""/91, 0x5b}], 0x1}, 0x80000000}], 0x1, 0x40000142, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r3}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10)
r7 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000000)=ANY=[@ANYBLOB="380000000314010000000000000000000900020073797a2f000000000800410072786500140033007465616d5f736c6176655f30"], 0x38}}, 0x0)
setgroups(0x3, &(0x7f0000000380)=[0x0, 0x0, 0x0])
ioctl$PTP_PEROUT_REQUEST2(r2, 0x40383d0c, &(0x7f0000000540)={{0x6, 0x100}, {0x4, 0x8}, 0x800})

6.002553186s ago: executing program 0 (id=9284):
socket$nl_generic(0x10, 0x3, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000"], 0x7c}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x600, 0x0)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, 0x0, 0x8, 0x1)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1018e58, &(0x7f0000000440)={[{@bsdgroups}, {@abort}, {@grpjquota}, {@init_itable_val={'init_itable', 0x3d, 0x6}}, {@debug}, {@errors_remount}]}, 0x1, 0x5fc, &(0x7f0000000600)="$eJzs3c9rHGUfAPDvzCZ5kzavaUXEFsWAhxakaVKLVS+29WAPBQv2IOKhoUlq6PYHTQq2FkzBg4KCiFeRXvwHvEvv3kRQb56FKlJRUOnK7M62m2Q3XdPsTpr5fGCzz/PM7D7PdydP5pmZPDsBlNZ49iON2BVx51QSMdaybDQaC8fz9W7/du109kiiVnv91ySSvKy5fpI/b88zwxHx7dGIRyur6124cvXsdLXW8F7E/sVzF/cvXLm6b/7c9JnZM7Pnpw68cPDQ5ItTB6c2JM7t+fOx4689+fH7bz8/9111XxKH4+TguzOxIo6NMh7jcScPsbV8ICIOZYk2n8vDZguEUGqV/PdxMCIej7Go1HMNYzH/UaGNA3qqVomoASWV6P9QUs1xQPPYvrvj4JM9HpX0z60jjQOg1fEPNM6NxHD92Gjb7aTlyKhxbmPHBtSf1fHPtd2fZ49Ydh7iz7tbZ2AD6ulk6XpEPNEu/qTeth31SLP402XtSCJiMiKG8va98gBtSFrSvTgPs5b1xp9GxOH8OSs/us76x1fk+x0/AOV080i+I1/Kcvf2f9nYozn+iTbjn9E2+671KHr/13n819zfD9fPkacrxmHZmOVE+7ccXFnw04fHPu1Uf+v4L3tk9TfHgv1w63rE7hXxf5AFm49/sviTNts/W+XU4e7qePX7X451WlZ0/LUbEXvaHv/cG5VmqTWuT+6fm6/OTjZ+tq3j62/e+rJT/UXHn23/bR3ib9n+6crXZZ/JxS7r+OrEjXOdlo3eN/7056Gkcbw5lJe8M724eGkqYig5nq/SUn5g7bY012m+Rxb/3mfa9/9lv//Xl7/PSPNPZhcuvnH2dqdl69n+LReT79S6bEMnWfwz99/+q/p/VvZJl3X88eblpzotWyv+kQcJDAAAAAAAAEoorV+DTdKJu+k0nZhozJd9LLal1QsLi8/OXbh8fiZib/3/IQfT5pXusUY+yfJT+f/DNvMHVuSfi4idEfFZZaSenzh9oTpTdPAAAAAAAAAAAAAAAAAAAACwSWzP5/8371P9e6Ux/x8oiV7eYA7Y3PR/KK96/191iyegDOz/obz0fygv/R/KS/+H8tL/obz0fygv/R/KS/8HAAAAgC1p59M3f0wiYumlkfojM5QvMyMItrbBohsAFKZSdAOAwty99G+wD6XT1fj/r/zLAXvfHKAASbvC+uCgtnbnv9n2lQAAAAAAAAAAAABAD+zZ1Xn+v7nBsLWZ9gfl9QDz/311ADzkfPU/lJdjfOB+s/iHOy0w/x8AAAAAAAAAAAAA+ma0/kjSiXwu8Gik6cRExP8jYkcMJnPz1dnJiHgkIn6oDP4vy08V3WgAAAAAAAAAAAAAAAAAAADYYhauXD07Xa3OXmpN/L2qZGsnmndB7UNdL8d/fFUk/f9YRiKi8I3Ss8RAS0kSsZRt+U3RsEsLsTmaUU8U/IcJAAAAAAAAAAAAAAAAAABKqGXucXu7v+hziwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg/+7d/793iaJjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeTv8GAAD//7V5QCw=")
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r2}, 0x18)
r3 = msgget$private(0x0, 0x0)
msgsnd(r3, &(0x7f0000000380)=ANY=[@ANYBLOB="030000"], 0x0, 0x0)
msgctl$IPC_SET(r3, 0x1, &(0x7f0000258f88)={{0x1}, 0x0, 0x0, 0x800000000000000, 0x7, 0x2, 0x0, 0x3, 0xe8, 0x0, 0x0, 0x0, 0xffffffffffffffff})

5.76135742s ago: executing program 0 (id=9285):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='map_files\x00')
getdents64(r2, &(0x7f0000002f40)=""/4098, 0x1002)

5.647559112s ago: executing program 2 (id=9288):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)={0x1c, r1, 0xb21, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8}]}, 0x1c}}, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x3a)
setsockopt$inet6_int(r2, 0x29, 0x4e, &(0x7f0000000040)=0x9, 0x4)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0xa}, 0x1c)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0xa}, 0x1c)
r3 = syz_open_dev$sg(&(0x7f00000004c0), 0x0, 0x20c02)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
writev(r3, &(0x7f0000000000)=[{&(0x7f0000000040)="aefdda9d240303005a90f57f07703aeff0f64eb9ee07962c220a2e11b44e65d76641cb010852f426072a", 0x2a}], 0x1)
read(r3, 0x0, 0x0)
r5 = socket(0x2, 0x2, 0x1)
bind$unix(r5, &(0x7f0000000000)=@abs, 0x6e)
r6 = syz_open_procfs(0x0, &(0x7f0000000480)='net/icmp6\x00')
preadv(r6, &(0x7f0000000080)=[{&(0x7f00000001c0)=""/133, 0x85}], 0x1, 0x114a, 0x0)
getsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x53, &(0x7f0000000000)={@dev, @local, @broadcast}, &(0x7f0000000040)=0xc)

5.609778682s ago: executing program 2 (id=9291):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r1 = dup(r0)
ioctl$PTP_EXTTS_REQUEST2(r1, 0x3d13, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x1c, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x400000, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x62, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f00000003c0)={0x0, 0x3ff, 0x0, 'queue1\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r3, 0x404c534a, &(0x7f0000000040))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000840)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = open$dir(&(0x7f0000000100)='./file0\x00', 0x149800, 0x0)
io_setup(0x1, &(0x7f0000000b80)=<r5=>0x0)
io_submit(r5, 0x1, &(0x7f0000001d00)=[&(0x7f0000001a80)={0x0, 0x0, 0x0, 0x0, 0x1, r4, 0x0, 0x0, 0x0, 0x0, 0x0, r4}])
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r8}, 0x10)
r9 = timerfd_create(0x0, 0x0)
timerfd_gettime(r9, &(0x7f0000000000))
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000005c0)=ANY=[@ANYBLOB="16000000", @ANYRES16=r6, @ANYBLOB="010300000000009542d411"], 0x28}}, 0x40)
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x4, &(0x7f0000000340)={0x3, &(0x7f0000000180)=[{0x2006, 0x5, 0x3, 0xfffffffe}, {0x3, 0x2, 0x3, 0x9}, {0x0, 0x9, 0x91, 0x3}]})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
socket$kcm(0x10, 0x2, 0x0)

5.536011083s ago: executing program 2 (id=9293):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000400)=@mangle={'mangle\x00', 0x44, 0x6, 0x390, 0x98, 0x260, 0x260, 0x260, 0x1c8, 0x2f8, 0x2f8, 0x2f8, 0x2f8, 0x2f8, 0x6, 0x0, {[{{@ip={@empty, @multicast2, 0x0, 0x0, 'veth0_to_bridge\x00', 'veth0_to_bridge\x00', {}, {}, 0x6, 0x1}, 0x0, 0x70, 0x98}, @ECN={0x28, 'ECN\x00', 0x0, {0x10}}}, {{@uncond, 0x0, 0x70, 0x98}, @TTL={0x28}}, {{@ip={@multicast2, @rand_addr=0x64010182, 0x0, 0x0, 'pim6reg1\x00', 'macvtap0\x00', {0xff}, {}, 0x0, 0x2}, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}, {{@ip={@dev, @private, 0x0, 0x0, 'hsr0\x00', 'ip6tnl0\x00'}, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}, {{@ip={@local, @rand_addr, 0x0, 0x0, 'ip6erspan0\x00', 'batadv_slave_1\x00'}, 0x0, 0x70, 0x98}, @TTL={0x28, 'TTL\x00', 0x0, {0x0, 0x1}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x3f0)
futex_waitv(&(0x7f0000002400)=[{0x80000000000000, &(0x7f00000001c0)=0x5, 0x82}, {0x4, &(0x7f0000000200)=0x1, 0x2}, {0x5, &(0x7f0000000240)=0x10000, 0x2}, {0x1, &(0x7f0000000280)=0x2, 0x82}, {0x1, &(0x7f00000002c0)=0x2, 0x2}, {0x8, &(0x7f0000000300)=0x3, 0x82}, {0x2, &(0x7f0000000340)=0x4c, 0x2}, {0x7f, 0x0, 0x2}, {0x100000000, &(0x7f00000003c0)=0x3, 0x82}, {0x8000000000000000, &(0x7f0000000800)=0x3, 0x2}, {0x6, &(0x7f0000000840)=0x3, 0x2}, {0x7, &(0x7f0000000880)=0x7, 0x82}, {0xfffffffffffffffc, &(0x7f00000008c0), 0x2}, {0x0, &(0x7f0000000900)=0x8, 0x2}, {0x3, &(0x7f0000000940)=0xfffffffff3d15ff0, 0x82}, {0x81, &(0x7f0000000980)=0x81, 0x82}, {0x49, &(0x7f00000009c0)=0x6, 0x2}, {0x3, &(0x7f0000000a00)=0x8000000000000001, 0x2}, {0x2, &(0x7f0000000a40)=0x9, 0x2}, {0x5e6, &(0x7f0000000a80)=0x9, 0x2}, {0x8000000000000001, &(0x7f0000000ac0)=0xfff, 0x75535576adb16295}, {0x0, &(0x7f0000000b00)=0x9, 0x2}, {0x7, &(0x7f0000000b40)=0x887b, 0x2}, {0x400, &(0x7f0000000b80)=0x100, 0x82}, {0x3, &(0x7f0000000bc0), 0x82}, {0x2, &(0x7f0000000c00)=0xc882, 0x82}, {0x9, &(0x7f0000000c40)=0x9, 0x82}, {0x2, &(0x7f0000000c80)=0x40, 0x82}, {0x0, &(0x7f0000000cc0)=0x5, 0x82}, {0x87, &(0x7f0000000d00)=0x7fffffffffffffff, 0x82}, {0x400, &(0x7f0000000d40)=0x7fff, 0x2}, {0x2, &(0x7f0000000d80)=0x2e0, 0x82}, {0xffffffff, &(0x7f0000000dc0)=0x1, 0x82}, {0x2, &(0x7f0000000e00)=0x8, 0x82}, {0x9, &(0x7f0000000e40)=0x3, 0x82}, {0xfb, &(0x7f0000000e80)=0x3ff, 0x82}, {0x7, &(0x7f0000000ec0)=0x9, 0x2}, {0x7, &(0x7f0000000f00)=0xc, 0x82}, {0x1, &(0x7f0000000f40), 0x2}, {0x3, &(0x7f0000000f80)=0xfffffffffffffffd, 0x82}, {0x3400000000, &(0x7f0000000fc0)=0xc, 0x82}, {0xffffffffffff8000, &(0x7f0000001000)=0xb, 0x82}, {0x4, &(0x7f0000001040), 0x82}, {0x3, &(0x7f0000001080)=0x74c, 0x2}, {0x401, &(0x7f0000002fc0)=0x2, 0x82}, {0x100000000, &(0x7f0000001100)=0x3}, {0x7, &(0x7f0000001140)=0x7, 0x82}, {0x1, &(0x7f0000001180)=0xff, 0x2}, {0xffff, &(0x7f00000011c0)=0x1, 0x82}, {0x9, &(0x7f0000001200)=0x8, 0x2}, {0xff, &(0x7f0000001240)=0x5, 0x2}, {0x7, &(0x7f0000001280)=0x5, 0x2}, {0x7, &(0x7f00000012c0)=0x3, 0x82}, {0x4, &(0x7f0000001300)=0x81, 0x82}, {0x8, &(0x7f0000001340)=0x8, 0x2}, {0xe, &(0x7f0000001380)=0x6, 0x2}, {0xe8, &(0x7f00000013c0)=0x81, 0x80}, {0xffff, &(0x7f0000001400)=0xc, 0x82}, {0x4, &(0x7f0000001440)=0x5, 0x82}, {0x8, &(0x7f0000001480)=0x6, 0x2}, {0x2, &(0x7f00000014c0)=0x5898, 0x2}, {0x4, &(0x7f0000001500)=0x1, 0x82}, {0xfff, &(0x7f0000001540)=0x581, 0x2}, {0x489ebdd6, &(0x7f0000001580)=0x1, 0x82}, {0x0, &(0x7f00000015c0)=0x3ff, 0x2}, {0x3, &(0x7f0000001600)=0xffffffffffff6f8e, 0x2}, {0x7, &(0x7f0000001640)=0x8000000000000000, 0x82}, {0x1, &(0x7f0000001680)=0x9, 0x82}, {0x9, &(0x7f00000016c0)=0x32, 0x2}, {0x8, &(0x7f0000001700)=0x1, 0x82}, {0x3, &(0x7f0000001740)=0x5, 0x2}, {0xa5, &(0x7f0000001780)=0x8, 0x2}, {0x63f, &(0x7f00000017c0)=0x5, 0x2}, {0x9, &(0x7f0000001800)=0x3, 0x82}, {0x6ff, &(0x7f0000001840)=0xfffffffffffffffe}, {0xdda, &(0x7f0000001880), 0x82}, {0xa, &(0x7f00000018c0)=0xffffffffffffffff, 0x82}, {0x1, &(0x7f0000001900)=0x7fffffff, 0x2}, {0x5, &(0x7f0000001940)=0x100}, {0x8001, &(0x7f0000001980)=0x9, 0x2}, {0x2, &(0x7f00000019c0)=0x3, 0x82}, {0x3, &(0x7f0000001a00)=0x5, 0x82}, {0x7, &(0x7f0000001a40)=0x4, 0x2}, {0x4000000000000, &(0x7f0000001a80)=0x10000, 0x82}, {0x5, &(0x7f0000001ac0)=0xf, 0x82}, {0x5, &(0x7f00000010c0)=0x2, 0x2}, {0x85, &(0x7f0000001b40)=0x5d, 0x2}, {0xe, &(0x7f0000001b80)=0xab, 0x2}, {0x6, &(0x7f0000001bc0)=0x3, 0x82}, {0x8, &(0x7f0000001c00)=0x2, 0x82}, {0x0, &(0x7f0000001c40)=0x401, 0x82}, {0x9, &(0x7f0000001c80)=0x6d, 0x2}, {0xffff, &(0x7f0000001cc0)=0x86, 0x82}, {0x6, &(0x7f0000001d00)=0x8, 0x2}, {0x9, &(0x7f0000001d40)=0x4, 0x2}, {0x9, &(0x7f0000001d80)=0x9, 0x2}, {0xffffffff, &(0x7f0000001dc0)=0x7, 0x82}, {0x9, &(0x7f0000001e00)=0x3, 0x2}, {0x12abc0d6, &(0x7f0000001e40)=0x2, 0x82}, {0x7, &(0x7f0000001e80)=0x2, 0x2}, {0x2, &(0x7f0000001ec0)=0x3, 0x2}, {0x7b08eb49, &(0x7f0000001f00)=0x8000000000000000, 0x82}, {0xb04b, &(0x7f0000001f40)=0x3ff, 0x2}, {0x7, &(0x7f0000001f80)=0x8, 0x82}, {0x0, &(0x7f0000001fc0)=0x9, 0x2}, {0x9, &(0x7f0000002000)=0x24000, 0x2}, {0x88e, &(0x7f0000002040)=0xfffffffffffffa5b, 0x82}, {0x100, &(0x7f0000002080)=0x2, 0x2}, {0xcd8, &(0x7f00000020c0)=0x2074, 0x82}, {0x5, &(0x7f0000002100)=0x7, 0x82}, {0x6, &(0x7f0000002140)=0x10000, 0x82}, {0x1, &(0x7f0000002180)=0x100000000, 0x2}, {0x9, &(0x7f00000021c0), 0x2}, {0x25, &(0x7f0000002200)=0x1, 0x82}, {0x7, &(0x7f0000002240)=0x6, 0x2}, {0x6, &(0x7f0000002280)=0x7, 0x82}, {0xfff, &(0x7f00000022c0)=0x2}, {0x2, &(0x7f0000002300)=0x66c784e6, 0x82}, {0x3, &(0x7f0000002340)=0x1, 0x82}, {0x54000000, &(0x7f0000002380)=0x7fff, 0x2}, {0x5e3, &(0x7f00000023c0)=0x4, 0x82}], 0x79, 0x0, &(0x7f0000002f80)={0x0, 0x989680}, 0x1)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000000000f6000000006debff00850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r2}, 0x0, 0x0}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
r4 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)
ioctl$USBDEVFS_IOCTL(r4, 0xc0105512, &(0x7f0000000040))
ioctl$USBDEVFS_IOCTL(r4, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r5, <r6=>0xffffffffffffffff}, 0x4)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000a40)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kmem_cache_free\x00', r7}, 0x10)
unshare(0x20000400)
syz_clone(0x2c302080, 0x0, 0x0, 0x0, 0x0, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
syz_open_dev$tty20(0xc, 0x4, 0x0)
io_uring_enter(0xffffffffffffffff, 0x47ba, 0x233a, 0x0, 0x0, 0x41)

5.207890227s ago: executing program 2 (id=9296):
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e00000000000000001801", @ANYRES32, @ANYBLOB="0000000000000008b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
futex(0x0, 0x3, 0x0, &(0x7f0000fd7ff0)={0x77359400}, 0x0, 0xfffffffd)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x600, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x22a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x4}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r2, <r3=>0xffffffffffffffff}, 0x4)
perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0xb, 0xffffffffffffffff, 0x2)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r5, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
setsockopt$inet_udp_encap(r5, 0x11, 0x64, &(0x7f0000000000)=0x2, 0x4)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0xffffffffffffffd6, &(0x7f0000000100)={&(0x7f00000003c0)=ANY=[@ANYRES16=r3, @ANYRES64=r5], 0xdc}, 0x1, 0x0, 0x0, 0x4040}, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000))
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={0x0, 0x0, 0x51, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f0000000780)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095", @ANYRES8=0x0, @ANYBLOB="5582033c1ed02e0153d3f83d234eb0dc1f00501e6cd70849e060a3757f173ded42f4b03f7289b9c43c3ca3f9f87cb4aae0ef335f8108316c2bd75a2f35b08aaa8f1941494851cb0c6130962052cf7f06b1e861345f1042abff91f869c72b8362710d2877f9159a70f0437f00a499713b4790ae61161a6def5a080b538fd340296603ec7d4af8a47200b8bb37657b65aeb1b235fc277ce7b942744711f5bf3934ddfd35b3018b6496cad6a1a94c78d5b866bd59a883782c80100e0ef9cc9d155dfb9fac2e7c68224da57fc881ee32dbaa4dd4141cbab91a3b65f0f03da4519e2fd55d5b82890875cd3efb050489f69285bf09af", @ANYRES16=r1], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r6}, 0x10)
r7 = semget(0x0, 0x2, 0x40)
semctl$IPC_STAT(r7, 0x0, 0x2, &(0x7f0000000400)=""/88)
syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0)

3.779954977s ago: executing program 5 (id=9311):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='kfree\x00'}, 0x10)
ioctl$USBDEVFS_REAPURBNDELAY(0xffffffffffffffff, 0x4008550d, 0x0)
connect$phonet_pipe(0xffffffffffffffff, &(0x7f0000000040)={0x23, 0x0, 0x0, 0x1}, 0x10)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0xfffffffe, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
connect$inet(r2, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
shutdown(r2, 0x1)

3.730134437s ago: executing program 5 (id=9314):
r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x41, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x800000000003}, 0x1100, 0x5dd8, 0x0, 0x3, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00'}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000021c0)={&(0x7f00000000c0)=ANY=[@ANYRES16=r2], 0x18}, 0x1, 0x0, 0x0, 0x4000080}, 0x0)
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x360, &(0x7f0000000b00)="$eJzs3c1rO0UYwPEnaZImKW1yEEVBOtiLXpY2ehaDtCAELG0jtoKwbTcasiYlG6oRse3Jq3j3JHgovVnwUND+A71404sI3noRPFhBXdm3ZPPWl5g0/trvB0omM/PszmQn5dm0m718+/MPKiVLK+kNiSaVRERErkSyEpVAxH+MuuWEhB3KSzO///j8+mYx6VWolfzGyzml1Nz8dx9+kvK7nU3LRfbdy99yv148ffHs5T8b75ctVbZUtdZQutqu/dzQt01D7ZatiqbUqmnolqHKVcuoe+3f+Nsxa3t7TaVXd2fTe3XDspRebaqK0VSNmmrUm0p/Ty9XlaZpajYtuEnxeG1Nzw8ZvDPiwWBM6vW8PiUiqZ6W4vFEBgQAACaqO/+POin9MPn/lswVCstryunczv9PXjhvzLx1Oufn/2eJfvn/Kz952+rI/53TiXb+X/POD0o35/9fyh3y/96M6HEZOv/PjmEwGM58oqcq0vHMyf/T/vvXdfTOyaJbIP8HAAAAAAAAAAAAAAAAAAAAAOBJcGXbGdu2M8Fj8NO+hMB/jgdp0PGfFpGkc/Rtjv9Dtr65JUn3wj3nGJuf7Rf3i96j3+FcREwx/ra7OWsjuPJIObLyvXngxx/sF6fclnxJyk68LElGsu56CsXb9sobheUl5fHjW5cppcPxOcnIU+H4b93V6cTnOuP9/SfkxYVQvCYZ+WFHamLKrhvZ3v+nS0q9/mahKz7l9hORX+79oAAAAAAAMGKaaul7/q5pg9q9bxnJl9yPiQxZlIz81f/8frHv+Xks81xs0rMHAAAAAOBxsJofV3SJGnW3YJr9CikZ2DSCQqyjJi4ifTsnumri1215KjTD244nId4dTP7rvL4KXtW7RAX/SOEMvNXk31FFhhtPMH+3JhJrNf1513lFDsVdAIfhpqjcIjzWPfh5p0L17bwwcDtH/kRaNcHHRokBr7Os9m4nes1KiPfU2JHhFsAzX3z9x+jeIK+e+ivgo5s7H5mGfSC3OShdBWcXvU3xsf/iAQAAAHDv2kl/UPNauDl8I5HwzXL4yz0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAACM0lq/06ypMeo4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/8W/AQAA//9/d/Qh")
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000000085000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00', r5}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r6 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x2000000}, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc0}, 0x0)
r9 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x141b82, 0x0)
accept4$packet(r9, 0x0, &(0x7f0000000080), 0x80000)
poll(&(0x7f0000000200)=[{r4, 0x220}, {r4, 0x40}], 0x2, 0x7fffffff)
write$cgroup_int(r9, &(0x7f0000000000)=0x700, 0x12)
mlock2(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1)
perf_event_open(&(0x7f0000000800)={0x5, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x4db6b34f, 0x3}, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x105042, 0x40)
semget$private(0x0, 0x0, 0x212)

3.120807676s ago: executing program 3 (id=9322):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000200)=ANY=[@ANYBLOB], 0x38}}, 0x80)
sendmmsg(r0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[], 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f0000000300)={[{@noauto_da_alloc}, {@errors_remount}]}, 0x3, 0x445, &(0x7f0000000b00)="$eJzs28+PE1UcAPDvTLeLCLgr4g9+qKto3PhjlwVUDh7UaOIBExM96HGzuxCksIZdEyFEwRg8GWPi3Xj0X/CkF2M8mXjVuyEhhgvgqWbaGbYtbdktLUX6+SQD78282fe+nXnte/PaAEbWVPZPErE1Iv6MiIl6trnAVP2/q5fPLly7fHYhiWr13X+SWrkrl88uFEWL87bkmek0Iv0iid1t6l05feb4fKWydCrPz66e+Gh25fSZF46dmD+6dHTp5P5Dhw4emHv5pf0v9iXOrE1Xdn26vGfnWx988/bhr5rib4mjT6a6HXy6Wu1zdcO1rSGdjA2xIWxIKSKyy1Wu9f+JKMXaxZuINz8fauOAgapWq9UtnQ+fqwJ3sSSa87o8jIrigz6b/xZb6yDg1cENP4bu0mv1CVAW99V8qx8ZizQvU26Z3/bTVES8f+7f77ItBvMcAgCgyU/Z+Of5duO/NB5qKHdfvjY0GRH3R8T2iHggInZExIMRtbIPR8QjG6y/dZHkxvFPerGnwNYpG/+9kq9tNY//itFfTJby3LZa/OXkyLHK0r78NZmO8qYsP9eljp/f+OPrTscax3/ZltVfjAXzdlwc29R8zuL86vytxNzo0vmIXWPt4k+urwQkEbEzInb1WMexZ3/Y0+nYzePvog/rTNXvI56pX/9z0RJ/Iem+Pjl7T1SW9s0Wd8WNfvv9wjud6r+l+Psgu/73tr3/r8c/mTSu165svI4Lf33ZcU7T6/0/nrxXS4/n+z6ZX109NRcxnhyuN7px//61c4t8UT6Lf3pv+/6/PdZeid0Rkd3Ej0bEYxHxeN72JyLiyYjY2yX+X19/6sPe4x+sLP7FDV3/tcR4tO5pnygd/+XHpkonb4j/Wvfrf7CWms73rOf9bz3t6u1uBgAAgP+fNCK2RpLOXE+n6cxM/fvyOyLSyvLK6nNHlj8+uVj/jcBklNPiSddEw/PQuXxaX8+fj4j6VwuK4wfy58bfljbX8jMLy5XFYQcPI25Lh/6f+bs07NYBA+f3WjC69H8YXfo/jC79H0ZXm/6/eRjtAG6/dp//nw2hHcDt19L/LfvBCDH/h9Gl/8Po0v9hJK1sjpv/SL5rovhLPZ5+1yaifEc0Y2CJSO+IZkgMKDHc9yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB++S8AAP///fHg0g==")
r5 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_RX_RING(r5, 0x11b, 0x2, &(0x7f0000000000)=0x800, 0x4)
mmap(&(0x7f0000002000/0x4000)=nil, 0x4000, 0x6, 0x8012, r5, 0x0)
syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0)
removexattr(&(0x7f0000000240)='./file0\x00', 0x0)
fsopen(&(0x7f0000000300)='tracefs\x00', 0x0)

3.033650578s ago: executing program 1 (id=9326):
socket$nl_generic(0x10, 0x3, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x600, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, 0x0, 0x8, 0x1)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1018e58, &(0x7f0000000440)={[{@bsdgroups}, {@abort}, {@grpjquota}, {@init_itable_val={'init_itable', 0x3d, 0x6}}, {@debug}, {@errors_remount}]}, 0x1, 0x5fc, &(0x7f0000000600)="$eJzs3c9rHGUfAPDvzCZ5kzavaUXEFsWAhxakaVKLVS+29WAPBQv2IOKhoUlq6PYHTQq2FkzBg4KCiFeRXvwHvEvv3kRQb56FKlJRUOnK7M62m2Q3XdPsTpr5fGCzz/PM7D7PdydP5pmZPDsBlNZ49iON2BVx51QSMdaybDQaC8fz9W7/du109kiiVnv91ySSvKy5fpI/b88zwxHx7dGIRyur6124cvXsdLXW8F7E/sVzF/cvXLm6b/7c9JnZM7Pnpw68cPDQ5ItTB6c2JM7t+fOx4689+fH7bz8/9111XxKH4+TguzOxIo6NMh7jcScPsbV8ICIOZYk2n8vDZguEUGqV/PdxMCIej7Go1HMNYzH/UaGNA3qqVomoASWV6P9QUs1xQPPYvrvj4JM9HpX0z60jjQOg1fEPNM6NxHD92Gjb7aTlyKhxbmPHBtSf1fHPtd2fZ49Ydh7iz7tbZ2AD6ulk6XpEPNEu/qTeth31SLP402XtSCJiMiKG8va98gBtSFrSvTgPs5b1xp9GxOH8OSs/us76x1fk+x0/AOV080i+I1/Kcvf2f9nYozn+iTbjn9E2+671KHr/13n819zfD9fPkacrxmHZmOVE+7ccXFnw04fHPu1Uf+v4L3tk9TfHgv1w63rE7hXxf5AFm49/sviTNts/W+XU4e7qePX7X451WlZ0/LUbEXvaHv/cG5VmqTWuT+6fm6/OTjZ+tq3j62/e+rJT/UXHn23/bR3ib9n+6crXZZ/JxS7r+OrEjXOdlo3eN/7056Gkcbw5lJe8M724eGkqYig5nq/SUn5g7bY012m+Rxb/3mfa9/9lv//Xl7/PSPNPZhcuvnH2dqdl69n+LReT79S6bEMnWfwz99/+q/p/VvZJl3X88eblpzotWyv+kQcJDAAAAAAAAEoorV+DTdKJu+k0nZhozJd9LLal1QsLi8/OXbh8fiZib/3/IQfT5pXusUY+yfJT+f/DNvMHVuSfi4idEfFZZaSenzh9oTpTdPAAAAAAAAAAAAAAAAAAAACwSWzP5/8371P9e6Ux/x8oiV7eYA7Y3PR/KK96/191iyegDOz/obz0fygv/R/KS/+H8tL/obz0fygv/R/KS/8HAAAAgC1p59M3f0wiYumlkfojM5QvMyMItrbBohsAFKZSdAOAwty99G+wD6XT1fj/r/zLAXvfHKAASbvC+uCgtnbnv9n2lQAAAAAAAAAAAABAD+zZ1Xn+v7nBsLWZ9gfl9QDz/311ADzkfPU/lJdjfOB+s/iHOy0w/x8AAAAAAAAAAAAA+ma0/kjSiXwu8Gik6cRExP8jYkcMJnPz1dnJiHgkIn6oDP4vy08V3WgAAAAAAAAAAAAAAAAAAADYYhauXD07Xa3OXmpN/L2qZGsnmndB7UNdL8d/fFUk/f9YRiKi8I3Ss8RAS0kSsZRt+U3RsEsLsTmaUU8U/IcJAAAAAAAAAAAAAAAAAABKqGXucXu7v+hziwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg/+7d/793iaJjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeTv8GAAD//7V5QCw=")
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r2}, 0x18)
r3 = msgget$private(0x0, 0x0)
msgsnd(r3, &(0x7f0000000380)=ANY=[@ANYBLOB="030000"], 0x0, 0x0)
msgrcv(r3, 0x0, 0x0, 0x3, 0x0)
msgctl$IPC_SET(r3, 0x1, &(0x7f0000258f88)={{0x1}, 0x0, 0x0, 0x800000000000000, 0x7, 0x2, 0x0, 0x3, 0xe8, 0x0, 0x0, 0x0, 0xffffffffffffffff})
msgctl$IPC_INFO(r3, 0x3, &(0x7f00000002c0)=""/14)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r4, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
io_setup(0xf, &(0x7f0000002400))
socket$inet_udp(0x2, 0x2, 0x0)

2.680883993s ago: executing program 5 (id=9327):
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
r0 = bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x2c, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_SCAN(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="0107000000000000000020000000040003"], 0x1c}, 0x1, 0x0, 0x0, 0x8041}, 0x0)

2.578550604s ago: executing program 5 (id=9328):
set_mempolicy(0x6005, &(0x7f0000000080)=0xffffbffffffffffd, 0x4)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00')
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='net/ip_mr_cache\x00')
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_TREAD(r1, 0x40045402, &(0x7f0000000040)=0x1)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f00000083c0)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r1, 0x40505412, &(0x7f00000000c0)={0x4, 0x8, 0x7f})
readv(r1, &(0x7f0000000200)=[{&(0x7f0000001300)=""/4096, 0x1000}], 0x1)
ioctl$RTC_WKALM_SET(r0, 0x4028700f, &(0x7f0000000200)={0x1, 0x0, {0x18, 0x27, 0x0, 0x16, 0x1, 0x3, 0x3, 0x161, 0xffffffffffffffff}})
r2 = fsopen(0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff34, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10)
r6 = openat$cgroup_procs(r3, 0x0, 0x2, 0x0)
write$cgroup_pid(r6, &(0x7f0000000140), 0x12)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff010000850000000e000000040000005000000095"], &(0x7f0000000100)='syzkaller\x00', 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r8, 0x29, 0x40, &(0x7f0000000c80)=@raw={'raw\x00', 0x3c1, 0x3, 0x3c8, 0x2e0, 0x940c, 0x3002, 0x2e0, 0x2c0, 0x3f0, 0x3d8, 0x3d8, 0x3f0, 0x3d8, 0x3, 0x0, {[{{@uncond, 0x0, 0x1a0, 0x1e8, 0x4001, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x4001, 0x1, 0x3, 'syz0\x00'}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@loopback, 'virt_wifi0\x00'}}}, {{@uncond, 0x0, 0xd0, 0x110, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x1, 0xbe, {0x565159d7}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x428)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x9)

2.497161535s ago: executing program 5 (id=9329):
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
futex(0x0, 0x3, 0x0, 0x0, 0x0, 0xfffffffd)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x600, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x22a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x4}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r2}, 0x4)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
setsockopt$inet_udp_encap(0xffffffffffffffff, 0x11, 0x64, &(0x7f0000000000)=0x2, 0x4)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000))
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[], 0x0, 0x51, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f0000000780)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095", @ANYRES8=0x0, @ANYBLOB="5582033c1ed02e0153d3f83d234eb0dc1f00501e6cd70849e060a3757f173ded42f4b03f7289b9c43c3ca3f9f87cb4aae0ef335f8108316c2bd75a2f35b08aaa8f1941494851cb0c6130962052cf7f06b1e861345f1042abff91f869c72b8362710d2877f9159a70f0437f00a499713b4790ae61161a6def5a080b538fd340296603ec7d4af8a47200b8bb37657b65aeb1b235fc277ce7b942744711f5bf3934ddfd35b3018b6496cad6a1a94c78d5b866bd59a883782c80100e0ef9cc9d155dfb9fac2e7c68224da57fc881ee32dbaa4dd4141cbab91a3b65f0f03da4519e2fd55d5b82890875cd3efb050489f69285bf09af", @ANYRES16=r1], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10)
r5 = semget(0x0, 0x2, 0x40)
semctl$IPC_STAT(r5, 0x0, 0x2, &(0x7f0000000400)=""/88)
syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0)

2.100666811s ago: executing program 1 (id=9330):
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000181200", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000072000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000200000000000000001809"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x61, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10)
mq_notify(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x6, 0x1, @thr={&(0x7f0000000340)="daf4cf0301384abd7ca3af65de759d3ce05cd188f5a1385062f2b5e49b940a14fe246287ab69c865fcc9f2279019f46291437d5bcc6c44feef28b0a207bd74b61aa5d10dbfe833dec3fa9be6f97fe33f3ab08d4983f0913725f6ed05a7d98662", &(0x7f00000003c0)="347585ca4795a5b1d40828b389b451f798609fb8bf3314cfe42f93779bc0fa48aec54db165289c3cd8ae4233c5eb6424db43dc77ef9f2d02ebcb35df68dc99b84eefc69818a43abac1bc9debb8baf54e5087"}})

1.910386933s ago: executing program 1 (id=9331):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
r2 = socket(0x1e, 0x5, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda)
r3 = socket(0x1e, 0x805, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f00000000c0)=@req3={0x80000000, 0x0, 0x2, 0x0, 0x0, 0x1}, 0x1c)
sendmsg$tipc(r3, &(0x7f0000000640)={&(0x7f0000000300), 0x10, 0x0}, 0x0) (fail_nth: 3)

1.495182029s ago: executing program 1 (id=9332):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={0x0, r1}, 0x18)
r2 = timerfd_create(0x0, 0x0)
read(r2, &(0x7f0000000740)=""/190, 0xbe)
timerfd_settime(r2, 0x0, &(0x7f00000000c0)={{0x77359400}, {0x0, 0x3938700}}, 0x0)

1.494748969s ago: executing program 3 (id=9333):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x2c, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r3, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000200040010000800014004000000", 0x58}], 0x1)

1.490324899s ago: executing program 3 (id=9334):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xb, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x18)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000c80)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000001200)={0x0, 0x6800, &(0x7f0000000000)={&(0x7f0000000500)=@newqdisc={0x9c, 0x24, 0x4ee4e6a52ff56541, 0x8100, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x6c, 0x2, {{}, [@TCA_NETEM_LOSS={0x30, 0x5, 0x0, 0x1, [@NETEM_LOSS_GE={0x4}, @NETEM_LOSS_GI={0x18}]}, @TCA_NETEM_RATE={0x14, 0xd}, @TCA_NETEM_CORRUPT={0xc}]}}}]}, 0x9c}}, 0x0)

1.333222711s ago: executing program 1 (id=9335):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="190000000400000008000000"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r0}, &(0x7f0000000380), &(0x7f0000000200)=r1}, 0x20)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x80)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x0, 0x0)
umount2(&(0x7f00000002c0)='./file0\x00', 0x0)

1.317614681s ago: executing program 1 (id=9336):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000000)={<r1=>0x0, @local, @multicast2}, &(0x7f0000000040)=0xc)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x80000, 0x0, 0x0, 0x0, 0x0, '\x00', r1, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = syz_open_dev$loop(&(0x7f00000005c0), 0x9, 0x12d600)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[], 0x48)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x40000, 0x0)
finit_module(r4, 0x0, 0x0)
tkill(0x0, 0x7)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
set_mempolicy(0x4005, &(0x7f0000000080)=0x7e, 0x9)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cpuacct.usage_user\x00', 0x275a, 0x0)
write$binfmt_misc(r6, &(0x7f0000001000), 0xe09)
ioctl$LOOP_CONFIGURE(r3, 0x4c0a, &(0x7f00000002c0)={r6, 0x1000, {0x2a00, 0x80010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2abfc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0155aaffffffffffff0300", "2809e85397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac0000000000000000000400", "90010000009265406c09306903d800", [0x0, 0x1]}})

1.317395361s ago: executing program 3 (id=9337):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$PERF_EVENT_IOC_ID(0xffffffffffffffff, 0x80082407, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b7030000000000008500000072000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x159d0682f53ea167, 0x2, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nfc(&(0x7f00000009c0), r0)
sendmsg$NFC_CMD_DEP_LINK_UP(r0, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f00000002c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010025bd7000fcdbdf250400000005000a000000000008000100", @ANYRES32=0x0], 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x4000000)

1.234215622s ago: executing program 3 (id=9338):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000000070000010900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000025940000000c0a01030000000000000000070000080900020073797a31000000000900010073797a3000000000680003806400008008000340000000"], 0x118}}, 0x0)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
r2 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, @perf_bp={0x0}, 0x2, 0xffffffff, 0x6, 0x6, 0x4, 0x5, 0xfff9, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x9)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, 0x0, &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
setreuid(0x0, 0xee00)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000000ddff00850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
flistxattr(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_emit_ethernet(0x66, &(0x7f0000000780)={@broadcast, @random="6487a2bed3d6", @void, {@ipv4={0x800, @gre={{0x5, 0x4, 0x0, 0x0, 0x58, 0x0, 0x0, 0x0, 0x6c, 0x0, @private}}}}}, 0x0)
setresuid(0xee00, 0x0, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x17, &(0x7f0000000040)=0x348, 0x4)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
openat2$dir(0xffffffffffffff9c, 0x0, &(0x7f0000000040)={0x482000, 0x734c6fc4f278d9da, 0x1}, 0x18)
sendmsg$IPVS_CMD_FLUSH(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x14, r6, 0x1, 0x70bd2b, 0x25dfdbfd}, 0x14}}, 0x8000)
syncfs(r5)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
lsm_set_self_attr(0x68, 0x0, 0x0, 0x0)

1.046140585s ago: executing program 3 (id=9339):
socket$nl_generic(0x10, 0x3, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x600, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, 0x0, 0x8, 0x1)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1018e58, &(0x7f0000000440)={[{@bsdgroups}, {@abort}, {@grpjquota}, {@init_itable_val={'init_itable', 0x3d, 0x6}}, {@debug}, {@errors_remount}]}, 0x1, 0x5fc, &(0x7f0000000600)="$eJzs3c9rHGUfAPDvzCZ5kzavaUXEFsWAhxakaVKLVS+29WAPBQv2IOKhoUlq6PYHTQq2FkzBg4KCiFeRXvwHvEvv3kRQb56FKlJRUOnK7M62m2Q3XdPsTpr5fGCzz/PM7D7PdydP5pmZPDsBlNZ49iON2BVx51QSMdaybDQaC8fz9W7/du109kiiVnv91ySSvKy5fpI/b88zwxHx7dGIRyur6124cvXsdLXW8F7E/sVzF/cvXLm6b/7c9JnZM7Pnpw68cPDQ5ItTB6c2JM7t+fOx4689+fH7bz8/9111XxKH4+TguzOxIo6NMh7jcScPsbV8ICIOZYk2n8vDZguEUGqV/PdxMCIej7Go1HMNYzH/UaGNA3qqVomoASWV6P9QUs1xQPPYvrvj4JM9HpX0z60jjQOg1fEPNM6NxHD92Gjb7aTlyKhxbmPHBtSf1fHPtd2fZ49Ydh7iz7tbZ2AD6ulk6XpEPNEu/qTeth31SLP402XtSCJiMiKG8va98gBtSFrSvTgPs5b1xp9GxOH8OSs/us76x1fk+x0/AOV080i+I1/Kcvf2f9nYozn+iTbjn9E2+671KHr/13n819zfD9fPkacrxmHZmOVE+7ccXFnw04fHPu1Uf+v4L3tk9TfHgv1w63rE7hXxf5AFm49/sviTNts/W+XU4e7qePX7X451WlZ0/LUbEXvaHv/cG5VmqTWuT+6fm6/OTjZ+tq3j62/e+rJT/UXHn23/bR3ib9n+6crXZZ/JxS7r+OrEjXOdlo3eN/7056Gkcbw5lJe8M724eGkqYig5nq/SUn5g7bY012m+Rxb/3mfa9/9lv//Xl7/PSPNPZhcuvnH2dqdl69n+LReT79S6bEMnWfwz99/+q/p/VvZJl3X88eblpzotWyv+kQcJDAAAAAAAAEoorV+DTdKJu+k0nZhozJd9LLal1QsLi8/OXbh8fiZib/3/IQfT5pXusUY+yfJT+f/DNvMHVuSfi4idEfFZZaSenzh9oTpTdPAAAAAAAAAAAAAAAAAAAACwSWzP5/8371P9e6Ux/x8oiV7eYA7Y3PR/KK96/191iyegDOz/obz0fygv/R/KS/+H8tL/obz0fygv/R/KS/8HAAAAgC1p59M3f0wiYumlkfojM5QvMyMItrbBohsAFKZSdAOAwty99G+wD6XT1fj/r/zLAXvfHKAASbvC+uCgtnbnv9n2lQAAAAAAAAAAAABAD+zZ1Xn+v7nBsLWZ9gfl9QDz/311ADzkfPU/lJdjfOB+s/iHOy0w/x8AAAAAAAAAAAAA+ma0/kjSiXwu8Gik6cRExP8jYkcMJnPz1dnJiHgkIn6oDP4vy08V3WgAAAAAAAAAAAAAAAAAAADYYhauXD07Xa3OXmpN/L2qZGsnmndB7UNdL8d/fFUk/f9YRiKi8I3Ss8RAS0kSsZRt+U3RsEsLsTmaUU8U/IcJAAAAAAAAAAAAAAAAAABKqGXucXu7v+hziwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg/+7d/793iaJjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeTv8GAAD//7V5QCw=")
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r2}, 0x18)
r3 = msgget$private(0x0, 0x0)
msgsnd(r3, &(0x7f0000000380)=ANY=[@ANYBLOB="030000"], 0x0, 0x0)
msgrcv(r3, 0x0, 0x0, 0x3, 0x0)
msgctl$IPC_SET(r3, 0x1, &(0x7f0000258f88)={{0x1}, 0x0, 0x0, 0x800000000000000, 0x7, 0x2, 0x0, 0x3, 0xe8, 0x0, 0x0, 0x0, 0xffffffffffffffff})
msgctl$IPC_INFO(r3, 0x3, &(0x7f00000002c0)=""/14)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r4, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
io_setup(0xf, &(0x7f0000002400))
socket$inet_udp(0x2, 0x2, 0x0)

692.98974ms ago: executing program 2 (id=9340):
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000181200", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000072000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000200000000000000001809"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x61, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10)
mq_notify(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x6, 0x1, @thr={&(0x7f0000000340)="daf4cf0301384abd7ca3af65de759d3ce05cd188f5a1385062f2b5e49b940a14fe246287ab69c865fcc9f2279019f46291437d5bcc6c44feef28b0a207bd74b61aa5d10dbfe833dec3fa9be6f97fe33f3ab08d4983f0913725f6ed05a7d98662", &(0x7f00000003c0)="347585ca4795a5b1d40828b389b451f798609fb8bf3314cfe42f93779bc0fa48aec54db165289c3cd8ae4233c5eb6424db43dc77ef9f2d02ebcb35df68dc99b84eefc69818a43abac1bc9debb8baf54e5087"}})

610.522861ms ago: executing program 2 (id=9341):
r0 = socket$packet(0x11, 0x2, 0x300)
accept4(r0, &(0x7f00000003c0), &(0x7f00000002c0)=0x80, 0x0)
setsockopt$packet_tx_ring(r0, 0x107, 0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b00000000000000f54a9b8655000000000080000000000000073105c536f0ef9a34851d1cb941f72e1ae07e3101729b10e1fd3f365e54342085001e9930b6fbeabd17a3024d99a6cd176a0f170757b07fb478b23edc1c41bed7cb153545a711c42db2dd5fa3260104e2effaf48f1fc3b8e12ca443593e1098df0975d41e79f277335bf937e8dbc835a7e0dbcbae4d639d118224247aa34a40b92d7111c76b08aeed8e71c04d9dcdd5bacf18e7ca5c0ba5a331fb795ced9a4c5c1e142072140c86e1d86378e4f38845117af79fbc3171e6959b996e5d08507a9ab6ffee4e7271386ff191b9270f2c8740a0030000000000000086f718200923613a860c9550aa52", @ANYRES32, @ANYBLOB="00000200"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./bus\x00', 0x0, &(0x7f0000000240), 0x21, 0x4a6, &(0x7f0000000a40)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40000100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x7}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000280)='uid_map\x00')
writev(r2, &(0x7f0000001b80)=[{&(0x7f00000005c0)="c9", 0x1}], 0x1)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0, r5, 0x0, 0x80}, 0x18)
add_key(&(0x7f00000001c0)='ceph\x00', 0x0, &(0x7f0000000840)='\x00\x00\x00\x00\x00\x00\x00\x00\x00*\x00\x00', 0xc, 0xffffffffffffffff)
connect$inet(r4, &(0x7f0000000480)={0x2, 0x4e24, @loopback}, 0x10)
sendmmsg$inet(r4, &(0x7f0000000c80)=[{{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000c00)="c8", 0x1}], 0x1}}], 0x1, 0x8890)
recvmmsg(r4, &(0x7f0000003780)=[{{0x0, 0x0, &(0x7f0000000fc0)=[{&(0x7f0000000f40)=""/91, 0x5b}], 0x1}, 0x80000000}], 0x1, 0x40000142, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r3}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10)
r7 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000000)=ANY=[@ANYBLOB="380000000314010000000000000000000900020073797a2f000000000800410072786500140033007465616d5f736c6176655f30"], 0x38}}, 0x0)
setgroups(0x3, &(0x7f0000000380)=[0x0, 0x0, 0x0])
ioctl$PTP_PEROUT_REQUEST2(r2, 0x40383d0c, &(0x7f0000000540)={{0x6, 0x100}, {0x4, 0x8}, 0x800})

0s ago: executing program 5 (id=9342):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x9, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xffffffff}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x80)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x0, 0x0)
umount2(&(0x7f00000002c0)='./file0\x00', 0x0)

kernel console output (not intermixed with test programs):

 Remounting filesystem read-only
[  489.731423][  T686] EXT4-fs (loop0): 1 orphan inode deleted
[  489.738260][  T686] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  489.753344][  T686] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  490.597817][  T721] loop0: detected capacity change from 0 to 1024
[  490.605567][  T721] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  490.614577][  T721] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  490.650305][  T721] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840e02c, mo2=0100]
[  490.658522][  T721] System zones: 0-1, 3-12
[  490.671286][  T721] EXT4-fs error (device loop0): ext4_map_blocks:709: inode #3: block 1: comm syz.0.8600: lblock 1 mapped to illegal pblock 1 (length 1)
[  490.718095][  T721] EXT4-fs (loop0): Remounting filesystem read-only
[  490.737911][  T721] EXT4-fs (loop0): 1 orphan inode deleted
[  490.758373][  T721] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  490.786351][  T721] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  490.956342][  T739] hub 9-0:1.0: USB hub found
[  490.961125][  T739] hub 9-0:1.0: 8 ports detected
[  491.010381][  T743] loop1: detected capacity change from 0 to 128
[  491.269718][  T756] syz.1.8609: attempt to access beyond end of device
[  491.269718][  T756] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  491.594780][  T773] block device autoloading is deprecated and will be removed.
[  491.624962][   T29] kauditd_printk_skb: 459 callbacks suppressed
[  491.624979][   T29] audit: type=1326 audit(1746910333.477:44538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=778 comm="syz.2.8623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe643e1e969 code=0x7ffc0000
[  491.659486][   T29] audit: type=1326 audit(1746910333.507:44539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=778 comm="syz.2.8623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe643e1e969 code=0x7ffc0000
[  491.683090][   T29] audit: type=1326 audit(1746910333.507:44540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=778 comm="syz.2.8623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe643e1e969 code=0x7ffc0000
[  491.706697][   T29] audit: type=1326 audit(1746910333.507:44541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=778 comm="syz.2.8623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe643e1e969 code=0x7ffc0000
[  491.711766][  T783] loop0: detected capacity change from 0 to 512
[  491.730337][   T29] audit: type=1326 audit(1746910333.507:44542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=778 comm="syz.2.8623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=447 compat=0 ip=0x7fe643e1e969 code=0x7ffc0000
[  491.760096][   T29] audit: type=1326 audit(1746910333.507:44543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=778 comm="syz.2.8623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe643e1e969 code=0x7ffc0000
[  491.783582][   T29] audit: type=1326 audit(1746910333.507:44544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=778 comm="syz.2.8623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe643e1e969 code=0x7ffc0000
[  491.807276][   T29] audit: type=1326 audit(1746910333.507:44545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=778 comm="syz.2.8623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe643e1e969 code=0x7ffc0000
[  491.815977][  T787] unsupported nla_type 52263
[  491.830890][   T29] audit: type=1326 audit(1746910333.507:44546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=778 comm="syz.2.8623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe643e1e969 code=0x7ffc0000
[  491.858921][   T29] audit: type=1326 audit(1746910333.507:44547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=778 comm="syz.2.8623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe643e1e969 code=0x7ffc0000
[  491.892314][  T783] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  491.918353][  T783] ext4 filesystem being mounted at /473/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  491.980855][  T801] netlink: 8 bytes leftover after parsing attributes in process `syz.5.8632'.
[  491.989842][  T801] netlink: 'syz.5.8632': attribute type 15 has an invalid length.
[  492.051923][  T808] syz!: rxe_newlink: already configured on team_slave_0
[  492.249460][  T833] netlink: 'syz.2.8644': attribute type 3 has an invalid length.
[  492.297747][  T836] loop2: detected capacity change from 0 to 4096
[  492.318200][  T836] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  492.361748][  T836] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  492.401699][T23445] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  492.426492][  T848] loop2: detected capacity change from 0 to 512
[  492.433572][  T848] EXT4-fs: Ignoring removed orlov option
[  492.444408][  T848] EXT4-fs error (device loop2): ext4_iget_extra_inode:4693: inode #15: comm syz.2.8651: corrupted in-inode xattr: invalid ea_ino
[  492.467225][  T848] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.8651: couldn't read orphan inode 15 (err -117)
[  492.481357][  T848] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  492.552408][T24905] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  492.574729][T23445] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  492.693023][  T865] loop0: detected capacity change from 0 to 1024
[  492.701596][  T865] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  492.711081][  T865] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  492.732117][  T865] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840e02c, mo2=0100]
[  492.740350][  T865] System zones: 0-1, 3-12
[  492.746176][  T865] EXT4-fs error (device loop0): ext4_map_blocks:709: inode #3: block 1: comm syz.0.8658: lblock 1 mapped to illegal pblock 1 (length 1)
[  492.761468][  T865] EXT4-fs (loop0): Remounting filesystem read-only
[  492.768164][  T865] EXT4-fs (loop0): 1 orphan inode deleted
[  492.774569][  T865] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  492.776888][  T872] hub 9-0:1.0: USB hub found
[  492.792054][  T872] hub 9-0:1.0: 8 ports detected
[  492.793005][  T865] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  493.113826][  T890] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  493.127602][  T889] hub 9-0:1.0: USB hub found
[  493.132639][  T889] hub 9-0:1.0: 8 ports detected
[  493.252737][  T905] hub 9-0:1.0: USB hub found
[  493.257594][  T905] hub 9-0:1.0: 8 ports detected
[  493.279857][  T907] loop0: detected capacity change from 0 to 512
[  493.286696][  T907] EXT4-fs: Ignoring removed orlov option
[  493.294481][  T907] EXT4-fs error (device loop0): ext4_iget_extra_inode:4693: inode #15: comm syz.0.8675: corrupted in-inode xattr: invalid ea_ino
[  493.308445][  T907] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.8675: couldn't read orphan inode 15 (err -117)
[  493.321436][  T907] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  493.348847][T24905] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  493.920496][  T932] loop2: detected capacity change from 0 to 164
[  493.927283][  T932] iso9660: Bad value for 'uid'
[  493.932181][  T932] iso9660: Bad value for 'uid'
[  494.093411][  T942] syz.5.8684: attempt to access beyond end of device
[  494.093411][  T942] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  494.191279][  T944] __nla_validate_parse: 2 callbacks suppressed
[  494.191299][  T944] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8689'.
[  494.206497][  T944] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8689'.
[  494.216397][  T944] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8689'.
[  494.241628][  T944] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8689'.
[  494.250584][  T944] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8689'.
[  494.260237][  T944] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8689'.
[  494.301956][  T944] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8689'.
[  494.310942][  T944] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8689'.
[  494.320881][  T944] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8689'.
[  494.476142][  T959] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  494.990287][  T971] hub 9-0:1.0: USB hub found
[  494.995090][  T971] hub 9-0:1.0: 8 ports detected
[  495.054433][  T974] loop1: detected capacity change from 0 to 1024
[  495.064285][  T974] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  495.073834][  T974] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  495.087229][  T974] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840e02c, mo2=0100]
[  495.095604][  T974] System zones: 0-1, 3-12
[  495.101112][  T974] EXT4-fs error (device loop1): ext4_map_blocks:709: inode #3: block 1: comm syz.1.8699: lblock 1 mapped to illegal pblock 1 (length 1)
[  495.125955][  T974] EXT4-fs (loop1): Remounting filesystem read-only
[  495.132765][  T974] EXT4-fs (loop1): 1 orphan inode deleted
[  495.138941][  T974] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  495.148325][  T984] loop0: detected capacity change from 0 to 1024
[  495.159549][  T974] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  495.174981][  T984] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  495.185322][  T984] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  495.198915][  T984] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840e02c, mo2=0100]
[  495.207619][  T984] System zones: 0-1, 3-12
[  495.214258][  T984] EXT4-fs error (device loop0): ext4_map_blocks:709: inode #3: block 1: comm syz.0.8702: lblock 1 mapped to illegal pblock 1 (length 1)
[  495.228739][  T984] EXT4-fs (loop0): Remounting filesystem read-only
[  495.236908][  T984] EXT4-fs (loop0): 1 orphan inode deleted
[  495.243704][  T984] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  495.257688][  T984] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  495.333350][  T992] hub 9-0:1.0: USB hub found
[  495.338243][  T992] hub 9-0:1.0: 8 ports detected
[  495.584063][ T1000] hub 9-0:1.0: USB hub found
[  495.588977][ T1000] hub 9-0:1.0: 8 ports detected
[  495.890851][ T1009] loop1: detected capacity change from 0 to 128
[  496.019978][ T1017] netlink: 'syz.2.8714': attribute type 3 has an invalid length.
[  496.107537][ T1028] program syz.2.8717 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  496.117404][ T1028] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  496.210762][ T1037] syz.1.8711: attempt to access beyond end of device
[  496.210762][ T1037] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  496.256868][ T1027] loop0: detected capacity change from 0 to 512
[  496.311840][ T1027] EXT4-fs (loop0): too many log groups per flexible block group
[  496.319647][ T1027] EXT4-fs (loop0): failed to initialize mballoc (-12)
[  496.343668][ T1027] EXT4-fs (loop0): mount failed
[  496.795178][ T1049] tipc: Started in network mode
[  496.800222][ T1049] tipc: Node identity ac14140f, cluster identity 4711
[  496.807190][ T1049] tipc: New replicast peer: 255.255.255.223
[  496.813250][ T1049] tipc: Enabled bearer <udp:s>, priority 10
[  496.820229][ T1049] netlink: 'syz.0.8725': attribute type 9 has an invalid length.
[  496.828037][ T1049] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8725'.
[  496.862399][ T1049] hsr0: entered promiscuous mode
[  496.867617][ T1049] macvlan2: entered promiscuous mode
[  496.873211][ T1049] macvlan2: entered allmulticast mode
[  496.873600][ T1050] futex_wake_op: syz.0.8725 tries to shift op by -1; fix this program
[  496.878640][ T1049] hsr0: entered allmulticast mode
[  496.891861][ T1049] hsr_slave_0: entered allmulticast mode
[  496.897491][ T1049] hsr_slave_1: entered allmulticast mode
[  496.924812][ T1053] netlink: 'syz.1.8726': attribute type 3 has an invalid length.
[  496.956057][   T29] kauditd_printk_skb: 550 callbacks suppressed
[  496.956074][   T29] audit: type=1326 audit(1746910338.807:45092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1056 comm="syz.1.8728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe7700e969 code=0x7ffc0000
[  496.965521][ T1055] loop0: detected capacity change from 0 to 128
[  496.992739][   T29] audit: type=1326 audit(1746910338.807:45093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1054 comm="syz.0.8727" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c0aabe969 code=0x7ffc0000
[  497.016296][   T29] audit: type=1326 audit(1746910338.807:45094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1054 comm="syz.0.8727" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6c0aabe969 code=0x7ffc0000
[  497.039969][   T29] audit: type=1326 audit(1746910338.807:45095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1054 comm="syz.0.8727" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c0aabe969 code=0x7ffc0000
[  497.063514][   T29] audit: type=1326 audit(1746910338.807:45096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1054 comm="syz.0.8727" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6c0aabe969 code=0x7ffc0000
[  497.085248][ T1055] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  497.087005][   T29] audit: type=1326 audit(1746910338.807:45097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1054 comm="syz.0.8727" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c0aabe969 code=0x7ffc0000
[  497.101471][ T1055] ext4 filesystem being mounted at /497/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  497.122843][   T29] audit: type=1326 audit(1746910338.807:45098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1054 comm="syz.0.8727" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6c0aabe969 code=0x7ffc0000
[  497.122876][   T29] audit: type=1326 audit(1746910338.807:45099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1054 comm="syz.0.8727" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c0aabe969 code=0x7ffc0000
[  497.122904][   T29] audit: type=1326 audit(1746910338.807:45100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1054 comm="syz.0.8727" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6c0aabe969 code=0x7ffc0000
[  497.203672][   T29] audit: type=1326 audit(1746910338.807:45101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1054 comm="syz.0.8727" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c0aabe969 code=0x7ffc0000
[  497.229016][ T1057] loop1: detected capacity change from 0 to 128
[  497.255852][ T1057] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  497.273131][ T1057] ext4 filesystem being mounted at /591/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  497.302937][ T1067] FAULT_INJECTION: forcing a failure.
[  497.302937][ T1067] name failslab, interval 1, probability 0, space 0, times 0
[  497.315601][ T1067] CPU: 1 UID: 0 PID: 1067 Comm: syz.5.8731 Not tainted 6.15.0-rc5-syzkaller-00275-gbec6f00f120e #0 PREEMPT(voluntary) 
[  497.315658][ T1067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  497.315665][ T1067] Call Trace:
[  497.315669][ T1067]  <TASK>
[  497.315674][ T1067]  __dump_stack+0x1d/0x30
[  497.315686][ T1067]  dump_stack_lvl+0xe8/0x140
[  497.315696][ T1067]  dump_stack+0x15/0x1b
[  497.315704][ T1067]  should_fail_ex+0x265/0x280
[  497.315734][ T1067]  should_failslab+0x8c/0xb0
[  497.315748][ T1067]  kmem_cache_alloc_noprof+0x50/0x310
[  497.315763][ T1067]  ? audit_log_start+0x365/0x6c0
[  497.315821][ T1067]  audit_log_start+0x365/0x6c0
[  497.315835][ T1067]  audit_seccomp+0x48/0x100
[  497.315847][ T1067]  ? __seccomp_filter+0x68c/0x10d0
[  497.315904][ T1067]  __seccomp_filter+0x69d/0x10d0
[  497.315915][ T1067]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  497.315928][ T1067]  ? vfs_write+0x75e/0x8d0
[  497.315940][ T1067]  ? __rcu_read_unlock+0x4f/0x70
[  497.316061][ T1067]  ? __fget_files+0x184/0x1c0
[  497.316074][ T1067]  __secure_computing+0x82/0x150
[  497.316084][ T1067]  syscall_trace_enter+0xcf/0x1e0
[  497.316096][ T1067]  do_syscall_64+0xaa/0x1a0
[  497.316127][ T1067]  ? clear_bhb_loop+0x25/0x80
[  497.316138][ T1067]  ? clear_bhb_loop+0x25/0x80
[  497.316148][ T1067]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  497.316225][ T1067] RIP: 0033:0x7f360648e969
[  497.316234][ T1067] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  497.316243][ T1067] RSP: 002b:00007f3604af7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  497.316254][ T1067] RAX: ffffffffffffffda RBX: 00007f36066b5fa0 RCX: 00007f360648e969
[  497.316261][ T1067] RDX: 0000200000000100 RSI: 00000000c004743e RDI: 0000000000000008
[  497.316267][ T1067] RBP: 00007f3604af7090 R08: 0000000000000000 R09: 0000000000000000
[  497.316274][ T1067] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  497.316483][ T1067] R13: 0000000000000000 R14: 00007f36066b5fa0 R15: 00007ffcae1070f8
[  497.316492][ T1067]  </TASK>
[  497.525839][ T1067] netlink: 'syz.5.8731': attribute type 29 has an invalid length.
[  497.533966][ T1057] netlink: 'syz.1.8728': attribute type 29 has an invalid length.
[  497.542202][ T1067] netlink: 'syz.5.8731': attribute type 29 has an invalid length.
[  497.559353][T24905] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  497.568636][ T1057] netlink: 'syz.1.8728': attribute type 29 has an invalid length.
[  497.612737][ T1073] netlink: 'syz.5.8733': attribute type 15 has an invalid length.
[  497.647602][T23226] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  497.666290][ T1078] hub 9-0:1.0: USB hub found
[  497.671057][ T1078] hub 9-0:1.0: 8 ports detected
[  497.699480][ T1071] loop0: detected capacity change from 0 to 512
[  497.711270][ T1071] EXT4-fs (loop0): too many log groups per flexible block group
[  497.718989][ T1071] EXT4-fs (loop0): failed to initialize mballoc (-12)
[  497.726402][ T1071] EXT4-fs (loop0): mount failed
[  497.741840][ T1084] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  497.782846][ T1088] loop0: detected capacity change from 0 to 164
[  497.789372][ T1088] iso9660: Bad value for 'uid'
[  497.794246][ T1088] iso9660: Bad value for 'uid'
[  497.822436][ T1090] loop0: detected capacity change from 0 to 1024
[  497.829644][ T1090] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  497.838319][ T1090] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  497.849225][ T1090] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840e02c, mo2=0100]
[  497.857725][ T1090] System zones: 0-1, 3-12
[  497.863249][ T1090] EXT4-fs error (device loop0): ext4_map_blocks:709: inode #3: block 1: comm syz.0.8739: lblock 1 mapped to illegal pblock 1 (length 1)
[  497.877349][ T1090] EXT4-fs (loop0): Remounting filesystem read-only
[  497.884099][ T1090] EXT4-fs (loop0): 1 orphan inode deleted
[  497.890178][ T1090] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  497.903528][ T1090] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  497.930250][   T10] tipc: Node number set to 2886997007
[  498.911892][ T1115] netlink: 'syz.0.8747': attribute type 15 has an invalid length.
[  499.032131][ T1117] netlink: 'syz.3.8748': attribute type 3 has an invalid length.
[  499.061249][ T1122] loop0: detected capacity change from 0 to 164
[  499.084630][ T1122] iso9660: Bad value for 'uid'
[  499.089551][ T1122] iso9660: Bad value for 'uid'
[  499.179292][ T1128] loop1: detected capacity change from 0 to 512
[  499.188878][ T1128] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  499.202388][ T1128] EXT4-fs (loop1): orphan cleanup on readonly fs
[  499.222525][ T1128] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.8752: Failed to acquire dquot type 1
[  499.246567][ T1128] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.8752: bg 0: block 40: padding at end of block bitmap is not set
[  499.261181][ T1128] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  499.280333][ T1128] EXT4-fs (loop1): 1 truncate cleaned up
[  499.288801][ T1128] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  499.363736][T23226] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  499.409397][ T1142] __nla_validate_parse: 13 callbacks suppressed
[  499.409414][ T1142] netlink: 4 bytes leftover after parsing attributes in process `syz.5.8758'.
[  499.424705][ T1142] netlink: 4 bytes leftover after parsing attributes in process `syz.5.8758'.
[  499.442702][ T1142] netlink: 4 bytes leftover after parsing attributes in process `syz.5.8758'.
[  499.477614][ T1142] netlink: 4 bytes leftover after parsing attributes in process `syz.5.8758'.
[  499.486678][ T1142] netlink: 4 bytes leftover after parsing attributes in process `syz.5.8758'.
[  499.521892][ T1142] netlink: 4 bytes leftover after parsing attributes in process `syz.5.8758'.
[  499.597137][ T1142] netlink: 4 bytes leftover after parsing attributes in process `syz.5.8758'.
[  499.606130][ T1142] netlink: 4 bytes leftover after parsing attributes in process `syz.5.8758'.
[  499.625458][ T1142] netlink: 4 bytes leftover after parsing attributes in process `syz.5.8758'.
[  499.654362][ T1148] loop1: detected capacity change from 0 to 8192
[  499.680528][ T1154] loop0: detected capacity change from 0 to 164
[  499.687551][ T1154] iso9660: Bad value for 'uid'
[  499.692408][ T1154] iso9660: Bad value for 'uid'
[  499.749228][ T1159] hub 9-0:1.0: USB hub found
[  499.767793][ T1159] hub 9-0:1.0: 8 ports detected
[  499.872904][ T1166] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  499.968820][ T1172] program syz.2.8768 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  499.979509][ T1172] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  499.992198][ T1165] loop0: detected capacity change from 0 to 512
[  500.050146][ T1165] EXT4-fs (loop0): too many log groups per flexible block group
[  500.057867][ T1165] EXT4-fs (loop0): failed to initialize mballoc (-12)
[  500.089740][ T1165] EXT4-fs (loop0): mount failed
[  500.104665][ T1179] loop2: detected capacity change from 0 to 512
[  500.144755][ T1179] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  500.230665][ T1184] loop0: detected capacity change from 0 to 512
[  500.238312][ T1179] EXT4-fs (loop2): 1 truncate cleaned up
[  500.244744][ T1179] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  500.272269][ T1184] EXT4-fs (loop0): 1 orphan inode deleted
[  500.278897][ T1184] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  500.293376][ T6889] EXT4-fs error (device loop0): ext4_release_dquot:6971: comm kworker/u8:13: Failed to release dquot type 1
[  500.305416][ T1184] ext4 filesystem being mounted at /509/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  500.324289][ T1184] 9pnet_fd: Insufficient options for proto=fd
[  500.340197][ T1184] 8021q: adding VLAN 0 to HW filter on device batadv0
[  500.349691][ T1184] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  500.387035][T24905] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  500.444783][ T1190] loop0: detected capacity change from 0 to 8192
[  500.486206][ T1192] loop0: detected capacity change from 0 to 164
[  500.493053][ T1192] iso9660: Bad value for 'uid'
[  500.497926][ T1192] iso9660: Bad value for 'uid'
[  500.559240][ T1198] loop0: detected capacity change from 0 to 512
[  500.580863][ T1198] EXT4-fs: Ignoring removed orlov option
[  500.602472][ T1198] EXT4-fs error (device loop0): ext4_iget_extra_inode:4693: inode #15: comm syz.0.8776: corrupted in-inode xattr: invalid ea_ino
[  500.616485][ T1198] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.8776: couldn't read orphan inode 15 (err -117)
[  500.629214][ T1198] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  500.737779][T24905] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  500.967688][ T1218] hub 9-0:1.0: USB hub found
[  500.972651][ T1218] hub 9-0:1.0: 8 ports detected
[  501.000084][T23445] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  501.107047][ T1240] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  501.155045][ T1247] loop0: detected capacity change from 0 to 1024
[  501.172412][ T1247] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  501.191030][ T1247] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  501.232179][ T1247] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840e02c, mo2=0100]
[  501.240807][ T1247] System zones: 0-1, 3-12
[  501.249850][ T1247] EXT4-fs error (device loop0): ext4_map_blocks:709: inode #3: block 1: comm syz.0.8794: lblock 1 mapped to illegal pblock 1 (length 1)
[  501.276391][ T1247] EXT4-fs (loop0): Remounting filesystem read-only
[  501.284462][ T1247] EXT4-fs (loop0): 1 orphan inode deleted
[  501.290949][ T1247] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  501.305403][ T1247] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  501.356767][ T7822] bridge_slave_1: left allmulticast mode
[  501.362654][ T7822] bridge_slave_1: left promiscuous mode
[  501.368412][ T7822] bridge0: port 2(bridge_slave_1) entered disabled state
[  501.387350][ T7822] bridge_slave_0: left allmulticast mode
[  501.393105][ T7822] bridge_slave_0: left promiscuous mode
[  501.398905][ T7822] bridge0: port 1(bridge_slave_0) entered disabled state
[  501.402772][ T1259] loop0: detected capacity change from 0 to 256
[  501.415163][ T1259] FAT-fs (loop0): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  501.424233][ T1259] FAT-fs (loop0): bogus number of directory entries (1)
[  501.431238][ T1259] FAT-fs (loop0): Can't find a valid FAT filesystem
[  501.468535][ T1265] validate_nla: 2 callbacks suppressed
[  501.468556][ T1265] netlink: 'syz.3.8798': attribute type 3 has an invalid length.
[  501.470959][ T1267] hub 9-0:1.0: USB hub found
[  501.487988][ T1267] hub 9-0:1.0: 8 ports detected
[  501.498404][ T7822] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  501.501638][ T1271] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8800'.
[  501.519187][ T7822] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  501.535113][ T7822] bond0 (unregistering): Released all slaves
[  501.560933][ T1227] chnl_net:caif_netlink_parms(): no params data found
[  501.609353][ T1227] bridge0: port 1(bridge_slave_0) entered blocking state
[  501.616591][ T1227] bridge0: port 1(bridge_slave_0) entered disabled state
[  501.620686][ T1289] netlink: 'syz.3.8803': attribute type 15 has an invalid length.
[  501.623979][ T1227] bridge_slave_0: entered allmulticast mode
[  501.638140][ T1227] bridge_slave_0: entered promiscuous mode
[  501.646391][ T1227] bridge0: port 2(bridge_slave_1) entered blocking state
[  501.653641][ T1227] bridge0: port 2(bridge_slave_1) entered disabled state
[  501.662237][ T1227] bridge_slave_1: entered allmulticast mode
[  501.668898][ T1227] bridge_slave_1: entered promiscuous mode
[  501.684203][ T7822] hsr_slave_0: left promiscuous mode
[  501.690135][ T7822] hsr_slave_1: left promiscuous mode
[  501.695791][ T7822] batman_adv: batadv0: Removing interface: batadv_slave_0
[  501.703979][ T7822] batman_adv: batadv0: Removing interface: batadv_slave_1
[  501.740614][ T7822] team0 (unregistering): Port device team_slave_1 removed
[  501.749751][ T7822] team0 (unregistering): Port device team_slave_0 removed
[  501.782143][ T1227] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  501.795182][ T1227] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  501.830116][ T1227] team0: Port device team_slave_0 added
[  501.836925][ T1227] team0: Port device team_slave_1 added
[  501.856504][ T1227] batman_adv: batadv0: Adding interface: batadv_slave_0
[  501.863693][ T1227] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  501.889773][ T1227] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  501.901599][ T1227] batman_adv: batadv0: Adding interface: batadv_slave_1
[  501.908626][ T1227] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  501.934678][ T1227] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  501.992062][ T1227] hsr_slave_0: entered promiscuous mode
[  501.998142][ T1227] hsr_slave_1: entered promiscuous mode
[  502.004146][ T1227] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  502.026782][ T1305] netlink: 'syz.2.8809': attribute type 3 has an invalid length.
[  502.039200][ T1227] Cannot create hsr debugfs directory
[  502.067303][ T1311] FAULT_INJECTION: forcing a failure.
[  502.067303][ T1311] name failslab, interval 1, probability 0, space 0, times 0
[  502.080020][ T1311] CPU: 0 UID: 0 PID: 1311 Comm: syz.2.8812 Not tainted 6.15.0-rc5-syzkaller-00275-gbec6f00f120e #0 PREEMPT(voluntary) 
[  502.080051][ T1311] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  502.080063][ T1311] Call Trace:
[  502.080070][ T1311]  <TASK>
[  502.080130][ T1311]  __dump_stack+0x1d/0x30
[  502.080150][ T1311]  dump_stack_lvl+0xe8/0x140
[  502.080167][ T1311]  dump_stack+0x15/0x1b
[  502.080184][ T1311]  should_fail_ex+0x265/0x280
[  502.080220][ T1311]  ? inet6_dump_fib+0x179/0x6c0
[  502.080238][ T1311]  should_failslab+0x8c/0xb0
[  502.080407][ T1311]  __kmalloc_cache_noprof+0x4c/0x320
[  502.080427][ T1311]  inet6_dump_fib+0x179/0x6c0
[  502.080446][ T1311]  ? __pfx_inet6_dump_fib+0x10/0x10
[  502.080463][ T1311]  rtnl_dump_all+0x199/0x230
[  502.080486][ T1311]  ? __pfx_rtnl_dump_all+0x10/0x10
[  502.080569][ T1311]  rtnl_dumpit+0x6e/0x140
[  502.080674][ T1311]  netlink_dump+0x38c/0x7f0
[  502.080706][ T1311]  __netlink_dump_start+0x43e/0x520
[  502.080733][ T1311]  ? __pfx_rtnl_dump_all+0x10/0x10
[  502.080760][ T1311]  rtnetlink_rcv_msg+0x552/0x6d0
[  502.080802][ T1311]  ? __pfx_rtnl_dump_all+0x10/0x10
[  502.080842][ T1311]  ? __pfx_rtnl_dumpit+0x10/0x10
[  502.080865][ T1311]  ? __pfx_rtnl_dump_all+0x10/0x10
[  502.080968][ T1311]  netlink_rcv_skb+0x120/0x220
[  502.081041][ T1311]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  502.081069][ T1311]  rtnetlink_rcv+0x1c/0x30
[  502.081088][ T1311]  netlink_unicast+0x59e/0x670
[  502.081142][ T1311]  netlink_sendmsg+0x58b/0x6b0
[  502.081176][ T1311]  ? __pfx_netlink_sendmsg+0x10/0x10
[  502.081231][ T1311]  __sock_sendmsg+0x142/0x180
[  502.081253][ T1311]  sock_write_iter+0x165/0x1b0
[  502.081276][ T1311]  ? __pfx_sock_write_iter+0x10/0x10
[  502.081303][ T1311]  vfs_write+0x49d/0x8d0
[  502.081327][ T1311]  ? bpf_get_current_ancestor_cgroup_id+0xd5/0xf0
[  502.081360][ T1311]  ksys_write+0xda/0x1a0
[  502.081409][ T1311]  __x64_sys_write+0x40/0x50
[  502.081454][ T1311]  x64_sys_call+0x2cdd/0x2fb0
[  502.081477][ T1311]  do_syscall_64+0xd0/0x1a0
[  502.081500][ T1311]  ? clear_bhb_loop+0x25/0x80
[  502.081522][ T1311]  ? clear_bhb_loop+0x25/0x80
[  502.081544][ T1311]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  502.081568][ T1311] RIP: 0033:0x7fe643e1e969
[  502.081634][ T1311] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  502.081653][ T1311] RSP: 002b:00007fe642487038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  502.081687][ T1311] RAX: ffffffffffffffda RBX: 00007fe644045fa0 RCX: 00007fe643e1e969
[  502.081701][ T1311] RDX: 0000000000000024 RSI: 0000200000000240 RDI: 0000000000000003
[  502.081715][ T1311] RBP: 00007fe642487090 R08: 0000000000000000 R09: 0000000000000000
[  502.081727][ T1311] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  502.081740][ T1311] R13: 0000000000000000 R14: 00007fe644045fa0 R15: 00007ffca3dd4208
[  502.081759][ T1311]  </TASK>
[  502.470068][ T7822] IPVS: stop unused estimator thread 0...
[  502.494794][   T29] kauditd_printk_skb: 819 callbacks suppressed
[  502.494813][   T29] audit: type=1326 audit(1746910344.347:45912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1327 comm="syz.3.8818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f175f2ce969 code=0x7ffc0000
[  502.526159][   T29] audit: type=1326 audit(1746910344.377:45913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1327 comm="syz.3.8818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f175f2ce969 code=0x7ffc0000
[  502.551414][   T29] audit: type=1326 audit(1746910344.377:45914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1327 comm="syz.3.8818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f175f2ce969 code=0x7ffc0000
[  502.574983][   T29] audit: type=1326 audit(1746910344.377:45915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1327 comm="syz.3.8818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f175f2ce969 code=0x7ffc0000
[  502.598514][   T29] audit: type=1326 audit(1746910344.377:45916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1327 comm="syz.3.8818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f175f2ce969 code=0x7ffc0000
[  502.622240][   T29] audit: type=1326 audit(1746910344.407:45917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1327 comm="syz.3.8818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f175f2ce969 code=0x7ffc0000
[  502.648195][   T29] audit: type=1326 audit(1746910344.407:45918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1327 comm="syz.3.8818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f175f2ce969 code=0x7ffc0000
[  502.672440][   T29] audit: type=1326 audit(1746910344.407:45919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1327 comm="syz.3.8818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f175f2ce969 code=0x7ffc0000
[  502.695980][   T29] audit: type=1326 audit(1746910344.497:45920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1327 comm="syz.3.8818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=90 compat=0 ip=0x7f175f2ce969 code=0x7ffc0000
[  502.719394][   T29] audit: type=1326 audit(1746910344.497:45921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1327 comm="syz.3.8818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f175f2ce969 code=0x7ffc0000
[  502.753036][ T1332] hub 9-0:1.0: USB hub found
[  502.758024][ T1332] hub 9-0:1.0: 8 ports detected
[  502.812982][ T1336] netlink: 'syz.3.8821': attribute type 3 has an invalid length.
[  503.016523][ T1227] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  503.028839][ T1359] program syz.3.8832 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  503.128019][ T1361] syz.5.8824: attempt to access beyond end of device
[  503.128019][ T1361] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  503.292384][ T1359] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  503.434711][ T1227] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  503.448678][ T1227] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  503.457899][ T1227] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  503.486699][ T1371] hub 9-0:1.0: USB hub found
[  503.493459][ T1371] hub 9-0:1.0: 8 ports detected
[  503.499542][ T1227] 8021q: adding VLAN 0 to HW filter on device bond0
[  503.514642][ T1227] 8021q: adding VLAN 0 to HW filter on device team0
[  503.526527][ T3480] bridge0: port 1(bridge_slave_0) entered blocking state
[  503.533759][ T3480] bridge0: port 1(bridge_slave_0) entered forwarding state
[  503.541382][ T1375] loop0: detected capacity change from 0 to 512
[  503.555220][ T1227] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  503.565663][ T1227] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  503.577650][ T1375] EXT4-fs (loop0): can't mount with data_err=abort, fs mounted w/o journal
[  503.595683][ T3480] bridge0: port 2(bridge_slave_1) entered blocking state
[  503.602796][ T3480] bridge0: port 2(bridge_slave_1) entered forwarding state
[  503.622307][ T1379] loop2: detected capacity change from 0 to 1024
[  503.629787][ T1379] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  503.639778][ T1379] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  503.652764][ T1379] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840e02c, mo2=0100]
[  503.666275][ T1379] System zones: 0-1, 3-12
[  503.682463][ T1227] 8021q: adding VLAN 0 to HW filter on device batadv0
[  503.693980][ T1379] EXT4-fs error (device loop2): ext4_map_blocks:709: inode #3: block 1: comm syz.2.8839: lblock 1 mapped to illegal pblock 1 (length 1)
[  503.708787][ T1379] EXT4-fs (loop2): Remounting filesystem read-only
[  503.715802][ T1379] EXT4-fs (loop2): 1 orphan inode deleted
[  503.722300][ T1379] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  503.737071][ T1379] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  503.765375][ T1227] veth0_vlan: entered promiscuous mode
[  503.786697][ T1227] veth1_vlan: entered promiscuous mode
[  503.804927][ T1227] veth0_macvtap: entered promiscuous mode
[  503.812309][ T1227] veth1_macvtap: entered promiscuous mode
[  503.822216][ T1227] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  503.832793][ T1227] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  503.843970][ T1227] batman_adv: batadv0: Interface activated: batadv_slave_0
[  503.857759][ T1227] batman_adv: batadv0: Interface activated: batadv_slave_1
[  503.863308][ T1398] program syz.5.8843 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  503.866594][ T1227] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  503.883007][ T1227] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  503.891805][ T1227] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  503.900582][ T1227] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  503.912773][ T1398] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  503.984990][ T1405] loop1: detected capacity change from 0 to 164
[  503.991887][ T1405] iso9660: Bad value for 'uid'
[  503.996705][ T1405] iso9660: Bad value for 'uid'
[  504.151171][ T1411] hub 9-0:1.0: USB hub found
[  504.155960][ T1411] hub 9-0:1.0: 8 ports detected
[  504.303241][ T1414] loop1: detected capacity change from 0 to 8192
[  504.385428][ T1425] netlink: 'syz.5.8853': attribute type 15 has an invalid length.
[  504.405295][ T1422] loop1: detected capacity change from 0 to 1024
[  504.420679][ T1422] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  504.439095][ T1422] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  504.470941][ T1422] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840e02c, mo2=0100]
[  504.487419][ T1422] System zones: 
[  504.487423][ T1432] hub 9-0:1.0: USB hub found
[  504.487600][ T1432] hub 9-0:1.0: 8 ports detected
[  504.491182][ T1422] 0-1, 3-12
[  504.534123][ T1422] EXT4-fs error (device loop1): ext4_map_blocks:709: inode #3: block 1: comm syz.1.8852: lblock 1 mapped to illegal pblock 1 (length 1)
[  504.564769][ T1422] EXT4-fs (loop1): Remounting filesystem read-only
[  504.573239][ T1422] EXT4-fs (loop1): 1 orphan inode deleted
[  504.616337][ T1422] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  504.657117][ T1422] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  504.698042][ T1445] loop0: detected capacity change from 0 to 256
[  504.705364][ T1445] FAT-fs (loop0): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  504.714487][ T1445] FAT-fs (loop0): bogus number of directory entries (1)
[  504.721512][ T1445] FAT-fs (loop0): Can't find a valid FAT filesystem
[  504.841779][ T1447] loop0: detected capacity change from 0 to 8192
[  504.946116][ T1460] program syz.0.8867 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  504.983160][ T1460] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  505.040668][ T1464] hub 9-0:1.0: USB hub found
[  505.055714][ T1464] hub 9-0:1.0: 8 ports detected
[  505.136193][ T1469] loop1: detected capacity change from 0 to 256
[  505.137626][ T1466] netlink: 'syz.0.8872': attribute type 3 has an invalid length.
[  505.190743][ T1469] FAT-fs (loop1): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  505.200064][ T1469] FAT-fs (loop1): bogus number of directory entries (1)
[  505.203453][ T1471] loop0: detected capacity change from 0 to 1024
[  505.207219][ T1469] FAT-fs (loop1): Can't find a valid FAT filesystem
[  505.214678][ T1471] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  505.231194][ T1471] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  505.262421][ T1471] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840e02c, mo2=0100]
[  505.292526][ T1471] System zones: 0-1, 3-12
[  505.297931][ T1471] EXT4-fs error (device loop0): ext4_map_blocks:709: inode #3: block 1: comm syz.0.8874: lblock 1 mapped to illegal pblock 1 (length 1)
[  505.343743][ T1479] loop1: detected capacity change from 0 to 8192
[  505.350643][ T1471] EXT4-fs (loop0): Remounting filesystem read-only
[  505.390306][ T1484] program syz.5.8879 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  505.399782][ T1471] EXT4-fs (loop0): 1 orphan inode deleted
[  505.438523][ T1471] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  505.443195][ T1488] loop1: detected capacity change from 0 to 512
[  505.451194][ T1484] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  505.470460][ T1471] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  505.535173][ T1488] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  505.542412][ T1496] hub 9-0:1.0: USB hub found
[  505.547919][ T1488] ext4 filesystem being mounted at /11/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  505.569535][ T1488] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  505.576945][ T1496] hub 9-0:1.0: 8 ports detected
[  505.615816][ T1227] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  505.712549][ T1498] netlink: 'syz.0.8884': attribute type 3 has an invalid length.
[  505.799455][ T1522] loop0: detected capacity change from 0 to 512
[  505.812378][ T1522] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  505.824962][ T1522] ext4 filesystem being mounted at /541/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  505.885481][ T1536] __nla_validate_parse: 12 callbacks suppressed
[  505.885499][ T1536] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8898'.
[  505.900745][ T1536] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8898'.
[  505.909725][ T1536] netlink: 'syz.2.8898': attribute type 15 has an invalid length.
[  505.952566][ T1542] syz!: rxe_newlink: already configured on team_slave_0
[  506.013868][ T1547] loop2: detected capacity change from 0 to 8192
[  506.169778][ T1561] netlink: 'syz.2.8905': attribute type 3 has an invalid length.
[  506.201434][ T1564] program syz.2.8906 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  506.210935][ T1564] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  506.344418][ T1572] hub 9-0:1.0: USB hub found
[  506.349249][ T1572] hub 9-0:1.0: 8 ports detected
[  506.651067][T24905] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  506.677804][ T1583] sg_write: data in/out 209152/1 bytes for SCSI command 0xf2-- guessing data in;
[  506.677804][ T1583]    program syz.0.8914 not setting count and/or reply_len properly
[  506.828365][ T1592] loop1: detected capacity change from 0 to 2048
[  506.862065][ T1592] EXT4-fs (loop1): can't mount with data=, fs mounted w/o journal
[  506.911040][ T1605] program syz.1.8922 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  506.920804][ T1605] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  506.934156][ T1608] loop2: detected capacity change from 0 to 512
[  506.963015][ T1608] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  506.990058][ T1608] ext4 filesystem being mounted at /544/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  507.010221][ T1618] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8928'.
[  507.019156][ T1618] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8928'.
[  507.028193][ T1618] netlink: 'syz.3.8928': attribute type 15 has an invalid length.
[  507.113780][ T1625] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  507.321957][ T1631] netlink: 76 bytes leftover after parsing attributes in process `syz.3.8931'.
[  507.520695][ T1635] vhci_hcd: invalid port number 96
[  507.525958][ T1635] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  507.631925][   T29] kauditd_printk_skb: 672 callbacks suppressed
[  507.631943][   T29] audit: type=1400 audit(1746910349.487:46588): avc:  denied  { name_bind } for  pid=1639 comm="syz.3.8935" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[  507.780255][T23445] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  507.838262][ T1649] netlink: 'syz.1.8939': attribute type 3 has an invalid length.
[  507.869595][ T1657] netlink: 76 bytes leftover after parsing attributes in process `syz.3.8942'.
[  507.936095][   T29] audit: type=1326 audit(1746910349.787:46589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1666 comm="syz.2.8946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe643e1e969 code=0x7ffc0000
[  507.959785][   T29] audit: type=1326 audit(1746910349.787:46590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1666 comm="syz.2.8946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe643e1e969 code=0x7ffc0000
[  507.985758][ T1667] program syz.2.8946 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  507.998381][   T29] audit: type=1326 audit(1746910349.837:46591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1666 comm="syz.2.8946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fe643e1e969 code=0x7ffc0000
[  508.022044][   T29] audit: type=1326 audit(1746910349.837:46592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1666 comm="syz.2.8946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe643e1e969 code=0x7ffc0000
[  508.045710][   T29] audit: type=1326 audit(1746910349.837:46593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1666 comm="syz.2.8946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe643e1e969 code=0x7ffc0000
[  508.069234][   T29] audit: type=1326 audit(1746910349.837:46594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1666 comm="syz.2.8946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=312 compat=0 ip=0x7fe643e1e969 code=0x7ffc0000
[  508.092938][   T29] audit: type=1326 audit(1746910349.837:46595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1666 comm="syz.2.8946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe643e1e969 code=0x7ffc0000
[  508.116520][   T29] audit: type=1326 audit(1746910349.837:46596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1666 comm="syz.2.8946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7fe643e1e969 code=0x7ffc0000
[  508.140220][   T29] audit: type=1326 audit(1746910349.837:46597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1666 comm="syz.2.8946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe643e1e969 code=0x7ffc0000
[  508.157162][ T1667] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  508.183012][ T1672] loop1: detected capacity change from 0 to 128
[  508.347968][ T1676] loop2: detected capacity change from 0 to 1024
[  508.394727][ T1679] loop0: detected capacity change from 0 to 512
[  508.533763][ T1679] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  508.548042][ T1679] ext4 filesystem being mounted at /549/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  508.609951][ T1676] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  508.619166][ T1676] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  508.666251][ T1676] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840e02c, mo2=0100]
[  508.701081][ T1676] System zones: 0-1, 3-12
[  508.706478][ T1676] EXT4-fs error (device loop2): ext4_map_blocks:709: inode #3: block 1: comm syz.2.8950: lblock 1 mapped to illegal pblock 1 (length 1)
[  508.735971][ T1676] EXT4-fs (loop2): Remounting filesystem read-only
[  508.742684][ T1676] EXT4-fs (loop2): 1 orphan inode deleted
[  508.749299][ T1676] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  508.751390][ T1686] syz!: rxe_newlink: already configured on team_slave_0
[  508.783408][ T1676] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  508.905645][ T1689] hub 9-0:1.0: USB hub found
[  508.911651][ T1689] hub 9-0:1.0: 8 ports detected
[  509.062874][ T1699] netlink: 76 bytes leftover after parsing attributes in process `syz.3.8956'.
[  509.094098][ T1701] hub 9-0:1.0: USB hub found
[  509.098833][ T1701] hub 9-0:1.0: 8 ports detected
[  509.187467][ T1709] program syz.1.8961 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  509.190131][ T1708] program syz.5.8960 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  509.206360][ T1708] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  509.208382][ T1709] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  509.233121][T24905] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  509.409753][ T1729] netlink: 76 bytes leftover after parsing attributes in process `syz.1.8969'.
[  509.483963][ T1733] loop1: detected capacity change from 0 to 2048
[  509.494602][ T1735] loop2: detected capacity change from 0 to 512
[  509.506651][ T1737] program syz.3.8973 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  509.516158][ T1737] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  509.525217][ T1733] EXT4-fs (loop1): can't mount with data=, fs mounted w/o journal
[  509.536170][ T1735] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  509.556260][ T1735] ext4 filesystem being mounted at /551/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  509.597642][ T1744] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8975'.
[  509.606570][ T1744] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8975'.
[  509.615490][ T1744] netlink: 'syz.1.8975': attribute type 15 has an invalid length.
[  509.628279][ T1745] program syz.3.8974 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  509.639395][ T1745] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  509.892962][ T1756] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  510.231664][ T1780] program syz.5.8989 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  510.242834][ T1780] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  510.244073][ T1782] loop1: detected capacity change from 0 to 1024
[  510.273097][ T1782] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  510.282893][ T1782] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  510.294023][ T1782] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840e02c, mo2=0100]
[  510.302198][ T1782] System zones: 0-1, 3-12
[  510.303075][ T1784] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  510.308039][ T1782] EXT4-fs error (device loop1): ext4_map_blocks:709: inode #3: block 1: comm syz.1.8990: lblock 1 mapped to illegal pblock 1 (length 1)
[  510.331448][ T1782] EXT4-fs (loop1): Remounting filesystem read-only
[  510.338165][ T1782] EXT4-fs (loop1): 1 orphan inode deleted
[  510.346143][T23445] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  510.346225][ T1782] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  510.370179][ T1782] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  510.415864][ T1789] loop2: detected capacity change from 0 to 164
[  510.422855][ T1789] iso9660: Bad value for 'uid'
[  510.427741][ T1789] iso9660: Bad value for 'uid'
[  510.571946][ T1791] netlink: 'syz.1.8994': attribute type 3 has an invalid length.
[  510.725954][ T1806] syz.2.8996: attempt to access beyond end of device
[  510.725954][ T1806] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  511.230201][ T1821] loop1: detected capacity change from 0 to 8192
[  511.251683][ T1825] vhci_hcd: invalid port number 96
[  511.256877][ T1825] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  511.267946][ T1827] loop1: detected capacity change from 0 to 512
[  511.274629][ T1827] EXT4-fs: Ignoring removed orlov option
[  511.282404][ T1827] EXT4-fs error (device loop1): ext4_iget_extra_inode:4693: inode #15: comm syz.1.9009: corrupted in-inode xattr: invalid ea_ino
[  511.296277][ T1827] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.9009: couldn't read orphan inode 15 (err -117)
[  511.310493][ T1827] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  511.331356][ T1227] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  511.332745][ T1833] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  511.526729][ T1845] loop2: detected capacity change from 0 to 256
[  511.534173][ T1845] FAT-fs (loop2): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  511.543326][ T1845] FAT-fs (loop2): bogus number of directory entries (1)
[  511.550661][ T1845] FAT-fs (loop2): Can't find a valid FAT filesystem
[  511.599641][ T1853] program syz.2.9019 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  511.609074][ T1853] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  511.635889][ T1855] program syz.2.9020 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  511.645604][ T1855] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  511.650922][ T1857] loop1: detected capacity change from 0 to 512
[  511.660870][ T1857] EXT4-fs: Ignoring removed orlov option
[  511.667857][ T1857] EXT4-fs error (device loop1): ext4_iget_extra_inode:4693: inode #15: comm syz.1.9021: corrupted in-inode xattr: invalid ea_ino
[  511.681858][ T1857] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.9021: couldn't read orphan inode 15 (err -117)
[  511.694533][ T1857] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  511.719810][ T1227] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  511.748590][ T1863] loop2: detected capacity change from 0 to 1024
[  511.757189][ T1863] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  511.757608][ T1866] loop1: detected capacity change from 0 to 164
[  511.766037][ T1863] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  511.772663][ T1866] iso9660: Bad value for 'uid'
[  511.787217][ T1866] iso9660: Bad value for 'uid'
[  511.797689][ T1863] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840e02c, mo2=0100]
[  511.807338][ T1863] System zones: 0-1, 3-12
[  511.813496][ T1863] EXT4-fs error (device loop2): ext4_map_blocks:709: inode #3: block 1: comm syz.2.9024: lblock 1 mapped to illegal pblock 1 (length 1)
[  511.827656][ T1863] EXT4-fs (loop2): Remounting filesystem read-only
[  511.834991][ T1863] EXT4-fs (loop2): 1 orphan inode deleted
[  511.841850][ T1863] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  511.855747][ T1863] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  511.930142][ T1871] loop1: detected capacity change from 0 to 512
[  511.958854][ T1871] EXT4-fs (loop1): 1 orphan inode deleted
[  511.969311][ T1871] ext4 filesystem being mounted at /59/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  511.980070][ T7826] EXT4-fs error (device loop1): ext4_release_dquot:6971: comm kworker/u8:18: Failed to release dquot type 1
[  512.122319][ T1879] netlink: 'syz.3.9029': attribute type 3 has an invalid length.
[  512.151169][ T1883] program syz.3.9031 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  512.160999][ T1883] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  512.170437][ T1886] hub 9-0:1.0: USB hub found
[  512.175190][ T1886] hub 9-0:1.0: 8 ports detected
[  512.245711][ T1892] hub 9-0:1.0: USB hub found
[  512.250551][ T1892] hub 9-0:1.0: 8 ports detected
[  512.287809][ T1896] loop0: detected capacity change from 0 to 164
[  512.289405][ T1897] program syz.5.9037 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  512.294958][ T1896] iso9660: Bad value for 'uid'
[  512.308325][ T1896] iso9660: Bad value for 'uid'
[  512.308345][ T1897] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  512.343094][ T1899] loop0: detected capacity change from 0 to 128
[  512.469845][ T1904] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  512.955255][ T1910] netlink: 'syz.2.9042': attribute type 3 has an invalid length.
[  512.993314][ T1918] hub 9-0:1.0: USB hub found
[  512.997974][ T1918] hub 9-0:1.0: 8 ports detected
[  513.352646][ T1939] hub 9-0:1.0: USB hub found
[  513.357533][ T1939] hub 9-0:1.0: 8 ports detected
[  513.496365][ T1943] syz.3.9050: attempt to access beyond end of device
[  513.496365][ T1943] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  513.840874][ T1952] vhci_hcd: invalid port number 96
[  513.846079][ T1952] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  513.945520][ T1960] loop0: detected capacity change from 0 to 256
[  513.952586][ T1960] FAT-fs (loop0): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  513.961680][ T1960] FAT-fs (loop0): bogus number of directory entries (1)
[  513.968635][ T1960] FAT-fs (loop0): Can't find a valid FAT filesystem
[  513.991903][   T29] kauditd_printk_skb: 858 callbacks suppressed
[  513.991987][   T29] audit: type=1326 audit(1746910355.847:47449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1959 comm="syz.0.9062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c0aabe969 code=0x7ffc0000
[  514.030431][   T29] audit: type=1326 audit(1746910355.877:47450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1959 comm="syz.0.9062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6c0aabe969 code=0x7ffc0000
[  514.054106][   T29] audit: type=1326 audit(1746910355.877:47451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1959 comm="syz.0.9062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c0aabe969 code=0x7ffc0000
[  514.077698][   T29] audit: type=1326 audit(1746910355.877:47452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1959 comm="syz.0.9062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6c0aabe969 code=0x7ffc0000
[  514.101301][   T29] audit: type=1326 audit(1746910355.877:47453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1959 comm="syz.0.9062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c0aabe969 code=0x7ffc0000
[  514.124803][   T29] audit: type=1326 audit(1746910355.877:47454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1959 comm="syz.0.9062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=90 compat=0 ip=0x7f6c0aabe969 code=0x7ffc0000
[  514.148346][   T29] audit: type=1326 audit(1746910355.877:47455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1959 comm="syz.0.9062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c0aabe969 code=0x7ffc0000
[  514.171956][   T29] audit: type=1326 audit(1746910355.877:47456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1959 comm="syz.0.9062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=220 compat=0 ip=0x7f6c0aabe969 code=0x7ffc0000
[  514.195492][   T29] audit: type=1326 audit(1746910355.877:47457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1959 comm="syz.0.9062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c0aabe969 code=0x7ffc0000
[  514.225269][ T1963] hub 9-0:1.0: USB hub found
[  514.232458][ T1963] hub 9-0:1.0: 8 ports detected
[  514.248373][   T29] audit: type=1326 audit(1746910356.097:47458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1964 comm="syz.1.9064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3abe6e969 code=0x7ffc0000
[  514.428727][ T1976] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  514.435292][ T1976] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  514.442929][ T1976] vhci_hcd vhci_hcd.0: Device attached
[  514.469088][ T1978] vhci_hcd: connection closed
[  514.469243][ T6885] vhci_hcd: stop threads
[  514.478397][ T6885] vhci_hcd: release socket
[  514.482920][ T6885] vhci_hcd: disconnect device
[  514.499122][ T1971] netlink: 'syz.0.9067': attribute type 3 has an invalid length.
[  514.566218][ T1984] loop1: detected capacity change from 0 to 256
[  514.573760][ T1984] FAT-fs (loop1): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  514.580750][ T1982] vhci_hcd: invalid port number 96
[  514.582836][ T1984] FAT-fs (loop1): bogus number of directory entries (1)
[  514.587939][ T1982] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  514.594854][ T1984] FAT-fs (loop1): Can't find a valid FAT filesystem
[  514.685740][ T1989] loop0: detected capacity change from 0 to 256
[  514.710741][ T1989] FAT-fs (loop0): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  514.720060][ T1989] FAT-fs (loop0): bogus number of directory entries (1)
[  514.727059][ T1989] FAT-fs (loop0): Can't find a valid FAT filesystem
[  514.783103][ T1991] loop0: detected capacity change from 0 to 1024
[  514.790730][ T1991] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  514.799352][ T1991] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  514.818158][ T1991] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840e02c, mo2=0100]
[  514.830633][ T1991] System zones: 0-1, 3-12
[  514.837095][ T1991] EXT4-fs error (device loop0): ext4_map_blocks:709: inode #3: block 1: comm syz.0.9074: lblock 1 mapped to illegal pblock 1 (length 1)
[  514.860348][ T1991] EXT4-fs (loop0): Remounting filesystem read-only
[  514.868387][ T1991] EXT4-fs (loop0): 1 orphan inode deleted
[  515.103785][ T1996] netlink: 'syz.3.9075': attribute type 3 has an invalid length.
[  515.138291][ T2001] hub 9-0:1.0: USB hub found
[  515.144303][ T2001] hub 9-0:1.0: 8 ports detected
[  515.658164][ T2003] chnl_net:caif_netlink_parms(): no params data found
[  515.712211][ T2003] bridge0: port 1(bridge_slave_0) entered blocking state
[  515.719311][ T2003] bridge0: port 1(bridge_slave_0) entered disabled state
[  515.728594][ T2003] bridge_slave_0: entered allmulticast mode
[  515.753754][ T2003] bridge_slave_0: entered promiscuous mode
[  515.770658][ T2003] bridge0: port 2(bridge_slave_1) entered blocking state
[  515.777770][ T2003] bridge0: port 2(bridge_slave_1) entered disabled state
[  515.801474][ T2003] bridge_slave_1: entered allmulticast mode
[  515.811045][ T2003] bridge_slave_1: entered promiscuous mode
[  515.868910][ T2003] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  515.887189][ T2003] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  515.928722][ T2003] team0: Port device team_slave_0 added
[  515.936224][ T2003] team0: Port device team_slave_1 added
[  515.937458][ T2028] hub 9-0:1.0: USB hub found
[  515.946570][ T2028] hub 9-0:1.0: 8 ports detected
[  515.978353][ T2003] batman_adv: batadv0: Adding interface: batadv_slave_0
[  515.985489][ T2003] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  516.011611][ T2003] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  516.012408][ T2003] batman_adv: batadv0: Adding interface: batadv_slave_1
[  516.029187][ T2003] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  516.055218][ T2003] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  516.092832][ T2003] hsr_slave_0: entered promiscuous mode
[  516.099175][ T2003] hsr_slave_1: entered promiscuous mode
[  516.105301][ T2003] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  516.113397][ T2003] Cannot create hsr debugfs directory
[  516.122567][ T3480] bridge_slave_1: left allmulticast mode
[  516.128313][ T3480] bridge_slave_1: left promiscuous mode
[  516.134171][ T3480] bridge0: port 2(bridge_slave_1) entered disabled state
[  516.145024][ T3480] bridge_slave_0: left allmulticast mode
[  516.150769][ T3480] bridge_slave_0: left promiscuous mode
[  516.156581][ T3480] bridge0: port 1(bridge_slave_0) entered disabled state
[  516.202080][ T3480] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  516.211939][ T3480] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  516.221182][ T3480] bond0 (unregistering): Released all slaves
[  516.421459][ T3480] hsr_slave_0: left promiscuous mode
[  516.427329][ T3480] hsr_slave_1: left promiscuous mode
[  516.433476][ T3480] batman_adv: batadv0: Removing interface: batadv_slave_0
[  516.441086][ T3480] batman_adv: batadv0: Removing interface: batadv_slave_1
[  516.469003][ T3480] team0 (unregistering): Port device team_slave_1 removed
[  516.478178][ T3480] team0 (unregistering): Port device team_slave_0 removed
[  516.891862][ T2048] program syz.1.9092 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  516.930264][ T2048] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  516.988218][ T2003] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  517.011647][ T2050] vhci_hcd: invalid port number 96
[  517.016860][ T2050] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  517.031684][ T2003] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  517.055289][ T2003] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  517.093016][ T2003] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  517.183497][ T2057] hub 9-0:1.0: USB hub found
[  517.201924][ T2057] hub 9-0:1.0: 8 ports detected
[  517.222684][ T2003] 8021q: adding VLAN 0 to HW filter on device bond0
[  517.277524][ T2003] 8021q: adding VLAN 0 to HW filter on device team0
[  517.309201][T23648] bridge0: port 1(bridge_slave_0) entered blocking state
[  517.316321][T23648] bridge0: port 1(bridge_slave_0) entered forwarding state
[  517.373296][ T6885] bridge0: port 2(bridge_slave_1) entered blocking state
[  517.380513][ T6885] bridge0: port 2(bridge_slave_1) entered forwarding state
[  517.472754][ T2074] hub 9-0:1.0: USB hub found
[  517.477503][ T2074] hub 9-0:1.0: 8 ports detected
[  517.598625][ T2078] loop1: detected capacity change from 0 to 8192
[  517.606403][ T2080] vhci_hcd: invalid port number 96
[  517.611640][ T2080] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  517.678301][ T2084] hub 9-0:1.0: USB hub found
[  517.684904][ T2084] hub 9-0:1.0: 8 ports detected
[  517.809661][ T2003] 8021q: adding VLAN 0 to HW filter on device batadv0
[  517.980879][ T2101] netlink: 'syz.2.9116': attribute type 3 has an invalid length.
[  518.135428][ T2104] netlink: 'syz.1.9117': attribute type 3 has an invalid length.
[  518.188295][ T2106] loop2: detected capacity change from 0 to 8192
[  518.240758][ T2115] vhci_hcd: invalid port number 96
[  518.246005][ T2115] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  518.257988][ T2003] veth0_vlan: entered promiscuous mode
[  518.274030][ T2003] veth1_vlan: entered promiscuous mode
[  518.289593][ T2120] netlink: 'syz.2.9121': attribute type 3 has an invalid length.
[  518.321377][ T2003] veth0_macvtap: entered promiscuous mode
[  518.339310][ T2003] veth1_macvtap: entered promiscuous mode
[  518.356259][ T2003] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  518.366849][ T2003] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  518.376751][ T2003] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  518.387217][ T2003] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  518.433853][ T2003] batman_adv: batadv0: Interface activated: batadv_slave_0
[  518.447103][ T2003] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  518.457817][ T2132] loop2: detected capacity change from 0 to 256
[  518.464164][ T2003] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  518.475347][ T2132] FAT-fs (loop2): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  518.476942][ T2003] batman_adv: batadv0: Interface activated: batadv_slave_1
[  518.484475][ T2132] FAT-fs (loop2): bogus number of directory entries (1)
[  518.484496][ T2132] FAT-fs (loop2): Can't find a valid FAT filesystem
[  518.511767][ T2003] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  518.520630][ T2003] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  518.529438][ T2003] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  518.538297][ T2003] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  518.617668][ T2141] loop1: detected capacity change from 0 to 1024
[  518.633194][ T2141] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  518.645238][ T2141] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  518.690661][ T2141] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840e02c, mo2=0100]
[  518.698817][ T2141] System zones: 0-1, 3-12
[  518.715290][ T2141] EXT4-fs error (device loop1): ext4_map_blocks:709: inode #3: block 1: comm syz.1.9131: lblock 1 mapped to illegal pblock 1 (length 1)
[  518.731025][ T2141] EXT4-fs (loop1): Remounting filesystem read-only
[  518.738784][ T2141] EXT4-fs (loop1): 1 orphan inode deleted
[  518.745053][ T2141] EXT4-fs mount: 4 callbacks suppressed
[  518.745068][ T2141] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  518.777798][ T2141] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  518.856757][ T2156] netlink: 'syz.2.9135': attribute type 3 has an invalid length.
[  518.883032][ T2158] netlink: 'syz.2.9136': attribute type 3 has an invalid length.
[  519.239145][ T2166] hub 9-0:1.0: USB hub found
[  519.245117][ T2166] hub 9-0:1.0: 8 ports detected
[  519.304544][   T29] kauditd_printk_skb: 495 callbacks suppressed
[  519.304561][   T29] audit: type=1326 audit(1746910361.157:47950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2167 comm="syz.5.9140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f360648e969 code=0x7ffc0000
[  519.335385][   T29] audit: type=1326 audit(1746910361.157:47951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2167 comm="syz.5.9140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f360648e969 code=0x7ffc0000
[  519.358959][   T29] audit: type=1326 audit(1746910361.157:47952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2167 comm="syz.5.9140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f360648e969 code=0x7ffc0000
[  519.382306][   T29] audit: type=1326 audit(1746910361.157:47953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2167 comm="syz.5.9140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f360648e969 code=0x7ffc0000
[  519.405940][   T29] audit: type=1326 audit(1746910361.157:47954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2167 comm="syz.5.9140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=216 compat=0 ip=0x7f360648e969 code=0x7ffc0000
[  519.429451][   T29] audit: type=1326 audit(1746910361.157:47955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2167 comm="syz.5.9140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f360648e969 code=0x7ffc0000
[  519.453089][   T29] audit: type=1326 audit(1746910361.157:47956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2167 comm="syz.5.9140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f360648e969 code=0x7ffc0000
[  519.476590][   T29] audit: type=1326 audit(1746910361.157:47957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2167 comm="syz.5.9140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=133 compat=0 ip=0x7f360648e969 code=0x7ffc0000
[  519.500101][   T29] audit: type=1326 audit(1746910361.157:47958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2167 comm="syz.5.9140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f360648e969 code=0x7ffc0000
[  519.523559][   T29] audit: type=1326 audit(1746910361.157:47959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2167 comm="syz.5.9140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f360648e969 code=0x7ffc0000
[  519.603905][ T2172] loop0: detected capacity change from 0 to 512
[  519.626672][ T2172] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  519.643588][ T2178] __nla_validate_parse: 1 callbacks suppressed
[  519.643605][ T2178] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9143'.
[  519.653039][ T2172] ext4 filesystem being mounted at /572/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  519.658783][ T2178] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9143'.
[  519.677929][ T2178] netlink: 'syz.3.9143': attribute type 15 has an invalid length.
[  519.720078][ T2184] netlink: 'syz.3.9147': attribute type 3 has an invalid length.
[  519.801417][ T2190] syz!: rxe_newlink: already configured on team_slave_0
[  519.853139][ T7826] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  519.895262][ T7826] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  519.942295][ T7826] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  519.991584][ T7826] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  520.068231][ T7826] bridge_slave_1: left allmulticast mode
[  520.073974][ T7826] bridge_slave_1: left promiscuous mode
[  520.079707][ T7826] bridge0: port 2(bridge_slave_1) entered disabled state
[  520.087547][ T7826] bridge_slave_0: left allmulticast mode
[  520.093269][ T7826] bridge_slave_0: left promiscuous mode
[  520.098937][ T7826] bridge0: port 1(bridge_slave_0) entered disabled state
[  520.121435][ T7826] bond1 (unregistering): (slave gretap1): Releasing active interface
[  520.231556][ T7826] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  520.240931][ T7826] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  520.249745][ T7826] bond0 (unregistering): Released all slaves
[  520.257639][ T7826] bond1 (unregistering): Released all slaves
[  520.324631][ T7826] tipc: Left network mode
[  520.422332][ T7826] hsr_slave_0: left promiscuous mode
[  520.428011][ T7826] hsr_slave_1: left promiscuous mode
[  520.433628][ T7826] batman_adv: batadv0: Removing interface: batadv_slave_0
[  520.441651][ T7826] batman_adv: batadv0: Removing interface: batadv_slave_1
[  520.451178][T24905] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  520.483752][ T7826] team0 (unregistering): Port device team_slave_1 removed
[  520.493411][ T7826] team0 (unregistering): Port device team_slave_0 removed
[  520.579217][ T2214] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9156'.
[  520.588275][ T2214] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9156'.
[  520.597375][ T2214] netlink: 'syz.1.9156': attribute type 15 has an invalid length.
[  520.645836][ T2222] netlink: 'syz.1.9158': attribute type 3 has an invalid length.
[  520.713147][ T2236] loop1: detected capacity change from 0 to 256
[  520.719606][ T2234] loop0: detected capacity change from 0 to 1024
[  520.733136][ T2236] FAT-fs (loop1): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  520.742317][ T2236] FAT-fs (loop1): bogus number of directory entries (1)
[  520.749272][ T2236] FAT-fs (loop1): Can't find a valid FAT filesystem
[  520.760428][ T2234] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.9153: Failed to acquire dquot type 0
[  520.773598][ T2234] EXT4-fs error (device loop0): mb_free_blocks:1948: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[  520.788902][ T2234] EXT4-fs error (device loop0): ext4_do_update_inode:5211: inode #13: comm syz.0.9153: corrupted inode contents
[  520.837250][ T2234] EXT4-fs error (device loop0): ext4_dirty_inode:6103: inode #13: comm syz.0.9153: mark_inode_dirty error
[  520.845941][ T2191] chnl_net:caif_netlink_parms(): no params data found
[  520.851066][ T2234] EXT4-fs error (device loop0): ext4_do_update_inode:5211: inode #13: comm syz.0.9153: corrupted inode contents
[  520.868177][ T2234] EXT4-fs error (device loop0): __ext4_ext_dirty:207: inode #13: comm syz.0.9153: mark_inode_dirty error
[  520.883195][ T2234] EXT4-fs error (device loop0): ext4_do_update_inode:5211: inode #13: comm syz.0.9153: corrupted inode contents
[  520.904988][ T2251] netlink: 8 bytes leftover after parsing attributes in process `syz.5.9163'.
[  520.914092][ T2234] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
[  520.923950][ T2234] EXT4-fs error (device loop0): ext4_do_update_inode:5211: inode #13: comm syz.0.9153: corrupted inode contents
[  520.936039][ T2234] EXT4-fs error (device loop0): ext4_truncate:4255: inode #13: comm syz.0.9153: mark_inode_dirty error
[  520.948830][ T2234] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem
[  520.976513][ T2234] EXT4-fs (loop0): 1 truncate cleaned up
[  520.998966][ T2234] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  521.011039][ T2254] vhci_hcd: invalid port number 96
[  521.016688][ T2254] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  521.048379][ T2234] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000.
[  521.058727][ T2191] bridge0: port 1(bridge_slave_0) entered blocking state
[  521.066078][ T2191] bridge0: port 1(bridge_slave_0) entered disabled state
[  521.088840][ T2191] bridge_slave_0: entered allmulticast mode
[  521.109860][ T2191] bridge_slave_0: entered promiscuous mode
[  521.134577][ T2191] bridge0: port 2(bridge_slave_1) entered blocking state
[  521.141815][ T2191] bridge0: port 2(bridge_slave_1) entered disabled state
[  521.153113][ T2191] bridge_slave_1: entered allmulticast mode
[  521.160052][ T2191] bridge_slave_1: entered promiscuous mode
[  521.215985][ T2191] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  521.227152][ T2191] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  521.246596][ T2273] loop1: detected capacity change from 0 to 512
[  521.266687][ T2191] team0: Port device team_slave_0 added
[  521.284665][ T2273] EXT4-fs (loop1): too many log groups per flexible block group
[  521.292419][ T2273] EXT4-fs (loop1): failed to initialize mballoc (-12)
[  521.299340][ T2273] EXT4-fs (loop1): mount failed
[  521.300632][ T2191] team0: Port device team_slave_1 added
[  521.326732][ T2191] batman_adv: batadv0: Adding interface: batadv_slave_0
[  521.333781][ T2191] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  521.359778][ T2191] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  521.373043][ T2191] batman_adv: batadv0: Adding interface: batadv_slave_1
[  521.380112][ T2191] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  521.406051][ T2191] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  521.461957][T24905] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  521.512492][ T2316] netlink: 'syz.5.9169': attribute type 3 has an invalid length.
[  521.571794][ T2191] hsr_slave_0: entered promiscuous mode
[  521.592098][ T2191] hsr_slave_1: entered promiscuous mode
[  521.610349][ T2191] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  521.618422][ T2191] Cannot create hsr debugfs directory
[  521.650111][ T2332] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  521.691736][ T2333] loop0: detected capacity change from 0 to 1024
[  521.699157][ T2333] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  521.722244][ T2333] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  521.743365][ T2333] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840e02c, mo2=0100]
[  521.751763][ T2333] System zones: 0-1, 3-12
[  521.757456][ T2333] EXT4-fs error (device loop0): ext4_map_blocks:709: inode #3: block 1: comm syz.0.9172: lblock 1 mapped to illegal pblock 1 (length 1)
[  521.773039][ T2333] EXT4-fs (loop0): Remounting filesystem read-only
[  521.779806][ T2333] EXT4-fs (loop0): 1 orphan inode deleted
[  521.786473][ T2333] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  521.801950][ T2333] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  521.904213][ T2361] FAULT_INJECTION: forcing a failure.
[  521.904213][ T2361] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  521.917516][ T2361] CPU: 1 UID: 0 PID: 2361 Comm: syz.3.9179 Not tainted 6.15.0-rc5-syzkaller-00275-gbec6f00f120e #0 PREEMPT(voluntary) 
[  521.917546][ T2361] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  521.917641][ T2361] Call Trace:
[  521.917650][ T2361]  <TASK>
[  521.917659][ T2361]  __dump_stack+0x1d/0x30
[  521.917682][ T2361]  dump_stack_lvl+0xe8/0x140
[  521.917734][ T2361]  dump_stack+0x15/0x1b
[  521.917753][ T2361]  should_fail_ex+0x265/0x280
[  521.917788][ T2361]  should_fail+0xb/0x20
[  521.917819][ T2361]  should_fail_usercopy+0x1a/0x20
[  521.917840][ T2361]  _copy_from_user+0x1c/0xb0
[  521.917893][ T2361]  kstrtouint_from_user+0x69/0xf0
[  521.918000][ T2361]  ? avc_policy_seqno+0x15/0x30
[  521.918037][ T2361]  proc_fail_nth_write+0x50/0x160
[  521.918066][ T2361]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  521.918205][ T2361]  vfs_write+0x266/0x8d0
[  521.918231][ T2361]  ? vfs_read+0x47f/0x6f0
[  521.918254][ T2361]  ? __rcu_read_unlock+0x4f/0x70
[  521.918315][ T2361]  ? __fget_files+0x184/0x1c0
[  521.918344][ T2361]  ksys_write+0xda/0x1a0
[  521.918371][ T2361]  __x64_sys_write+0x40/0x50
[  521.918414][ T2361]  x64_sys_call+0x2cdd/0x2fb0
[  521.918437][ T2361]  do_syscall_64+0xd0/0x1a0
[  521.918459][ T2361]  ? clear_bhb_loop+0x25/0x80
[  521.918612][ T2361]  ? clear_bhb_loop+0x25/0x80
[  521.918647][ T2361]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  521.918670][ T2361] RIP: 0033:0x7fcc00dcd41f
[  521.918764][ T2361] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  521.918783][ T2361] RSP: 002b:00007fcbff437030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  521.918806][ T2361] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fcc00dcd41f
[  521.918820][ T2361] RDX: 0000000000000001 RSI: 00007fcbff4370a0 RDI: 0000000000000005
[  521.918834][ T2361] RBP: 00007fcbff437090 R08: 0000000000000000 R09: 0000000000000000
[  521.918847][ T2361] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  521.918860][ T2361] R13: 0000000000000000 R14: 00007fcc00ff5fa0 R15: 00007ffd36c136e8
[  521.918880][ T2361]  </TASK>
[  522.133877][ T2368] loop1: detected capacity change from 0 to 1024
[  522.148150][ T2368] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.9176: Failed to acquire dquot type 0
[  522.160397][ T2368] EXT4-fs error (device loop1): mb_free_blocks:1948: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[  522.175260][ T2368] EXT4-fs error (device loop1): ext4_do_update_inode:5211: inode #13: comm syz.1.9176: corrupted inode contents
[  522.187579][ T2368] EXT4-fs error (device loop1): ext4_dirty_inode:6103: inode #13: comm syz.1.9176: mark_inode_dirty error
[  522.200542][ T2368] EXT4-fs error (device loop1): ext4_do_update_inode:5211: inode #13: comm syz.1.9176: corrupted inode contents
[  522.205765][ T2191] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  522.223725][ T2368] EXT4-fs error (device loop1): __ext4_ext_dirty:207: inode #13: comm syz.1.9176: mark_inode_dirty error
[  522.236214][ T2191] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  522.243997][ T2368] EXT4-fs error (device loop1): ext4_do_update_inode:5211: inode #13: comm syz.1.9176: corrupted inode contents
[  522.258675][ T2191] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  522.260348][ T2368] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem
[  522.276255][ T2191] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  522.277990][ T2368] EXT4-fs error (device loop1): ext4_do_update_inode:5211: inode #13: comm syz.1.9176: corrupted inode contents
[  522.303193][ T2368] EXT4-fs error (device loop1): ext4_truncate:4255: inode #13: comm syz.1.9176: mark_inode_dirty error
[  522.327085][ T2191] 8021q: adding VLAN 0 to HW filter on device bond0
[  522.333326][ T2368] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem
[  522.339626][ T2191] 8021q: adding VLAN 0 to HW filter on device team0
[  522.352346][ T2368] EXT4-fs (loop1): 1 truncate cleaned up
[  522.359003][ T2368] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  522.367366][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  522.378606][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  522.411849][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  522.411891][ T2368] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000.
[  522.418945][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  522.487796][ T2407] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8192 sclass=netlink_route_socket pid=2407 comm=syz.3.9183
[  522.544060][ T2191] 8021q: adding VLAN 0 to HW filter on device batadv0
[  522.546876][ T2418] hub 9-0:1.0: USB hub found
[  522.555965][ T2418] hub 9-0:1.0: 8 ports detected
[  522.717860][ T1227] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  522.738306][ T2191] veth0_vlan: entered promiscuous mode
[  522.766479][ T2191] veth1_vlan: entered promiscuous mode
[  522.802408][ T2191] veth0_macvtap: entered promiscuous mode
[  522.813834][ T2191] veth1_macvtap: entered promiscuous mode
[  522.829750][ T2191] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  522.840356][ T2191] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  522.850252][ T2191] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  522.860800][ T2191] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  522.870711][ T2191] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  522.881170][ T2191] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  522.892860][ T2191] batman_adv: batadv0: Interface activated: batadv_slave_0
[  522.904477][ T2191] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  522.914998][ T2191] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  522.924933][ T2191] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  522.935389][ T2191] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  522.946278][ T2191] batman_adv: batadv0: Interface activated: batadv_slave_1
[  522.956752][ T2191] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  522.965672][ T2191] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  522.974513][ T2191] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  522.983307][ T2191] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  523.036341][ T2482] loop1: detected capacity change from 0 to 1024
[  523.050183][ T2482] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  523.059637][ T2482] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  523.076122][ T2482] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840e02c, mo2=0100]
[  523.086968][ T2482] System zones: 0-1, 3-12
[  523.095881][ T2482] EXT4-fs error (device loop1): ext4_map_blocks:709: inode #3: block 1: comm syz.1.9196: lblock 1 mapped to illegal pblock 1 (length 1)
[  523.117159][ T2495] hub 9-0:1.0: USB hub found
[  523.122111][ T2495] hub 9-0:1.0: 8 ports detected
[  523.128702][ T2482] EXT4-fs (loop1): Remounting filesystem read-only
[  523.131913][ T2499] netlink: 'syz.5.9199': attribute type 3 has an invalid length.
[  523.152820][ T2482] EXT4-fs (loop1): 1 orphan inode deleted
[  523.158993][ T2482] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  523.175778][ T2482] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  523.465822][ T2532] hub 9-0:1.0: USB hub found
[  523.470978][ T2532] hub 9-0:1.0: 8 ports detected
[  523.550683][ T2536] vhci_hcd: invalid port number 96
[  523.555941][ T2536] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  523.853194][ T2545] block device autoloading is deprecated and will be removed.
[  523.860940][ T2545] syz.5.9213: attempt to access beyond end of device
[  523.860940][ T2545] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  524.140512][ T2555] vhci_hcd: invalid port number 96
[  524.145704][ T2555] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  524.291118][ T2560] team0 (unregistering): Port device team_slave_0 removed
[  524.301592][ T2560] team0 (unregistering): Port device team_slave_1 removed
[  524.514965][ T2564] syz.3.9217: attempt to access beyond end of device
[  524.514965][ T2564] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  524.772574][   T29] kauditd_printk_skb: 237 callbacks suppressed
[  524.772592][   T29] audit: type=1326 audit(1746910366.627:48189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2574 comm="syz.1.9227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3abe6e969 code=0x7ffc0000
[  524.803432][   T29] audit: type=1326 audit(1746910366.627:48190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2571 comm="syz.2.9225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f7a90e969 code=0x7ffc0000
[  524.827270][   T29] audit: type=1326 audit(1746910366.627:48191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2571 comm="syz.2.9225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f7a90e969 code=0x7ffc0000
[  524.850978][   T29] audit: type=1326 audit(1746910366.627:48192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2571 comm="syz.2.9225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=133 compat=0 ip=0x7f5f7a90e969 code=0x7ffc0000
[  524.874621][   T29] audit: type=1326 audit(1746910366.627:48193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2571 comm="syz.2.9225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f7a90e969 code=0x7ffc0000
[  524.898140][   T29] audit: type=1326 audit(1746910366.627:48194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2571 comm="syz.2.9225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f7a90e969 code=0x7ffc0000
[  524.921695][   T29] audit: type=1326 audit(1746910366.627:48195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2571 comm="syz.2.9225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=163 compat=0 ip=0x7f5f7a90e969 code=0x7ffc0000
[  524.945295][   T29] audit: type=1326 audit(1746910366.627:48196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2574 comm="syz.1.9227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=74 compat=0 ip=0x7fb3abe6e969 code=0x7ffc0000
[  524.946671][ T2572] loop0: detected capacity change from 0 to 512
[  524.968760][   T29] audit: type=1326 audit(1746910366.627:48197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2574 comm="syz.1.9227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3abe6e969 code=0x7ffc0000
[  524.968791][   T29] audit: type=1326 audit(1746910366.627:48198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2574 comm="syz.1.9227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3abe6e969 code=0x7ffc0000
[  525.044964][ T2585] loop1: detected capacity change from 0 to 1024
[  525.068956][ T2585] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  525.079314][ T2585] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  525.112961][ T2591] netlink: 88 bytes leftover after parsing attributes in process `syz.5.9232'.
[  525.122003][ T2591] netlink: 88 bytes leftover after parsing attributes in process `syz.5.9232'.
[  525.135117][ T2585] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840e02c, mo2=0100]
[  525.143342][ T2585] System zones: 0-1, 3-12
[  525.148730][ T2585] EXT4-fs error (device loop1): ext4_map_blocks:709: inode #3: block 1: comm syz.1.9229: lblock 1 mapped to illegal pblock 1 (length 1)
[  525.165434][ T2585] EXT4-fs (loop1): Remounting filesystem read-only
[  525.172097][ T2585] EXT4-fs (loop1): 1 orphan inode deleted
[  525.178371][ T2585] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  525.200935][ T2585] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  525.201322][ T2572] EXT4-fs (loop0): too many log groups per flexible block group
[  525.217758][ T2572] EXT4-fs (loop0): failed to initialize mballoc (-12)
[  525.220521][ T2572] EXT4-fs (loop0): mount failed
[  525.353907][ T2605] syz.3.9231: attempt to access beyond end of device
[  525.353907][ T2605] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  525.385638][ T2596] netlink: 'syz.2.9233': attribute type 3 has an invalid length.
[  525.599838][ T2609] loop0: detected capacity change from 0 to 512
[  525.627686][ T2609] EXT4-fs: Ignoring removed orlov option
[  525.653599][ T2609] EXT4-fs error (device loop0): ext4_iget_extra_inode:4693: inode #15: comm syz.0.9236: corrupted in-inode xattr: invalid ea_ino
[  525.667221][ T2609] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.9236: couldn't read orphan inode 15 (err -117)
[  525.685544][ T2612] loop2: detected capacity change from 0 to 128
[  525.685853][ T2609] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  525.707618][ T2612] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  525.726823][ T2612] ext4 filesystem being mounted at /14/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  525.746188][T24905] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  525.756815][ T2191] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  525.867366][ T2625] netlink: 96 bytes leftover after parsing attributes in process `syz.2.9242'.
[  525.876392][ T2625] netlink: 96 bytes leftover after parsing attributes in process `syz.2.9242'.
[  526.198162][ T2640] netlink: 'syz.3.9247': attribute type 3 has an invalid length.
[  526.373323][ T2649] hub 9-0:1.0: USB hub found
[  526.378048][ T2649] hub 9-0:1.0: 8 ports detected
[  526.688488][ T2662] netlink: 72 bytes leftover after parsing attributes in process `syz.3.9254'.
[  526.808203][ T2676] netlink: 88 bytes leftover after parsing attributes in process `syz.0.9260'.
[  526.817329][ T2676] netlink: 88 bytes leftover after parsing attributes in process `syz.0.9260'.
[  526.942915][ T2680] loop0: detected capacity change from 0 to 512
[  526.977333][ T2680] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  527.003369][ T2680] ext4 filesystem being mounted at /591/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  527.176889][ T2690] syz!: rxe_newlink: already configured on team_slave_0
[  527.798044][T24905] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  527.853026][ T2703] hub 9-0:1.0: USB hub found
[  527.865250][ T2703] hub 9-0:1.0: 8 ports detected
[  528.011873][ T2710] netlink: 8 bytes leftover after parsing attributes in process `syz.5.9271'.
[  528.020867][ T2710] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9271'.
[  528.029927][ T2710] netlink: 'syz.5.9271': attribute type 15 has an invalid length.
[  528.318417][ T2723] loop0: detected capacity change from 0 to 512
[  528.325481][ T2724] netlink: 72 bytes leftover after parsing attributes in process `syz.5.9277'.
[  528.353904][ T2723] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  528.388467][ T2723] ext4 filesystem being mounted at /597/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  528.485911][ T2735] hub 9-0:1.0: USB hub found
[  528.492011][ T2735] hub 9-0:1.0: 8 ports detected
[  528.520529][ T2736] syz!: rxe_newlink: already configured on team_slave_0
[  529.151575][T24905] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  529.234360][ T2743] loop0: detected capacity change from 0 to 1024
[  529.244027][ T2743] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  529.253725][ T2743] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  529.264776][ T2743] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840e02c, mo2=0100]
[  529.273914][ T2743] System zones: 0-1, 3-12
[  529.279216][ T2743] EXT4-fs error (device loop0): ext4_map_blocks:709: inode #3: block 1: comm syz.0.9284: lblock 1 mapped to illegal pblock 1 (length 1)
[  529.294743][ T2743] EXT4-fs (loop0): Remounting filesystem read-only
[  529.301447][ T2743] EXT4-fs (loop0): 1 orphan inode deleted
[  529.307969][ T2743] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  529.331075][ T2743] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  529.607007][ T2769] hub 9-0:1.0: USB hub found
[  529.615212][ T2769] hub 9-0:1.0: 8 ports detected
[  529.634657][ T2771] hub 9-0:1.0: USB hub found
[  529.645387][ T2771] hub 9-0:1.0: 8 ports detected
[  529.685077][ T2773] FAULT_INJECTION: forcing a failure.
[  529.685077][ T2773] name failslab, interval 1, probability 0, space 0, times 0
[  529.697843][ T2773] CPU: 1 UID: 0 PID: 2773 Comm: syz.5.9294 Not tainted 6.15.0-rc5-syzkaller-00275-gbec6f00f120e #0 PREEMPT(voluntary) 
[  529.697874][ T2773] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  529.697886][ T2773] Call Trace:
[  529.697892][ T2773]  <TASK>
[  529.697899][ T2773]  __dump_stack+0x1d/0x30
[  529.697922][ T2773]  dump_stack_lvl+0xe8/0x140
[  529.697943][ T2773]  dump_stack+0x15/0x1b
[  529.698019][ T2773]  should_fail_ex+0x265/0x280
[  529.698147][ T2773]  should_failslab+0x8c/0xb0
[  529.698177][ T2773]  kmem_cache_alloc_noprof+0x50/0x310
[  529.698214][ T2773]  ? sctp_get_port_local+0x420/0xab0
[  529.698248][ T2773]  sctp_get_port_local+0x420/0xab0
[  529.698284][ T2773]  sctp_do_bind+0x398/0x4b0
[  529.698314][ T2773]  sctp_connect_new_asoc+0x153/0x3a0
[  529.698381][ T2773]  sctp_sendmsg+0xf10/0x18d0
[  529.698440][ T2773]  ? selinux_socket_sendmsg+0x81/0x1b0
[  529.698466][ T2773]  ? __pfx_sctp_sendmsg+0x10/0x10
[  529.698497][ T2773]  inet_sendmsg+0xc2/0xd0
[  529.698540][ T2773]  __sock_sendmsg+0x102/0x180
[  529.698574][ T2773]  ____sys_sendmsg+0x345/0x4e0
[  529.698597][ T2773]  ___sys_sendmsg+0x17b/0x1d0
[  529.698687][ T2773]  __sys_sendmmsg+0x178/0x300
[  529.698737][ T2773]  __x64_sys_sendmmsg+0x57/0x70
[  529.698755][ T2773]  x64_sys_call+0x2f2f/0x2fb0
[  529.698777][ T2773]  do_syscall_64+0xd0/0x1a0
[  529.698800][ T2773]  ? clear_bhb_loop+0x25/0x80
[  529.698862][ T2773]  ? clear_bhb_loop+0x25/0x80
[  529.698885][ T2773]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  529.698908][ T2773] RIP: 0033:0x7f360648e969
[  529.698924][ T2773] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  529.698942][ T2773] RSP: 002b:00007f3604af7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  529.698985][ T2773] RAX: ffffffffffffffda RBX: 00007f36066b5fa0 RCX: 00007f360648e969
[  529.698998][ T2773] RDX: 0000000000000001 RSI: 0000200000001000 RDI: 0000000000000003
[  529.699012][ T2773] RBP: 00007f3604af7090 R08: 0000000000000000 R09: 0000000000000000
[  529.699025][ T2773] R10: 0000000020008050 R11: 0000000000000246 R12: 0000000000000001
[  529.699038][ T2773] R13: 0000000000000000 R14: 00007f36066b5fa0 R15: 00007ffcae1070f8
[  529.699057][ T2773]  </TASK>
[  530.011043][ T2783] hub 9-0:1.0: USB hub found
[  530.023611][ T2783] hub 9-0:1.0: 8 ports detected
[  530.168063][   T29] kauditd_printk_skb: 437 callbacks suppressed
[  530.168095][   T29] audit: type=1326 audit(1746910372.017:48632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2786 comm="syz.3.9300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc00dce969 code=0x7ffc0000
[  530.197877][   T29] audit: type=1326 audit(1746910372.017:48633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2786 comm="syz.3.9300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc00dce969 code=0x7ffc0000
[  530.325936][ T2790] syz.5.9299: attempt to access beyond end of device
[  530.325936][ T2790] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  530.361800][   T29] audit: type=1326 audit(1746910372.027:48634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2786 comm="syz.3.9300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcc00dce969 code=0x7ffc0000
[  530.385412][   T29] audit: type=1326 audit(1746910372.027:48635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2786 comm="syz.3.9300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc00dce969 code=0x7ffc0000
[  530.408955][   T29] audit: type=1326 audit(1746910372.027:48636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2786 comm="syz.3.9300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc00dce969 code=0x7ffc0000
[  530.432843][   T29] audit: type=1326 audit(1746910372.027:48637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2786 comm="syz.3.9300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcc00dce969 code=0x7ffc0000
[  530.456399][   T29] audit: type=1326 audit(1746910372.027:48638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2786 comm="syz.3.9300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc00dce969 code=0x7ffc0000
[  530.479997][   T29] audit: type=1326 audit(1746910372.027:48639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2786 comm="syz.3.9300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc00dce969 code=0x7ffc0000
[  530.503549][   T29] audit: type=1326 audit(1746910372.027:48640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2786 comm="syz.3.9300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcc00dce969 code=0x7ffc0000
[  530.527087][   T29] audit: type=1326 audit(1746910372.027:48641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2786 comm="syz.3.9300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc00dce969 code=0x7ffc0000
[  530.644484][ T3429] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  530.711036][ T2751] chnl_net:caif_netlink_parms(): no params data found
[  530.735843][ T3429] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  530.819111][ T2798] hub 9-0:1.0: USB hub found
[  530.824849][ T2798] hub 9-0:1.0: 8 ports detected
[  530.883609][ T3429] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  530.941064][ T2751] bridge0: port 1(bridge_slave_0) entered blocking state
[  530.948170][ T2751] bridge0: port 1(bridge_slave_0) entered disabled state
[  530.957584][ T2751] bridge_slave_0: entered allmulticast mode
[  530.967240][ T2751] bridge_slave_0: entered promiscuous mode
[  530.976337][ T3429] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  530.995230][ T2751] bridge0: port 2(bridge_slave_1) entered blocking state
[  531.002551][ T2751] bridge0: port 2(bridge_slave_1) entered disabled state
[  531.014386][ T2751] bridge_slave_1: entered allmulticast mode
[  531.067849][ T2751] bridge_slave_1: entered promiscuous mode
[  531.084945][ T2805] sctp: [Deprecated]: syz.3.9304 (pid 2805) Use of struct sctp_assoc_value in delayed_ack socket option.
[  531.084945][ T2805] Use struct sctp_sack_info instead
[  531.174945][ T2751] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  531.176314][ T2751] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  531.283219][ T2809] netlink: 'syz.3.9306': attribute type 3 has an invalid length.
[  531.323699][ T2811] netlink: 12 bytes leftover after parsing attributes in process `syz.1.9307'.
[  531.332812][ T2811] netlink: 28 bytes leftover after parsing attributes in process `syz.1.9307'.
[  531.341827][ T2811] netlink: 12 bytes leftover after parsing attributes in process `syz.1.9307'.
[  531.353501][ T2811] netlink: 28 bytes leftover after parsing attributes in process `syz.1.9307'.
[  531.362501][ T2811] netlink: 'syz.1.9307': attribute type 6 has an invalid length.
[  531.374545][ T2822] program syz.3.9310 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  531.439968][ T2827] hub 9-0:1.0: USB hub found
[  531.445935][ T2827] hub 9-0:1.0: 8 ports detected
[  531.535751][ T2833] netlink: 88 bytes leftover after parsing attributes in process `syz.1.9315'.
[  531.544817][ T2833] netlink: 88 bytes leftover after parsing attributes in process `syz.1.9315'.
[  531.555245][ T2751] team0: Port device team_slave_0 added
[  531.564964][ T2751] team0: Port device team_slave_1 added
[  531.646950][ T3429] bridge_slave_1: left allmulticast mode
[  531.652872][ T3429] bridge_slave_1: left promiscuous mode
[  531.658603][ T3429] bridge0: port 2(bridge_slave_1) entered disabled state
[  531.704830][ T3429] bridge_slave_0: left allmulticast mode
[  531.710619][ T3429] bridge_slave_0: left promiscuous mode
[  531.716269][ T3429] bridge0: port 1(bridge_slave_0) entered disabled state
[  531.726447][ T2837] syz.5.9314: attempt to access beyond end of device
[  531.726447][ T2837] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  531.791015][ T2839] loop1: detected capacity change from 0 to 512
[  531.844340][ T2839] EXT4-fs warning (device loop1): ext4_enable_quotas:7170: Failed to enable quota tracking (type=0, err=-5, ino=3). Please run e2fsck to fix.
[  531.949192][ T2839] EXT4-fs (loop1): mount failed
[  531.978778][ T2848] hub 9-0:1.0: USB hub found
[  531.984098][ T2848] hub 9-0:1.0: 8 ports detected
[  532.011032][ T3429] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  532.032138][ T3429] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  532.048292][ T3429] bond0 (unregistering): (slave batadv0): Releasing backup interface
[  532.069210][ T3429] bond0 (unregistering): Released all slaves
[  532.137063][ T2860] loop1: detected capacity change from 0 to 1024
[  532.147424][ T3429] tipc: Disabling bearer <udp:s>
[  532.152445][ T3429] tipc: Left network mode
[  532.158049][ T2860] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  532.166779][ T2860] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  532.167494][ T2751] batman_adv: batadv0: Adding interface: batadv_slave_0
[  532.184124][ T2751] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  532.210143][ T2751] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  532.226554][ T2860] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840e02c, mo2=0100]
[  532.234807][ T2860] System zones: 0-1, 3-12
[  532.287929][ T2860] EXT4-fs error (device loop1): ext4_map_blocks:709: inode #3: block 1: comm syz.1.9326: lblock 1 mapped to illegal pblock 1 (length 1)
[  532.420959][ T2860] EXT4-fs (loop1): Remounting filesystem read-only
[  532.427716][ T2860] EXT4-fs (loop1): 1 orphan inode deleted
[  532.454033][ T2860] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  532.481541][ T2866] netlink: 'syz.5.9327': attribute type 3 has an invalid length.
[  532.489848][ T2751] batman_adv: batadv0: Adding interface: batadv_slave_1
[  532.496928][ T2751] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  532.522884][ T2751] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  532.989726][ T2751] hsr_slave_0: entered promiscuous mode
[  533.009360][ T2751] hsr_slave_1: entered promiscuous mode
[  533.024025][ T2751] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  533.050572][ T2751] Cannot create hsr debugfs directory
[  533.061796][ T1227] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  533.075693][ T3429] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  533.083222][ T3429] batman_adv: batadv0: Removing interface: batadv_slave_0
[  533.107692][ T3429] hsr0: left allmulticast mode
[  533.114002][ T3429] veth1_macvtap: left promiscuous mode
[  533.124097][ T3429] veth0_macvtap: left promiscuous mode
[  533.137002][ T3429] veth1_vlan: left promiscuous mode
[  533.149368][ T3429] veth0_vlan: left promiscuous mode
[  533.267274][ T2876] FAULT_INJECTION: forcing a failure.
[  533.267274][ T2876] name failslab, interval 1, probability 0, space 0, times 0
[  533.279947][ T2876] CPU: 0 UID: 0 PID: 2876 Comm: syz.1.9331 Not tainted 6.15.0-rc5-syzkaller-00275-gbec6f00f120e #0 PREEMPT(voluntary) 
[  533.279975][ T2876] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  533.280007][ T2876] Call Trace:
[  533.280013][ T2876]  <TASK>
[  533.280070][ T2876]  __dump_stack+0x1d/0x30
[  533.280095][ T2876]  dump_stack_lvl+0xe8/0x140
[  533.280116][ T2876]  dump_stack+0x15/0x1b
[  533.280135][ T2876]  should_fail_ex+0x265/0x280
[  533.280166][ T2876]  ? tipc_nametbl_lookup_group+0x451/0x630
[  533.280286][ T2876]  should_failslab+0x8c/0xb0
[  533.280316][ T2876]  __kmalloc_cache_noprof+0x4c/0x320
[  533.280335][ T2876]  ? xas_load+0x413/0x430
[  533.280358][ T2876]  tipc_nametbl_lookup_group+0x451/0x630
[  533.280461][ T2876]  __tipc_sendmsg+0x409/0x1b00
[  533.280495][ T2876]  ? avc_has_perm_noaudit+0x1b1/0x200
[  533.280554][ T2876]  ? __rcu_read_unlock+0x4f/0x70
[  533.280573][ T2876]  __tipc_sendstream+0xa23/0xb30
[  533.280666][ T2876]  ? selinux_socket_sendmsg+0x175/0x1b0
[  533.280758][ T2876]  ? _raw_spin_unlock_bh+0x36/0x40
[  533.280810][ T2876]  tipc_send_packet+0x65/0x80
[  533.280840][ T2876]  ? __pfx_tipc_send_packet+0x10/0x10
[  533.280871][ T2876]  __sock_sendmsg+0x142/0x180
[  533.280900][ T2876]  ____sys_sendmsg+0x31e/0x4e0
[  533.280958][ T2876]  ___sys_sendmsg+0x17b/0x1d0
[  533.280990][ T2876]  __x64_sys_sendmsg+0xd4/0x160
[  533.281045][ T2876]  x64_sys_call+0x2999/0x2fb0
[  533.281069][ T2876]  do_syscall_64+0xd0/0x1a0
[  533.281092][ T2876]  ? clear_bhb_loop+0x25/0x80
[  533.281145][ T2876]  ? clear_bhb_loop+0x25/0x80
[  533.281164][ T2876]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  533.281245][ T2876] RIP: 0033:0x7fb3abe6e969
[  533.281262][ T2876] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  533.281282][ T2876] RSP: 002b:00007fb3aa4d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  533.281300][ T2876] RAX: ffffffffffffffda RBX: 00007fb3ac095fa0 RCX: 00007fb3abe6e969
[  533.281390][ T2876] RDX: 0000000000000000 RSI: 0000200000000640 RDI: 0000000000000008
[  533.281404][ T2876] RBP: 00007fb3aa4d7090 R08: 0000000000000000 R09: 0000000000000000
[  533.281418][ T2876] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  533.281429][ T2876] R13: 0000000000000000 R14: 00007fb3ac095fa0 R15: 00007ffd03909dd8
[  533.281444][ T2876]  </TASK>
[  533.683823][ T3429] team0 (unregistering): Port device team_slave_1 removed
[  533.693935][ T3429] team0 (unregistering): Port device team_slave_0 removed
[  533.702647][ T7824] smc: removing ib device syz!
[  533.740334][ T3499] infiniband syz1: ib_query_port failed (-19)
[  533.762143][ T2882] netem: incorrect ge model size
[  533.767124][ T2882] netem: change failed
[  533.930016][ T2892] netlink: 88 bytes leftover after parsing attributes in process `syz.3.9338'.
[  533.939042][ T2892] netlink: 88 bytes leftover after parsing attributes in process `syz.3.9338'.
[  534.366292][ T2751] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  534.378591][ T2751] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  534.420873][ T2751] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  534.448029][ T2751] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  534.586852][ T2900] loop2: detected capacity change from 0 to 512
[  534.592315][ T2751] 8021q: adding VLAN 0 to HW filter on device bond0
[  534.606780][ T2751] 8021q: adding VLAN 0 to HW filter on device team0
[  534.617623][ T7824] bridge0: port 1(bridge_slave_0) entered blocking state
[  534.624819][ T7824] bridge0: port 1(bridge_slave_0) entered forwarding state
[  534.663165][ T2900] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  534.700817][ T2751] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  534.711472][ T2751] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  534.725699][ T2900] ext4 filesystem being mounted at /29/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  534.748397][ T7824] bridge0: port 2(bridge_slave_1) entered blocking state
[  534.755708][ T7824] bridge0: port 2(bridge_slave_1) entered forwarding state
[  534.826729][ T2900] infiniband syz!: set active
[  534.831673][ T2900] infiniband syz!: added team_slave_0
[  534.838131][ T1227] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  534.849438][ T1227] CPU: 1 UID: 0 PID: 1227 Comm: syz-executor Not tainted 6.15.0-rc5-syzkaller-00275-gbec6f00f120e #0 PREEMPT(voluntary) 
[  534.849467][ T1227] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  534.849480][ T1227] Call Trace:
[  534.849486][ T1227]  <TASK>
[  534.849493][ T1227]  __dump_stack+0x1d/0x30
[  534.849516][ T1227]  dump_stack_lvl+0xe8/0x140
[  534.849535][ T1227]  dump_stack+0x15/0x1b
[  534.849609][ T1227]  dump_header+0x81/0x220
[  534.849640][ T1227]  oom_kill_process+0x334/0x3f0
[  534.849724][ T1227]  out_of_memory+0x979/0xb80
[  534.849744][ T1227]  ? css_next_descendant_pre+0x138/0x160
[  534.849777][ T1227]  mem_cgroup_out_of_memory+0x13d/0x190
[  534.849813][ T1227]  try_charge_memcg+0x5e2/0x870
[  534.849843][ T1227]  charge_memcg+0x51/0xc0
[  534.849872][ T1227]  __mem_cgroup_charge+0x28/0xb0
[  534.849960][ T1227]  filemap_add_folio+0x4e/0x1b0
[  534.850019][ T1227]  __filemap_get_folio+0x31e/0x650
[  534.850047][ T1227]  filemap_fault+0x41d/0xb40
[  534.850078][ T1227]  __do_fault+0xb9/0x200
[  534.850107][ T1227]  handle_mm_fault+0x110c/0x2ae0
[  534.850216][ T1227]  ? mas_walk+0xf2/0x120
[  534.850244][ T1227]  do_user_addr_fault+0x636/0x1090
[  534.850289][ T1227]  exc_page_fault+0x54/0xc0
[  534.850320][ T1227]  asm_exc_page_fault+0x26/0x30
[  534.850415][ T1227] RIP: 0033:0x7fb3abd45994
[  534.850430][ T1227] Code: 85 ed 09 00 00 48 b8 db 34 b6 d7 82 de 1b 43 48 f7 a4 24 98 00 00 00 48 8b 05 08 fe e7 00 48 69 8c 24 90 00 00 00 e8 03 00 00 <8b> 78 08 48 8b 44 24 18 48 c1 ea 12 4c 8b 0d 19 fd e7 00 48 01 d1
[  534.850447][ T1227] RSP: 002b:00007ffd0390a160 EFLAGS: 00010206
[  534.850465][ T1227] RAX: 0000001b2ff20000 RBX: 0000000000000121 RCX: 00000000000825f0
[  534.850480][ T1227] RDX: 000000000bd659f5 RSI: 00007ffd0390a1f0 RDI: 0000000000000001
[  534.850493][ T1227] RBP: 00007ffd0390a19c R08: 000000002d27df8c R09: 7fffffffffffffff
[  534.850531][ T1227] R10: 3fffffffffffffff R11: 0000000000000202 R12: 0000000000001388
[  534.850618][ T1227] R13: 00000000000927c0 R14: 00000000000825f2 R15: 00007ffd0390a1f0
[  534.850636][ T1227]  </TASK>
[  534.853083][ T2751] 8021q: adding VLAN 0 to HW filter on device batadv0
[  534.863318][ T1227] memory: usage 307200kB, limit 307200kB, failcnt 538
[  534.936560][ T2900] RDS/IB: syz!: added
[  534.936997][ T1227] memory+swap: usage 307396kB, limit 9007199254740988kB, failcnt 0
[  534.943406][ T2900] smc: adding ib device syz! with port count 1
[  534.946769][ T1227] kmem: usage 307184kB, limit 9007199254740988kB, failcnt 0
[  534.951206][ T2900] smc:    ib device syz! port 1 has pnetid 
[  534.955970][ T1227] Memory cgroup stats for /syz1:
[  535.102658][ T1227] cache 0
[  535.110660][ T1227] rss 0
[  535.113449][ T1227] shmem 0
[  535.116404][ T1227] mapped_file 0
[  535.119925][ T1227] dirty 0
[  535.122878][ T1227] writeback 0
[  535.126179][ T1227] workingset_refault_anon 191
[  535.130889][ T1227] workingset_refault_file 962
[  535.135579][ T1227] swap 200704
[  535.138870][ T1227] swapcached 0
[  535.142314][ T1227] pgpgin 631826
[  535.145884][ T1227] pgpgout 631822
[  535.149444][ T1227] pgfault 740619
[  535.153037][ T1227] pgmajfault 144
[  535.156671][ T1227] inactive_anon 0
[  535.160381][ T1227] active_anon 0
[  535.163911][ T1227] inactive_file 16384
[  535.167935][ T1227] active_file 0
[  535.171437][ T1227] unevictable 0
[  535.174919][ T1227] hierarchical_memory_limit 314572800
[  535.180406][ T1227] hierarchical_memsw_limit 9223372036854771712
[  535.186582][ T1227] total_cache 0
[  535.190117][ T1227] total_rss 0
[  535.193451][ T1227] total_shmem 0
[  535.196929][ T1227] total_mapped_file 0
[  535.200938][ T1227] total_dirty 0
[  535.204443][ T1227] total_writeback 0
[  535.208285][ T2751] veth0_vlan: entered promiscuous mode
[  535.208325][ T1227] total_workingset_refault_anon 191
[  535.216467][ T2751] veth1_vlan: entered promiscuous mode
[  535.218987][ T1227] total_workingset_refault_file 962
[  535.229770][ T1227] total_swap 200704
[  535.233683][ T1227] total_swapcached 0
[  535.237614][ T1227] total_pgpgin 631826
[  535.237669][ T2751] veth0_macvtap: entered promiscuous mode
[  535.241646][ T1227] total_pgpgout 631822
[  535.251125][ T2751] veth1_macvtap: entered promiscuous mode
[  535.251414][ T1227] total_pgfault 740619
[  535.251423][ T1227] total_pgmajfault 144
[  535.263795][ T2751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  535.265417][ T1227] total_inactive_anon 0
[  535.265427][ T1227] total_active_anon 0
[  535.265436][ T1227] total_inactive_file 16384
[  535.275871][ T2751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  535.280007][ T1227] total_active_file 0
[  535.280017][ T1227] total_unevictable 0
[  535.284001][ T2751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  535.288505][ T1227] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null)
[  535.298309][ T2751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  535.302285][ T1227] ,cpuset=/,mems_allowed=0
[  535.306264][ T2751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  535.316780][ T1227] ,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.9336,pid=2889,uid=0
[  535.323958][ T2751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  535.325302][ T2751] batman_adv: batadv0: Interface activated: batadv_slave_0
[  535.334025][ T1227] Memory cgroup out of memory: Killed process 2889 (syz.1.9336) total-vm:95796kB, anon-rss:1064kB, file-rss:22460kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[  535.339232][ T2751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  535.401486][ T2751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  535.411401][ T2751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  535.421939][ T2751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  535.422007][ T2893] ==================================================================
[  535.432036][ T2751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  535.440075][ T2893] BUG: KCSAN: data-race in mem_cgroup_flush_stats_ratelimited / tick_do_update_jiffies64
[  535.450506][ T2751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  535.460252][ T2893] 
[  535.460259][ T2893] read-write to 0xffffffff868099c0 of 8 bytes by interrupt on cpu 1:
[  535.460277][ T2893]  tick_do_update_jiffies64+0x113/0x1c0
[  535.486040][ T2893]  tick_nohz_handler+0x7f/0x2d0
[  535.490913][ T2893]  __hrtimer_run_queues+0x20c/0x5a0
[  535.496135][ T2893]  hrtimer_interrupt+0x21a/0x460
[  535.501089][ T2893]  __sysvec_apic_timer_interrupt+0x5c/0x1d0
[  535.507005][ T2893]  sysvec_apic_timer_interrupt+0x6f/0x80
[  535.512673][ T2893]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  535.518675][ T2893]  console_flush_all+0x55b/0x730
[  535.523629][ T2893]  console_unlock+0xa1/0x330
[  535.528228][ T2893]  vprintk_emit+0x388/0x650
[  535.532742][ T2893]  vprintk_default+0x26/0x30
[  535.537334][ T2893]  vprintk+0x1d/0x30
[  535.541236][ T2893]  _printk+0x79/0xa0
[  535.545231][ T2893]  batadv_check_known_mac_addr+0x135/0x170
[  535.551047][ T2893]  batadv_hard_if_event+0x3e8/0xef0
[  535.556249][ T2893]  raw_notifier_call_chain+0x6c/0x1b0
[  535.561627][ T2893]  call_netdevice_notifiers_info+0xae/0x100
[  535.567530][ T2893]  netif_set_mac_address+0x204/0x260
[  535.572834][ T2893]  do_setlink+0x634/0x27f0
[  535.577259][ T2893]  rtnl_newlink+0xe75/0x12d0
[  535.581855][ T2893]  rtnetlink_rcv_msg+0x5fb/0x6d0
[  535.586797][ T2893]  netlink_rcv_skb+0x120/0x220
[  535.591575][ T2893]  rtnetlink_rcv+0x1c/0x30
[  535.595994][ T2893]  netlink_unicast+0x59e/0x670
[  535.600777][ T2893]  netlink_sendmsg+0x58b/0x6b0
[  535.605554][ T2893]  __sock_sendmsg+0x142/0x180
[  535.610244][ T2893]  __sys_sendto+0x268/0x330
[  535.615283][ T2893]  __x64_sys_sendto+0x76/0x90
[  535.619974][ T2893]  x64_sys_call+0x2eb6/0x2fb0
[  535.624656][ T2893]  do_syscall_64+0xd0/0x1a0
[  535.629166][ T2893]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  535.635064][ T2893] 
[  535.637389][ T2893] read to 0xffffffff868099c0 of 8 bytes by task 2893 on cpu 0:
[  535.644937][ T2893]  mem_cgroup_flush_stats_ratelimited+0x29/0x70
[  535.651195][ T2893]  count_shadow_nodes+0x6a/0x230
[  535.656148][ T2893]  do_shrink_slab+0x60/0x680
[  535.660742][ T2893]  shrink_slab+0x448/0x760
[  535.665159][ T2893]  shrink_node+0x6c3/0x2110
[  535.669668][ T2893]  do_try_to_free_pages+0x3f6/0xcd0
[  535.674897][ T2893]  try_to_free_mem_cgroup_pages+0x1ab/0x410
[  535.680825][ T2893]  try_charge_memcg+0x3ab/0x870
[  535.685697][ T2893]  charge_memcg+0x51/0xc0
[  535.690038][ T2893]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  535.696026][ T2893]  __read_swap_cache_async+0x1df/0x350
[  535.701495][ T2893]  swap_cluster_readahead+0x277/0x3e0
[  535.706872][ T2893]  swapin_readahead+0xde/0x6f0
[  535.711639][ T2893]  do_swap_page+0x301/0x2460
[  535.716238][ T2893]  handle_mm_fault+0xb60/0x2ae0
[  535.721446][ T2893]  do_user_addr_fault+0x3fe/0x1090
[  535.726574][ T2893]  exc_page_fault+0x54/0xc0
[  535.731092][ T2893]  asm_exc_page_fault+0x26/0x30
[  535.735950][ T2893]  __get_user_8+0x14/0x30
[  535.740292][ T2893]  exit_robust_list+0x31/0x280
[  535.745067][ T2893]  futex_exit_release+0xe0/0x130
[  535.750011][ T2893]  exit_mm_release+0x1a/0x30
[  535.754608][ T2893]  exit_mm+0x38/0x190
[  535.758597][ T2893]  do_exit+0x55f/0x17c0
[  535.762761][ T2893]  do_group_exit+0xff/0x140
[  535.767274][ T2893]  get_signal+0xe59/0xf70
[  535.771618][ T2893]  arch_do_signal_or_restart+0x97/0x480
[  535.777179][ T2893]  syscall_exit_to_user_mode+0x68/0xb0
[  535.782642][ T2893]  do_syscall_64+0xdd/0x1a0
[  535.787151][ T2893]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  535.793050][ T2893] 
[  535.795375][ T2893] value changed: 0x0000000100005bc9 -> 0x0000000100005bca
[  535.802482][ T2893] 
[  535.804805][ T2893] Reported by Kernel Concurrency Sanitizer on:
[  535.810962][ T2893] CPU: 0 UID: 0 PID: 2893 Comm: syz.1.9336 Not tainted 6.15.0-rc5-syzkaller-00275-gbec6f00f120e #0 PREEMPT(voluntary) 
[  535.823384][ T2893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  535.833442][ T2893] ==================================================================
[  535.845399][ T2751] batman_adv: batadv0: Interface activated: batadv_slave_1
[  535.853887][ T2751] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  535.862635][ T2751] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  535.871458][ T2751] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  535.880252][ T2751] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  535.909144][ T2191] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.