last executing test programs:

7.583445052s ago: executing program 2 (id=2693):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009e0000000b"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c3000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1, 0x0, 0x4}, 0x18)
pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
r3 = dup(r2)
fsetxattr$security_selinux(r3, &(0x7f0000000300), &(0x7f0000000400)='system_u:object_r:modules_dep_t:s0\x00', 0x23, 0x2)

7.565891962s ago: executing program 2 (id=2694):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000130000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1801000000000000000000006dfeff00850000007b00000095"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r2}, 0x18)
set_robust_list(&(0x7f0000000280)={0x0, 0x401}, 0x18)
r3 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r3, &(0x7f00000000c0), 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000540)={<r4=>0xffffffffffffffff})
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000780)={&(0x7f0000000a40)=ANY=[@ANYBLOB="b8000000", @ANYRES16=0x0, @ANYBLOB="200025bd7000fedbdf250200000008000a002d285d7b08000100000000000c00040005000000000000000c00050000000000000000000800010000000000100007800c00018008000100", @ANYRES32, @ANYBLOB="0c0005000600000000000000580007800c00018008000100", @ANYRES32, @ANYBLOB="0c00018008000100", @ANYRES32, @ANYBLOB="0c00018008000100", @ANYRES32, @ANYBLOB="0c00018008000100", @ANYRES32, @ANYBLOB="0c00018008000100", @ANYRES32=r2, @ANYBLOB="0c00018008000100", @ANYRES32=r4, @ANYBLOB="0c00018008009668084fe7", @ANYRES32=r3, @ANYBLOB], 0xb8}, 0x1, 0x0, 0x0, 0x11}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000080)={'vxcan0\x00', <r5=>0x0})
sendmsg$can_bcm(r3, &(0x7f0000000000)={&(0x7f0000000040)={0x1d, r5}, 0x10, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="0400"/16, @ANYRES64=0x0, @ANYRES64=0x2710, @ANYRES64=r3, @ANYRES64=r5, @ANYBLOB="000000000100000000000000840004"], 0x48}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='page_pool_state_release\x00', r1}, 0x18)
socket$inet6_sctp(0xa, 0x1, 0x84)
r6 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r6, &(0x7f0000000040)={0xa, 0xe22}, 0x1c)
r7 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r7, &(0x7f0000001200)=[{&(0x7f0000000080)="580000001400add427323b472545b45602117fffffff810000400e227f000001925aa80020007b00090080007f000006e809000000ff0000f03ac71002000000ffffffffffffffffffe7ee00000000000000000200000000", 0x58}], 0x1)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000b40)=ANY=[@ANYBLOB="1800000000a50000000000000000b35c8d38f083bced00dfdd4e5e980179aa3ed2001d110000c38aa0258f7bd581015ecc8aaf73c06fbe00a376b8beb70eb5b6f7fa8631119421bb500b0b4d1d2974b9f682d01b9c7ad640eabf8f2caf543d5d4605ff704bc599709455a347628da049cdfa37902198ab17ee7d643009dc6f57cf", @ANYRESHEX=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = openat(0xffffffffffffff9c, &(0x7f0000000a00)='./file2\x00', 0x8442, 0x5c)
ioctl$FS_IOC_RESVSP(r9, 0x40305839, &(0x7f0000000180)={0x0, 0x0, 0x1fb, 0xfff})
write$cgroup_type(r9, &(0x7f0000000000), 0x9)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='page_pool_state_release\x00', r10}, 0x10)
openat(r9, &(0x7f0000000240)='./file2\x00', 0x208000, 0x2)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000580)={[{@init_itable_val}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@abort}, {@errors_remount}, {@quota}]}, 0x3, 0x433, &(0x7f0000000d80)="$eJzs28tvG0UYAPBv7SSlLxKq8ugDCBRExSNp0lJ64AICiQNISHAox5CkVajboCZItIogIFSOqBJ3xBGJv4ATXBBwQuIKd1SpQrm0cDJaezexHdt1Uidu699P2nZmd1Yzn3fHntnJBtC3RtN/kog9EfFnRAxXs/UFRqv/3VxZmv53ZWk6iXL5nX+SSrkbK0vTedH8vN15ZiCi8EUSh5rUu3Dp8rmpUmn2YpYfXzz/4fjCpcsvzJ2fOjt7dvbC5KlTJ45PvHRy8sWuxJnGdePgJ/OHD7zx3tW3pk9fff/X75M8/oY4umS03cGny+UuV9dbe2vSyUDHp5WLW9IaOlWsdtMYrPT/4SjG2sUbjtc/72njgC011P7wchm4h6WjeaAf5T/06fw337Zh2HHHuP5KdQKUxn0z26pHBqKQlRlsmN9202hEnF7+75t0i615DgEAUOfHdPzzfLPxXyEeqil3f7aGMhIRD0TEvog4GRH7I+LBiErZhyPikQ3W37hIsn78U7i2qcA6lI7/Xs7WturHf/noL0aKWW5vJf7B5MxcafZY9pkcjcEdaX6iTR0/vfbHV62O1Y7/0i2tPx8LZu24NrCj/pyZqcWp24m51vXPIg4ONIs/WV0JSCLiQEQc3GQdc89+d7jVsVvH30bn60wtlb+NeKZ6/ZejIf5c0n59cvy+KM0eG8/vivV++/3K263qv634uyC9/rua3v+r8Y8kteu1Cxuv48pfX7ac02z2/h9K3q3b9/HU4uLFiYih5M1qo2v3TzaUm1wrn8Z/9Ejz/r8v1j6JQxGR3sSPRsRjEfF41vYnIuLJiDjSJv5fXn3qg83Hv7XS+Gc2dP3XEkPRuKd5onju5x/qKh3ZSPzp9T9RSR3N9nTy/ddJuzZ3NwMAAMDdpxAReyIpjK2mC4Wxserf8O+PXYXS/MLic2fmP7owU31HYCQGC/mTruGa56ET2bQ+z0825I9nz42/Lu6s5Mem50szvQ4e+tzuFv0/9beXM+De14V1NOAupf9D/9L/oX/p/9C/mvT/nb1oB7D9Kv0/qd/3aY/aAmyvht9/y37QR8z/oX/p/9C/9H/oSws749YvyUtIrEtE4Y5ohsQWJXr9zQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAd/wcAAP//VsrjzA==")

7.517975893s ago: executing program 2 (id=2696):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000130000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1801000000000000000000006dfeff00850000007b00000095"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r2}, 0x18)
set_robust_list(&(0x7f0000000280)={0x0, 0x401}, 0x18)
r3 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r3, &(0x7f00000000c0), 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000540)={<r4=>0xffffffffffffffff})
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000780)={&(0x7f0000000a40)=ANY=[@ANYBLOB="b8000000", @ANYRES16=0x0, @ANYBLOB="200025bd7000fedbdf250200000008000a002d285d7b08000100000000000c00040005000000000000000c00050000000000000000000800010000000000100007800c00018008000100", @ANYRES32, @ANYRES32, @ANYBLOB="0c00018008000100", @ANYRES32, @ANYBLOB="0c00018008000100", @ANYRES32, @ANYBLOB="0c00018008000100", @ANYRES32, @ANYBLOB="0c00018008000100", @ANYRES32=r2, @ANYBLOB="0c00018008000100", @ANYRES32=r4, @ANYBLOB="0c00018008009668084fe744bd3c3a3c7324b91937", @ANYRES32=r3, @ANYBLOB], 0xb8}, 0x1, 0x0, 0x0, 0x11}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000080)={'vxcan0\x00', <r5=>0x0})
sendmsg$can_bcm(r3, &(0x7f0000000000)={&(0x7f0000000040)={0x1d, r5}, 0x10, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="0400"/16, @ANYRES64=0x0, @ANYRES64=0x2710, @ANYRES64=r3, @ANYRES64=r5, @ANYBLOB="000000000100000000000000840004"], 0x48}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='page_pool_state_release\x00', r1}, 0x18)
socket$inet6_sctp(0xa, 0x1, 0x84)
r6 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r6, &(0x7f0000000040)={0xa, 0xe22}, 0x1c)
connect$inet6(r6, &(0x7f0000000000)={0xa, 0x4e24, 0x9, @empty, 0x6}, 0x1c)
r7 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r7, &(0x7f0000001200)=[{&(0x7f0000000080)="580000001400add427323b472545b45602117fffffff810000400e227f000001925aa80020007b00090080007f000006e809000000ff0000f03ac71002000000ffffffffffffffffffe7ee00000000000000000200000000", 0x58}], 0x1)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000b40)=ANY=[@ANYBLOB="1800000000a50000000000000000b35c8d38f083bced00dfdd4e5e980179aa3ed2001d110000c38aa0258f7bd581015ecc8aaf73c06fbe00a376b8beb70eb5b6f7fa8631119421bb500b0b4d1d2974b9f682d01b9c7ad640eabf8f2caf543d5d4605ff704bc599709455a347628da049cdfa37902198ab17ee7d643009dc6f57cf", @ANYRESHEX=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = openat(0xffffffffffffff9c, &(0x7f0000000a00)='./file2\x00', 0x8442, 0x5c)
ioctl$FS_IOC_RESVSP(r9, 0x40305839, &(0x7f0000000180)={0x0, 0x0, 0x1fb, 0xfff})
write$cgroup_type(r9, &(0x7f0000000000), 0x9)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='page_pool_state_release\x00', r10}, 0x10)
openat(r9, &(0x7f0000000240)='./file2\x00', 0x208000, 0x2)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000580)={[{@init_itable_val}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@abort}, {@errors_remount}, {@quota}]}, 0x3, 0x433, &(0x7f0000000d80)="$eJzs28tvG0UYAPBv7SSlLxKq8ugDCBRExSNp0lJ64AICiQNISHAox5CkVajboCZItIogIFSOqBJ3xBGJv4ATXBBwQuIKd1SpQrm0cDJaezexHdt1Uidu699P2nZmd1Yzn3fHntnJBtC3RtN/kog9EfFnRAxXs/UFRqv/3VxZmv53ZWk6iXL5nX+SSrkbK0vTedH8vN15ZiCi8EUSh5rUu3Dp8rmpUmn2YpYfXzz/4fjCpcsvzJ2fOjt7dvbC5KlTJ45PvHRy8sWuxJnGdePgJ/OHD7zx3tW3pk9fff/X75M8/oY4umS03cGny+UuV9dbe2vSyUDHp5WLW9IaOlWsdtMYrPT/4SjG2sUbjtc/72njgC011P7wchm4h6WjeaAf5T/06fw337Zh2HHHuP5KdQKUxn0z26pHBqKQlRlsmN9202hEnF7+75t0i615DgEAUOfHdPzzfLPxXyEeqil3f7aGMhIRD0TEvog4GRH7I+LBiErZhyPikQ3W37hIsn78U7i2qcA6lI7/Xs7WturHf/noL0aKWW5vJf7B5MxcafZY9pkcjcEdaX6iTR0/vfbHV62O1Y7/0i2tPx8LZu24NrCj/pyZqcWp24m51vXPIg4ONIs/WV0JSCLiQEQc3GQdc89+d7jVsVvH30bn60wtlb+NeKZ6/ZejIf5c0n59cvy+KM0eG8/vivV++/3K263qv634uyC9/rua3v+r8Y8kteu1Cxuv48pfX7ac02z2/h9K3q3b9/HU4uLFiYih5M1qo2v3TzaUm1wrn8Z/9Ejz/r8v1j6JQxGR3sSPRsRjEfF41vYnIuLJiDjSJv5fXn3qg83Hv7XS+Gc2dP3XEkPRuKd5onju5x/qKh3ZSPzp9T9RSR3N9nTy/ddJuzZ3NwMAAMDdpxAReyIpjK2mC4Wxserf8O+PXYXS/MLic2fmP7owU31HYCQGC/mTruGa56ET2bQ+z0825I9nz42/Lu6s5Mem50szvQ4e+tzuFv0/9beXM+De14V1NOAupf9D/9L/oX/p/9C/mvT/nb1oB7D9Kv0/qd/3aY/aAmyvht9/y37QR8z/oX/p/9C/9H/oSws749YvyUtIrEtE4Y5ohsQWJXr9zQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAd/wcAAP//VsrjzA==")

3.693466393s ago: executing program 3 (id=2734):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f0000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000130000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1801000000000000000000006dfeff00850000007b00000095"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x18)
set_robust_list(&(0x7f0000000280)={0x0, 0x401}, 0x18)
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r2, &(0x7f00000000c0), 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000540)={<r3=>0xffffffffffffffff})
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000780)={&(0x7f0000000a40)=ANY=[@ANYBLOB="b8000000", @ANYRES16=0x0, @ANYBLOB="200025bd7000fedbdf250200000008000a002d285d7b08000100000000000c00040005000000000000000c00050000000000000000000800010000000000100007800c00018008000100", @ANYRES32, @ANYBLOB="0c0005000600000000000000580007800c00018008000100", @ANYRES32, @ANYBLOB="0c00018008000100", @ANYRES32, @ANYBLOB="0c00018008000100", @ANYRES32, @ANYBLOB="0c00018008000100", @ANYRES32, @ANYBLOB="0c00018008000100", @ANYRES32=r1, @ANYBLOB="0c00018008000100", @ANYRES32=r3, @ANYBLOB="0c00018008009668084fe744bd3c3a3c7324b91937", @ANYRES32=r2, @ANYBLOB], 0xb8}, 0x1, 0x0, 0x0, 0x11}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000080)={'vxcan0\x00', <r4=>0x0})
sendmsg$can_bcm(r2, &(0x7f0000000000)={&(0x7f0000000040)={0x1d, r4}, 0x10, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="0400"/16, @ANYRES64=0x0, @ANYRES64=0x2710, @ANYRES64=r2, @ANYRES64=r4, @ANYBLOB="000000000100000000000000840004"], 0x48}}, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
r5 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r5, &(0x7f0000000040)={0xa, 0xe22}, 0x1c)
r6 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r6, &(0x7f0000001200)=[{&(0x7f0000000080)="580000001400add427323b472545b45602117fffffff810000400e227f000001925aa80020007b00090080007f000006e809000000ff0000f03ac71002000000ffffffffffffffffffe7ee00000000000000000200000000", 0x58}], 0x1)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000a00)='./file2\x00', 0x8442, 0x5c)
ioctl$FS_IOC_RESVSP(r7, 0x40305839, &(0x7f0000000180)={0x0, 0x0, 0x1fb, 0xfff})
write$cgroup_type(r7, &(0x7f0000000000), 0x9)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='page_pool_state_release\x00', r8}, 0x10)
openat(r7, &(0x7f0000000240)='./file2\x00', 0x208000, 0x2)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000580)={[{@init_itable_val}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@abort}, {@errors_remount}, {@quota}]}, 0x3, 0x433, &(0x7f0000000d80)="$eJzs28tvG0UYAPBv7SSlLxKq8ugDCBRExSNp0lJ64AICiQNISHAox5CkVajboCZItIogIFSOqBJ3xBGJv4ATXBBwQuIKd1SpQrm0cDJaezexHdt1Uidu699P2nZmd1Yzn3fHntnJBtC3RtN/kog9EfFnRAxXs/UFRqv/3VxZmv53ZWk6iXL5nX+SSrkbK0vTedH8vN15ZiCi8EUSh5rUu3Dp8rmpUmn2YpYfXzz/4fjCpcsvzJ2fOjt7dvbC5KlTJ45PvHRy8sWuxJnGdePgJ/OHD7zx3tW3pk9fff/X75M8/oY4umS03cGny+UuV9dbe2vSyUDHp5WLW9IaOlWsdtMYrPT/4SjG2sUbjtc/72njgC011P7wchm4h6WjeaAf5T/06fw337Zh2HHHuP5KdQKUxn0z26pHBqKQlRlsmN9202hEnF7+75t0i615DgEAUOfHdPzzfLPxXyEeqil3f7aGMhIRD0TEvog4GRH7I+LBiErZhyPikQ3W37hIsn78U7i2qcA6lI7/Xs7WturHf/noL0aKWW5vJf7B5MxcafZY9pkcjcEdaX6iTR0/vfbHV62O1Y7/0i2tPx8LZu24NrCj/pyZqcWp24m51vXPIg4ONIs/WV0JSCLiQEQc3GQdc89+d7jVsVvH30bn60wtlb+NeKZ6/ZejIf5c0n59cvy+KM0eG8/vivV++/3K263qv634uyC9/rua3v+r8Y8kteu1Cxuv48pfX7ac02z2/h9K3q3b9/HU4uLFiYih5M1qo2v3TzaUm1wrn8Z/9Ejz/r8v1j6JQxGR3sSPRsRjEfF41vYnIuLJiDjSJv5fXn3qg83Hv7XS+Gc2dP3XEkPRuKd5onju5x/qKh3ZSPzp9T9RSR3N9nTy/ddJuzZ3NwMAAMDdpxAReyIpjK2mC4Wxserf8O+PXYXS/MLic2fmP7owU31HYCQGC/mTruGa56ET2bQ+z0825I9nz42/Lu6s5Mem50szvQ4e+tzuFv0/9beXM+De14V1NOAupf9D/9L/oX/p/9C/mvT/nb1oB7D9Kv0/qd/3aY/aAmyvht9/y37QR8z/oX/p/9C/9H/oSws749YvyUtIrEtE4Y5ohsQWJXr9zQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAd/wcAAP//VsrjzA==")

3.333990501s ago: executing program 3 (id=2738):
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r1}, 0x38)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='btrfs_flush_space\x00', r2, 0x0, 0x3}, 0x18)
sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000380)=ANY=[@ANYBLOB="540000001000010471bc30b00000000100000000", @ANYRES32=0x0, @ANYBLOB="fff00000000000002c0012800e00010069703667726574617000000018000280140007002001001000000000000000000000000208000a00f0"], 0x54}}, 0x40000084)

3.190486194s ago: executing program 4 (id=2740):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000060000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket(0x80000000000000a, 0x2, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x700000, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x4, &(0x7f0000000140)=ANY=[@ANYBLOB="18090000002300810000000000000000850000007b00000095"], &(0x7f0000000000)='syzkaller\x00', 0x9, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='kfree\x00', r4, 0x0, 0x1000000000000}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000000000000000000000000851000000600000018020000", @ANYRES32, @ANYBLOB="00000000000000006600020000000000180000000000000000000000000000009500040000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a00000000000085000000060000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x2}, 0x94)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r3, &(0x7f0000000480)={0x0, 0x60, &(0x7f0000000140)={&(0x7f00000002c0)={0x1c, r5, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
r6 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r6}, 0x38)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r7, 0x0, 0x3}, 0x18)
setsockopt$inet6_group_source_req(r2, 0x29, 0x2e, &(0x7f00000007c0)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @private2={0xfc, 0x2, '\x00', 0x1}, 0xfffffff8}}}, 0x108)
setsockopt$inet6_group_source_req(r2, 0x29, 0x2b, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}}}, 0x108)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021bc0000000c0a010100"], 0x140}}, 0x0)
bind$inet(r2, &(0x7f0000000180)={0x2, 0x4e21, @broadcast}, 0x10)
socket$kcm(0x10, 0x400000002, 0x0)
r8 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000940), 0x81000, 0x0)
ioctl$PTP_SYS_OFFSET(r8, 0x43403d05, 0x0)

3.182507464s ago: executing program 3 (id=2741):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000008c0), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, 0x0, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xfc, 0x19, 0x1, 0x70bd2d, 0x0, {{@in6=@loopback, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xc, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa00, 0x407ffffffffffe, 0x800000000000002}, 0x0, 0x0, 0x1}, [@tmpl={0x44, 0x5, [{{@in=@local, 0x0, 0x3c}, 0x2, @in=@multicast2, 0x6, 0x4, 0x3}]}]}, 0xfc}}, 0x0)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4001c00)
sendmsg$NL80211_CMD_GET_REG(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x14, r1, 0x1, 0x70bd29}, 0x14}, 0x1, 0x0, 0x0, 0x4c001}, 0x840)

3.089454296s ago: executing program 3 (id=2745):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
add_key(&(0x7f00000001c0)='ceph\x00', 0x0, &(0x7f0000000840)='\x00\x00\x00\x00\x00\x00', 0x6, 0xffffffffffffffff)

2.923668529s ago: executing program 3 (id=2746):
syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0xa0001, &(0x7f0000000480), 0x1, 0x3d6, &(0x7f0000000ec0)="$eJzs3E1rJEUfAPB/d1722ew+mQiCopeIByPBvLruKh7MyYueFC+ehiT7gtlENiO4S4QVPC8Igl49+gHEyx5WcPUTePUoshAkiVcZ6ZnuSZtkskmc2DL5/aBIVddkqrqL6ukuqiqAM2s8It6IiIGImImIWn48zUPcbYfscztbG4tZSKLZfOf3JJKI2N7aWCy+K8n/Xsi/YCKNSD9L4tkDyl2/feeD+srK8q08Pd24+eH0+u07L924Wb+2fG15dX5+bu7KpZnLr1zp2bl+ufH2+9/98ub2V3dHn6ov1e5l9b2Y55XPo1fGY7xzTfZ6tdeFVex/pXgyWGFFAAA4VJo/+w+2nv9rMRC7D2+1uPdDpZUDAAAAeqLZLP4CAAAA/Svx7g8AAAB9rpgHsL21sViECqcj8C/bXIiIsXb7F+u72zmDnTW9Q3vW9/bSeET8MfHti1mIU1qHDQAAAHCWPVhob/y3f/wvjadLnzsfESPF3n49NL4nvX/8J33U4yIp2VyIeL20t+NOqf1zYwN56v+tocKh5OqNleWZiBiNiIkYOpelZw8pY/S1X+93yyuP/2UhK78YC8zr8Wjw3N//Z6neqP+Tc2bX5qcRzwwe1P5JZ8y3vE/mSXxy/fPr3fIe3/6cpubXES8c2P93dy5NDt+fdbp1P5gu7gr7rd5/+Fy38rV/tbL+P3J4+48l5f16149fxnsPL/7cLe+k9//h5N1WBYfzYx/XG41bsxHDyVv7j88dv879qrgexfXK2n/i+YN//4vnvyT/7R8t7Q99ZJN/xvc/7lzulq3/Vytr/6Uj9P8Hnf5//Miln76Z7Fb+0fr/y63KTORHPP893lEbqOp6AgAAAAAAANAbaWtuX5JOdeJpOjXVnuf7ZIykK2vrjcmrax+tLrXnAI7FUFrM9KqV5oPOtpeRd9Jze9LzEfFERHxRO99KTy2urSxVffIAAABwRlzo8v6f+e3Yiz0AAACA/6yxqisAAAAAnDrv/wAAANDXTrCdv4iISN9Hqr4zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJxtfwUAAP//a5vbRg==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.stat\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000c00)={'#! ', './file0', [{0x20, '$!.*,!-\'\xd9/--\x99\t@\xa1@'}, {0x20, '.'}, {0x20, 'ext4\x00\x877Y\xf7:j\\\xd8\xbd\xaa\xc6\xa6\xff\x90\xb6\xb2v\xd2\xa5\xc3l\v\x8b\x84\xc8\xcc\x9b\x94\xd9`Zk2\xf4J\xc6\x1c\xef\x10\x11d\xaa\x97\xbc\xa0\xe6J2+\x0e/7\xc42\xb4T\f\x91\r\x89\xe0S\xb5IG\x86W\x93P\x9cY4Y\x9a\xc1\xf0\x0e\xcb+\xc2x\xef\x12\x0e\t\x00\x00\x00\x00\x00\x00\x00\xdeY\xc8\xb5.\x8a\'\x8e\x8b\xae\xa5\xcb\xbfd\xf9\xeb\xab\xa1\b\xc0zl\x91\xd2f?\xb8(\xc9\x86\x7f\xae3\x1c\xba|\x160.\x10*\xb78\x00S\x85\xcaNh}\xe4\xab\xc6\xf1.\xe5\x8b\xa9*\xb2`\xd6\xd6\x8b\xe4\xc6\xee|~\xa1\xfeaX\xc8\xf3d\'MJ\xf1\x87\x9fm{^]'}, {0x20, '}!'}, {0x20, ':&:\x04@\xfbo\x84\xb12\xdf9\xb7){\\S\xef\x1cL\x13y\xc2\x1b\\4GKI\xe8O\x18\xff\xbaD\x04\x00\xff\x97!\xfc3D#7\xb7a\xa9\xd0\xf3l\xca-\xd2\xe2\xe3\xb8\x91\xe3Q\xb7o=\xc1X\x94\x190D\xe9BE-,\xea\xc5\xe1w$\x18\x9a\x8e\x96\xa2\xc6q\xcb\xef\xb0\xa5W\xb9\xea}\x88\xba\xd0\xaf<\x87\xec\xb3\x8fG;\x8f&^.\x0e\xfel\x11\x02\xe0\xcf5$\x03\r]\xa4\xafa\xb0\xab\xbc\xe3\xb7\xf0v\xe7&\x8a\xed\x17\xb5T!\'\x1d?i\xf9Q\xdc\b)\x13\x057\x88\\B{\xa0-\xd6\xd5\xac\x17K\x1d\x11\xb0\x90\x97\xff\xe0g\xbcM\xccZ$\xce\xeeW\xdb\x9aN\xb7|\xcf\v\xa3\xa9]A~\x861\xcd1\xa1\x90\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\r2MR\x10\xd8s\xe5\xb0\xd3\xcdU+/\xb1\xa5H\xf1[\xb9\xec:I\xce#\xc2(\xees\x83\x97\r\xd2w0!k\x177\xa1u\xba\x0176*\xa0\xb74\xd9\xc3f\x9b\xf5/;\x8f\xf2\x85\x97\xabca\n^\x8c\xef&[\xb8\xed\xb3:O\xd0\xf2Gg\xbb\xe3(\xe3R\xacf*\x1f\xa7\x91\xeb\"\xc8m\x14 \xa3\x99/79]g\xab\x84,\x94+\x18\xca\xa9\xf3L\xde\xe0L4\xf9S\xa9\xd7\xc3\xa7f\xc7\xc2VC\xa8\xbd\xcef\xf9& \xfcA\xb2\xe0\x9a\r%\xe4\x0e\x85\xf9\x83\x0eDF\xe0\xe4\x94\xc4\x80\xf9\xf0\xfe\f8<\xc5Y\xbfG3\xef\xfc\xe7\xd5s\xfd\xfb\xf0\x9a='}, {}, {0x20, '#! '}, {0x20, 'ext4\x00\xc5\'\x01\xc8\xf2\xbf\xdcOn;\xcc\xc9\x00\xa8D@\xc8\x13\xa4 m\xcb\x86\x0e\x86\x89vN\x99\xfb9*\xb54\x10\xa2\xe9z\xdf\xd0\xc6\x9e\xd781\xa6\x13A!\x86sy\x86\x12\x9dG\xe4\xdd\xc5/D\x8cA\xfdx\'\x92\xd9'}]}, 0x2a7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
geteuid()
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x95, 0x3}, 0x100002, 0x0, 0xffffffff, 0x3, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000300)={[{@minixdf}, {}, {@barrier_val={'barrier', 0x3d, 0x9}}, {@commit={'commit', 0x3d, 0x5}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@nodelalloc}, {@noblock_validity}, {@nomblk_io_submit}]}, 0x1, 0x566, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9GajdN4o8KgvUiiBYLeq9LMg0lm27JbkoTC20P9uJFiiBiQfwDvHss/gP+FQUtFClBD14is5lNt81ukqYbN3U+H5j2vZnZvPnum+/bNzu7bACFNZL9U4p4OSK+SSIOt20bjHzjyOp+yw+vTWVLEisrn/2ZRJKva+2f5P8fzCsvRcSvX0WcKK1vt764NFupVtP5vD7WmLs8Vl9cOnlxrjKTzqSXJiYnT781OfHuO2/3LNbXz/39/ad3Pzr99fHl736+f+R2EmfiUL6tPY5ncKO9MhIj+XMyFGee2HG8B43tJkm/D4BtGcjzfCiyMeBwDORZD/z/XY+IFaCgEvkPBdWaB7Su7Xt0HfzcePDB6gXQ+vgHV98biX3Na6MDy8ljV0bZ9e5wD9rP2vjljzu3syU2eR/ieg/aA2i5cTMiTg0Orh//knz8275TzTePN/ZkG0V7/YF+upvNf97oNP8prc1/osP852CH3N2OzfO/dL8HzXSVzf/e6zj/XRu6hgfy2gvNOd9QcuFiNT0VES9GxGgM7c3qG93POb18b6Xbtvb5X7Zk7bfmgvlx3B/c+/hjpiuNyrPE3O7BzYhXOs5/k7X+Tzr0f/Z8nNtiG8fSO69227Z5/Dtr5aeI1zr2/6M7WsnG9yfHmufDWOusWO+vW8d+69b+6If9jT/r/wMbxz+ctN+vrT99Gz/u+yfttm275/+e5PNmeU++7mql0Zgfj9iTfLJ+/cSjx7bqrf2z+EePbzz+dTr/90fEF1uM/9bRW1137ff5n8U//VT9//SFex9/+UO39rfW/282S6P5mq2Mf1s9wGd57gAAAAAAAGC3KUXEoUhK5bVyqVQur36+42gcKFVr9caJC7WFS9PR/K7scAyVWne6D7d9HmI8/zxsqz7xRH0yIo5ExLcD+5v18lStOt3v4AEAAAAAAAAAAAAAAAAAAGCXONjl+/+Z3wf6fXTAjvOT31Bcm+Z/L37pCdiVvP5Dccl/KC75D8Ul/6G45D8Ul/yH4pL/UFzyHwAAAAAAAAAAAAAAAAAAAAAAAAAAAHrq3Nmz2bKy/PDaVFafvrK4MFu7cnI6rc+W5xamylO1+cvlmVptppqWp2pzm/29aq12eXwiFq6ONdJ6Y6y+uHR+rrZwqXH+4lxlJj2fDv0nUQEAAAAAAAAAAAAAAAAAAMDzpb64NFupVtN5ha6F92NXHMZOBrhqWw8f3C1RKHQt7NtG5/Z5YAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACANv8GAAD//04mM/E=")
socket$nl_route(0x10, 0x3, 0x0)
setxattr$trusted_overlay_upper(&(0x7f0000000180)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000000240)=ANY=[], 0x835, 0x0)
truncate(&(0x7f0000000100)='./file0/file0\x00', 0x7)
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file1\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
setxattr$trusted_overlay_upper(&(0x7f00000000c0)='./file0/file0\x00', &(0x7f0000000080), &(0x7f0000001400)=ANY=[], 0x835, 0x2)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000000d4001ab6ec75358f12e262e7640000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$OSF_MSG_ADD(r2, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000000580)=ANY=[@ANYBLOB="6802000000050104000000000000000000000000540201"], 0x268}}, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r4, 0x0, 0x3}, 0x18)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r5, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000280)=ANY=[@ANYBLOB="4000000001010101000000000000000002001c002000018006000340000000001400018008c301007f000001080002007f0000010c001980", @ANYRES32], 0x40}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x18)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f0000000b00)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
ftruncate(0xffffffffffffffff, 0xc17a)
r7 = fsopen(&(0x7f00000000c0)='tmpfs\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r7, 0x1, &(0x7f00000002c0)='rootcontext', &(0x7f0000000040)='\xc4\xbc\x96\x00', 0x0)
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1a4a438, &(0x7f00000008c0)=ANY=[], 0xb, 0x0, &(0x7f0000000000))
geteuid()
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f00000000c0))
newfstatat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x400)

2.784120822s ago: executing program 3 (id=2747):
r0 = syz_open_dev$mouse(&(0x7f00000000c0), 0x0, 0x2042)
syz_emit_ethernet(0x16, &(0x7f00000000c0)={@local, @dev, @void, {@llc={0x4, {@snap={0xaa, 0x0, 'o', "26739c"}}}}}, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000080), r0)
writev(r0, &(0x7f0000000000)=[{&(0x7f0000000640)="f3", 0xf000}], 0x1)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), r1)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x2c}, 0x1, 0x0, 0x0, 0x50}, 0x4886)
sendmsg$MPTCP_PM_CMD_GET_LIMITS(r1, &(0x7f00000004c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x74, 0x0, 0x800, 0x70bd25, 0x25dfdbff, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @empty}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x3}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x8}, @MPTCP_PM_ATTR_ADDR_REMOTE={0xc, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x5}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0xea}, @MPTCP_PM_ATTR_ADDR_REMOTE={0xc, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e20}]}]}, 0x74}, 0x1, 0x0, 0x0, 0x4040000}, 0x4000)
r2 = socket$kcm(0x10, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020047b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000020000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x18)
creat(&(0x7f00000001c0)='./file1\x00', 0x2)
acct(&(0x7f0000000080)='./file1\x00')
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001840)=[{&(0x7f0000000580)}], 0x1}, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r5 = socket$can_raw(0x1d, 0x3, 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r6 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000040)={0x802}, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c0000005e0001"], 0x1c}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bind$can_raw(r5, &(0x7f0000000040), 0x10)

2.723833044s ago: executing program 2 (id=2698):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x3000)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000), 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYRESHEX=r1, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback=0x1d, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000002c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xa00000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
mlock(&(0x7f0000656000/0x3000)=nil, 0x3000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0)

2.44372377s ago: executing program 1 (id=2749):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000130000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1801000000000000000000006dfeff00850000007b00000095"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r2}, 0x18)
set_robust_list(&(0x7f0000000280)={0x0, 0x401}, 0x18)
r3 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r3, &(0x7f00000000c0), 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000540)={<r4=>0xffffffffffffffff})
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000780)={&(0x7f0000000a40)=ANY=[@ANYBLOB="b8000000", @ANYRES16=0x0, @ANYBLOB="200025bd7000fedbdf250200000008000a002d285d7b08000100000000000c00040005000000000000000c00050000000000000000000800010000000000100007800c00018008000100", @ANYRES32, @ANYBLOB="0c0005000600000000000000580007800c00018008000100", @ANYRES32, @ANYBLOB="0c00018008000100", @ANYRES32, @ANYBLOB="0c00018008000100", @ANYRES32, @ANYBLOB="0c00018008000100", @ANYRES32, @ANYBLOB="0c00018008000100", @ANYRES32=r2, @ANYBLOB="0c00018008000100", @ANYRES32=r4, @ANYBLOB="0c00018008009668084fe744bd3c3a3c7324b9", @ANYRES32=r3, @ANYBLOB], 0xb8}, 0x1, 0x0, 0x0, 0x11}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000080)={'vxcan0\x00', <r5=>0x0})
sendmsg$can_bcm(r3, &(0x7f0000000000)={&(0x7f0000000040)={0x1d, r5}, 0x10, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="0400"/16, @ANYRES64=0x0, @ANYRES64=0x2710, @ANYRES64=r3, @ANYRES64=r5, @ANYBLOB="000000000100000000000000840004"], 0x48}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='page_pool_state_release\x00', r1}, 0x18)
socket$inet6_sctp(0xa, 0x1, 0x84)
r6 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r6, &(0x7f0000000040)={0xa, 0xe22}, 0x1c)
r7 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r7, &(0x7f0000001200)=[{&(0x7f0000000080)="580000001400add427323b472545b45602117fffffff810000400e227f000001925aa80020007b00090080007f000006e809000000ff0000f03ac71002000000ffffffffffffffffffe7ee00000000000000000200000000", 0x58}], 0x1)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000b40)=ANY=[@ANYBLOB="1800000000a50000000000000000b35c8d38f083bced00dfdd4e5e980179aa3ed2001d110000c38aa0258f7bd581015ecc8aaf73c06fbe00a376b8beb70eb5b6f7fa8631119421bb500b0b4d1d2974b9f682d01b9c7ad640eabf8f2caf543d5d4605ff704bc599709455a347628da049cdfa37902198ab17ee7d643009dc6f57cf", @ANYRESHEX=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = openat(0xffffffffffffff9c, &(0x7f0000000a00)='./file2\x00', 0x8442, 0x5c)
ioctl$FS_IOC_RESVSP(r9, 0x40305839, &(0x7f0000000180)={0x0, 0x0, 0x1fb, 0xfff})
write$cgroup_type(r9, &(0x7f0000000000), 0x9)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='page_pool_state_release\x00', r10}, 0x10)
openat(r9, &(0x7f0000000240)='./file2\x00', 0x208000, 0x2)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000580)={[{@init_itable_val}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@abort}, {@errors_remount}, {@quota}]}, 0x3, 0x433, &(0x7f0000000d80)="$eJzs28tvG0UYAPBv7SSlLxKq8ugDCBRExSNp0lJ64AICiQNISHAox5CkVajboCZItIogIFSOqBJ3xBGJv4ATXBBwQuIKd1SpQrm0cDJaezexHdt1Uidu699P2nZmd1Yzn3fHntnJBtC3RtN/kog9EfFnRAxXs/UFRqv/3VxZmv53ZWk6iXL5nX+SSrkbK0vTedH8vN15ZiCi8EUSh5rUu3Dp8rmpUmn2YpYfXzz/4fjCpcsvzJ2fOjt7dvbC5KlTJ45PvHRy8sWuxJnGdePgJ/OHD7zx3tW3pk9fff/X75M8/oY4umS03cGny+UuV9dbe2vSyUDHp5WLW9IaOlWsdtMYrPT/4SjG2sUbjtc/72njgC011P7wchm4h6WjeaAf5T/06fw337Zh2HHHuP5KdQKUxn0z26pHBqKQlRlsmN9202hEnF7+75t0i615DgEAUOfHdPzzfLPxXyEeqil3f7aGMhIRD0TEvog4GRH7I+LBiErZhyPikQ3W37hIsn78U7i2qcA6lI7/Xs7WturHf/noL0aKWW5vJf7B5MxcafZY9pkcjcEdaX6iTR0/vfbHV62O1Y7/0i2tPx8LZu24NrCj/pyZqcWp24m51vXPIg4ONIs/WV0JSCLiQEQc3GQdc89+d7jVsVvH30bn60wtlb+NeKZ6/ZejIf5c0n59cvy+KM0eG8/vivV++/3K263qv634uyC9/rua3v+r8Y8kteu1Cxuv48pfX7ac02z2/h9K3q3b9/HU4uLFiYih5M1qo2v3TzaUm1wrn8Z/9Ejz/r8v1j6JQxGR3sSPRsRjEfF41vYnIuLJiDjSJv5fXn3qg83Hv7XS+Gc2dP3XEkPRuKd5onju5x/qKh3ZSPzp9T9RSR3N9nTy/ddJuzZ3NwMAAMDdpxAReyIpjK2mC4Wxserf8O+PXYXS/MLic2fmP7owU31HYCQGC/mTruGa56ET2bQ+z0825I9nz42/Lu6s5Mem50szvQ4e+tzuFv0/9beXM+De14V1NOAupf9D/9L/oX/p/9C/mvT/nb1oB7D9Kv0/qd/3aY/aAmyvht9/y37QR8z/oX/p/9C/9H/oSws749YvyUtIrEtE4Y5ohsQWJXr9zQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAd/wcAAP//VsrjzA==")

2.242185114s ago: executing program 4 (id=2751):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000008000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x400, &(0x7f00000014c0)={[{@nolazytime}, {@lazytime}, {@journal_path={'journal_path', 0x3d, './bus'}}, {@jqfmt_vfsold}, {@lazytime}, {@noload}]}, 0x3, 0x45c, &(0x7f0000002400)="$eJzs3MtvG0UYAPBv/UjfTajKow8gCBClQNKkpfTABQQSB5CQ4FCOIUmrUrdBTZBIVUFBqBxRJU5cEEck/gJOcEHACYkLB7ijShXqpYWT0ca7qe3aaWr8IPXvJ607s7vuzOedsWdnYgcwtMbThyRie0T8HhGjtWzjCeO1f25cuzD797ULs0lUq2/8lZTSw9evXZjNT82fty3PlCIKnySxr0W5i8vnT89UKvPnsvzk0pl3JxeXzz9z6szMyfmT82enjx07cnjquaPTz3YlzjSu63s/WNi/55W3Lr82e/zy2z99k+TxN8XRJeNrHXy8Wu1ycYO1oy5daxlsBMVaN43ySv8fjWLcvHij8fLHA60c0FPVarV6X/vDF6vAXSyJQdcAGIz8gz69/823Pg09/heuvlC7AUrjvpFttSOlKGTnlJvub7tpPCKOX/zny3SL3sxDAAA0+C4d/zzdavxXiPp5oZ3ZGspYRNwTEbsi4mhE7I6IeyNWzr0/Ih64w/KbF0luHf8UrnQU2Dql47/ns7WtxvFfPvqLsWKW2LESfzk5caoyfyh7TQ5EeVOan1qjjO9f+vWzdsfqx3/plpafjwWzelwpbWp8ztzM0kyn8Ta7+lHE3lKr+JPVlYAkIvZExN4Oyzh18Ov97Y7dPv41dGGdqfpVxBO1638xmuLPJWuvT05ujsr8ocm8Vdzq518uvd6u/P8Ufxek139ry/a/Gv9YUr9eu3gn//sXT6aPl/74tO09TaftfyR5s2Hf+zNLS+emIkaSV2uVrt8/3XTe9M3z0/gPPNq6/++Km6/EvohIG/GDEfFQRDyc1f2R33be9lX48cXH3uk8/t5K459b//WvjkbkDWF5JLLE6p7WieLpH75tKHSsdfw7217/IyupA9me9bz/raded9qaAQAAYKMqRMT2SAoTq+lCYWKi9jf8u2NrobKwuPTUiYX3zs7VviMwFuVCPtM1WjcfOpXd1uf56ab84Wze+PPilpX8xOxCZW7QwcOQ29am/6f+LA66dkDP+b4WDC/9H4aX/g/D69b+v3kg9QD6r8Xn/5ZB1APov1bj/w/X88Tt3a8L0F9N/d+yHwwR838wvDrp/94z4O5QWusnm0f6WhWgfxa3xO2/JC+xkRL5L9f0oohy2loORsTy+SgMPFKJHiYG/c4EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQHf8GAAD//8Ah4Wo=")

1.90417578s ago: executing program 4 (id=2752):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000900)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0, 0x7}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r2, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000000380)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010026bd70000000000021040000180001801400020064756d6d7930"], 0x2c}, 0x1, 0x0, 0x0, 0x2008040}, 0x880)

1.821730092s ago: executing program 4 (id=2755):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="05000000040000"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000000900010073797a300000000064000000030a01030000000000000000050000000900010073797a30000000000900030073797a300000000008000a40000000032800048008000240000000120800014000000000140003006e657464657673696d30000000000000080000000000000014000000110001"], 0xac}, 0x1, 0x0, 0x0, 0x4008805}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000bc0)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a14000000020a497f75241d4e1deb00000500000614000000110001"], 0x3c}}, 0xc050)

1.797074763s ago: executing program 1 (id=2756):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r4=>0x0})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newlink={0x44, 0x10, 0x401, 0xfffffffc, 0x80, {0x0, 0x0, 0x0, 0x0, 0x1503}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r4}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x44}, 0x1, 0x0, 0x0, 0x2004d808}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r5}, &(0x7f0000000180), &(0x7f00000001c0)=r2}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10)
syz_clone(0x40800000, 0x0, 0x0, 0x0, 0x0, 0x0)

1.775757493s ago: executing program 4 (id=2757):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x4, 0x45, 0x1488, 0xffffffffffffffff, 0x5}, 0x50)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x54, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, @fallback=0xf01690bbeba23347, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
kexec_load(0x3e00, 0x1, &(0x7f00000002c0)=[{0x0, 0x0, 0xff600000, 0x1000000}], 0x0)

1.760481273s ago: executing program 2 (id=2758):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
add_key(&(0x7f00000001c0)='ceph\x00', 0x0, &(0x7f0000000840)='\x00\x00\x00\x00\x00\x00', 0x6, 0xffffffffffffffff)

1.732385954s ago: executing program 2 (id=2759):
socket$pppl2tp(0x18, 0x1, 0x1)
r0 = openat$ppp(0xffffffffffffff9c, 0x0, 0x101042, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="07000000040000000802000001"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000021000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x18)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000040))
ioctl$PPPIOCSACTIVE(r0, 0x40047459, &(0x7f0000000080)={0xfffffffffffffe43, 0x0})
write$ppp(r0, &(0x7f0000000200)="bc72", 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x5420, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
timer_create(0x7, 0x0, &(0x7f0000000340)=<r3=>0x0)
timer_settime(r3, 0x1, &(0x7f00000003c0)={{0x77359400}}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r4, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x2, 0x101}, 0x1205, 0x0, 0x4, 0x1, 0x0, 0x0, 0x2c3, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x40000000000000, 0xffffffffffffffff, 0x8)
syz_clone(0x630c1100, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = socket(0x10, 0x80002, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCBRDELBR(r6, 0x89a2, &(0x7f0000000000)='bridge0\x00')
ioctl$EXT4_IOC_GET_ES_CACHE(0xffffffffffffffff, 0xc020662a, &(0x7f00000000c0)={0x9, 0x1, 0x5, 0x7f, 0x4924924924925e5})
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c0000005e00679a3601ffc4910700004f78d4c1a0731cccff"], 0x1c}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
recvmmsg$unix(r5, &(0x7f0000002380)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)

1.694884185s ago: executing program 4 (id=2760):
perf_event_open(0x0, 0x0, 0xffffffbfffffffff, 0xffffffffffffffff, 0xb)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000200100000102000028"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r2)
ptrace$getregset(0x4204, r2, 0x202, &(0x7f0000000140)={0x0})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000140)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000007c0)={[{@nombcache}, {@data_journal}, {@barrier_val={'barrier', 0x3d, 0xf}}, {@resgid}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r3 = open(&(0x7f0000000400)='./file2\x00', 0x90a00, 0x4)
ftruncate(r3, 0x2007ffc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000850000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2}, 0x94)
r4 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_opts(r4, 0x0, 0x4, &(0x7f0000000080)="441f0801000000e8c94ef56491ee54be0e1c2074ed27c1c6fe76cef3e2", 0x1d)
connect$inet(r4, &(0x7f0000000100)={0x2, 0x4e23, @remote}, 0x10)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
syz_usb_connect$uac1(0x1, 0xd3, &(0x7f0000000c00)=ANY=[@ANYBLOB="12011002000000406b1d01014000010203010902c10003018160060904000000010100000a24010900040201020d2406010203060007000400000624040406ee09240304ff010102000a24080304008b0602000000030101010203fe09240404073d8d43a6090401000001020000090401010101020000072401ff0f01000d240201050206085ebf4a827b090501094000034c0c072501814b0600090402000001020000090402010101020000072401110001000f2402024000010002d866713f56ea090582090800f808060725018206cc361d4f3b88aaaa9b505ea11546b228c19bf48ad5f4f281cbd56f84f7ffc586aba984261f1fe765e8ad7aec5ab677425ab01388fd24d5a1f7e2c5ddc0d5d092473b62828dad90989e4fe114437c685c0058bcfaf23aed41e39f125e40688d2c23afe1056f7bac55eb9110bf9b0fab9700f0a3f67eddf3a9f774fda33390efc88bd9b183f4228f6bfac5a2b6125e8d73753d95c646bd59d87dc832522be4feb8eda7e04dde0f11d938225528ea332450290f42cca9654ff94f87bb2d20d0d20f76059b96e3c166cfbf1c935f8e7c6fe2c93a0bf4fe14badabfa2f5ba842788d2bdc0ed5efc818eb8b857db5240e769d4bd73ebc688e32c862e746cd7c56f27c044a19564c4ece4537b3e6de61d3607038194f365001f970c7a1034b9bdae68f6"], &(0x7f0000000740)={0xa, &(0x7f0000000680)={0xa, 0x6, 0x100, 0x0, 0x8, 0x3, 0x20, 0xf}, 0x25, &(0x7f00000004c0)=ANY=[@ANYBLOB], 0x1, [{0x4, &(0x7f0000000700)=@lang_id={0x4}}]})
sendmsg$NFT_BATCH(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a640000000b0a820000000000000000000700000608000f400000000508000740000000390800084000000001080005400002000508000f4000000003080004409de4000308000340000001a00800074000000008080008400000000008000740000000ffff0000000000000000000000000000000100000a2169a2c665732c364fc949a44d17caea8548ce79c69375e12719e5e494dffc1fa650b118614a5f473e2139771ca7ad020f5393fc7ff771368339c995fa58a4132ef9bcbb00dcea4af827a390ae5bbfba16d7df79cdf8c3c39e5b3b8a66e9a869098605ceb86c6d4390e0372bd6354d087de0db6797dc7576bf9194425f8d"], 0x8c}, 0x1, 0x0, 0x0, 0x4044081}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000dd0000000000003b810000850000006d000000a50000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000300)='proc\x00', 0x0, 0x0)
chroot(&(0x7f0000000000)='./file0/../file0\x00')
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
pivot_root(&(0x7f00000001c0)='./file0\x00', &(0x7f00000000c0)='./file0\x00')
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3ff}, 0x94)

1.005517219s ago: executing program 1 (id=2761):
socket$key(0xf, 0x3, 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
removexattr(&(0x7f00000004c0)='./file0\x00', 0x0)
geteuid()
r0 = io_uring_setup(0xfc6, &(0x7f00000002c0)={0x0, 0x6c02, 0x0, 0x0, 0x20000004})
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x7}, 0x1c)
listen(r1, 0xfffffffc)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000004c0)={0x18, r4, 0x1, 0x70bd2c, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x4}]}, 0x18}}, 0x40)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r5, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000004c0)={0x28, r6, 0x1, 0x70bd2c, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @dev={0xac, 0x14, 0x14, 0x1c}}]}]}, 0x28}, 0x1, 0xff07}, 0x2000000)
close_range(r0, 0xffffffffffffffff, 0x0)

862.406982ms ago: executing program 1 (id=2765):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000130000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1801000000000000000000006dfeff00850000007b00000095"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r2}, 0x18)
set_robust_list(&(0x7f0000000280)={0x0, 0x401}, 0x18)
r3 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r3, &(0x7f00000000c0), 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000540)={<r4=>0xffffffffffffffff})
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000780)={&(0x7f0000000a40)=ANY=[@ANYBLOB="b8000000", @ANYRES16=0x0, @ANYBLOB="200025bd7000fedbdf250200000008000a002d285d7b08000100000000000c00040005000000000000000c00050000000000000000000800010000000000100007800c00018008000100", @ANYRES32, @ANYBLOB="0c0005000600000000000000580007800c00018008000100", @ANYRES32, @ANYBLOB="0c00018008000100", @ANYRES32, @ANYBLOB="0c00018008000100", @ANYRES32, @ANYBLOB="0c00018008000100", @ANYRES32, @ANYBLOB="0c00018008000100", @ANYRES32=r2, @ANYBLOB="0c00018008000100", @ANYRES32=r4, @ANYBLOB="0c00018008009668084fe744bd3c3a3c7324b9", @ANYRES32=r3, @ANYBLOB], 0xb8}, 0x1, 0x0, 0x0, 0x11}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000080)={'vxcan0\x00', <r5=>0x0})
sendmsg$can_bcm(r3, &(0x7f0000000000)={&(0x7f0000000040)={0x1d, r5}, 0x10, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="0400"/16, @ANYRES64=0x0, @ANYRES64=0x2710, @ANYRES64=r3, @ANYRES64=r5, @ANYBLOB="000000000100000000000000840004"], 0x48}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='page_pool_state_release\x00', r1}, 0x18)
socket$inet6_sctp(0xa, 0x1, 0x84)
r6 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r6, &(0x7f0000000040)={0xa, 0xe22}, 0x1c)
r7 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r7, &(0x7f0000001200)=[{&(0x7f0000000080)="580000001400add427323b472545b45602117fffffff810000400e227f000001925aa80020007b00090080007f000006e809000000ff0000f03ac71002000000ffffffffffffffffffe7ee00000000000000000200000000", 0x58}], 0x1)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000b40)=ANY=[@ANYBLOB="1800000000a50000000000000000b35c8d38f083bced00dfdd4e5e980179aa3ed2001d110000c38aa0258f7bd581015ecc8aaf73c06fbe00a376b8beb70eb5b6f7fa8631119421bb500b0b4d1d2974b9f682d01b9c7ad640eabf8f2caf543d5d4605ff704bc599709455a347628da049cdfa37902198ab17ee7d643009dc6f57cf", @ANYRESHEX=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = openat(0xffffffffffffff9c, &(0x7f0000000a00)='./file2\x00', 0x8442, 0x5c)
ioctl$FS_IOC_RESVSP(r9, 0x40305839, &(0x7f0000000180)={0x0, 0x0, 0x1fb, 0xfff})
write$cgroup_type(r9, &(0x7f0000000000), 0x9)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='page_pool_state_release\x00', r10}, 0x10)
openat(r9, &(0x7f0000000240)='./file2\x00', 0x208000, 0x2)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000580)={[{@init_itable_val}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@abort}, {@errors_remount}, {@quota}]}, 0x3, 0x433, &(0x7f0000000d80)="$eJzs28tvG0UYAPBv7SSlLxKq8ugDCBRExSNp0lJ64AICiQNISHAox5CkVajboCZItIogIFSOqBJ3xBGJv4ATXBBwQuIKd1SpQrm0cDJaezexHdt1Uidu699P2nZmd1Yzn3fHntnJBtC3RtN/kog9EfFnRAxXs/UFRqv/3VxZmv53ZWk6iXL5nX+SSrkbK0vTedH8vN15ZiCi8EUSh5rUu3Dp8rmpUmn2YpYfXzz/4fjCpcsvzJ2fOjt7dvbC5KlTJ45PvHRy8sWuxJnGdePgJ/OHD7zx3tW3pk9fff/X75M8/oY4umS03cGny+UuV9dbe2vSyUDHp5WLW9IaOlWsdtMYrPT/4SjG2sUbjtc/72njgC011P7wchm4h6WjeaAf5T/06fw337Zh2HHHuP5KdQKUxn0z26pHBqKQlRlsmN9202hEnF7+75t0i615DgEAUOfHdPzzfLPxXyEeqil3f7aGMhIRD0TEvog4GRH7I+LBiErZhyPikQ3W37hIsn78U7i2qcA6lI7/Xs7WturHf/noL0aKWW5vJf7B5MxcafZY9pkcjcEdaX6iTR0/vfbHV62O1Y7/0i2tPx8LZu24NrCj/pyZqcWp24m51vXPIg4ONIs/WV0JSCLiQEQc3GQdc89+d7jVsVvH30bn60wtlb+NeKZ6/ZejIf5c0n59cvy+KM0eG8/vivV++/3K263qv634uyC9/rua3v+r8Y8kteu1Cxuv48pfX7ac02z2/h9K3q3b9/HU4uLFiYih5M1qo2v3TzaUm1wrn8Z/9Ejz/r8v1j6JQxGR3sSPRsRjEfF41vYnIuLJiDjSJv5fXn3qg83Hv7XS+Gc2dP3XEkPRuKd5onju5x/qKh3ZSPzp9T9RSR3N9nTy/ddJuzZ3NwMAAMDdpxAReyIpjK2mC4Wxserf8O+PXYXS/MLic2fmP7owU31HYCQGC/mTruGa56ET2bQ+z0825I9nz42/Lu6s5Mem50szvQ4e+tzuFv0/9beXM+De14V1NOAupf9D/9L/oX/p/9C/mvT/nb1oB7D9Kv0/qd/3aY/aAmyvht9/y37QR8z/oX/p/9C/9H/oSws749YvyUtIrEtE4Y5ohsQWJXr9zQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAd/wcAAP//VsrjzA==")

539.680959ms ago: executing program 0 (id=2766):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002640)={0x1e, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000850000008800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
r2 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f00000000c0)={'fscrypt:', @desc4}, &(0x7f0000000100)={0x0, "de8a5cdcfec00058d18743601562cfab1c45880370d47ea3c5af890069fd8c29d889854602467bd14e46e0b9d3569c8e5bd37cf3e7c79381ffae72fa44d76fe1", 0x3f}, 0x48, 0xffffffffffffffff)
keyctl$setperm(0x5, r2, 0x400)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000006c0)=@newtaction={0xcc, 0x30, 0xffff, 0xfffffffe, 0x0, {}, [{0xb8, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x5, 0x0, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x6}}}]]}, {0x4}, {0xc}, {0xc}}}, @m_gact={0x48, 0x2, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x0, 0x0, 0x20000000}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}]}]}, 0xcc}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r1, 0xc018937e, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff, {0x1}}, './file0\x00'})
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000580)={'ip6_vti0\x00', 0x0})
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
listen(0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x1, 0x80, 0x7, 0xfe, 0x0, 0x8, 0x0, 0x5, 0x1000, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x5a7, 0x8}, 0x800, 0x80, 0x8, 0x3, 0x8, 0x7, 0x4, 0x0, 0x4, 0x0, 0x2000000a}, 0x0, 0x10, 0xffffffffffffffff, 0x1)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_inet_SIOCSIFFLAGS(r5, 0x8923, &(0x7f0000000040)={'bond0\x00', 0x1001})
keyctl$KEYCTL_WATCH_KEY(0x20, r2, r3, 0x35)
getpid()

438.608361ms ago: executing program 0 (id=2767):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="05000000040000"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000000900010073797a300000000064000000030a01030000000000000000050000000900010073797a30000000000900030073797a300000000008000a40000000032800048008000240000000120800014000000000140003006e657464657673696d30000000000000080000000000000014000000110001"], 0xac}, 0x1, 0x0, 0x0, 0x4008805}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000bc0)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a14000000020a497f75241d4e1deb00000500000614000000110001"], 0x3c}}, 0xc050)

417.580652ms ago: executing program 1 (id=2768):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x3000)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000), 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYRESHEX=r1, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback=0x1d, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000002c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xa00000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
mlock(&(0x7f0000656000/0x3000)=nil, 0x3000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0)

401.005962ms ago: executing program 0 (id=2769):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r2}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r3}, 0x10)
io_setup(0x8f0, &(0x7f0000002400)=<r4=>0x0)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10)
io_submit(r4, 0x1, &(0x7f0000000cc0)=[&(0x7f0000000100)={0x2000000000, 0x4, 0x0, 0x1, 0x0, r0, &(0x7f0000000400)="f4fffeff0000", 0x6, 0x0, 0x0, 0x2}])
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r5, 0x89a0, &(0x7f0000000040)={'syzkaller0\x00'})
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000300)={'syzkaller0\x00'})
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
bind$packet(r5, 0x0, 0x0)
r7 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r7, 0x89a1, &(0x7f0000000040)={'syzkaller0\x00'})
socket$packet(0x11, 0x3, 0x300)
r8 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=ANY=[@ANYBLOB="1c000000520001002abd7000000000000200000008000100", @ANYRES32, @ANYBLOB="30fd1fbc56db7b38df08f4c516a8a547e474c8272d80807d8380a2660500000000000000ed33ec1507cbc6b86a9d9e8ec1dd7454baace407000000000000005d03c2f52ac8613da9a3bdaade89a8d0a814dd36b98b0a01b7cd8f74da93c6d7637a0aeaf5a4abeb26498c5244a12201d0be18dc0a39a8e79d94ddea9a422dbcd9d504800a75238fc481ba91416d53797f526337b015a3822cf7157cc2a1108fa64a42ef2f7f51b721304a90c20b6789b166e6ec7d36e4cebfa81428e801e9319da1f34f7b78febaad118c8f0776a41a025cbf475d"], 0x1c}}, 0x0)
r9 = socket$key(0xf, 0x3, 0x2)
r10 = socket$nl_xfrm(0x10, 0x3, 0x6)
r11 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r11, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r12}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r11}, &(0x7f0000000000), &(0x7f00000005c0)=r12}, 0x20)
sendmsg$nl_xfrm(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="c0020000100063d10000000000000000fe8000000000000000000000000000bbfe8000000000000000000000000000aa0000000000000000000000003a000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc01000000000000000000000000000000000000330000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000b000000000000000000000000000000ffffffffffffffff000000000000000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001600000000020000000000000000000000bf010100636d61632861657329"], 0x2c0}, 0x1, 0x0, 0x0, 0x40000}, 0x4004)
sendmsg$key(r9, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000700)=ANY=[@ANYBLOB="020300030f000000000700000000000005000900e000000001d78771b90bd8a3b4914783c58777003d5b9538a9d03e6e9bfdac550000000003000600000000000200000000000000000000000000000002000100000000000000030d00000000030005000000000002000000ac141400000000000000000695a1bddbe78b77ec1d0bd1c910fe09d1029fd010b23e7e2098a686023a60d36b4826d8abfd3bffb966b62ec48bb5544e07483323b56ba75587319ce3ac4565d85f461dca069ff92010b83b07a0cfab32d5173825f38b15cf66eade30e5ee219ac548e1253e9f912771182a0361b19fa2528fc3de3436020afee4cedd879c6cabb918b5c3f043337f3c83aaf1659775616bf8fa8c2a1b3b005168841cc9ef1e2910418a076dedc03d6b046197db1f513cd5edd54aa0c85d8572c5fcb54dc542fc7ec709faaaddd4f2cea36f0a732c3221abeccc507ebed883003f47b4ff14ae90d4dc07206deb7d90a4f92c786e0fe8be8ba6620c636b6c9b2dcffc024da4d2a209df20dd0cf30d6bf661e838b05465f79c2bc3a794aed3f88575e1f79af300c00613422ecc96302db2c98b4be8223b03ec2ec82d04b41a33e19d9b4e3d8eb669eac588cf41528fa3d2becd8428ce58ebe9744ca1fb"], 0x78}, 0x1, 0x7}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

138.110668ms ago: executing program 0 (id=2770):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000340)=@newlink={0x40, 0x10, 0x439, 0x0, 0x3, {0x0, 0x0, 0x0, 0x0, 0x400eb}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @bond_slave={{0xf}, {0xc, 0x5, 0x0, 0x1, @IFLA_BOND_SLAVE_QUEUE_ID={0x6, 0x5, 0xccad}}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x4000011}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x4, 0x45, 0x1488, 0xffffffffffffffff, 0x5}, 0x50)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x54, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, @fallback=0xf01690bbeba23347, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r1}, 0x10)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x0)

99.387199ms ago: executing program 0 (id=2771):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdir(0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r0)
sendmsg$nl_generic(r0, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={0x20, 0x10, 0x701, 0x0, 0x0, {0xa}, [@typed={0xc, 0x2, 0x0, 0x0, @str='nl80211\x00'}]}, 0x20}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5, 0x80}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff0000001100a200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000300000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000073"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup/syz0\x00', 0x1ff)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x1c, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r1}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000040)={'macsec0\x00', @local})

50.791909ms ago: executing program 1 (id=2772):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000008c0), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xfc, 0x19, 0x1, 0x70bd2d, 0x0, {{@in6=@loopback, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xc, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa00, 0x407ffffffffffe, 0x800000000000002}, 0x0, 0x0, 0x1}, [@tmpl={0x44, 0x5, [{{@in=@local, 0x0, 0x3c}, 0x2, @in=@multicast2, 0x6, 0x4, 0x3}]}]}, 0xfc}}, 0x0)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4001c00)
sendmsg$NL80211_CMD_GET_REG(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x14, r1, 0x1, 0x70bd29}, 0x14}, 0x1, 0x0, 0x0, 0x4c001}, 0x840)

0s ago: executing program 0 (id=2773):
r0 = socket$inet_tcp(0x2, 0x1, 0x0) (async)
r1 = epoll_create1(0x80000)
r2 = fcntl$dupfd(r0, 0x406, r1)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000)) (async)
r3 = getpid() (async)
r4 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
kcmp$KCMP_EPOLL_TFD(r3, r4, 0x7, r2, &(0x7f0000000100)={r1, r2}) (async)
r5 = socket(0x10, 0x6, 0x9) (async)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xf, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000002400000000000100fdff17110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000010000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000280)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r7}, 0x10)
connect$netlink(r5, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc) (async)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r5)
sendmsg$NL80211_CMD_DISASSOCIATE(r2, &(0x7f00000002c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x24, r8, 0x2, 0x70bd28, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0xccc}]}, 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x4) (async)
sendmsg$nl_route_sched(r5, &(0x7f0000000080)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f0000001540)=@newtaction={0x18, 0x30, 0x829, 0x0, 0x0, {}, [{0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0xc010}, 0x4044040)

kernel console output (not intermixed with test programs):

=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  169.135243][   T30] audit: type=1400 audit(2000000347.305:2316): avc:  denied  { create } for  pid=8591 comm="syz.3.1905" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  169.156968][   T30] audit: type=1400 audit(2000000347.305:2317): avc:  denied  { setopt } for  pid=8591 comm="syz.3.1905" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  169.177802][   T30] audit: type=1400 audit(2000000347.325:2318): avc:  denied  { prog_run } for  pid=8591 comm="syz.3.1905" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  169.244909][ T8602] loop1: detected capacity change from 0 to 1024
[  169.254784][   T30] audit: type=1400 audit(2000000347.355:2319): avc:  denied  { map_write } for  pid=8597 comm="syz.0.1907" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  169.276822][   T30] audit: type=1400 audit(2000000347.375:2320): avc:  denied  { create } for  pid=8597 comm="syz.0.1907" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  169.302699][ T8594] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2
[  169.313567][ T8602] EXT4-fs (loop1): can't mount with data=, fs mounted w/o journal
[  169.328814][ T8594] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2
[  169.346440][ T8594] EXT4-fs (loop3): 1 truncate cleaned up
[  169.352694][ T8594] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  169.417087][ T8592] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  169.449516][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.473270][ T8613] syzkaller0: entered allmulticast mode
[  169.481064][ T8610] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  169.490197][ T8613] syzkaller0: entered promiscuous mode
[  169.493781][ T8610] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  169.507769][ T8613] syzkaller0 (unregistering): left allmulticast mode
[  169.514818][ T8613] syzkaller0 (unregistering): left promiscuous mode
[  169.555574][ T8621] rdma_op ffff88811b1fd980 conn xmit_rdma 0000000000000000
[  169.728371][ T8640] netlink: 'syz.4.1922': attribute type 1 has an invalid length.
[  169.825505][ T8638] wg2 speed is unknown, defaulting to 1000
[  169.911440][ T8638] lo speed is unknown, defaulting to 1000
[  170.092943][ T8656] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  171.359961][ T8685] wg2 speed is unknown, defaulting to 1000
[  171.514177][ T8685] lo speed is unknown, defaulting to 1000
[  171.738694][ T8695] netlink: 'syz.2.1942': attribute type 1 has an invalid length.
[  171.865676][ T8705] netlink: 'syz.4.1946': attribute type 10 has an invalid length.
[  171.873687][ T8705] __nla_validate_parse: 5 callbacks suppressed
[  171.873705][ T8705] netlink: 55 bytes leftover after parsing attributes in process `syz.4.1946'.
[  171.919685][ T8709] netlink: 'syz.4.1946': attribute type 10 has an invalid length.
[  171.927687][ T8709] netlink: 55 bytes leftover after parsing attributes in process `syz.4.1946'.
[  171.976704][ T8705] Process accounting resumed
[  172.188854][ T8710] loop3: detected capacity change from 0 to 512
[  172.197855][ T8710] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2
[  172.206111][ T8710] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2
[  172.216350][ T8710] EXT4-fs (loop3): 1 truncate cleaned up
[  172.223309][ T8710] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  172.242485][ T8710] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  172.277243][ T8730] loop1: detected capacity change from 0 to 128
[  172.289742][ T8730] netlink: 'syz.1.1953': attribute type 1 has an invalid length.
[  172.309661][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.368115][ T8728] wg2 speed is unknown, defaulting to 1000
[  172.420182][ T8735] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1954'.
[  172.439153][ T8728] lo speed is unknown, defaulting to 1000
[  172.445659][ T8733] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  172.806055][ T8753] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1960'.
[  173.039516][ T8768] rdma_op ffff88812c6e9180 conn xmit_rdma 0000000000000000
[  173.126084][ T8773] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1968'.
[  173.139866][ T8773] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1968'.
[  173.149016][ T8773] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1968'.
[  173.158146][ T8773] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1968'.
[  173.211729][ T8777] loop3: detected capacity change from 0 to 512
[  173.219661][ T8777] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  173.239684][ T8780] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1970'.
[  173.255321][ T8780] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1970'.
[  173.288968][ T8777] EXT4-fs (loop3): 1 truncate cleaned up
[  173.295299][ T8777] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  173.852064][ T8811] loop1: detected capacity change from 0 to 128
[  174.034362][   T30] kauditd_printk_skb: 231 callbacks suppressed
[  174.034380][   T30] audit: type=1326 audit(2000000352.326:2552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8814 comm="syz.2.1985" exe="/root/syz-executor" sig=31 arch=c000003e syscall=39 compat=0 ip=0x7fd30c9c5ba7 code=0x0
[  174.075017][   T30] audit: type=1400 audit(2000000352.326:2553): avc:  denied  { create } for  pid=8819 comm="syz.0.1986" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  174.076001][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.094775][   T30] audit: type=1400 audit(2000000352.326:2554): avc:  denied  { ioctl } for  pid=8819 comm="syz.0.1986" path="socket:[22505]" dev="sockfs" ino=22505 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  174.094888][   T30] audit: type=1400 audit(2000000352.326:2555): avc:  denied  { write } for  pid=8819 comm="syz.0.1986" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=socket permissive=1
[  174.095009][   T30] audit: type=1400 audit(2000000352.326:2556): avc:  denied  { read } for  pid=8819 comm="syz.0.1986" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=socket permissive=1
[  174.369946][ T8832] IPVS: Error joining to the multicast group
[  174.513242][ T8834] loop3: detected capacity change from 0 to 512
[  174.522707][ T8834] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  174.535409][ T8834] ext4 filesystem being mounted at /412/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  174.547517][   T30] audit: type=1400 audit(2000000352.836:2557): avc:  denied  { add_name } for  pid=8833 comm="syz.3.1991" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  174.568345][   T30] audit: type=1400 audit(2000000352.836:2558): avc:  denied  { create } for  pid=8833 comm="syz.3.1991" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  174.593274][   T30] audit: type=1400 audit(2000000352.876:2559): avc:  denied  { write open } for  pid=8833 comm="syz.3.1991" path="/412/file1/bus" dev="loop3" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  174.697697][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.751052][ T8839] wg2 speed is unknown, defaulting to 1000
[  174.814579][ T8839] lo speed is unknown, defaulting to 1000
[  174.952056][ T8846] loop1: detected capacity change from 0 to 2048
[  174.979064][ T8843] sch_fq: defrate 0 ignored.
[  174.983819][   T30] audit: type=1400 audit(2000000353.266:2560): avc:  denied  { bind } for  pid=8842 comm="+}[@" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  175.002787][   T30] audit: type=1400 audit(2000000353.266:2561): avc:  denied  { setopt } for  pid=8842 comm="syz.0.1994" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  175.059408][ T8846] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  175.112000][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  175.225557][ T8859] IPVS: Error joining to the multicast group
[  175.327649][ T8870] netlink: 'syz.1.2004': attribute type 10 has an invalid length.
[  175.351753][ T8870] netlink: 'syz.1.2004': attribute type 10 has an invalid length.
[  175.382098][ T8870] Process accounting resumed
[  175.455409][ T8881] loop1: detected capacity change from 0 to 512
[  175.539767][ T8892] IPVS: Error joining to the multicast group
[  175.549270][ T8893] SELinux: security_context_str_to_sid (ΔΌ–) failed with errno=-22
[  175.605328][ T8897] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  175.660481][ T8904] netlink: 'syz.2.2017': attribute type 10 has an invalid length.
[  175.671323][ T8904] netlink: 'syz.2.2017': attribute type 10 has an invalid length.
[  175.707059][ T8903] Process accounting resumed
[  175.947504][ T8914] loop3: detected capacity change from 0 to 2048
[  175.969709][ T8914] EXT4-fs (loop3): failed to initialize system zone (-117)
[  175.985206][ T8914] EXT4-fs (loop3): mount failed
[  176.100991][ T8932] SELinux: security_context_str_to_sid (ΔΌ–) failed with errno=-22
[  176.172750][ T8936] netlink: 'syz.1.2028': attribute type 10 has an invalid length.
[  176.182240][ T8936] netlink: 'syz.1.2028': attribute type 10 has an invalid length.
[  176.205882][ T8934] ipvlan0: entered promiscuous mode
[  176.213946][ T8934] 8021q: adding VLAN 0 to HW filter on device ipvlan0
[  176.223505][ T8934] bond0: (slave ipvlan0): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  176.276306][ T8936] Process accounting resumed
[  176.323171][ T8945] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  176.332394][ T8945] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  176.404022][ T8959] ipvlan0: entered promiscuous mode
[  176.410854][ T8959] 8021q: adding VLAN 0 to HW filter on device ipvlan0
[  176.429818][ T8959] bond0: (slave ipvlan0): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  176.507648][ T8963] cgroup: Invalid name
[  176.535794][ T8969] loop1: detected capacity change from 0 to 512
[  176.638227][ T8977] Process accounting resumed
[  176.671374][ T8984] SELinux: security_context_str_to_sid (ΔΌ–) failed with errno=-22
[  176.896664][ T9006] validate_nla: 2 callbacks suppressed
[  176.896684][ T9006] netlink: 'syz.3.2055': attribute type 10 has an invalid length.
[  176.910122][ T9006] __nla_validate_parse: 44 callbacks suppressed
[  176.910137][ T9006] netlink: 55 bytes leftover after parsing attributes in process `syz.3.2055'.
[  176.935560][ T9006] netlink: 'syz.3.2055': attribute type 10 has an invalid length.
[  176.943475][ T9006] netlink: 55 bytes leftover after parsing attributes in process `syz.3.2055'.
[  176.974530][ T9006] Process accounting resumed
[  177.086006][ T9015] loop3: detected capacity change from 0 to 512
[  177.118124][ T9015] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2058'.
[  177.255070][ T9018] SELinux: security_context_str_to_sid (ΔΌ–) failed with errno=-22
[  177.302550][ T9020] netlink: 'syz.0.2061': attribute type 1 has an invalid length.
[  177.686770][ T9039] netlink: 'syz.3.2068': attribute type 10 has an invalid length.
[  177.695269][ T9039] netlink: 55 bytes leftover after parsing attributes in process `syz.3.2068'.
[  177.715012][ T9039] netlink: 'syz.3.2068': attribute type 10 has an invalid length.
[  177.722910][ T9039] netlink: 55 bytes leftover after parsing attributes in process `syz.3.2068'.
[  177.765928][ T9039] Process accounting resumed
[  177.841725][ T9043] loop3: detected capacity change from 0 to 512
[  177.853345][ T9043] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  177.868595][ T9043] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.2070: bg 0: block 4: invalid block bitmap
[  177.902123][ T9043] EXT4-fs (loop3): Remounting filesystem read-only
[  177.912398][ T9056] loop1: detected capacity change from 0 to 512
[  177.920422][ T9043] EXT4-fs (loop3): 1 truncate cleaned up
[  177.931549][ T9043] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  178.056085][ T9060] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2074'.
[  178.057311][ T9043] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  178.084748][ T9056] SELinux: security_context_str_to_sid (ΔΌ–) failed with errno=-22
[  178.130324][ T9065] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2076'.
[  178.150592][ T9065] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2076'.
[  178.159705][ T9065] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2076'.
[  178.168741][ T9065] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2076'.
[  178.236939][ T9074] netlink: 'syz.3.2080': attribute type 10 has an invalid length.
[  178.246623][ T9074] netlink: 'syz.3.2080': attribute type 10 has an invalid length.
[  178.275305][ T9074] Process accounting resumed
[  178.333905][ T9082] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  178.370805][ T9087] loop3: detected capacity change from 0 to 512
[  178.377764][ T9087] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  178.389123][ T9087] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.2085: bg 0: block 4: invalid block bitmap
[  178.402464][ T9087] EXT4-fs (loop3): Remounting filesystem read-only
[  178.410175][ T9087] EXT4-fs (loop3): 1 truncate cleaned up
[  178.416565][ T9087] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  178.430396][ T9087] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  178.460635][ T9091] loop3: detected capacity change from 0 to 512
[  178.591022][ T9091] SELinux: security_context_str_to_sid (ΔΌ–) failed with errno=-22
[  178.732751][ T9106] netlink: 'syz.3.2091': attribute type 10 has an invalid length.
[  178.742952][ T9106] netlink: 'syz.3.2091': attribute type 10 has an invalid length.
[  178.772483][ T9106] Process accounting resumed
[  178.818926][ T9116] loop3: detected capacity change from 0 to 512
[  178.830094][ T9116] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  178.846611][ T9116] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.2096: bg 0: block 4: invalid block bitmap
[  178.870269][ T9116] EXT4-fs (loop3): Remounting filesystem read-only
[  178.883834][ T9116] EXT4-fs (loop3): 1 truncate cleaned up
[  178.999004][ T9116] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  179.012186][ T9116] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  179.045805][ T9122] SELinux: security_context_str_to_sid (ΔΌ–) failed with errno=-22
[  179.145340][ T9137] netlink: 'syz.2.2104': attribute type 10 has an invalid length.
[  179.158720][   T30] kauditd_printk_skb: 88 callbacks suppressed
[  179.158739][   T30] audit: type=1326 audit(2000000357.446:2650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9134 comm="syz.1.2103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2c758ebe9 code=0x7ffc0000
[  179.194253][ T9136] loop1: detected capacity change from 0 to 1024
[  179.213301][ T9137] Process accounting resumed
[  179.223538][ T9136] EXT4-fs (loop1): can't mount with data=, fs mounted w/o journal
[  179.232197][   T30] audit: type=1326 audit(2000000357.476:2651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9134 comm="syz.1.2103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fd2c758ebe9 code=0x7ffc0000
[  179.255917][   T30] audit: type=1326 audit(2000000357.476:2652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9134 comm="syz.1.2103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fd2c758ec23 code=0x7ffc0000
[  179.279459][   T30] audit: type=1326 audit(2000000357.476:2653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9134 comm="syz.1.2103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fd2c758d69f code=0x7ffc0000
[  179.302791][   T30] audit: type=1326 audit(2000000357.486:2654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9134 comm="syz.1.2103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fd2c758ec77 code=0x7ffc0000
[  179.326239][   T30] audit: type=1326 audit(2000000357.486:2655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9134 comm="syz.1.2103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd2c758d550 code=0x7ffc0000
[  179.349788][   T30] audit: type=1326 audit(2000000357.486:2656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9134 comm="syz.1.2103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd2c758e7eb code=0x7ffc0000
[  179.373142][   T30] audit: type=1326 audit(2000000357.496:2657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9134 comm="syz.1.2103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fd2c758d84a code=0x7ffc0000
[  179.392784][ T9149] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  179.396803][   T30] audit: type=1326 audit(2000000357.496:2658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9134 comm="syz.1.2103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fd2c758d84a code=0x7ffc0000
[  179.405450][ T9149] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  179.428606][   T30] audit: type=1326 audit(2000000357.496:2659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9134 comm="syz.1.2103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fd2c758d457 code=0x7ffc0000
[  179.445381][ T9150] IPVS: Error joining to the multicast group
[  179.477147][ T9146] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  179.485960][ T9146] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  179.620608][ T9160] SELinux: security_context_str_to_sid (ΔΌ–) failed with errno=-22
[  179.833064][ T9173] bridge0: entered promiscuous mode
[  179.839846][ T9173] macsec1: entered promiscuous mode
[  179.852981][ T9173] bridge0: port 1(macsec1) entered blocking state
[  179.861390][ T9173] bridge0: port 1(macsec1) entered disabled state
[  179.873259][ T9173] macsec1: entered allmulticast mode
[  179.879897][ T9173] bridge0: entered allmulticast mode
[  179.901213][ T9173] macsec1: left allmulticast mode
[  179.907429][ T9173] bridge0: left allmulticast mode
[  179.928879][ T9173] bridge0: left promiscuous mode
[  179.957107][ T9170] Process accounting resumed
[  180.013577][ T9177] wg2 speed is unknown, defaulting to 1000
[  180.140954][ T9183] wg2 speed is unknown, defaulting to 1000
[  180.167576][ T9177] lo speed is unknown, defaulting to 1000
[  180.249494][ T9183] lo speed is unknown, defaulting to 1000
[  180.499845][ T9204] FAULT_INJECTION: forcing a failure.
[  180.499845][ T9204] name failslab, interval 1, probability 0, space 0, times 0
[  180.512912][ T9204] CPU: 0 UID: 0 PID: 9204 Comm: syz.2.2126 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  180.512948][ T9204] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  180.512964][ T9204] Call Trace:
[  180.512970][ T9204]  <TASK>
[  180.512977][ T9204]  __dump_stack+0x1d/0x30
[  180.513003][ T9204]  dump_stack_lvl+0xe8/0x140
[  180.513040][ T9204]  dump_stack+0x15/0x1b
[  180.513062][ T9204]  should_fail_ex+0x265/0x280
[  180.513100][ T9204]  should_failslab+0x8c/0xb0
[  180.513167][ T9204]  kmem_cache_alloc_noprof+0x50/0x310
[  180.513200][ T9204]  ? getname_flags+0x80/0x3b0
[  180.513238][ T9204]  getname_flags+0x80/0x3b0
[  180.513277][ T9204]  do_sys_openat2+0x60/0x110
[  180.513320][ T9204]  __x64_sys_openat+0xf2/0x120
[  180.513447][ T9204]  x64_sys_call+0x2e9c/0x2ff0
[  180.513475][ T9204]  do_syscall_64+0xd2/0x200
[  180.513505][ T9204]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  180.513548][ T9204]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  180.513631][ T9204]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  180.513655][ T9204] RIP: 0033:0x7fd30c9cd550
[  180.513675][ T9204] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[  180.513698][ T9204] RSP: 002b:00007fd30b42cef0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  180.513744][ T9204] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fd30c9cd550
[  180.513838][ T9204] RDX: 0000000000000002 RSI: 00007fd30ca51af4 RDI: 00000000ffffff9c
[  180.513853][ T9204] RBP: 00007fd30ca51af4 R08: 0000000000000000 R09: 0000000000000000
[  180.513869][ T9204] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[  180.513881][ T9204] R13: 000000000000006e R14: 0000200000000540 R15: 00007fffd2abf388
[  180.513973][ T9204]  </TASK>
[  180.944155][ T9211] Process accounting resumed
[  181.045884][ T9225] loop3: detected capacity change from 0 to 512
[  181.054771][ T9225] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.2134: casefold flag without casefold feature
[  181.068487][ T9225] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.2134: couldn't read orphan inode 15 (err -117)
[  181.081051][ T9225] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  181.094996][ T9225] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 211 vs 220 free clusters
[  181.357618][ T9239] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  181.368525][ T9239] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  181.654773][ T9246] wg2 speed is unknown, defaulting to 1000
[  181.728546][ T9246] lo speed is unknown, defaulting to 1000
[  182.015847][ T9252] __nla_validate_parse: 34 callbacks suppressed
[  182.015870][ T9252] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2143'.
[  182.034679][ T9252] IPVS: Error joining to the multicast group
[  182.112547][ T9259] netlink: 87 bytes leftover after parsing attributes in process `syz.2.2145'.
[  182.123651][ T9262] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2144'.
[  182.152244][ T9264] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2146'.
[  182.169246][ T9264] netlink: 152 bytes leftover after parsing attributes in process `syz.2.2146'.
[  182.243280][ T9266] loop1: detected capacity change from 0 to 512
[  182.268359][ T9266] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  182.322423][ T9266] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.2147: bg 0: block 4: invalid block bitmap
[  182.336694][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  182.351641][ T9266] EXT4-fs (loop1): Remounting filesystem read-only
[  182.358513][ T9266] EXT4-fs (loop1): 1 truncate cleaned up
[  182.364732][ T9266] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  182.376453][ T9273] ipvlan0: entered promiscuous mode
[  182.384457][ T9273] 8021q: adding VLAN 0 to HW filter on device ipvlan0
[  182.385568][ T9266] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  182.393975][ T9273] bond0: (slave ipvlan0): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  182.556795][ T9291] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  182.565574][ T9291] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  182.614046][ T9296] loop3: detected capacity change from 0 to 128
[  182.624004][ T9296] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  182.632017][ T9296] FAT-fs (loop3): Filesystem has been set read-only
[  182.640368][ T9296] bio_check_eod: 2421 callbacks suppressed
[  182.640387][ T9296] syz.3.2158: attempt to access beyond end of device
[  182.640387][ T9296] loop3: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  182.670785][ T9296] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  182.678944][ T9296] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  182.689772][ T9296] syz.3.2158: attempt to access beyond end of device
[  182.689772][ T9296] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  182.703551][ T9296] syz.3.2158: attempt to access beyond end of device
[  182.703551][ T9296] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  182.717521][ T9303] syz.3.2158: attempt to access beyond end of device
[  182.717521][ T9303] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  182.732605][ T9303] syz.3.2158: attempt to access beyond end of device
[  182.732605][ T9303] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  182.747386][ T9296] syz.3.2158: attempt to access beyond end of device
[  182.747386][ T9296] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  182.762140][ T9303] syz.3.2158: attempt to access beyond end of device
[  182.762140][ T9303] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  182.776134][ T9296] syz.3.2158: attempt to access beyond end of device
[  182.776134][ T9296] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  182.790658][ T9303] syz.3.2158: attempt to access beyond end of device
[  182.790658][ T9303] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  182.806223][ T9296] syz.3.2158: attempt to access beyond end of device
[  182.806223][ T9296] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  182.846545][ T9303] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  182.854546][ T9303] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  182.868605][ T9306] loop1: detected capacity change from 0 to 512
[  182.875672][ T9306] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  182.885790][ T9303] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  182.893690][ T9303] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  182.904688][ T9306] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.2162: bg 0: block 4: invalid block bitmap
[  182.917592][ T9306] EXT4-fs (loop1): Remounting filesystem read-only
[  182.924487][ T9306] EXT4-fs (loop1): 1 truncate cleaned up
[  182.931012][ T9306] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  182.945728][ T9306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  183.167335][ T9317] loop1: detected capacity change from 0 to 512
[  183.229553][ T9317] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  183.325018][ T9317] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.2165: bg 0: block 4: invalid block bitmap
[  183.375688][ T9317] EXT4-fs (loop1): Remounting filesystem read-only
[  183.411499][ T9317] EXT4-fs (loop1): 1 truncate cleaned up
[  183.459444][ T9317] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  183.572407][ T9317] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  183.596494][ T9325] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2168'.
[  183.647550][ T9325] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2168'.
[  183.656601][ T9325] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2168'.
[  183.665628][ T9325] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2168'.
[  184.025576][ T9328] netlink: 332 bytes leftover after parsing attributes in process `syz.2.2169'.
[  184.222305][ T9343] ipvlan0: entered promiscuous mode
[  184.234417][ T9343] 8021q: adding VLAN 0 to HW filter on device ipvlan0
[  184.263899][ T9343] bond0: (slave ipvlan0): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  184.568063][ T9361] IPVS: Error joining to the multicast group
[  184.646676][ T9359] wg2 speed is unknown, defaulting to 1000
[  184.863227][ T9359] lo speed is unknown, defaulting to 1000
[  185.307226][ T9381] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  185.327293][ T9366] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9366 comm=syz.1.2184
[  185.379301][ T9390] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  185.389599][ T9389] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  185.426462][ T9396] IPVS: Error joining to the multicast group
[  185.537936][ T9404] loop3: detected capacity change from 0 to 512
[  185.549849][ T9404] SELinux: security_context_str_to_sid (ΔΌ–) failed with errno=-22
[  185.650353][   T30] kauditd_printk_skb: 94 callbacks suppressed
[  185.650372][   T30] audit: type=1400 audit(2000000363.936:2754): avc:  denied  { bind } for  pid=9410 comm="syz.4.2201" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  185.659490][ T9418] validate_nla: 5 callbacks suppressed
[  185.659509][ T9418] netlink: 'syz.1.2204': attribute type 10 has an invalid length.
[  185.717116][   T30] audit: type=1326 audit(2000000364.006:2755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9417 comm="syz.1.2204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2c758ebe9 code=0x7ffc0000
[  185.740654][   T30] audit: type=1326 audit(2000000364.006:2756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9417 comm="syz.1.2204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2c758ebe9 code=0x7ffc0000
[  185.779077][ T9418] loop1: detected capacity change from 0 to 1024
[  185.781498][   T30] audit: type=1326 audit(2000000364.056:2757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9417 comm="syz.1.2204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd2c758ebe9 code=0x7ffc0000
[  185.793724][ T9418] EXT4-fs: Ignoring removed nomblk_io_submit option
[  185.809631][   T30] audit: type=1326 audit(2000000364.056:2758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9417 comm="syz.1.2204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2c758ebe9 code=0x7ffc0000
[  185.839747][   T30] audit: type=1326 audit(2000000364.056:2759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9417 comm="syz.1.2204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2c758ebe9 code=0x7ffc0000
[  185.863252][   T30] audit: type=1326 audit(2000000364.056:2760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9417 comm="syz.1.2204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd2c758ebe9 code=0x7ffc0000
[  185.886714][   T30] audit: type=1326 audit(2000000364.056:2761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9417 comm="syz.1.2204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2c758ebe9 code=0x7ffc0000
[  185.893430][ T9416] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9416 comm=syz.3.2203
[  185.910200][   T30] audit: type=1326 audit(2000000364.056:2762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9417 comm="syz.1.2204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2c758ebe9 code=0x7ffc0000
[  185.910234][   T30] audit: type=1326 audit(2000000364.056:2763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9417 comm="syz.1.2204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd2c758ebe9 code=0x7ffc0000
[  185.924008][ T9418] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  185.977984][ T9418] System zones: 0-1, 3-36
[  185.984136][ T9418] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  186.049270][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  186.096647][ T9431] loop3: detected capacity change from 0 to 512
[  186.109585][ T9433] netlink: 'syz.4.2210': attribute type 10 has an invalid length.
[  186.133523][ T9431] SELinux: security_context_str_to_sid (ΔΌ–) failed with errno=-22
[  186.192699][ T9437] loop3: detected capacity change from 0 to 512
[  186.209869][ T9437] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  186.229182][ T9433] netlink: 'syz.4.2210': attribute type 10 has an invalid length.
[  186.253150][ T9437] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.2212: bg 0: block 4: invalid block bitmap
[  186.275941][ T9437] EXT4-fs (loop3): Remounting filesystem read-only
[  186.298872][ T9433] Process accounting resumed
[  186.556650][ T9429] loop1: detected capacity change from 0 to 512
[  186.666338][ T9429] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  186.734467][ T9429] ext4 filesystem being mounted at /377/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  186.775871][ T9437] EXT4-fs (loop3): 1 truncate cleaned up
[  186.781984][ T9437] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  186.802870][ T9437] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  186.995349][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  187.005615][ T9458] !yz!: rxe_newlink: already configured on team_slave_0
[  187.017327][ T9455] bridge0: entered promiscuous mode
[  187.024379][ T9455] macsec0: entered promiscuous mode
[  187.042484][ T9455] bridge0: port 1(macsec0) entered blocking state
[  187.050573][ T9455] bridge0: port 1(macsec0) entered disabled state
[  187.059252][ T9455] macsec0: entered allmulticast mode
[  187.066493][ T9455] bridge0: entered allmulticast mode
[  187.097967][ T9455] macsec0: left allmulticast mode
[  187.104659][ T9455] bridge0: left allmulticast mode
[  187.123591][ T9463] __nla_validate_parse: 9 callbacks suppressed
[  187.123614][ T9463] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2216'.
[  187.161842][ T9455] bridge0: left promiscuous mode
[  187.177369][ T9469] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  187.202672][ T9469] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  187.286373][ T9456] wg2 speed is unknown, defaulting to 1000
[  187.430309][ T9456] lo speed is unknown, defaulting to 1000
[  187.528779][ T9481] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2224'.
[  187.537757][ T9481] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2224'.
[  187.557763][ T9476] loop1: detected capacity change from 0 to 512
[  187.566670][ T9476] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2
[  187.574797][ T9476] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -2
[  187.583988][ T9476] EXT4-fs (loop1): 1 truncate cleaned up
[  187.590123][ T9476] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  187.637788][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  187.666760][ T9490] ipvlan0: entered promiscuous mode
[  187.682691][ T9490] 8021q: adding VLAN 0 to HW filter on device ipvlan0
[  187.691104][ T9490] bond0: (slave ipvlan0): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  187.890260][ T9492] loop1: detected capacity change from 0 to 512
[  187.914252][ T9492] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  187.942607][ T9492] ext4 filesystem being mounted at /382/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  187.961606][ T9509] wg2 speed is unknown, defaulting to 1000
[  188.085622][ T9509] lo speed is unknown, defaulting to 1000
[  188.217523][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  188.361796][ T9535] ipvlan0: entered promiscuous mode
[  188.388466][ T9535] 8021q: adding VLAN 0 to HW filter on device ipvlan0
[  188.408419][ T9535] bond0: (slave ipvlan0): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  188.486635][ T9544] loop3: detected capacity change from 0 to 1024
[  188.505293][ T9544] EXT4-fs (loop3): can't mount with commit=, fs mounted w/o journal
[  188.548060][ T9542] wg2 speed is unknown, defaulting to 1000
[  188.591853][ T9544] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8192 sclass=netlink_route_socket pid=9544 comm=syz.3.2248
[  188.691787][ T9542] lo speed is unknown, defaulting to 1000
[  188.881041][ T9553] FAULT_INJECTION: forcing a failure.
[  188.881041][ T9553] name failslab, interval 1, probability 0, space 0, times 0
[  188.893848][ T9553] CPU: 1 UID: 0 PID: 9553 Comm: syz.3.2250 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  188.893876][ T9553] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  188.893962][ T9553] Call Trace:
[  188.893970][ T9553]  <TASK>
[  188.893979][ T9553]  __dump_stack+0x1d/0x30
[  188.894006][ T9553]  dump_stack_lvl+0xe8/0x140
[  188.894025][ T9553]  dump_stack+0x15/0x1b
[  188.894040][ T9553]  should_fail_ex+0x265/0x280
[  188.894071][ T9553]  should_failslab+0x8c/0xb0
[  188.894101][ T9553]  __kvmalloc_node_noprof+0x123/0x4e0
[  188.894147][ T9553]  ? rhashtable_init_noprof+0x316/0x4f0
[  188.894246][ T9553]  rhashtable_init_noprof+0x316/0x4f0
[  188.894273][ T9553]  rhltable_init_noprof+0x1d/0x40
[  188.894301][ T9553]  nf_tables_newtable+0x522/0xea0
[  188.894417][ T9553]  nfnetlink_rcv+0xb99/0x1690
[  188.894491][ T9553]  netlink_unicast+0x5c0/0x690
[  188.894558][ T9553]  netlink_sendmsg+0x58b/0x6b0
[  188.894590][ T9553]  ? __pfx_netlink_sendmsg+0x10/0x10
[  188.894621][ T9553]  __sock_sendmsg+0x142/0x180
[  188.894699][ T9553]  ____sys_sendmsg+0x31e/0x4e0
[  188.894732][ T9553]  ___sys_sendmsg+0x17b/0x1d0
[  188.894772][ T9553]  __x64_sys_sendmsg+0xd4/0x160
[  188.894799][ T9553]  x64_sys_call+0x191e/0x2ff0
[  188.894884][ T9553]  do_syscall_64+0xd2/0x200
[  188.894916][ T9553]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  188.895010][ T9553]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  188.895043][ T9553]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  188.895070][ T9553] RIP: 0033:0x7fc3accdebe9
[  188.895090][ T9553] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  188.895112][ T9553] RSP: 002b:00007fc3ab747038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  188.895172][ T9553] RAX: ffffffffffffffda RBX: 00007fc3acf15fa0 RCX: 00007fc3accdebe9
[  188.895210][ T9553] RDX: 0000000000000080 RSI: 0000200000000c40 RDI: 0000000000000003
[  188.895222][ T9553] RBP: 00007fc3ab747090 R08: 0000000000000000 R09: 0000000000000000
[  188.895234][ T9553] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  188.895321][ T9553] R13: 00007fc3acf16038 R14: 00007fc3acf15fa0 R15: 00007ffefa647bf8
[  188.895343][ T9553]  </TASK>
[  189.234562][ T9557] loop1: detected capacity change from 0 to 512
[  189.264266][ T9557] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  189.296989][ T9568] loop3: detected capacity change from 0 to 128
[  189.315722][ T9557] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.2252: bg 0: block 4: invalid block bitmap
[  189.366631][ T9557] EXT4-fs (loop1): Remounting filesystem read-only
[  189.397139][ T9557] EXT4-fs (loop1): 1 truncate cleaned up
[  189.424545][ T9557] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  189.459773][ T9557] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  189.768180][ T9597] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2267'.
[  190.072540][ T9611] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2275'.
[  190.138296][ T9619] loop1: detected capacity change from 0 to 128
[  190.152299][ T9621] loop3: detected capacity change from 0 to 512
[  190.172491][ T9621] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  190.196234][ T9621] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.2280: bg 0: block 4: invalid block bitmap
[  190.223245][ T9621] EXT4-fs (loop3): Remounting filesystem read-only
[  190.230519][ T9621] EXT4-fs (loop3): 1 truncate cleaned up
[  190.251634][ T9621] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  190.274966][ T9621] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.351694][ T9629] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2282'.
[  190.566563][ T9640] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2288'.
[  190.728879][ T9656] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2293'.
[  190.769673][ T9656] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2293'.
[  190.778903][ T9656] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2293'.
[  190.803161][ T9660] unsupported nla_type 65024
[  190.844534][ T9662] FAULT_INJECTION: forcing a failure.
[  190.844534][ T9662] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  190.857892][ T9662] CPU: 1 UID: 0 PID: 9662 Comm: syz.2.2296 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  190.857943][ T9662] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  190.857956][ T9662] Call Trace:
[  190.858004][ T9662]  <TASK>
[  190.858014][ T9662]  __dump_stack+0x1d/0x30
[  190.858038][ T9662]  dump_stack_lvl+0xe8/0x140
[  190.858061][ T9662]  dump_stack+0x15/0x1b
[  190.858082][ T9662]  should_fail_ex+0x265/0x280
[  190.858109][ T9662]  should_fail+0xb/0x20
[  190.858208][ T9662]  should_fail_usercopy+0x1a/0x20
[  190.858240][ T9662]  copy_folio_from_iter_atomic+0x278/0x11b0
[  190.858281][ T9662]  ? shmem_write_begin+0xa8/0x190
[  190.858324][ T9662]  ? shmem_write_begin+0xe1/0x190
[  190.858344][ T9662]  generic_perform_write+0x2c2/0x490
[  190.858381][ T9662]  shmem_file_write_iter+0xc5/0xf0
[  190.858429][ T9662]  do_iter_readv_writev+0x499/0x540
[  190.858536][ T9662]  vfs_writev+0x2df/0x8b0
[  190.858580][ T9662]  __se_sys_pwritev2+0xfc/0x1c0
[  190.858607][ T9662]  __x64_sys_pwritev2+0x67/0x80
[  190.858648][ T9662]  x64_sys_call+0x2c55/0x2ff0
[  190.858709][ T9662]  do_syscall_64+0xd2/0x200
[  190.858745][ T9662]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  190.858770][ T9662]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  190.858845][ T9662]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.858866][ T9662] RIP: 0033:0x7fd30c9cebe9
[  190.858949][ T9662] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  190.858967][ T9662] RSP: 002b:00007fd30b42f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  190.858986][ T9662] RAX: ffffffffffffffda RBX: 00007fd30cc05fa0 RCX: 00007fd30c9cebe9
[  190.859120][ T9662] RDX: 0000000000000001 RSI: 00002000000001c0 RDI: 0000000000000004
[  190.859133][ T9662] RBP: 00007fd30b42f090 R08: 0000000000000000 R09: 0000000000000000
[  190.859155][ T9662] R10: 0000000000000e7b R11: 0000000000000246 R12: 0000000000000001
[  190.859171][ T9662] R13: 00007fd30cc06038 R14: 00007fd30cc05fa0 R15: 00007fffd2abf388
[  190.859248][ T9662]  </TASK>
[  191.077159][   T30] kauditd_printk_skb: 171 callbacks suppressed
[  191.077247][   T30] audit: type=1326 audit(2000000000.140:2935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9657 comm="syz.4.2294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb8f9cebe9 code=0x7ffc0000
[  191.109076][   T30] audit: type=1326 audit(2000000000.140:2936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9657 comm="syz.4.2294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb8f9cebe9 code=0x7ffc0000
[  191.134773][   T30] audit: type=1326 audit(2000000000.140:2937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9657 comm="syz.4.2294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7fbb8f9cebe9 code=0x7ffc0000
[  191.167577][ T9675] bond0 (unregistering): Released all slaves
[  191.242466][   T30] audit: type=1400 audit(2000000000.300:2938): avc:  denied  { sqpoll } for  pid=9657 comm="syz.4.2294" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  191.263768][   T30] audit: type=1326 audit(2000000000.300:2939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9657 comm="syz.4.2294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fbb8f9cec23 code=0x7ffc0000
[  191.287702][   T30] audit: type=1326 audit(2000000000.300:2940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9657 comm="syz.4.2294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fbb8f9cec23 code=0x7ffc0000
[  191.313633][   T30] audit: type=1326 audit(2000000000.300:2941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9657 comm="syz.4.2294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb8f9cebe9 code=0x7ffc0000
[  191.338109][   T30] audit: type=1326 audit(2000000000.300:2942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9657 comm="syz.4.2294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb8f9cebe9 code=0x7ffc0000
[  191.414772][   T30] audit: type=1400 audit(2000000000.580:2943): avc:  denied  { bind } for  pid=9680 comm="syz.2.2300" lport=5 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  191.437044][   T30] audit: type=1400 audit(2000000000.580:2944): avc:  denied  { name_bind } for  pid=9680 comm="syz.2.2300" src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[  191.464952][ T9669] FAULT_INJECTION: forcing a failure.
[  191.464952][ T9669] name failslab, interval 1, probability 0, space 0, times 0
[  191.479648][ T9669] CPU: 0 UID: 0 PID: 9669 Comm: syz.0.2298 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  191.479676][ T9669] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  191.479689][ T9669] Call Trace:
[  191.479697][ T9669]  <TASK>
[  191.479707][ T9669]  __dump_stack+0x1d/0x30
[  191.479765][ T9669]  dump_stack_lvl+0xe8/0x140
[  191.479786][ T9669]  dump_stack+0x15/0x1b
[  191.479801][ T9669]  should_fail_ex+0x265/0x280
[  191.479893][ T9669]  should_failslab+0x8c/0xb0
[  191.479917][ T9669]  kmem_cache_alloc_noprof+0x50/0x310
[  191.479948][ T9669]  ? getname_flags+0x80/0x3b0
[  191.479985][ T9669]  getname_flags+0x80/0x3b0
[  191.480127][ T9669]  user_path_at+0x28/0x130
[  191.480167][ T9669]  __se_sys_mount+0x25b/0x2e0
[  191.480197][ T9669]  ? fput+0x8f/0xc0
[  191.480237][ T9669]  __x64_sys_mount+0x67/0x80
[  191.480266][ T9669]  x64_sys_call+0x2b4d/0x2ff0
[  191.480359][ T9669]  do_syscall_64+0xd2/0x200
[  191.480396][ T9669]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  191.480456][ T9669]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  191.480483][ T9669]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  191.480503][ T9669] RIP: 0033:0x7f5b6848ebe9
[  191.480620][ T9669] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  191.480639][ T9669] RSP: 002b:00007f5b66eef038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  191.480691][ T9669] RAX: ffffffffffffffda RBX: 00007f5b686c5fa0 RCX: 00007f5b6848ebe9
[  191.480708][ T9669] RDX: 0000200000004500 RSI: 00002000000000c0 RDI: 0000000000000000
[  191.480722][ T9669] RBP: 00007f5b66eef090 R08: 0000200000000940 R09: 0000000000000000
[  191.480742][ T9669] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  191.480773][ T9669] R13: 00007f5b686c6038 R14: 00007f5b686c5fa0 R15: 00007ffd8a8a1008
[  191.480800][ T9669]  </TASK>
[  191.762734][ T9701] loop3: detected capacity change from 0 to 128
[  191.772160][ T9701] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  191.780240][ T9701] FAT-fs (loop3): Filesystem has been set read-only
[  191.799392][ T9701] bio_check_eod: 8726 callbacks suppressed
[  191.799413][ T9701] syz.3.2305: attempt to access beyond end of device
[  191.799413][ T9701] loop3: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  191.825644][ T9702] syz.3.2305: attempt to access beyond end of device
[  191.825644][ T9702] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  191.849467][ T9702] syz.3.2305: attempt to access beyond end of device
[  191.849467][ T9702] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  191.874754][ T9701] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  191.882466][ T9702] syz.3.2305: attempt to access beyond end of device
[  191.882466][ T9702] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  191.882859][ T9701] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  191.902489][ T9702] syz.3.2305: attempt to access beyond end of device
[  191.902489][ T9702] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  191.995608][ T9701] syz.3.2305: attempt to access beyond end of device
[  191.995608][ T9701] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  192.055617][ T9708] syz.3.2305: attempt to access beyond end of device
[  192.055617][ T9708] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  192.084040][ T9708] syz.3.2305: attempt to access beyond end of device
[  192.084040][ T9708] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  192.100302][ T9701] syz.3.2305: attempt to access beyond end of device
[  192.100302][ T9701] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  192.123283][ T9710] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  192.132876][ T9710] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  192.151373][ T9701] syz.3.2305: attempt to access beyond end of device
[  192.151373][ T9701] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  192.174780][ T9710] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  192.189076][ T9710] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  192.387427][ T9715] loop1: detected capacity change from 0 to 512
[  192.429059][ T9715] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  192.544629][ T9715] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.2308: bg 0: block 4: invalid block bitmap
[  192.640288][ T9715] EXT4-fs (loop1): Remounting filesystem read-only
[  192.685953][ T9715] EXT4-fs (loop1): 1 truncate cleaned up
[  192.712949][ T9715] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  192.753080][ T9715] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.165741][ T9739] __nla_validate_parse: 3 callbacks suppressed
[  193.165776][ T9739] netlink: 332 bytes leftover after parsing attributes in process `syz.3.2316'.
[  193.397708][ T9751] loop3: detected capacity change from 0 to 1024
[  193.441539][ T9751] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  193.459406][ T9751] netlink: 352 bytes leftover after parsing attributes in process `syz.3.2319'.
[  193.532765][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.767616][ T9767] loop1: detected capacity change from 0 to 128
[  193.781559][ T9767] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  193.789627][ T9767] FAT-fs (loop1): Filesystem has been set read-only
[  193.797252][ T9767] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  193.805212][ T9767] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  193.843394][ T9769] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  193.851461][ T9769] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  193.897986][ T9769] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  193.906032][ T9769] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  194.366603][ T9776] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  194.395650][ T9776] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  194.548304][ T9778] wg2 speed is unknown, defaulting to 1000
[  194.593176][ T9783] ipvlan0: entered promiscuous mode
[  194.603195][ T9783] 8021q: adding VLAN 0 to HW filter on device ipvlan0
[  194.611572][ T9783] bond0: (slave ipvlan0): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  194.701574][ T9787] 9pnet_fd: Insufficient options for proto=fd
[  194.737471][ T9785] macsec1: entered promiscuous mode
[  194.743832][ T9785] bridge0: entered promiscuous mode
[  194.784171][ T9785] bridge0: port 3(macsec1) entered blocking state
[  194.791691][ T9785] bridge0: port 3(macsec1) entered disabled state
[  194.832544][ T9785] macsec1: entered allmulticast mode
[  194.838625][ T9785] bridge0: entered allmulticast mode
[  194.877756][ T9785] macsec1: left allmulticast mode
[  194.883758][ T9785] bridge0: left allmulticast mode
[  194.907131][ T9785] bridge0: left promiscuous mode
[  194.946584][ T9778] lo speed is unknown, defaulting to 1000
[  195.055057][ T9788] wg2 speed is unknown, defaulting to 1000
[  195.451442][ T9788] lo speed is unknown, defaulting to 1000
[  195.753866][ T9816] loop3: detected capacity change from 0 to 1024
[  195.785611][ T9822] ipvlan0: entered promiscuous mode
[  195.791117][ T9816] EXT4-fs (loop3): can't mount with data=, fs mounted w/o journal
[  195.799999][ T9822] 8021q: adding VLAN 0 to HW filter on device ipvlan0
[  195.815497][ T9816] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  195.815623][ T9824] netlink: 'syz.1.2343': attribute type 3 has an invalid length.
[  195.827637][ T9822] bond0: (slave ipvlan0): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  195.847278][ T9816] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  195.863943][ T9827] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2344'.
[  195.874478][ T9827] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2344'.
[  195.883918][ T9827] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2344'.
[  195.893924][ T9827] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2344'.
[  195.941048][ T9833] loop1: detected capacity change from 0 to 512
[  195.947983][ T9833] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  195.960194][ T9833] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.2346: bg 0: block 4: invalid block bitmap
[  195.973611][ T9833] EXT4-fs (loop1): Remounting filesystem read-only
[  195.980285][ T9833] EXT4-fs (loop1): 1 truncate cleaned up
[  195.987171][ T9833] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  196.001457][ T9833] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.422154][ T9860] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  196.443237][ T9857] netlink: 332 bytes leftover after parsing attributes in process `syz.3.2355'.
[  196.455003][ T9860] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  196.618538][ T9863] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2356'.
[  196.629089][ T9863] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2356'.
[  196.638114][ T9863] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2356'.
[  196.701360][ T9869] loop3: detected capacity change from 0 to 512
[  196.708405][ T9869] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  196.721809][ T9869] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.2359: bg 0: block 4: invalid block bitmap
[  196.734800][ T9869] EXT4-fs (loop3): Remounting filesystem read-only
[  196.741543][ T9869] EXT4-fs (loop3): 1 truncate cleaned up
[  196.747869][ T9869] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  196.760951][ T9869] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.017795][   T30] kauditd_printk_skb: 155 callbacks suppressed
[  197.017811][   T30] audit: type=1326 audit(2000000012.231:3100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9884 comm="syz.4.2365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb8f9cebe9 code=0x7ffc0000
[  197.049228][   T30] audit: type=1326 audit(2000000012.231:3101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9884 comm="syz.4.2365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb8f9cebe9 code=0x7ffc0000
[  197.073029][   T30] audit: type=1326 audit(2000000012.231:3102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9884 comm="syz.4.2365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fbb8f9cebe9 code=0x7ffc0000
[  197.096586][   T30] audit: type=1326 audit(2000000012.231:3103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9884 comm="syz.4.2365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fbb8f9cec23 code=0x7ffc0000
[  197.121266][   T30] audit: type=1326 audit(2000000012.231:3104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9884 comm="syz.4.2365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fbb8f9cd69f code=0x7ffc0000
[  197.159225][   T30] audit: type=1326 audit(2000000012.231:3105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9884 comm="syz.4.2365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fbb8f9cec77 code=0x7ffc0000
[  197.183193][   T30] audit: type=1326 audit(2000000012.231:3106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9884 comm="syz.4.2365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbb8f9cd550 code=0x7ffc0000
[  197.206936][   T30] audit: type=1326 audit(2000000012.231:3107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9884 comm="syz.4.2365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fbb8f9cd84a code=0x7ffc0000
[  197.230431][   T30] audit: type=1326 audit(2000000012.231:3108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9884 comm="syz.4.2365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb8f9cebe9 code=0x7ffc0000
[  197.253993][   T30] audit: type=1326 audit(2000000012.231:3109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9884 comm="syz.4.2365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb8f9cebe9 code=0x7ffc0000
[  197.263470][ T9892] loop3: detected capacity change from 0 to 512
[  197.293482][ T9892] SELinux: security_context_str_to_sid (ΔΌ–) failed with errno=-22
[  197.411550][ T9908] loop3: detected capacity change from 0 to 512
[  197.418866][ T9908] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  197.430832][ T9908] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.2371: bg 0: block 4: invalid block bitmap
[  197.443648][ T9908] EXT4-fs (loop3): Remounting filesystem read-only
[  197.450413][ T9908] EXT4-fs (loop3): 1 truncate cleaned up
[  197.456988][ T9908] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  197.470418][ T9908] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.564836][ T9917] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  197.587026][ T9919] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  197.916956][ T9924] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  197.925744][ T9924] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  198.238394][ T9932] __nla_validate_parse: 8 callbacks suppressed
[  198.238409][ T9932] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2380'.
[  198.504457][ T9947] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  198.751356][ T9959] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2391'.
[  198.762153][ T9959] IPVS: Error joining to the multicast group
[  198.920635][ T9962] loop3: detected capacity change from 0 to 512
[  198.930095][ T9962] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  198.943483][ T9962] ext4 filesystem being mounted at /527/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  199.074709][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.189406][ T9976] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  199.274837][ T9982] loop3: detected capacity change from 0 to 512
[  199.283582][ T9982] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  199.294999][ T9982] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.2400: bg 0: block 4: invalid block bitmap
[  199.309163][ T9982] EXT4-fs (loop3): Remounting filesystem read-only
[  199.315896][ T9982] EXT4-fs (loop3): 1 truncate cleaned up
[  199.321969][ T9982] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  199.335555][ T9982] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.374421][ T9985] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  199.384357][ T9985] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  199.445053][ T9998] loop1: detected capacity change from 0 to 128
[  199.476360][ T9992] netlink: 332 bytes leftover after parsing attributes in process `syz.3.2402'.
[  199.708833][T10003] ipvlan0: entered promiscuous mode
[  199.714554][T10003] 8021q: adding VLAN 0 to HW filter on device ipvlan0
[  199.722796][T10003] bond0: (slave ipvlan0): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  199.768539][T10009] loop1: detected capacity change from 0 to 512
[  199.776933][T10009] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  199.791831][T10010] netlink: 'syz.3.2409': attribute type 4 has an invalid length.
[  199.802440][T10009] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.2410: bg 0: block 4: invalid block bitmap
[  199.810070][T10010] netlink: 'syz.3.2409': attribute type 4 has an invalid length.
[  199.833028][T10009] EXT4-fs (loop1): Remounting filesystem read-only
[  199.839752][T10009] EXT4-fs (loop1): 1 truncate cleaned up
[  199.847193][T10009] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  199.871365][T10009] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  200.054851][T10030] !yz!: rxe_newlink: already configured on team_slave_0
[  200.186161][T10041] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2423'.
[  200.881729][T10059] syz!: rxe_newlink: already configured on team_slave_0
[  201.321183][T10066] netlink: 332 bytes leftover after parsing attributes in process `syz.2.2434'.
[  201.526213][T10073] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2435'.
[  201.848174][T10078] netlink: 332 bytes leftover after parsing attributes in process `syz.0.2437'.
[  201.955827][T10090] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2441'.
[  201.995943][T10093] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  202.144885][T10102] netlink: 44 bytes leftover after parsing attributes in process `syz.3.2446'.
[  202.145193][   T30] kauditd_printk_skb: 15 callbacks suppressed
[  202.145211][   T30] audit: type=1400 audit(2000000017.361:3125): avc:  denied  { write } for  pid=10101 comm="syz.3.2446" name="raw6" dev="proc" ino=4026532708 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  202.156802][T10097] wg2 speed is unknown, defaulting to 1000
[  202.195431][T10102] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2446'.
[  202.265071][T10112] loop1: detected capacity change from 0 to 512
[  202.273923][T10112] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  202.299155][T10112] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.2451: bg 0: block 4: invalid block bitmap
[  202.331778][T10116] loop3: detected capacity change from 0 to 128
[  202.348806][T10112] EXT4-fs (loop1): Remounting filesystem read-only
[  202.364361][T10112] EXT4-fs (loop1): 1 truncate cleaned up
[  202.372237][T10112] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  202.385279][T10097] lo speed is unknown, defaulting to 1000
[  202.385424][   T30] audit: type=1326 audit(2000000017.601:3126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10118 comm="syz.2.2453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd30c9cebe9 code=0x7ffc0000
[  202.419693][T10112] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  202.462564][   T30] audit: type=1326 audit(2000000017.631:3127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10118 comm="syz.2.2453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd30c9cebe9 code=0x7ffc0000
[  202.486282][   T30] audit: type=1326 audit(2000000017.631:3128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10118 comm="syz.2.2453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd30c9cebe9 code=0x7ffc0000
[  202.509920][   T30] audit: type=1326 audit(2000000017.631:3129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10118 comm="syz.2.2453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd30c9cebe9 code=0x7ffc0000
[  202.535285][   T30] audit: type=1326 audit(2000000017.631:3130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10118 comm="syz.2.2453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd30c9cebe9 code=0x7ffc0000
[  202.549526][T10123] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  202.561790][   T30] audit: type=1326 audit(2000000017.631:3131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10118 comm="syz.2.2453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd30c9cebe9 code=0x7ffc0000
[  202.561829][   T30] audit: type=1326 audit(2000000017.631:3132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10118 comm="syz.2.2453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd30c9cebe9 code=0x7ffc0000
[  202.615738][   T30] audit: type=1326 audit(2000000017.631:3133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10118 comm="syz.2.2453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd30c9cebe9 code=0x7ffc0000
[  202.639324][   T30] audit: type=1326 audit(2000000017.631:3134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10118 comm="syz.2.2453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd30c9cebe9 code=0x7ffc0000
[  202.844196][T10135] netlink: 'syz.2.2457': attribute type 4 has an invalid length.
[  202.895921][T10128] macsec1: entered promiscuous mode
[  202.896406][T10136] netlink: 'syz.2.2457': attribute type 4 has an invalid length.
[  202.910872][T10128] bridge0: entered promiscuous mode
[  202.954049][T10128] bridge0: port 3(macsec1) entered blocking state
[  202.961575][T10128] bridge0: port 3(macsec1) entered disabled state
[  202.982118][T10128] macsec1: entered allmulticast mode
[  202.989449][T10128] bridge0: entered allmulticast mode
[  203.020782][T10128] macsec1: left allmulticast mode
[  203.029492][T10128] bridge0: left allmulticast mode
[  203.068654][T10128] bridge0: left promiscuous mode
[  203.287614][T10131] wg2 speed is unknown, defaulting to 1000
[  203.444708][T10131] lo speed is unknown, defaulting to 1000
[  203.509115][T10150] __nla_validate_parse: 1 callbacks suppressed
[  203.509143][T10150] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2461'.
[  203.533918][T10150] IPVS: Error joining to the multicast group
[  203.616273][T10158] loop3: detected capacity change from 0 to 512
[  203.626315][T10158] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.2465: casefold flag without casefold feature
[  203.639401][T10158] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.2465: couldn't read orphan inode 15 (err -117)
[  203.652072][T10158] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  203.673607][T10158] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 211 vs 220 free clusters
[  204.313430][T10172] wg2 speed is unknown, defaulting to 1000
[  204.326205][T10177] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2470'.
[  204.421488][T10172] lo speed is unknown, defaulting to 1000
[  204.495347][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  204.570267][T10187] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2474'.
[  204.795815][T10194] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2477'.
[  204.958578][T10205] loop3: detected capacity change from 0 to 512
[  204.974736][T10205] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  204.995556][T10205] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.2480: bg 0: block 4: invalid block bitmap
[  205.024073][T10205] EXT4-fs (loop3): Remounting filesystem read-only
[  205.042454][T10205] EXT4-fs (loop3): 1 truncate cleaned up
[  205.052765][T10205] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  205.079565][T10205] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  205.119187][T10208] bridge0: entered promiscuous mode
[  205.134143][T10208] macsec1: entered promiscuous mode
[  205.157924][T10208] bridge0: port 1(macsec1) entered blocking state
[  205.160460][T10213] loop3: detected capacity change from 0 to 512
[  205.168066][T10208] bridge0: port 1(macsec1) entered disabled state
[  205.176044][T10213] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.2483: casefold flag without casefold feature
[  205.185599][T10208] macsec1: entered allmulticast mode
[  205.194219][T10213] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.2483: couldn't read orphan inode 15 (err -117)
[  205.195119][T10213] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  205.200064][T10208] bridge0: entered allmulticast mode
[  205.217495][T10213] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 211 vs 220 free clusters
[  205.255687][T10208] macsec1: left allmulticast mode
[  205.261676][T10208] bridge0: left allmulticast mode
[  205.274660][T10208] bridge0: left promiscuous mode
[  205.378119][T10211] wg2 speed is unknown, defaulting to 1000
[  205.527624][T10211] lo speed is unknown, defaulting to 1000
[  205.833932][T10230] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2488'.
[  205.870834][T10224] wg2 speed is unknown, defaulting to 1000
[  206.040597][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  206.069269][T10230] wg2 speed is unknown, defaulting to 1000
[  206.145918][T10242] netlink: 'syz.0.2492': attribute type 4 has an invalid length.
[  206.184803][ T3491] lo speed is unknown, defaulting to 1000
[  206.190693][ T3491] syz0: Port: 1 Link DOWN
[  206.198455][T10242] netlink: 'syz.0.2492': attribute type 4 has an invalid length.
[  206.207691][T10244] loop3: detected capacity change from 0 to 512
[  206.219090][ T3491] lo speed is unknown, defaulting to 1000
[  206.225223][ T3491] syz0: Port: 1 Link ACTIVE
[  206.239714][T10244] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  206.266285][T10224] lo speed is unknown, defaulting to 1000
[  206.293521][T10244] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.2493: bg 0: block 4: invalid block bitmap
[  206.318871][T10244] EXT4-fs (loop3): Remounting filesystem read-only
[  206.333903][T10244] EXT4-fs (loop3): 1 truncate cleaned up
[  206.345522][T10244] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  206.362827][T10244] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  206.442561][T10230] lo speed is unknown, defaulting to 1000
[  206.573616][T10260] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2499'.
[  206.594332][T10260] SELinux: security_context_str_to_sid (ΔΌ–) failed with errno=-22
[  206.633524][T10262] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2500'.
[  206.653085][ T3491] hid_parser_main: 8 callbacks suppressed
[  206.653106][ T3491] hid-generic 1000:0694:0008.0007: unknown main item tag 0x0
[  206.666503][ T3491] hid-generic 1000:0694:0008.0007: unknown main item tag 0x0
[  206.674013][ T3491] hid-generic 1000:0694:0008.0007: unknown main item tag 0x0
[  206.681437][ T3491] hid-generic 1000:0694:0008.0007: unknown main item tag 0x0
[  206.688909][ T3491] hid-generic 1000:0694:0008.0007: unknown main item tag 0x0
[  206.696425][ T3491] hid-generic 1000:0694:0008.0007: unknown main item tag 0x0
[  206.703953][ T3491] hid-generic 1000:0694:0008.0007: unknown main item tag 0x0
[  206.711999][ T3491] hid-generic 1000:0694:0008.0007: unknown main item tag 0x0
[  206.719585][ T3491] hid-generic 1000:0694:0008.0007: unknown main item tag 0x0
[  206.727092][ T3491] hid-generic 1000:0694:0008.0007: unknown main item tag 0x0
[  206.777316][T10263] loop1: detected capacity change from 0 to 512
[  206.845339][T10262] wg2 speed is unknown, defaulting to 1000
[  206.892760][ T3491] hid-generic 1000:0694:0008.0007: hidraw0: <UNKNOWN> HID v0.01 Device [syz1] on syz0
[  206.937163][T10263] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  207.015921][T10262] lo speed is unknown, defaulting to 1000
[  207.356918][T10263] ext4 filesystem being mounted at /432/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  207.473028][T10277] loop3: detected capacity change from 0 to 128
[  207.500943][T10277] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  207.508975][T10277] FAT-fs (loop3): Filesystem has been set read-only
[  207.538334][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  207.538444][T10277] bio_check_eod: 10017 callbacks suppressed
[  207.538463][T10277] syz.3.2503: attempt to access beyond end of device
[  207.538463][T10277] loop3: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  207.572408][T10282] syz.3.2503: attempt to access beyond end of device
[  207.572408][T10282] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  207.577081][T10277] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  207.593777][T10277] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  207.602109][T10277] syz.3.2503: attempt to access beyond end of device
[  207.602109][T10277] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  207.615693][T10282] syz.3.2503: attempt to access beyond end of device
[  207.615693][T10282] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  207.629560][T10277] syz.3.2503: attempt to access beyond end of device
[  207.629560][T10277] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  207.644528][T10283] syz.3.2503: attempt to access beyond end of device
[  207.644528][T10283] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  207.659880][T10277] syz.3.2503: attempt to access beyond end of device
[  207.659880][T10277] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  207.674162][T10282] syz.3.2503: attempt to access beyond end of device
[  207.674162][T10282] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  207.687848][T10282] syz.3.2503: attempt to access beyond end of device
[  207.687848][T10282] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  207.701362][T10283] syz.3.2503: attempt to access beyond end of device
[  207.701362][T10283] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  207.746289][T10282] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  207.754202][T10282] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  207.792341][T10282] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  207.800241][T10282] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  207.870803][   T30] kauditd_printk_skb: 22 callbacks suppressed
[  207.870820][   T30] audit: type=1400 audit(2000000023.081:3157): avc:  denied  { create } for  pid=10294 comm="syz.2.2509" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  207.927144][T10298] loop1: detected capacity change from 0 to 512
[  207.944853][T10286] wg2 speed is unknown, defaulting to 1000
[  207.985262][T10298] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2511'.
[  208.010975][   T30] audit: type=1400 audit(2000000023.221:3158): avc:  denied  { create } for  pid=10300 comm="syz.2.2512" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  208.050285][T10298] SELinux: security_context_str_to_sid (ΔΌ–) failed with errno=-22
[  208.101336][   T30] audit: type=1400 audit(2000000023.281:3159): avc:  denied  { append } for  pid=10300 comm="syz.2.2512" name="001" dev="devtmpfs" ino=153 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  208.227181][T10286] lo speed is unknown, defaulting to 1000
[  208.322740][T10321] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  208.356130][   T30] audit: type=1400 audit(2000000023.571:3160): avc:  denied  { read } for  pid=10323 comm="syz.3.2521" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  208.413805][T10327] audit: audit_lost=4 audit_rate_limit=0 audit_backlog_limit=64
[  208.417103][   T30] audit: type=1400 audit(2000000023.571:3161): avc:  denied  { ioctl } for  pid=10323 comm="syz.3.2521" path="socket:[28460]" dev="sockfs" ino=28460 ioctlcmd=0x890c scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  208.421931][T10327] audit: out of memory in audit_log_start
[  208.453824][   T30] audit: type=1400 audit(2000000023.621:3162): avc:  denied  { read write } for  pid=10325 comm="syz.2.2522" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  208.471523][T10324] wg2 speed is unknown, defaulting to 1000
[  208.478154][   T30] audit: type=1400 audit(2000000023.621:3163): avc:  denied  { open } for  pid=10325 comm="syz.2.2522" path="/dev/sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  208.697950][T10324] lo speed is unknown, defaulting to 1000
[  208.982640][   T30] audit: type=1326 audit(2000000024.181:3164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10340 comm="syz.3.2526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3accdebe9 code=0x7ffc0000
[  209.153409][T10352] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2531'.
[  209.290939][T10366] netlink: 'syz.2.2534': attribute type 4 has an invalid length.
[  209.324569][T10366] netlink: 'syz.2.2534': attribute type 4 has an invalid length.
[  210.517486][T10384] ipvlan0: entered promiscuous mode
[  210.542446][T10384] 8021q: adding VLAN 0 to HW filter on device ipvlan0
[  210.561318][T10384] bond0: (slave ipvlan0): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  210.726036][T10391] netlink: 44 bytes leftover after parsing attributes in process `syz.3.2544'.
[  210.890605][T10393] bridge0: entered promiscuous mode
[  210.905763][T10393] macsec1: entered promiscuous mode
[  210.926763][T10393] bridge0: port 1(macsec1) entered blocking state
[  210.934692][T10393] bridge0: port 1(macsec1) entered disabled state
[  210.965365][T10393] macsec1: entered allmulticast mode
[  210.971198][T10393] bridge0: entered allmulticast mode
[  211.008107][T10393] macsec1: left allmulticast mode
[  211.014059][T10393] bridge0: left allmulticast mode
[  211.073775][T10393] bridge0: left promiscuous mode
[  211.164807][T10414] ipvlan0: entered promiscuous mode
[  211.170986][T10414] 8021q: adding VLAN 0 to HW filter on device ipvlan0
[  211.182718][T10417] netlink: 332 bytes leftover after parsing attributes in process `syz.3.2553'.
[  211.197240][T10414] bond0: (slave ipvlan0): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  211.334979][T10396] wg2 speed is unknown, defaulting to 1000
[  211.574950][T10433] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  211.786699][T10396] lo speed is unknown, defaulting to 1000
[  211.830098][T10409] loop1: detected capacity change from 0 to 512
[  211.932320][T10409] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  211.962492][T10409] ext4 filesystem being mounted at /443/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  212.245448][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  212.447689][T10475] loop1: detected capacity change from 0 to 512
[  212.471140][T10478] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2574'.
[  212.494226][T10475] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2576'.
[  212.524848][T10475] SELinux: security_context_str_to_sid (ΔΌ–) failed with errno=-22
[  212.599807][T10480] loop1: detected capacity change from 0 to 512
[  212.615970][T10480] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  212.639538][T10480] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.2577: bg 0: block 4: invalid block bitmap
[  212.662879][T10480] EXT4-fs (loop1): Remounting filesystem read-only
[  212.677750][T10480] EXT4-fs (loop1): 1 truncate cleaned up
[  212.691509][T10480] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  212.720837][T10480] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  212.824393][T10488] loop1: detected capacity change from 0 to 512
[  212.842022][T10488] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.2580: casefold flag without casefold feature
[  212.954687][T10488] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.2580: couldn't read orphan inode 15 (err -117)
[  213.004066][T10488] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  213.068463][T10488] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 211 vs 220 free clusters
[  213.644160][T10500] ipvlan0: entered promiscuous mode
[  213.659887][T10500] 8021q: adding VLAN 0 to HW filter on device ipvlan0
[  213.669007][T10500] bond0: (slave ipvlan0): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  213.801361][T10464] wg2 speed is unknown, defaulting to 1000
[  213.905132][T10508] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2588'.
[  213.933447][T10508] SELinux: security_context_str_to_sid (ΔΌ–) failed with errno=-22
[  214.463261][   T30] kauditd_printk_skb: 69 callbacks suppressed
[  214.463276][   T30] audit: type=1326 audit(2000000029.681:3234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10461 comm="syz.0.2571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b6848ebe9 code=0x7ffc0000
[  214.494150][   T30] audit: type=1326 audit(2000000029.681:3235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10461 comm="syz.0.2571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b6848ebe9 code=0x7ffc0000
[  214.519998][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  214.684285][T10518] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2591'.
[  214.821050][T10516] loop1: detected capacity change from 0 to 512
[  214.849415][T10516] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  214.873985][T10516] ext4 filesystem being mounted at /451/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  215.061532][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  215.107081][T10540] loop1: detected capacity change from 0 to 512
[  215.127548][T10540] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.2600: casefold flag without casefold feature
[  215.150844][T10540] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.2600: couldn't read orphan inode 15 (err -117)
[  215.182058][T10540] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  215.197963][T10540] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 211 vs 220 free clusters
[  215.208310][T10464] lo speed is unknown, defaulting to 1000
[  215.810197][T10557] loop3: detected capacity change from 0 to 512
[  215.836972][T10557] EXT4-fs (loop3): too many log groups per flexible block group
[  215.844765][T10557] EXT4-fs (loop3): failed to initialize mballoc (-12)
[  215.851736][T10557] EXT4-fs (loop3): mount failed
[  215.884180][T10558] netlink: 332 bytes leftover after parsing attributes in process `syz.2.2604'.
[  215.980981][   T30] audit: type=1326 audit(2000000031.191:3236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10556 comm="syz.3.2605" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3accdebe9 code=0x7ffc0000
[  216.004552][   T30] audit: type=1326 audit(2000000031.191:3237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10556 comm="syz.3.2605" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3accdebe9 code=0x7ffc0000
[  216.028210][   T30] audit: type=1326 audit(2000000031.191:3238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10556 comm="syz.3.2605" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3accdebe9 code=0x7ffc0000
[  216.051805][   T30] audit: type=1326 audit(2000000031.191:3239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10556 comm="syz.3.2605" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fc3accdebe9 code=0x7ffc0000
[  216.075787][   T30] audit: type=1326 audit(2000000031.191:3240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10556 comm="syz.3.2605" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fc3accdebe9 code=0x7ffc0000
[  216.087634][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  216.149597][T10590] loop1: detected capacity change from 0 to 512
[  216.163294][T10590] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2611'.
[  216.248406][T10598] ALSA: seq fatal error: cannot create timer (-22)
[  216.554666][T10606] wg2 speed is unknown, defaulting to 1000
[  216.675510][T10606] lo speed is unknown, defaulting to 1000
[  217.007481][T10610] loop1: detected capacity change from 0 to 512
[  217.021713][T10610] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  217.048838][T10610] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.2616: bg 0: block 4: invalid block bitmap
[  217.134399][T10610] EXT4-fs (loop1): Remounting filesystem read-only
[  217.141218][T10610] EXT4-fs (loop1): 1 truncate cleaned up
[  217.149737][T10610] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  217.185520][T10610] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  217.483660][T10603] wg2 speed is unknown, defaulting to 1000
[  217.909224][   T30] audit: type=1400 audit(2000000033.121:3241): avc:  denied  { bind } for  pid=10627 comm="syz.4.2622" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  217.928832][   T30] audit: type=1400 audit(2000000033.121:3242): avc:  denied  { name_bind } for  pid=10627 comm="syz.4.2622" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[  217.951283][   T30] audit: type=1400 audit(2000000033.121:3243): avc:  denied  { node_bind } for  pid=10627 comm="syz.4.2622" saddr=::1 src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1
[  218.231281][T10633] netlink: 332 bytes leftover after parsing attributes in process `syz.1.2624'.
[  218.367633][T10631] wg2 speed is unknown, defaulting to 1000
[  218.754217][T10603] lo speed is unknown, defaulting to 1000
[  218.806691][T10644] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2626'.
[  218.820563][T10631] lo speed is unknown, defaulting to 1000
[  219.193155][T10667] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2633'.
[  219.219084][T10669] netlink: 'syz.2.2631': attribute type 4 has an invalid length.
[  219.269336][T10673] netlink: 'syz.2.2631': attribute type 4 has an invalid length.
[  219.293961][T10661] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2632'.
[  219.359964][T10675] loop1: detected capacity change from 0 to 512
[  219.384214][T10675] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.2635: casefold flag without casefold feature
[  219.449886][T10675] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.2635: couldn't read orphan inode 15 (err -117)
[  219.508993][T10675] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  219.609247][   T30] audit: type=1400 audit(2000000034.821:3244): avc:  denied  { connect } for  pid=10677 comm="syz.0.2636" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  219.744805][T10682] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 211 vs 220 free clusters
[  220.298092][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  220.363939][T10689] loop1: detected capacity change from 0 to 512
[  220.396715][T10678] wg2 speed is unknown, defaulting to 1000
[  220.402548][T10689] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2639'.
[  220.524863][T10690] Process accounting resumed
[  220.726407][T10678] lo speed is unknown, defaulting to 1000
[  221.307800][T10712] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2648'.
[  221.322756][T10716] !yz!: rxe_newlink: already configured on team_slave_0
[  221.337537][T10718] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2651'.
[  221.352545][T10718] SELinux: security_context_str_to_sid (ΔΌ–) failed with errno=-22
[  221.397889][T10716] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2650'.
[  221.453976][T10726] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2654'.
[  221.460229][T10723] Process accounting resumed
[  221.475560][   T30] audit: type=1326 audit(2000000036.691:3245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10730 comm="syz.2.2656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd30c9cebe9 code=0x7ffc0000
[  221.499482][   T30] audit: type=1326 audit(2000000036.691:3246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10730 comm="syz.2.2656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd30c9cebe9 code=0x7ffc0000
[  221.523539][   T30] audit: type=1326 audit(2000000036.691:3247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10730 comm="syz.2.2656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd30c9cebe9 code=0x7ffc0000
[  221.547264][   T30] audit: type=1326 audit(2000000036.691:3248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10730 comm="syz.2.2656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd30c9cebe9 code=0x7ffc0000
[  221.563584][T10732] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2654'.
[  221.571011][   T30] audit: type=1326 audit(2000000036.691:3249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10730 comm="syz.2.2656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd30c9cebe9 code=0x7ffc0000
[  221.579764][T10732] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2654'.
[  221.603368][   T30] audit: type=1326 audit(2000000036.691:3250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10730 comm="syz.2.2656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd30c9cebe9 code=0x7ffc0000
[  221.612372][T10732] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2654'.
[  221.635920][   T30] audit: type=1326 audit(2000000036.721:3251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10730 comm="syz.2.2656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd30c9cebe9 code=0x7ffc0000
[  221.670329][   T30] audit: type=1326 audit(2000000036.721:3252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10730 comm="syz.2.2656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd30c9cebe9 code=0x7ffc0000
[  221.693951][   T30] audit: type=1326 audit(2000000036.721:3253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10730 comm="syz.2.2656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd30c9cebe9 code=0x7ffc0000
[  221.857511][T10744] netlink: 'syz.2.2659': attribute type 4 has an invalid length.
[  221.907514][T10744] netlink: 'syz.2.2659': attribute type 4 has an invalid length.
[  221.941878][T10747] loop3: detected capacity change from 0 to 512
[  221.976861][T10747] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2662'.
[  222.004502][T10743] wg2 speed is unknown, defaulting to 1000
[  222.012169][T10747] SELinux: security_context_str_to_sid (ΔΌ–) failed with errno=-22
[  222.114627][T10753] loop3: detected capacity change from 0 to 128
[  222.198449][T10743] lo speed is unknown, defaulting to 1000
[  222.228585][T10755] Process accounting resumed
[  222.307084][T10762] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2667'.
[  222.580556][T10774] loop3: detected capacity change from 0 to 512
[  222.610613][T10774] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  222.634242][T10774] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.2673: bg 0: block 4: invalid block bitmap
[  222.663134][T10774] EXT4-fs (loop3): Remounting filesystem read-only
[  222.669896][T10774] EXT4-fs (loop3): 1 truncate cleaned up
[  222.672693][T10772] macsec1: entered promiscuous mode
[  222.681760][T10772] bridge0: entered promiscuous mode
[  222.682805][T10774] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  222.722641][T10772] bridge0: port 3(macsec1) entered blocking state
[  222.729834][T10772] bridge0: port 3(macsec1) entered disabled state
[  222.737739][T10774] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.756178][T10772] macsec1: entered allmulticast mode
[  222.762536][T10772] bridge0: entered allmulticast mode
[  222.787287][T10772] macsec1: left allmulticast mode
[  222.793417][T10772] bridge0: left allmulticast mode
[  222.816757][T10772] bridge0: left promiscuous mode
[  222.823915][T10779] loop3: detected capacity change from 0 to 512
[  222.839431][T10779] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.2674: casefold flag without casefold feature
[  222.852557][T10779] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.2674: couldn't read orphan inode 15 (err -117)
[  222.876845][T10779] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  222.989578][T10775] wg2 speed is unknown, defaulting to 1000
[  223.090947][T10786] Process accounting resumed
[  223.184620][T10789] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 211 vs 220 free clusters
[  223.588796][T10775] lo speed is unknown, defaulting to 1000
[  223.763536][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.191586][T10803] loop1: detected capacity change from 0 to 512
[  224.209394][T10803] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  224.243781][T10803] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.2684: bg 0: block 4: invalid block bitmap
[  224.263611][T10803] EXT4-fs (loop1): Remounting filesystem read-only
[  224.280877][T10803] EXT4-fs (loop1): 1 truncate cleaned up
[  224.291534][T10803] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  224.323352][T10803] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.480309][T10814] loop3: detected capacity change from 0 to 512
[  224.496736][T10815] Process accounting resumed
[  224.503822][T10814] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  224.523023][T10814] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.2688: bg 0: block 4: invalid block bitmap
[  224.563814][T10814] EXT4-fs (loop3): Remounting filesystem read-only
[  224.600248][T10814] EXT4-fs (loop3): 1 truncate cleaned up
[  224.636981][T10814] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  224.686482][T10814] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.889963][   T30] kauditd_printk_skb: 73 callbacks suppressed
[  224.889981][   T30] audit: type=1400 audit(2000000040.101:3327): avc:  denied  { mounton } for  pid=10849 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  225.070698][  T407] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  225.084934][T10853] Process accounting resumed
[  225.126622][  T407] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  225.168893][T10868] loop3: detected capacity change from 0 to 128
[  225.188486][  T407] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  225.248354][T10849] wg2 speed is unknown, defaulting to 1000
[  225.263373][  T407] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  225.272368][T10873] loop1: detected capacity change from 0 to 1024
[  225.313393][T10873] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  225.344165][T10849] lo speed is unknown, defaulting to 1000
[  225.383964][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  225.402689][  T407] bridge_slave_1: left allmulticast mode
[  225.408766][  T407] bridge_slave_1: left promiscuous mode
[  225.415625][  T407] bridge0: port 2(bridge_slave_1) entered disabled state
[  225.425179][  T407] bridge_slave_0: left allmulticast mode
[  225.430865][  T407] bridge_slave_0: left promiscuous mode
[  225.436927][  T407] bridge0: port 1(bridge_slave_0) entered disabled state
[  225.464168][T10881] loop1: detected capacity change from 0 to 512
[  225.481479][T10881] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  225.493986][T10881] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.2709: bg 0: block 4: invalid block bitmap
[  225.507135][T10881] EXT4-fs (loop1): Remounting filesystem read-only
[  225.514321][T10881] EXT4-fs (loop1): 1 truncate cleaned up
[  225.520498][T10881] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  225.521711][  T407] bond1 (unregistering): (slave ip6gretap1): Releasing active interface
[  225.533983][T10881] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  225.541750][  T407] bond1 (unregistering): (slave ip6gretap1): the permanent HWaddr of slave - 92:64:91:22:c2:34 - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts
[  225.598180][   T30] audit: type=1326 audit(2000000040.811:3328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10884 comm="syz.3.2710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3accdebe9 code=0x7ffc0000
[  225.622510][   T30] audit: type=1326 audit(2000000040.811:3329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10884 comm="syz.3.2710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3accdebe9 code=0x7ffc0000
[  225.658043][T10885] loop3: detected capacity change from 0 to 1024
[  225.679708][T10885] EXT4-fs (loop3): can't mount with data=, fs mounted w/o journal
[  225.679706][   T30] audit: type=1326 audit(2000000040.871:3330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10884 comm="syz.3.2710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fc3accdebe9 code=0x7ffc0000
[  225.679752][   T30] audit: type=1326 audit(2000000040.871:3331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10884 comm="syz.3.2710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fc3accdec23 code=0x7ffc0000
[  225.679785][   T30] audit: type=1326 audit(2000000040.871:3332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10884 comm="syz.3.2710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fc3accdd69f code=0x7ffc0000
[  225.679822][   T30] audit: type=1326 audit(2000000040.871:3333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10884 comm="syz.3.2710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fc3accdec77 code=0x7ffc0000
[  225.784621][   T30] audit: type=1326 audit(2000000040.871:3334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10884 comm="syz.3.2710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc3accdd550 code=0x7ffc0000
[  225.808338][   T30] audit: type=1326 audit(2000000040.871:3335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10884 comm="syz.3.2710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc3accde7eb code=0x7ffc0000
[  225.832130][   T30] audit: type=1326 audit(2000000040.881:3336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10884 comm="syz.3.2710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fc3accdd84a code=0x7ffc0000
[  225.889286][T10885] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  225.898072][T10885] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  225.916880][  T407] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  225.926455][T10891] loop1: detected capacity change from 0 to 512
[  225.933440][T10891] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  225.944255][  T407] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  225.954518][  T407] bond0 (unregistering): Released all slaves
[  225.964035][T10891] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.2712: bg 0: block 4: invalid block bitmap
[  225.976984][  T407] bond1 (unregistering): (slave veth3): Releasing active interface
[  225.985342][T10891] EXT4-fs (loop1): Remounting filesystem read-only
[  225.993142][  T407] bond1 (unregistering): Released all slaves
[  226.001324][T10891] EXT4-fs (loop1): 1 truncate cleaned up
[  226.007853][T10891] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  226.021523][  T407] bond2 (unregistering): Released all slaves
[  226.028112][T10891] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  226.031507][  T407] bond3 (unregistering): Released all slaves
[  226.040008][T10894] __nla_validate_parse: 7 callbacks suppressed
[  226.040024][T10894] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2713'.
[  226.046685][  T407] bond4 (unregistering): Released all slaves
[  226.061634][T10894] SELinux: security_context_str_to_sid (ΔΌ–) failed with errno=-22
[  226.140305][T10896] bridge0: entered promiscuous mode
[  226.147119][T10896] macsec1: entered promiscuous mode
[  226.159347][T10896] bridge0: port 1(macsec1) entered blocking state
[  226.169291][T10896] bridge0: port 1(macsec1) entered disabled state
[  226.177606][T10896] macsec1: entered allmulticast mode
[  226.184346][T10896] bridge0: entered allmulticast mode
[  226.208962][T10896] macsec1: left allmulticast mode
[  226.215487][T10896] bridge0: left allmulticast mode
[  226.234652][T10896] bridge0: left promiscuous mode
[  226.270874][  T407] IPVS: stopping backup sync thread 6032 ...
[  226.315548][T10849] chnl_net:caif_netlink_parms(): no params data found
[  226.737185][T10906] wg2 speed is unknown, defaulting to 1000
[  226.799801][T10849] bridge0: port 1(bridge_slave_0) entered blocking state
[  226.807100][T10849] bridge0: port 1(bridge_slave_0) entered disabled state
[  226.841035][T10849] bridge_slave_0: entered allmulticast mode
[  226.856770][T10849] bridge_slave_0: entered promiscuous mode
[  226.872891][  T407] hsr_slave_0: left promiscuous mode
[  226.882516][  T407] veth1_macvtap: left promiscuous mode
[  226.888169][  T407] veth0_macvtap: left promiscuous mode
[  226.939103][  T407] pim6reg (unregistering): left allmulticast mode
[  226.939572][T10925] netlink: 332 bytes leftover after parsing attributes in process `syz.0.2718'.
[  227.002460][  T407] team0 (unregistering): Port device team_slave_1 removed
[  227.022544][  T407] team0 (unregistering): Port device team_slave_0 removed
[  227.073980][T10849] bridge0: port 2(bridge_slave_1) entered blocking state
[  227.081254][T10849] bridge0: port 2(bridge_slave_1) entered disabled state
[  227.096482][T10849] bridge_slave_1: entered allmulticast mode
[  227.114978][T10931] loop1: detected capacity change from 0 to 512
[  227.115662][T10849] bridge_slave_1: entered promiscuous mode
[  227.132418][T10931] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  227.148331][T10931] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.2720: bg 0: block 4: invalid block bitmap
[  227.166587][T10931] EXT4-fs (loop1): Remounting filesystem read-only
[  227.173840][T10931] EXT4-fs (loop1): 1 truncate cleaned up
[  227.179969][T10931] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  227.193434][T10906] lo speed is unknown, defaulting to 1000
[  227.201082][T10849] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  227.206284][T10931] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  227.231804][T10849] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  227.274756][T10849] team0: Port device team_slave_0 added
[  227.281718][T10849] team0: Port device team_slave_1 added
[  227.310015][T10849] batman_adv: batadv0: Adding interface: batadv_slave_0
[  227.313419][T10944] loop3: detected capacity change from 0 to 128
[  227.317124][T10849] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  227.349581][T10849] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  227.363805][T10849] batman_adv: batadv0: Adding interface: batadv_slave_1
[  227.370801][T10849] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  227.396809][T10849] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  227.411740][T10944] netlink: 'syz.3.2726': attribute type 1 has an invalid length.
[  227.451861][T10849] hsr_slave_0: entered promiscuous mode
[  227.461624][T10849] hsr_slave_1: entered promiscuous mode
[  227.468141][T10849] debugfs: 'hsr0' already exists in 'hsr'
[  227.473955][T10849] Cannot create hsr debugfs directory
[  227.489274][T10951] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2727'.
[  227.509717][T10951] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2727'.
[  227.519823][T10951] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2727'.
[  227.529181][T10951] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2727'.
[  227.904493][T10955] wg2 speed is unknown, defaulting to 1000
[  228.071324][T10849] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  228.091153][T10849] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  228.105382][T10955] lo speed is unknown, defaulting to 1000
[  228.111874][T10849] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  228.168929][T10849] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  228.510901][T10978] loop3: detected capacity change from 0 to 512
[  228.512375][T10971] loop1: detected capacity change from 0 to 512
[  228.525888][T10849] 8021q: adding VLAN 0 to HW filter on device bond0
[  228.533030][T10978] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  228.573373][T10978] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.2734: bg 0: block 4: invalid block bitmap
[  228.576930][T10849] 8021q: adding VLAN 0 to HW filter on device team0
[  228.606694][T10978] EXT4-fs (loop3): Remounting filesystem read-only
[  228.616075][T10971] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  228.635771][  T298] bridge0: port 1(bridge_slave_0) entered blocking state
[  228.643128][  T298] bridge0: port 1(bridge_slave_0) entered forwarding state
[  228.656795][T10978] EXT4-fs (loop3): 1 truncate cleaned up
[  228.674840][  T298] bridge0: port 2(bridge_slave_1) entered blocking state
[  228.683658][  T298] bridge0: port 2(bridge_slave_1) entered forwarding state
[  228.691605][T10971] ext4 filesystem being mounted at /495/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  228.702683][T10978] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  228.717020][T10978] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  228.730501][T10849] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  228.836392][T10988] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2736'.
[  228.875530][T10849] 8021q: adding VLAN 0 to HW filter on device batadv0
[  228.906821][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  229.008674][T11016] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  229.017864][T11016] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  229.030361][T10849] veth0_vlan: entered promiscuous mode
[  229.086005][T10849] veth1_vlan: entered promiscuous mode
[  229.123625][T10849] veth0_macvtap: entered promiscuous mode
[  229.133989][T10849] veth1_macvtap: entered promiscuous mode
[  229.145304][T10849] batman_adv: batadv0: Interface activated: batadv_slave_0
[  229.154618][T10849] batman_adv: batadv0: Interface activated: batadv_slave_1
[  229.177474][  T298] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  229.203844][  T298] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  229.231444][T11024] loop3: detected capacity change from 0 to 512
[  229.248441][T11024] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2746'.
[  229.260838][T11024] SELinux: security_context_str_to_sid (ΔΌ–) failed with errno=-22
[  229.273915][ T2802] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  229.283339][ T2802] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  229.491158][T11028] Process accounting resumed
[  229.778401][T11035] loop1: detected capacity change from 0 to 512
[  229.798235][T11035] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  229.923335][T11035] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.2749: bg 0: block 4: invalid block bitmap
[  229.945131][T11050] FAULT_INJECTION: forcing a failure.
[  229.945131][T11050] name failslab, interval 1, probability 0, space 0, times 0
[  229.958283][T11050] CPU: 0 UID: 0 PID: 11050 Comm: syz.0.2750 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  229.958311][T11050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  229.958327][T11050] Call Trace:
[  229.958395][T11050]  <TASK>
[  229.958405][T11050]  __dump_stack+0x1d/0x30
[  229.958433][T11050]  dump_stack_lvl+0xe8/0x140
[  229.958458][T11050]  dump_stack+0x15/0x1b
[  229.958477][T11050]  should_fail_ex+0x265/0x280
[  229.958551][T11050]  should_failslab+0x8c/0xb0
[  229.958639][T11050]  kmem_cache_alloc_lru_noprof+0x55/0x310
[  229.958670][T11050]  ? __d_alloc+0x3d/0x340
[  229.958704][T11050]  __d_alloc+0x3d/0x340
[  229.958805][T11050]  ? mpol_shared_policy_init+0xbd/0x4c0
[  229.958826][T11050]  d_alloc_pseudo+0x1e/0x80
[  229.958854][T11050]  alloc_file_pseudo+0x71/0x160
[  229.958889][T11050]  __shmem_file_setup+0x1de/0x210
[  229.959016][T11050]  shmem_file_setup+0x3b/0x50
[  229.959058][T11050]  __se_sys_memfd_create+0x2c3/0x590
[  229.959127][T11050]  __x64_sys_memfd_create+0x31/0x40
[  229.959159][T11050]  x64_sys_call+0x2abe/0x2ff0
[  229.959185][T11050]  do_syscall_64+0xd2/0x200
[  229.959213][T11050]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  229.959301][T11050]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  229.959336][T11050]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  229.959437][T11050] RIP: 0033:0x7f5b6848ebe9
[  229.959455][T11050] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  229.959477][T11050] RSP: 002b:00007f5b66eeee18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  229.959501][T11050] RAX: ffffffffffffffda RBX: 000000000000045c RCX: 00007f5b6848ebe9
[  229.959512][T11050] RDX: 00007f5b66eeeef0 RSI: 0000000000000000 RDI: 00007f5b685127e8
[  229.959524][T11050] RBP: 0000200000002400 R08: 00007f5b66eeebb7 R09: 00007f5b66eeee40
[  229.959537][T11050] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000000
[  229.959573][T11050] R13: 00007f5b66eeeef0 R14: 00007f5b66eeeeb0 R15: 00002000000014c0
[  229.959593][T11050]  </TASK>
[  230.212390][T11035] EXT4-fs (loop1): Remounting filesystem read-only
[  230.221452][T11035] EXT4-fs (loop1): 1 truncate cleaned up
[  230.258542][T11035] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  230.266075][T11036] wg2 speed is unknown, defaulting to 1000
[  230.294450][T11035] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  230.431708][T11062] macsec1: entered promiscuous mode
[  230.437910][T11062] bridge0: entered promiscuous mode
[  230.454430][T11062] bridge0: port 3(macsec1) entered blocking state
[  230.463079][T11062] bridge0: port 3(macsec1) entered disabled state
[  230.470625][   T30] kauditd_printk_skb: 57 callbacks suppressed
[  230.470649][   T30] audit: type=1326 audit(2000000045.681:3394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11071 comm="syz.4.2760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb8f9cebe9 code=0x7ffc0000
[  230.490817][T11062] macsec1: entered allmulticast mode
[  230.500573][   T30] audit: type=1326 audit(2000000045.681:3395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11071 comm="syz.4.2760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb8f9cebe9 code=0x7ffc0000
[  230.500626][   T30] audit: type=1326 audit(2000000045.681:3396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11071 comm="syz.4.2760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fbb8f9cebe9 code=0x7ffc0000
[  230.500674][   T30] audit: type=1326 audit(2000000045.681:3397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11071 comm="syz.4.2760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fbb8f9cec23 code=0x7ffc0000
[  230.500752][   T30] audit: type=1326 audit(2000000045.681:3398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11071 comm="syz.4.2760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fbb8f9cd69f code=0x7ffc0000
[  230.501844][   T30] audit: type=1326 audit(2000000045.691:3399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11071 comm="syz.4.2760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fbb8f9cec77 code=0x7ffc0000
[  230.501891][   T30] audit: type=1326 audit(2000000045.691:3400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11071 comm="syz.4.2760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbb8f9cd550 code=0x7ffc0000
[  230.501999][   T30] audit: type=1326 audit(2000000045.691:3401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11071 comm="syz.4.2760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fbb8f9cd84a code=0x7ffc0000
[  230.508276][T11062] bridge0: entered allmulticast mode
[  230.530793][   T30] audit: type=1326 audit(2000000045.691:3402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11071 comm="syz.4.2760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb8f9cebe9 code=0x7ffc0000
[  230.530865][   T30] audit: type=1326 audit(2000000045.691:3403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11071 comm="syz.4.2760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb8f9cebe9 code=0x7ffc0000
[  230.740031][T11062] macsec1: left allmulticast mode
[  230.746001][T11062] bridge0: left allmulticast mode
[  230.754267][T11062] bridge0: left promiscuous mode
[  230.784836][  T298] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  230.835100][T11036] lo speed is unknown, defaulting to 1000
[  230.860477][  T298] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  230.879138][T11070] wg2 speed is unknown, defaulting to 1000
[  230.929484][  T298] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  230.987377][  T298] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  230.999893][T11070] lo speed is unknown, defaulting to 1000
[  231.003543][T11069] wg2 speed is unknown, defaulting to 1000
[  231.032905][T11036] chnl_net:caif_netlink_parms(): no params data found
[  231.267014][  T298] bond0 (unregistering): Released all slaves
[  231.279797][  T298] bond1 (unregistering): Released all slaves
[  231.290499][  T298] bond2 (unregistering): Released all slaves
[  231.297329][T11092] FAULT_INJECTION: forcing a failure.
[  231.297329][T11092] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  231.311240][T11092] CPU: 0 UID: 0 PID: 11092 Comm: syz.0.2764 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  231.311272][T11092] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  231.311287][T11092] Call Trace:
[  231.311294][T11092]  <TASK>
[  231.311302][T11092]  __dump_stack+0x1d/0x30
[  231.311329][T11092]  dump_stack_lvl+0xe8/0x140
[  231.311373][T11092]  dump_stack+0x15/0x1b
[  231.311390][T11092]  should_fail_ex+0x265/0x280
[  231.311412][T11092]  should_fail+0xb/0x20
[  231.311430][T11092]  should_fail_usercopy+0x1a/0x20
[  231.311567][T11092]  _copy_to_user+0x20/0xa0
[  231.311642][T11092]  simple_read_from_buffer+0xb5/0x130
[  231.311712][T11092]  proc_fail_nth_read+0x10e/0x150
[  231.311741][T11092]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  231.311844][T11092]  vfs_read+0x1a5/0x770
[  231.311865][T11092]  ? __rcu_read_unlock+0x4f/0x70
[  231.311887][T11092]  ? __fget_files+0x184/0x1c0
[  231.311916][T11092]  ksys_read+0xda/0x1a0
[  231.311940][T11092]  __x64_sys_read+0x40/0x50
[  231.312020][T11092]  x64_sys_call+0x27bc/0x2ff0
[  231.312066][T11092]  do_syscall_64+0xd2/0x200
[  231.312095][T11092]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  231.312120][T11092]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  231.312170][T11092]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  231.312192][T11092] RIP: 0033:0x7f5b6848d5fc
[  231.312207][T11092] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  231.312266][T11092] RSP: 002b:00007f5b66eef030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  231.312288][T11092] RAX: ffffffffffffffda RBX: 00007f5b686c5fa0 RCX: 00007f5b6848d5fc
[  231.312369][T11092] RDX: 000000000000000f RSI: 00007f5b66eef0a0 RDI: 0000000000000006
[  231.312415][T11092] RBP: 00007f5b66eef090 R08: 0000000000000000 R09: 0000000000000000
[  231.312428][T11092] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  231.312494][T11092] R13: 00007f5b686c6038 R14: 00007f5b686c5fa0 R15: 00007ffd8a8a1008
[  231.312516][T11092]  </TASK>
[  231.531952][T11036] bridge0: port 1(bridge_slave_0) entered blocking state
[  231.539411][T11036] bridge0: port 1(bridge_slave_0) entered disabled state
[  231.559951][T11036] bridge_slave_0: entered allmulticast mode
[  231.567310][T11036] bridge_slave_0: entered promiscuous mode
[  231.570506][T11095] loop1: detected capacity change from 0 to 512
[  231.576127][T11036] bridge0: port 2(bridge_slave_1) entered blocking state
[  231.586899][T11036] bridge0: port 2(bridge_slave_1) entered disabled state
[  231.594871][T11036] bridge_slave_1: entered allmulticast mode
[  231.595320][T11095] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  231.603600][T11036] bridge_slave_1: entered promiscuous mode
[  231.613985][T11095] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.2765: bg 0: block 4: invalid block bitmap
[  231.620220][T11069] lo speed is unknown, defaulting to 1000
[  231.629255][T11095] EXT4-fs (loop1): Remounting filesystem read-only
[  231.641913][T11095] EXT4-fs (loop1): 1 truncate cleaned up
[  231.648179][T11095] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  231.661863][  T298] tipc: Left network mode
[  231.661921][T11095] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  231.666899][T11098] 
: renamed from bond0 (while UP)
[  231.705489][T11036] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  231.780125][T11036] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  231.872684][T11106] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2769'.
[  231.898574][  T298] hsr_slave_0: left promiscuous mode
[  232.041713][T11036] team0: Port device team_slave_0 added
[  232.056736][T11111] veth1_macvtap: left promiscuous mode
[  232.063942][T11111] macsec0: entered allmulticast mode
[  232.073359][T11036] team0: Port device team_slave_1 added
[  232.107241][T11115] ==================================================================
[  232.115369][T11115] BUG: KCSAN: data-race in mas_state_walk / mas_wmb_replace
[  232.122775][T11115] 
[  232.125117][T11115] write to 0xffff8881047a9800 of 8 bytes by task 11112 on cpu 1:
[  232.132878][T11115]  mas_wmb_replace+0xe45/0x14a0
[  232.137746][T11115]  mas_wr_store_entry+0x1773/0x2b50
[  232.142967][T11115]  mas_store_prealloc+0x74d/0x9e0
[  232.148023][T11115]  vma_iter_store_new+0x1c5/0x200
[  232.153068][T11115]  vma_complete+0x125/0x580
[  232.157590][T11115]  __split_vma+0x5d9/0x650
[  232.162021][T11115]  vma_modify+0x3f2/0xc80
[  232.166366][T11115]  vma_modify_flags+0x101/0x130
[  232.171230][T11115]  mprotect_fixup+0x2cc/0x570
[  232.175919][T11115]  do_mprotect_pkey+0x6d6/0x980
[  232.180787][T11115]  __x64_sys_mprotect+0x48/0x60
[  232.185922][T11115]  x64_sys_call+0x274e/0x2ff0
[  232.190654][T11115]  do_syscall_64+0xd2/0x200
[  232.196855][T11115]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  232.203075][T11115] 
[  232.205413][T11115] read to 0xffff8881047a9800 of 8 bytes by task 11115 on cpu 0:
[  232.213159][T11115]  mas_state_walk+0x485/0x650
[  232.218414][T11115]  mas_walk+0x60/0x150
[  232.222514][T11115]  lock_vma_under_rcu+0x8d/0x160
[  232.227664][T11115]  do_user_addr_fault+0x233/0x1090
[  232.233234][T11115]  exc_page_fault+0x62/0xa0
[  232.237749][T11115]  asm_exc_page_fault+0x26/0x30
[  232.242608][T11115] 
[  232.244946][T11115] value changed: 0xffff8881047a960e -> 0xffff8881047a9800
[  232.252052][T11115] 
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  232.254381][T11115] Reported by Kernel Concurrency Sanitizer on:
[  232.260533][T11115] CPU: 0 UID: 0 PID: 11115 Comm: syz.0.2773 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  232.270349][T11115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  232.280542][T11115] ==================================================================
[  232.561914][T11036] batman_adv: batadv0: Adding interface: batadv_slave_0
[  232.569178][T11036] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  232.595483][T11036] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  232.848678][  T298] IPVS: stop unused estimator thread 0...
[  232.911030][  T298] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  232.985567][  T298] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.055106][  T298] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.115111][  T298] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.196796][  T298] bridge_slave_1: left allmulticast mode
[  233.202666][  T298] bridge_slave_1: left promiscuous mode
[  233.208465][  T298] bridge0: port 2(bridge_slave_1) entered disabled state
[  233.216834][  T298] bridge_slave_0: left allmulticast mode
[  233.222571][  T298] bridge_slave_0: left promiscuous mode
[  233.228445][  T298] bridge0: port 1(bridge_slave_0) entered disabled state
[  233.334883][  T298] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  233.344384][  T298] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  233.353999][  T298] bond0 (unregistering): Released all slaves
[  233.513937][  T298] 
 (unregistering): Released all slaves
[  233.521875][  T298] bond1 (unregistering): Released all slaves
[  233.530800][  T298] bond2 (unregistering): Released all slaves
[  233.539471][  T298] bond3 (unregistering): Released all slaves
[  233.547932][  T298] bond4 (unregistering): Released all slaves
[  233.744116][   T10] wg2 speed is unknown, defaulting to 1000
[  233.747451][  T298] batman_adv: batadv0: Removing interface: batadv_slave_0
[  233.749979][   T10] syz2: Port: 1 Link DOWN
[  233.762861][  T298] hsr_slave_0: left promiscuous mode
[  233.770490][  T298] veth0_macvtap: left promiscuous mode
[  233.798980][  T298] team0 (unregistering): Port device team_slave_1 removed
[  233.808369][  T298] team0 (unregistering): Port device team_slave_0 removed
[  233.865678][ T2802] smc: removing ib device syz2
[  233.879443][   T10] wg2 speed is unknown, defaulting to 1000
[  233.885449][ T3413] lo speed is unknown, defaulting to 1000
[  233.891262][ T3413] infiniband syz0: ib_query_port failed (-19)
[  234.280182][  T298] IPVS: stop unused estimator thread 0...
[  234.326288][  T298] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  234.386438][  T298] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  234.434896][  T298] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  234.485203][  T298] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  234.718109][  T298] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  234.728475][  T298] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  234.764677][  T298] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  234.774997][  T298] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  234.815008][  T298] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  234.825337][  T298] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  234.875101][  T298] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  234.885484][  T298] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  234.957623][  T298] bridge_slave_1: left allmulticast mode
[  234.964125][  T298] bridge_slave_1: left promiscuous mode
[  234.971644][  T298] bridge0: port 2(bridge_slave_1) entered disabled state
[  234.979653][  T298] bridge_slave_0: left allmulticast mode
[  234.985454][  T298] bridge_slave_0: left promiscuous mode
[  234.991356][  T298] bridge0: port 1(bridge_slave_0) entered disabled state
[  234.999949][  T298] bridge_slave_1: left allmulticast mode
[  235.005704][  T298] bridge_slave_1: left promiscuous mode
[  235.011365][  T298] bridge0: port 2(bridge_slave_1) entered disabled state
[  235.019025][  T298] bridge_slave_0: left allmulticast mode
[  235.025262][  T298] bridge_slave_0: left promiscuous mode
[  235.031102][  T298] bridge0: port 1(bridge_slave_0) entered disabled state
[  235.144949][  T298] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  235.155174][  T298] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  235.165432][  T298] bond0 (unregistering): Released all slaves
[  235.214577][  T298] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  235.224142][  T298] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  235.233303][  T298] bond0 (unregistering): Released all slaves
[  235.241521][  T298] bond1 (unregistering): Released all slaves
[  235.249881][  T298] bond2 (unregistering): Released all slaves
[  235.333872][  T298] bond1 (unregistering): Released all slaves
[  235.369315][  T298] IPVS: stopping backup sync thread 5978 ...
[  235.375475][  T298] IPVS: stopping backup sync thread 5062 ...
[  235.470096][  T298] hsr_slave_0: left promiscuous mode
[  235.479517][  T298] hsr_slave_1: left promiscuous mode
[  235.486321][  T298] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  235.495287][  T298] batman_adv: batadv0: Removing interface: batadv_slave_0
[  235.503065][  T298] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  235.511175][  T298] batman_adv: batadv0: Removing interface: batadv_slave_1
[  235.520742][  T298] hsr_slave_0: left promiscuous mode
[  235.527293][  T298] hsr_slave_0: left promiscuous mode
[  235.538504][  T298] veth1_macvtap: left promiscuous mode
[  235.544753][  T298] veth0_macvtap: left promiscuous mode
[  235.551233][  T298] veth1_vlan: left promiscuous mode
[  235.558367][  T298] veth0_vlan: left promiscuous mode
[  235.564657][  T298] veth1_macvtap: left promiscuous mode
[  235.572966][  T298] veth0_macvtap: left promiscuous mode
[  235.661088][  T298] team0 (unregistering): Port device team_slave_1 removed
[  235.673017][  T298] team0 (unregistering): Port device team_slave_0 removed
[  235.718078][  T298] team0 (unregistering): Port device team_slave_1 removed
[  235.728451][  T298] team0 (unregistering): Port device team_slave_0 removed
[  235.736118][ T4182] smc: removing ib device syz!
[  235.771641][ T2802] smc: removing ib device !yz!
[  237.906861][  T298] IPVS: stop unused estimator thread 0...
[  237.913037][  T298] IPVS: stop unused estimator thread 0...