last executing test programs:

4.357019294s ago: executing program 2 (id=854):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0100000004000000e27f00000100000041400000caca6408f62ba9375ba7ce7d0232070c4929c34c4cddd0a4dddc61d0b8165d3b6f6faae88eb313039cfdd9dfd412789828293a1b0c9eefd30bfd5008ee95bc302955202999e22c92f69b97b92c0427fb5450923e11119f6c7ada2db43cb2b6ec75372a475c", @ANYRES32, @ANYBLOB="feffffff00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0}, &(0x7f0000000000), 0x0}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x11, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000007000000000000000500000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000040000008500000083000000bf0900000000000055090100000000009500000000000000959373912acd781103005f9448c951000000000000008500000044000000bf91000062d6ab7d5aee579bec847752d7fac400000000b7020000010000008500000001000000b7000000000000007f00000000000000bc37d70b6aa777e1c651eb484ea09382ebf2c9dcbfb4fd40bc573e9f18b271210f59a1f8ada30fe7f6596c8e"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1000000}, 0x94)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff}, 0x13f, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_BIND(r2, &(0x7f0000000140)={0x14, 0x88, 0xfa00, {r3, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {}, 0x2000000000001005, 0x19dff}}}, 0x90)
r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000280)={<r5=>0xffffffffffffffff}, 0x106, 0x2}}, 0xfe5e)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000080)={0xe, 0x18, 0xfa00, @id_afonly={&(0x7f0000000000)=0x1, r5, 0x0, 0x2, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_BIND(r4, &(0x7f0000000140)={0x14, 0x88, 0xfa00, {r5, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {}, 0x2000000000001005, 0x19dff}}}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
process_mrelease(0xffffffffffffffff, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
quotactl_fd$Q_SETQUOTA(0xffffffffffffffff, 0xffffffff80000800, 0x0, &(0x7f00000000c0)={0x0, 0x8, 0x2000200000a95c, 0x2, 0x9, 0x5, 0x48d1, 0x1, 0x800000e2})
r8 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_mptcp_buf(r8, 0x11c, 0x2, &(0x7f0000000100)=""/222, &(0x7f0000000000)=0x61637876)
sendmsg$ETHTOOL_MSG_STRSET_GET(r6, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000640)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="0100d0000000fbdbdf3a2700000018000180140002007665746831"], 0x2c}, 0x1, 0x0, 0x0, 0x840}, 0x4008800)
memfd_create(&(0x7f0000000080)='GPL\x00', 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r9 = getpid()
sched_setscheduler(r9, 0x2, &(0x7f0000000200)=0x7)
r10 = msgget$private(0x0, 0x3ac)
msgrcv(r10, 0x0, 0x0, 0xe4b43f0e2aa28c96, 0x2000)
msgsnd(r10, &(0x7f0000000540)=ANY=[@ANYBLOB], 0x95, 0x800)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000400)=ANY=[], 0x28}}, 0x0)

3.507828329s ago: executing program 2 (id=863):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0100000004000000e27f00000100000041400000caca6408f62ba9375ba7ce7d0232070c4929c34c4cddd0a4dddc61d0b8165d3b6f6faae88eb313039cfdd9dfd412789828293a1b0c9eefd30bfd5008ee95bc302955202999e22c92f69b97b92c0427fb5450923e11119f6c7ada2db43cb2b6ec75372a475c", @ANYRES32, @ANYBLOB="feffffff00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0}, &(0x7f0000000000), 0x0}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x11, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000007000000000000000500000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000040000008500000083000000bf0900000000000055090100000000009500000000000000959373912acd781103005f9448c951000000000000008500000044000000bf91000062d6ab7d5aee579bec847752d7fac400000000b7020000010000008500000001000000b7000000000000007f00000000000000bc37d70b6aa777e1c651eb484ea09382ebf2c9dcbfb4fd40bc573e9f18b271210f59a1f8ada30fe7f6596c8e"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1000000}, 0x94)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff}, 0x13f, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_BIND(r2, &(0x7f0000000140)={0x14, 0x88, 0xfa00, {r3, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {}, 0x2000000000001005, 0x19dff}}}, 0x90)
r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000280)={<r5=>0xffffffffffffffff}, 0x106, 0x2}}, 0xfe5e)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000080)={0xe, 0x18, 0xfa00, @id_afonly={&(0x7f0000000000)=0x1, r5, 0x0, 0x2, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_BIND(r4, &(0x7f0000000140)={0x14, 0x88, 0xfa00, {r5, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {}, 0x2000000000001005, 0x19dff}}}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
process_mrelease(0xffffffffffffffff, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
quotactl_fd$Q_SETQUOTA(0xffffffffffffffff, 0xffffffff80000800, 0x0, &(0x7f00000000c0)={0x0, 0x8, 0x2000200000a95c, 0x2, 0x9, 0x5, 0x48d1, 0x1, 0x800000e2})
r8 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_mptcp_buf(r8, 0x11c, 0x2, &(0x7f0000000100)=""/222, &(0x7f0000000000)=0x61637876)
sendmsg$ETHTOOL_MSG_STRSET_GET(r6, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000640)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="0100d0000000fbdbdf3a2700000018000180140002007665746831"], 0x2c}, 0x1, 0x0, 0x0, 0x840}, 0x4008800)
memfd_create(&(0x7f0000000080)='GPL\x00', 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r9 = getpid()
sched_setscheduler(r9, 0x2, &(0x7f0000000200)=0x7)
r10 = msgget$private(0x0, 0x3ac)
msgrcv(r10, 0x0, 0x0, 0xe4b43f0e2aa28c96, 0x2000)
msgsnd(r10, &(0x7f0000000540)=ANY=[@ANYBLOB], 0x95, 0x800)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000400)=ANY=[@ANYBLOB="2800000000000200000008000000e00000020c00088008000c00ca0fe49326b791f96bbb5e798e7c5581718c2a2f3daff7591185170e18eb779b030000001536c7aa20ad62b059ad9563b7905a5c907b5d11870ba335d719ac169c76463c0c9a7c25de504a1fa8c8cf01f2846d27f2fd", @ANYRES32], 0x28}}, 0x0)

2.656374174s ago: executing program 2 (id=874):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x201, 0x0, 0x0, {0x1}}, @NFT_MSG_NEWFLOWTABLE={0x14, 0x16, 0xa, 0x1, 0x0, 0x0, {0x1}}], {0x14, 0x10}}, 0x50}}, 0x0)

2.605359484s ago: executing program 2 (id=875):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0100000004000000e27f00000100000041400000caca6408f62ba9375ba7ce7d0232070c4929c34c4cddd0a4dddc61d0b8165d3b6f6faae88eb313039cfdd9dfd412789828293a1b0c9eefd30bfd5008ee95bc302955202999e22c92f69b97b92c0427fb5450923e11119f6c7ada2db43cb2b6ec75372a475c", @ANYRES32, @ANYBLOB="feffffff00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0}, &(0x7f0000000000), 0x0}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x11, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000007000000000000000500000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000040000008500000083000000bf0900000000000055090100000000009500000000000000959373912acd781103005f9448c951000000000000008500000044000000bf91000062d6ab7d5aee579bec847752d7fac400000000b7020000010000008500000001000000b7000000000000007f00000000000000bc37d70b6aa777e1c651eb484ea09382ebf2c9dcbfb4fd40bc573e9f18b271210f59a1f8ada30fe7f6596c8e"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1000000}, 0x94)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x13f, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_BIND(r2, &(0x7f0000000140)={0x14, 0x88, 0xfa00, {0xffffffffffffffff, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {}, 0x2000000000001005, 0x19dff}}}, 0x90)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000280)={<r3=>0xffffffffffffffff}, 0x106, 0x2}}, 0xfe5e)
write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f0000000080)={0xe, 0x18, 0xfa00, @id_afonly={&(0x7f0000000000)=0x1, r3, 0x0, 0x2, 0x4}}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
process_mrelease(0xffffffffffffffff, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
quotactl_fd$Q_SETQUOTA(0xffffffffffffffff, 0xffffffff80000800, 0x0, &(0x7f00000000c0)={0x0, 0x8, 0x2000200000a95c, 0x2, 0x9, 0x5, 0x48d1, 0x1, 0x800000e2})
r6 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_mptcp_buf(r6, 0x11c, 0x2, &(0x7f0000000100)=""/222, &(0x7f0000000000)=0x61637876)
sendmsg$ETHTOOL_MSG_STRSET_GET(r4, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000640)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="0100d0000000fbdbdf3a2700000018000180140002007665746831"], 0x2c}, 0x1, 0x0, 0x0, 0x840}, 0x4008800)

2.505816995s ago: executing program 2 (id=876):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0}, 0x94)
r0 = socket(0xa, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5e8, &(0x7f0000001200)="$eJzs3c9vFdUeAPDv3P6gpbzXQl7ee7iQJsZAorS0gCHGBWwNafBH3Lix0oJIgYbWaNGEkuDGxLgxxsSVC/G/UCJbVrpy4caVISFqWJp4zdzOlP6Y2x+X207T+XySS2fOmeGc4fLtOXPuOXMDqKzB9I9axMGImE4i+pP5xbzOyDIHF4579OdH59NXEvX6a78nkWRp+fFJ9rMvO7knIn78IYkDHavLnZm7cXl8amryerY/PHtlenhm7sbRS1fGL05enLw6+sLoqZMnTp4aOdbSdd0sSDt7+933+z8Ze/Obr/5KRr79ZSyJ0/FyduDS62iXwRhs/Jskq7P6TrW7sJJ0ZP9Plr7FSWeJFWJT8vevKyL+F/3REY/fvP74+JVSKwdsqXoSUQcqKhH/UFF5PyC/t195H1wrpVcCbIeHZxYGAFbHf+fC2GD0NMYG9j5KYumwThIRrY3MLbcvIu7fG7t94d7Y7diicTig2PytiPh/UfwnjfgfiJ4YaMR/bVn8p/2Cc9nPNP3VFstfOVQs/mH7LMR/z5rxH03i/60l8f92i+UPPt58p3dZ/Pe2ekkAAAAAAABQWXfPRMTzRZ//1xbn/0TB/J++iDjdhvIHV+yv/vy/9qANxQAFHp6JeKlw/m8tn/070JFt/asxH6AruXBpavJYRPw7Io5E1550f2SNMo5+euDLZnmD2fy//JWWfz+bC5jV40HnnuXnTIzPjj/pdQMRD29FPFU4/zdZbP+TgvY//X0wvcEyDjx751yzvPXjH9gq9a8jDhe2/4+fWpGs/XyO4UZ/YDjvFaz29Ieffdes/Fbj3yMm4Mml7f/eteN/IFn6vJ6ZzZdxfK6z3iyv1f5/d/J645Ez3VnaB+Ozs9dHIrqTsx1p6rL00c3XGXajPB7yeEnj/8gza4//FfX/eyNifsXfnfyxfE1x7r9/9/3arD76/1CeNP4nNtX+b35j9M7A983K31j7f6LR1h/JUoz/wYIv8jDtXp5eEI6dRVnbXV8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2A1qEbEvktrQ4natNjQU0RcR/4m9talrM7PPXbj23tWJNK/x/f+1/Jt++xf2k/z7/weW7I+u2D8eEfsj4vOO3sb+0PlrUxNlXzwAAAAAAAAAAAAAAAAAAADsEH1N1v+nfusou3bAlussuwJAaQri/6cy6gFsP+0/VJf4h+oS/1Bd4h+qq8X472p3PYDtp/2H6hL/UF3iHwAAAAAAdpX9h+7+nETE/Iu9jVeqO8szvwd2t1rZFQBK4xE/UF2m/kB1uccHknXye5qetN6Za5k+/wQnAwAAAAAAAAAAAEDlHD5o/T9UlfX/UF3W/0N15ev/D5VcD2D7uccHYp2V/IXr/9c9CwAAAAAAAAAAAABop5m5G5fHp6Ymr9t4Y2dUox0b6Tu7kYPr9frNxrEtlbVnB1zpjtrIp8LvlPqs2MjX+m3srNJ+JQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACv8EwAA//8IGSKz")
r4 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x1)
r5 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r5, &(0x7f0000004200)='t', 0x1)
sendfile(r5, r4, 0x0, 0x3ffff)
sendfile(r5, r4, 0x0, 0x7ffff000)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
remap_file_pages(&(0x7f00003fe000/0xc00000)=nil, 0xc00000, 0x1000008, 0x401, 0x8000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r6, 0x0, 0x400007}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
sendmsg$NL80211_CMD_CONTROL_PORT_FRAME(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000680)={&(0x7f0000001800)={0x3f8, 0x0, 0x1, 0x70bd2a, 0x25dfdbfc, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6, 0x66, 0x6}, @NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6, 0x66, 0x9}, @NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT={0x4}, @NL80211_ATTR_FRAME={0x30, 0x33, @mgmt_frame=@disassoc={{{0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1}, {0x5}, @broadcast, @broadcast, @initial, {0x3, 0x215}}, 0x27, @val={0x8c, 0x10, {0x18a, "ea4fce463c4e", @short="8c096930763057ee"}}}}, @NL80211_ATTR_FRAME={0x38b, 0x33, @data_frame={@a_msdu=@type10={{0x0, 0x2, 0x4, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1}, {0x5}, @random="fe69ac438f4f", @device_b, @random="c3531079a611", {0x8, 0x6}, "", @void, @value=@ver_80211n={0x0, 0x9, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}}, @random="458e528d184b76fc8a7d685f889e5d7388b6255367ec8ae222f12b022c461d596f9daf62530fcff61a370926cbd3c197ef34f6148969884fb66b55db74d624f429eb00435840cc921b698abed3391b068f61b442ba66d5c4f04807e6338e27dcfcf0da1ecd895d88c1aadcbf87a3f96d228b0a02bbed5930363bc6129e37f5bcf172a0a059aa0d9f65d81b91ce1ecbc531d68fab18400a20d5e7f11bbc4990395b24aa2f195fffaf2ae40c3e38292b9282709e95c5794c5db0f02e5af63ef101e7e946716c6cc990acc04224220cd03f2bcfa3622a77b6394860d30dfa65841cc698a0bd19fa09e4b08b1396219422ff789dff5ffe619828c06b9dcde35df142bd01a4250a7eb4e53f029a969c8df27fd5d3c7171012286319f67114f87e40785fe57c50211fbe27f9ded9427ff67d9114227da3bfbc55251b4f60cca36b19bcd727daa9480f4c91d825f9437850c5708f49406792c12ea2e8d9c21073701ba5ee76a3667eee32c025cb89b1b45fb115b4deb06ff471c482caf3d04e069ea362158ad10f80b17448dd4464f2bad88f0b2e4f938cf7d3283ac3ace9d8e6be8069e361f73c57945b3c64fbcdbacd9e4a57036238db0e6053182aaaa06f4331d5bc54977747c85f0624f8e02c5e7398264f18a5a7c8f15d02b72f37f212a7149b6683376e66fb61ec89052b56f2993706b3bb087097fa3f4f9cb4ffeffde5efda5e4d41216d908b6a0158379cf5bcc32ac6574563176e26e1e75f95d6227c031d989be8c5f15c2173192513acacf5187cb9e48b3f07021bd1e143cadc43eec286cc724558952a830f669fc26115e1e3e3797458d76ff3e44944190f12403457810afee1d658b309beb91f51394aafd0e4a35c13ca0a5208d155b250cdb5f8d1b821b26340047ec467debad31a9c22c73593970c9e5a7908012bb3321fd8c8dfccb9f62f92ebcdc46643a44d6bbd1202c410cb97a3b2a22d584b856be20149f47a4747de8105646ce914c3076a28133d9ff8475e99323422903d5fbff3cb96685517c1b8460072fefc678f4ac9c03173d9cd3d12e286a70681c270f646133c2a7062d865388af6f9ee7980c03e272711815ccfebd7e6e7dce81af186929334adc511af9db7cf8437b78da7a1b9f92e4d4249673e4bf068135bbb79f821a71279344251844959020b00826d5660fed710c1ff6972a556f6c2abd0d23d8f4572d326a07a197ee1eea8c98946b3a5"}}]}, 0x3f8}, 0x1, 0x0, 0x0, 0x40000}, 0x40)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x1a, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xeb, '\x00', 0x0, @tracing=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r7}, 0x10)
r8 = syz_open_dev$sg(&(0x7f00000003c0), 0x3, 0x205)
ioctl$SG_IO(r8, 0x2285, 0x0)
writev(r8, &(0x7f0000000400)=[{&(0x7f0000000080)="aefdda9d240300005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d76641cb010052f436dd2a", 0x2a}, {&(0x7f0000000040)="aa1d484ea0000000f7fc08fcd111fbdf23ea32db0e8f21d5bc27bd49eb067a0689fff2a41cfbf0e9d85e44", 0x2b}], 0x2)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0xfffffffd, @mcast2={0xff, 0x5}, 0x1ff}, 0xf)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x137b}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_GENEVE_PORT={0x6, 0x5, 0x4e20}, @IFLA_GENEVE_COLLECT_METADATA={0x4}]}}}]}, 0x40}}, 0x40800)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000400)='GPL\x00', 0x4, 0x0, 0x0, 0x41000, 0x62, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r10, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="14000000100001df00000000000000000000000a20000000000a03000000000000000000070000000900010073797a300000000068000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a300000000008000540000000212c0011800a0001006c696d69740000001c0002800c00024000000000000000030c0001400000000200000101480000000c0a01010000000000000000070000000900020073797a31000000000900010073797a30000000001c0003800c00008008000340000000020c0000800800034000000002"], 0xf8}, 0x1, 0x0, 0x0, 0x4000}, 0x0)

2.493352695s ago: executing program 3 (id=877):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, 0x0, 0x0)
unshare(0x20060400)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{}, &(0x7f0000000540), &(0x7f0000000580)}, 0x20)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040), 0x0, 0x0, 0x0, 0x1f000801}, 0x840)
r1 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f00000000c0)=@ethtool_stats})

2.121962767s ago: executing program 3 (id=879):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x609e495c}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, 0x0, 0x40000)
sendmsg$nl_route(r1, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000400)='kfree\x00', r0}, 0x18)
lsetxattr$security_selinux(0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
writev(0xffffffffffffffff, &(0x7f0000000000)=[{0x0}, {&(0x7f0000000100)="08000000246837f73199aee6fdb9291b3091ec1a2d41d227975ad8ec030f5919f397867997f9c0efa9c9092a31cdbb98ea272787afda0af59a320709c3a59ef05c6f40ceafec53f48d6186e7d8409e35306221caf67b370d875eff3191932728e5ab6c9a3acf6ccee3e352c898f5744abaedfb53f92c37acb126bd143f3e9cdfcf25a8d6129fcc3a141c3f5ab6db772f87c787817a9b699dd60732d952716b103bc1e91ac5b1ed92f35389580994bb0df9bce07e7a80921888f984139f488d256a67fec0cbb5c4e93d5c151d97f676ab93b1efbd46f600dc964231e3257bf358448fddf894c0cdfa9115adbe5b19bc912fcbc8aac7719b649b1ff1267491da", 0xff}, {&(0x7f0000001480)="d1ffacd516de50ac9d15bc75316da4defa1e72f65a65cdd26dcc389aacf7856da9aecf3765d4c032e1960faf25bad906b7d3440b6e71a82f1d8f8b8db35b6091f3af94c6b46b9ab10fe3923f268771078d2668be7bd3eb941d4bb5baa8547e36283a065ce5766cbff3a8fc37fc4507643d3786bbf231d3ed88cb8b01eab14e4372cf4f89bd1b853caa5d9f07f523b9dfa8cc09053ff36fde08e96fb6b3acc196b1bd1e2d3a6c65f585df7e2b8b17439a7ab29a7dfe642c2f0ac7a81eca8073b559663f2daf7a0832b2b09557794a21bf114831f8e6db3922d0cd169e5a8b4adc95d7322ee75944de15f57780b88fef7f3d9b256705ccfa2125b43ce8e3aacaead963cdd7f792f14c9b24493f9f830f6de8da93bbd4357095631adec14224dd9bb049e826f3a49624393e6a031103faff0902ba88ae30af4a61caa77ff956214196fcf3c5536d823284306f367afcb46fb43231911cc53091671e7d853ebf015241b18e9fb6ac6d9a7a1b05dfd6d9e56a51567cd8837dd045abf6b85550f0dd8dded43147ab9bfadc18b9984699d5d875cb21a95a7f584d8c466d033df75193f9ae58b85cfacc54f6c6e12a0debe40ee361a839563bc2cb64271672a55370c2b035b482074ce2487ef8a3bc1c68856e6e09539276d961a0c647f1ee3237496fc99623e8fd33faf7797d86a88dcee152d15e10739bcbbd6077b76867e291f350d999024c12faf81f83792f48f7f6dd66aa6854e460ef7f8c755f3a6dd76509ea0d2db39057a5129185b2fb11546cd5d6cc59f640e9028ae6c7075fba5e5b5593d7f79ec387833f465d09bde464112821eaec5e6e8f2aee8d7358f9c14afe2018856f610848706c71cda62493aef2e39efb71b4a8e804847eda66b2b5b1d75b478f19208ee1ac43afb2dbbba5dd0f29f6946022e09fb853cb176ca3474ba2fa67cb245fe85ec61a095d6fd9ac2ac5685920201617342fe56072427b9bd3626a1a371e67041fcda781be0c234d6feb5ad500e8bc7074381fd0d04983a4a6cdb6c8e03d59dc50925e9e4b24e6f8e455f02818959f2927f0a2d9ff62ec3c5c399077048f7d3dad0830b2e6563693f2f9d48eca8c34804a7626282a4a214d13786993c011a88194dbf7b23e25f592e62186c9fb565fac7632de356153c89a6be0b6b26ba48c2427424769fcbd7ee072ed4bd4d0731d06c8537d616b1145a6c70edb13fb4dba3565221b3a2897a23861cd0e8e0060021cdd7de002d5e785e5d6d3d07f4e445ada9c8d9ba8b819d0b5c7b5d15a5192d3a83c125c8e117c823a9e33316b8c9154e7330d3a865048dbd9c14757691bfe56f10423f6ab717bec5eebeac6ba9ad1aeb6cde09d7fda8e475a71ac48d46b8d9a40879c9dec2db5c4799e5fc8e8b3d419031c1033fce88ae2c93d7ca62c9302e6b45ca8dfebe5b92724f035e8e9d7704efb23f445999fe08cfa28404874d8acc8d37870d394d9fcc8dbe763bc85c37f0f3bcc2cbea420cd073db598e7d89c14a31e5bf57cbefa301427c93091505f1f3e5cdf712958b2e8fc56684d3388107c1728f0e5a3be2164246071653e256ed3bf3000c17301da9a5a3d9ca475867c4f311a24e5ae909a62047a9e6bb71cbcb4f159c2ef0f66b4d0f9da51aba99cd9448443dd277362af18d32f111c48a952ef555b2c7c58b997ce61e74cc7551b57eaffe411219baddf490926d8e260dcd87c069e617195c352950f9b51ce88c12c4f7997ba515f77e68d44f831cdf4d7ee8b1b7cedcb4c4fc7e85ba288c8555d49d5b4b9bb70dc4b688bd12e6b38e37150f3ea457a76b23d5abe6551ea598e090aed87822b0954b8db1a7c605c925b7f9240b0e7a020f292a1fd4a37c74139bc6e7ff08373ebfc8feea371ae0b6c61c715f6f1f4b0b994c7e2e129f87db959aae6ff48664d824b29ba9f255890f9c537178db9c5302097891557f8175a46f308b1a2530aa726ea9d4cfce76db50637369724d0c5f51c97edb58ff5eb9b2434b3721b61688ba12471b97c6a65ba085e15406568ac852590701f2ef8451c5cf1191d70f51eaea9ddc4cbdd7428f627db5069111f65062d5cc34581826af3e670613dda99e31c42736aabd87be56e214ed606862a152455f91891b7430bae03284569c234588f495a5ecc4a23fad6ba34e2ee9ebde8c7f5f62c9344659375c2a1fe6fa6e4ef68712223b9471c513bb11429dbb8a45463c8882f462275ee0da567c60c2d8038843e0c20486676e9978f2aec9187820c94a6e7e519d06daf2ab198f5cafcab4d9c90a479800906192d66a3301a34fa6c5a931cea0a479a4d98d86d9de3e061323504b57186dd33df7a16ccb688c0de203666cb0a6b543a9d069dded44a3b432cbb71da921dcab6be1c2d7494d3b07841d9b4f9d659b5d3d3b2ed916f91588d589128e4b2d4448e6aab5a8160eddca0f6e022abb85e251a11cd6bae57a09b2c434ab5bdf6264afb20d5ab022d152e345bd32ba9283aa5b3cd9118bd271a8ac9083c98b8a83064e65428f7ad7b35bf1d60d4e703f22d2d316fc12bd68bcced82cf0962a3d5769c6a3d75d59f7a7b76454661fd3574b8c8e26d20c372407854505ea6c2406fbd8a1ba7bb017c565228aa6d03d18ed309a308ffb1ecec73c246413e7c70f25070eafed9e70d22e9e8b44125c44eceff37e65bf073bc6fad1ea2b72675af4bf70586a8f7e0f35700de94c802522897576ed115fa21b3d23a367844520b33f5b9aedc0245096765f4cb3b2ff4e54f39bd7346c2347875d75a931b17c6c424ddb4767e0e63cc7725a8fc4b1dbe7929b2f909cc5be8b09e63330341e6471dcac0f8b44693d01805a1467b71612260e2a273861b3697440a5f75497796bffcf79d62a4a50a6ed5ef2efe8c83374f2ecd08d8d628aa03b01a11caeb2bdecc0ab2abcecfa15627979d7c3f9dec5389fc6625e957f8075e23e636dd5514596189d568e14d33ae518e6e9978c6a36a74b49fdbd1260095c9abe447e618878039b75e305b1d2c9ddeb9e5cedb11802e0833739d8595d57d749c890c9290cca4aa96e6718747543796a187e54a66c2f71beefddf911a7a74b59c48ba642d5ecd4d415f48dfbde5baac8a4ba063c1b985d9f9f3180e8a1c8b2cf6a25c2ff17688cc858ac8b9c67960f09a1ca5f28f8e877159e00fe7fb10cca73b391508895e7e52c22f9b38d73dabd6ff7c55ebf4e1611daee8d52b4ceee49a6df7daeb81bf9d1c943a74c03d3dda52c5b99f3225c1b87074f5cef6187878bc5b665ec0561adcc9781280dd1c6592555d327afea78b21beeeb66a0af3eab3249245f41cdbca309d3fba5d4b345319dd0a26134c0c896f2c8d32fda28600013f6a4c95b4038faba70d6c480b360c55bdc0595f7ca636e85521ba505d894f9c5f0a90719bc9944f386ad7491422ff12f34a3c048708d51305a8cc5b2a502ac1575a14c75e9fb7219ede2f6d9c1b362230b6189e0d8cd8ccd11fd0325182c6e46c9977bf63aa02f7024aeb4389f989f5733a198b45e4329c4c1a538a009f216ad3ac09cac39547b4fd21a5d7146ea307ad9b9339f39d5161d17b59860a0aed38cd89d1b68c6438346d51a3a283074e34ee01d2eca527b1b3836ccdf7e807007152c79d14324e3d887c9551a9447527db4434810f5b0b73d855f32a0c89aa784e43f4c1657d408dd33f88aeae1e5186bbcc2a348b708e3cec9080e12ee3676beb5ee86a9b5cc4a3496c242b95a248906ed62f984b22373bdfd97515441f34e01006d8d1244aa88403f207cd8820ffe07634fc86d00f871c1e4c9e8fc1a00d295e36d98119599b62379cda10ada85efe7b50c5f38d8d010a2cd53db900939db1ffce14feffb7940d12842f4f2b507e1fa49e526752d1e3d80a0c2a75e870d85f77fd91fc46ac1b1288dd33338cdad154d6b80b5a925431868d62a3fb0036f28fe259a3f555f767526a9ea230c33843efc49ac3182a357845ea122d606ab22c9f937b2b905e02dd1cb07d380e3486be6167f00b6e6d90a3c1d6aee15da439a55542ce177e498998ba8ac69a848e63e4c7564e4dc04aad595fa1ab81275edafa0d352029c304200d2f2c5881cbf5a26b2141bdb117879cc11e7c13bd62f221ae1ac04dca3d8d58a13c130557ecf5f36184c7366d3852d0cbd6ca42f2a971d87c0bb204097af1a3abdab7b95d07fcdbf5f42607695dedcd26e30b8fc5cfd7b333a95f3ee69d5ba7911dadb1394285c437a0f26fc027737ba5ee7d63333f80acb59f1a7faf2ec3031c6533107502bffc92d8726a48ce00cdb5f1258d85ff8eb72bfb162e122022f1f3e8a72b41d2689d5228b1130fbc946384401f3bbe726314bb09d430333ad78de07b3cec5c18a4f4abb69507b6451ca4e610b8fc988c983426e0cc3b9d15393026eb75d3d08634b8a7495cef69aab83d27ea1b5b41f40b996dd10023d81f77d61192930ffc25cae1e149412322fcb0aa47bee3afc44ec3dda96c9294854e2cbaebfea6f9a90f0b3797d5f505824b4de964151569f881f87f9dd9d30a2a2f9ed01059a909cba157902903c77f2f3d056231e7c7483a3f35e04360e084f0d3f94a92c92c77b3f06479fbc417366d7fe87ddfcdfd86274f87a5f817b0f947924cbe2329f16f6b00c8a0ab96164f7b35fed38a388380af05c3600abc37a944c9e75a691728c26896ac3615297766f406aeb0f2fd147d68fad3fb3b032880280ebb4bf89252a36b0d9eb393daae72829b8da870b886676244897d5322b32703fcf138b66eedeb3024666a88fd99d8962f696ab7b34e19ced1bd27488aa2ffe5bfa11f8f9289bd8c052d4e88316cc33b0255ef1bfca4c17067d7f78175c56db481fe8dc6f73b1cbdf9d5823f115c9e03f2dfd07bc1ad88564d48b18cd9a30d83cbd5e6a3eedcb0ee86e5dd47f32820cb74dcf730b2052b31297b529e5e24f042335d13915e4048132fe1a101841e919c7870bb680eddead9a6111394bc12e274fbd88abaf2d254721c42e82abf4d1e319a631794ed6ce319ddd844ac5e9b1fc96dd9aaad42f2e087abe1b85430c4a00631970e3e74a6ed923f49e0df75685e044fae3fcea0af4dbfeebe0a9c2e73e8a89b89603a75f585e3ebba5453ae595da1469ea90ea3c9fb6a22411c56c58dfbf504caa629dbfc73ebbedc91669f2babf8b8215c525edf8feb366f104ffa9eb2bb79232660aece4730ef1ae8585c629ffe1390356a58e900da145b83ad177c7bb2d125e59d7ff4d3a8562efc620b4cf9b33c2305bbf1957e0f8b06f0fbe9c80db73b08fdd0be4a1ea4f91f52af47160040424aed8ac3c10251fb0b5d9be08247edf3dda5d1750d0597d60c8a0d9418a4e0c9325bb90f0886f9e5dda9e88ac1942ec1e53da0cf5ccad66b9cdfc2fdca784dd06a73713ef73785706d024873ddca5ccfcf0b91748a2c1fbd8c241934b5b473007b29d76aec5addf7b945a5f7abd6ddeccc8d0ccb26d69d4793b7224c27ba7bf45aac8a2be56086ab8c65ea69fdd593a01a29e2912378002d824bd98e6ed1c5dd5f33be529e640997f5f1bbde051fb2a669145966db4889bf32aa13777ac6c077c51bb8b2523954cea3adc307cfe53b8cbb00edf0c04c456392aea6613e8078a309dc538a6a24f80fc1b7f9fce3e3291ca6dab8090a634fcdb24e7a9de8aecd595b988f597cd623d148a8841b0a5203953166ea2e85316928f28dd2604d37c9ec80a49c0d91cbfe6d584b9b6a321b97bf99ae1d67985fd441976a828c97456003a7892c7c7f4a51bb49e3d3ea1e95ec29c89a2676", 0x1001}], 0x3)
r2 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
ioctl$SCSI_IOCTL_GET_PCI(r2, 0x5393, &(0x7f0000000000))

2.017565758s ago: executing program 3 (id=880):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[], &(0x7f0000000000)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000a80)='kfree\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18)
kexec_load(0x4, 0xa, 0x0, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x38, 0x1403, 0x1, 0x70bd2d, 0x25dfdbfb, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'bond_slave_0\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x24000811}, 0xe000000)
r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), 0xffffffffffffffff)
r3 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00'})
sendmsg$nl_route_sched(r3, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2}, 0x2000400c)
r4 = gettid()
ustat(0x3, &(0x7f0000000040))
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000005c0), r1)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8458, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
pipe2$9p(&(0x7f0000000380)={0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x88000)
write$9p(r7, &(0x7f0000000500)="653a6993a97f7fd06b0a556cf55d7697986563bf4cab9d100b26006c0095d1669ecf87b374c6af6a206dfa5c32b5dfa6e8ae2f9e1978fd94ae56b2899956d1f5a0f7c25d178a9de54817e4b54ba034d2ab29d59390189ed4a3127bb475cc9691bc20209a3270ecc2972499e00cc5abdd97009817d988d20a2a4165862e6f3186f4571621f1b3004907a757da32c3df17785d8766d528484b7cef66b463ba56a9e8a1c45dd60a", 0xa6)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5}, 0x38)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', 0xffffffffffffffff, 0x0, 0xff}, 0x18)
sysinfo(&(0x7f0000000000)=""/177)
sendmsg$NFT_BATCH(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x24, r2, 0x1, 0x70bd28, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_PID={0x8, 0x1c, r4}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000040}, 0x4000000)
socket(0xa, 0xa, 0x3)

1.793905689s ago: executing program 2 (id=883):
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xd, 0x6, &(0x7f0000000500)=ANY=[@ANYBLOB="05000000000000007111c300000000008510000002000000850000000000000095000000000000009500b0059d350000f8eb70c3d9330b16491e095815635bf7490c180e3be703966bd8fdc277008531ccb9d9ae8dc9e78d9dc5311486fd1d2bfab99b08b4d46852f103d4ed539d04b034d645e2ea69674b1749efdc6a03ab8d5c3d2a2ed722271db8f4b166d4a579ab"], &(0x7f0000000080)='GPL\x00', 0x7, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x50, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x10}, 0x94)
mmap(&(0x7f000011e000/0x4000)=nil, 0x4000, 0x200000d, 0xc3072, 0xffffffffffffffff, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = socket$can_raw(0x1d, 0x3, 0x1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
splice(r2, 0x0, r3, 0x0, 0x1, 0x0)
vmsplice(r3, &(0x7f00000005c0)=[{&(0x7f0000000180)="04", 0x1}], 0x1, 0x6)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x12, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB, @ANYRESDEC=0x0, @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r4}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41002, 0x4, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f00000001c0)='ext4_free_blocks\x00', r5}, 0x18)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001200)={0x0, 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x8844)
openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000200)='cpuset.mem_hardwall\x00', 0x2, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6tnl0\x00', 0x210})
perf_event_open(&(0x7f00000007c0)={0x2, 0x80, 0x1, 0x3, 0x0, 0x0, 0x0, 0x2, 0x1000, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffa, 0x0, @perf_bp={0x0, 0x4}, 0x0, 0x1, 0x0, 0x4, 0x2, 0x80000003}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x108, &(0x7f0000000000)=0xffb, 0x0, 0x4)
ioctl$AUTOFS_DEV_IOCTL_READY(r3, 0xc0189376, &(0x7f0000000140)={{0x1, 0x1, 0x18, r1, {0x9}}, './file1/file0\x00'})
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_SHUTDOWN={0x22, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1})
io_uring_enter(0xffffffffffffffff, 0x627, 0x4c1, 0x43, 0x0, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x89f1, &(0x7f0000000080))
bpf$ENABLE_STATS(0x20, &(0x7f0000000040), 0x4)
setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000000)=[{{0x0, 0x0, 0x1, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{}, {0x0, 0x0, 0x1, 0x1}}], 0x10)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000100)='./file1\x00', 0x2800050, &(0x7f0000003240)=ANY=[], 0x6, 0x33c, &(0x7f0000000340)="$eJzs3M9rK1UUwPGTyY8mKW2yEEVBetGNboY2uhaDtCAGLG0jtoIwbScaMiYlEyoRse3Krbh3JbgoXXZXUP+Bbtzpxo27bgQXdqFvHvOrmfxq07yU9LXfD5Tc3HNPMjP3JpwZOrn4+LsvahVbrxgt0dJKYiIilyJ50SQUCx41r52SqENJBK0PiqXS8ppSK8WNtwpKqfmFn7/8OhMEz2bkPP/pxd+Fv85fPH/54snG51VbVW1Vb7SUobYbf7aMbctUu1W7piu1apmGbapq3TabfrzhxytWY2+vrYz67lx2r2natjLqbVUz26rVUK1mWxmfGdW60nVdzWUFNykfr60ZxTGTdya8MbgjzWbRiItIpi9SPp7KBgEAgKnqrf81t6S/Vf3/5uw/v7+6vrkl81797w7u1P8nr/3amv3odD6o/89Sg+r/t//wX6ur/k+LyDj1/w9yi/q/vyJ6XJ6p/sf9sJDq64p1PXPr/2zw+fUcfXKy6DWo/wEAAAAAAAAAAAAAAAAAAAAAeB5cOk7OcZxc+Bj+dW4hCJ7jQRo2/zMiknZn32H+H7L1zS1JezfuuXNsfbtf3i/7j270f8cnpixKTv7z1kPYJ44T3nmkXHn5xToI8g/2y3EvUqxIVSwxZUlyku/Nd5yV90vLS8oX5F/dppSN5hckJy8Mzi905wfvn5I3Xo/k65KT33akIZbseuu6k//NklLvfVjqyc944wAAAAAAeAh0dWXg+buuD4v7vzJSrHiXiYZcH/DPrxcHnp8ncq8kpr33AAAAAAA8Dnb7q5phWWbzmkZGbh4zfiMx2uBUT0/yusHxyB6Ouj0p70KGyLAx8QFHTJPoGDdaM34c8ah2NcJ/pOgKpYPO8Q5vuP8Tm6/DaI8mI2Qlejd+we1Qt3z3o2BHrnrCy0apIcdZVvtfR+taCd1HNTmx9fzS9z/9O7kPyDun4Qq4efBRpCc58pq3LDPdu+q8RnL4N4Y2gW8dAAAAANPQKfrDnnej4dhUNgoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEfmTn7Sr6cx7X0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7ounAQAA//8QRPLT")
r7 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0xa041, 0x8)
fcntl$setlease(r7, 0x400, 0x0)

1.776741369s ago: executing program 3 (id=884):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000540)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'lo\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000005c0)=@newqdisc={0x30, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}, {0x0, 0xe}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x4}}]}, 0x30}}, 0x20004010)

1.65511375s ago: executing program 0 (id=885):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="0a000000040000000100000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000040000000000000020018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1}, 0x10)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000000)={0x1f, 0xffff, 0x2}, 0x6)
recvmmsg(r2, &(0x7f0000000580)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
r3 = syz_mount_image$ext4(&(0x7f0000000500)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x0, &(0x7f00000021c0), 0x1, 0x783, &(0x7f0000002200)="$eJzs3M9rXOUaAOD3nGaa/si9kwt3ce+mCi20UDpJmk27Mm7ETaFQcFtDMgkhJ5mSmdQkFpq6E4TabFQE0b1Lt0Kpf4A7KSi4F0RrXKibkTOZTNt0Zjptk04bnwdO5vvOfN9533dm8uUcyJkA/rFezX8kEUMRcTEiis39aUQcbLQORaxvjdu8d20q35Ko1y/9kuTTYrNebB0raT4ejcaU+F9E3ClEnH7v0bjV1bX5ySwrLzX7I7WFKyPV1bUzcwuTs+XZ8uLY+PnRc+Pj50bHd63WE2+dP3zr2zc2Nr77qnbz2MCZJCYadUeztl0L9ICt16QQEzv2L+5FsD5Kehgz8BzyAACgu/w8/0Dz3KwQxTjQ7SzNCRwAAAC8lOqD9V792fNIAAAA4AWTRL8zAAAAAPbW9v8BbN/bu1f3wXby8+sRMdwu/kDjHuKIQ1GIiCObyUO3HyRb0+CZrN+IiNsTbT5/vdzR3N3o/ebh3Tkiu+12vv5MtFt/0tb6E23Wn4Ht7054Rp3Xv/vxD3RY/y72GOPrz/5f6Bj/RnXl/WPt4iet+EmH+G/3GP/mxge3Oj1X/yLiZNu/P8lDsbp8P8TIzFzW7lerle6dv07d7Vx/xJFH4idJI2rSvf4rPdb/7uZv8+td4p863v3934o/+NC8/DPxYTOPNCJuNR/z/saOGMcXvv/m0cjJ+nb86Q6vf/v3/81W/Z/3WP+PXw6u9DgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGtKIGIokLbXaaVoqRRyNiP/GkTSrVGunZyrLi9P5cxHDUUhn5rLyaEQUt/pJ3h9rtO/3z+7oj0fEf344vBV0LiuXpirZdL+LBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoOVoRAxFkpYiIo2I34tpWir1OysAAABg1w33OwEAAABgz7n+BwAAgP3vaa//k13OAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjXLl64kG/1zXvXpvL+9NXV5fnK1TPT5ep8aWF5qjRVWbpSmq1UZrNyaaqy8LjjpRExdj6WV0Zq5WptpLq6dnmhsrxYuzy3MDlbvlwuPJeqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFJDjS1JSxGRNtppWipF/CsihqOQzMxl5dGI+HdE3C0WBvP+WL+TBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNdVV9fmJ7OsvPRyN+r7q5yeG5FEvABpdGh80nxXuo1J1iP6nmraTPRZjhPxJLOuP+Zl6XfjlT6tRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9Fd1dW1+MsvKS9V+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB/pT8lEZFvJ4snhnY+ezD5o9h4jIh3Pr300cpkrbY0lu//tbW/9nFz/9kHJl5/njUAAADAvvfakwzevk7fvo4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoVXV1bX4yy8pLe9iIG/2uEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBp/BwAA//9Js7nR")
r4 = openat(0xffffffffffffff9c, &(0x7f00000005c0)='./file1\x00', 0x189180, 0x2e0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r4, 0x8004587d, &(0x7f0000000040)={@id={0x2, 0x0, @b}})
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
sendto$inet(r4, &(0x7f0000000100)="5eccdcf01c0a986c4ee65a07a2ae12a37a87dc6294c8daf647c2d57a157fe8c3eda49ceebec53f3f482c3e36a115c7aa5a98598e32e81537ca2244c7bf909428d86d81337fa34962827e12f3a5f6cf54d46259c8dd7650cf3fabee76e86affd23b8755a9f576c6445ec97efca4ba740036", 0x71, 0x4044000, &(0x7f0000000180)={0x2, 0x4e21, @empty}, 0x10)
ioctl$F2FS_IOC_FLUSH_DEVICE(r5, 0x4008f50a, &(0x7f00000000c0)={0x1, 0x8e})
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='syzkaller\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
r7 = syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/pid_for_children\x00')
ioctl$TUNGETVNETHDRSZ(r7, 0x8004b707, 0x0)
pwritev(r3, &(0x7f00000003c0)=[{&(0x7f0000000200)="9f6415bbfe35d7dbc376e75ab102ca6879304dbb72e3cc543d6746a7c0b0e5789aeac72b9edbca3e827cebaf3f48c275cd84c2613923f76f8ae84ee918bf0a6f676370a4bd64f0a5d3995732aae5f94661a8a0ac19bd3b22aa1db956610f5f3313ca88b6557450526fb9bab04e7ab7ad810c3656388a5526ae86b90424a8eb1320a4794238c403a87f43989d733f6908711db6edcb180be168611d67c6e7f565722288f961cd586a40cade7241f367c646aac5bfff94629db1cb6324d383ba8f024212af29606a86a1144344d1b7a5a59b74eb459570ee3b", 0xd8}], 0x1, 0x9, 0x3)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000540), 0x381000, 0x0)
ioctl$TUNSETOFFLOAD(r8, 0x400454d0, 0x11)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x18)
ioctl$BTRFS_IOC_BALANCE(0xffffffffffffffff, 0x5000940c, 0x0)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000200)={r9}, 0x4)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x10, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r9, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r10}, 0x10)
syz_usbip_server_init(0x5)

1.380250111s ago: executing program 1 (id=886):
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020a07b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x4, 0x0, 0x0, 0x41100, 0x6f, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000700)='kfree\x00', r0}, 0x18)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000fc0)=@raw={'raw\x00', 0x8, 0x3, 0x238, 0x0, 0x11, 0x148, 0x340, 0x0, 0x450, 0x2a8, 0x2a8, 0x450, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x70, 0xb8}, @unspec=@CT0={0x48}}, {{@ip={@multicast2, @empty, 0x0, 0x0, 'vlan0\x00', 'netdevsim0\x00'}, 0x0, 0xa8, 0xe8, 0x0, {}, [@common=@unspec=@quota={{0x38}, {0x0, 0x0, 0x81}}]}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x4f, 0x7, "72f6daeff0a9c6294e211d2d88fe6dcff5d0e552201da3b7a1fdb30dcb59"}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x298)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r1, 0x0, 0x2000c010)
sendmsg$NFQNL_MSG_VERDICT(r1, 0x0, 0x10)
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'veth0\x00', <r3=>0x0})
setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f00000004c0)={r3, 0x3, 0x6}, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000100)={r3, 0x1, 0x6}, 0x10)
sendmsg$nl_route_sched(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000440)=@getchain={0x24, 0x11, 0x1, 0xfffffffe, 0x2000001, {0x0, 0x0, 0x0, r3, {0x7, 0xa}, {0xd, 0xc}, {0x8}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x20048054)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x1000000, &(0x7f0000000000), 0x1, 0x7b9, &(0x7f00000007c0)="$eJzs3d9rHNUeAPDvbJLmR3tvcuFy7+1b4EJvoHRzU2Or4EPFBxEsFPTZNmy2oWaTLdlNaULAFhF8EVR8EPSlz/6ob776A3zS/8IHaamaFis+SGR2Z5M02c2vJtloPh+YzDkzsznnO+fMzNmdYTeAQ2sw/ZOLOB4RbycR/dnyJCK6aqnOiHP17R4uLvRERCGJpaWXfkpq2zxYXCjEqtekjmaZ/0TEV29EnMytL7cyNz85VioVZ7L8cHXq6nBlbv7UlamxieJEcfrMyOjo6bNPnj2ze7H+8t38sbvvPP+/T8/99vq/b7/1dRLn4li2bnUcu2UwBrN90pXuwkc8t9uFtVnS7gqwI+mh2VE/yuN49EdHLdVC737WDADYK69FxBIAcMgkrv8AcMg0Pgd4sLhQaEzt/URif917NiJ66vE/zKb6ms7snl1P7T5o34PkkTsjSUQM7EL5gxHx4eevnOjI8mk93EsD9sONmxFxaWBw/fk/WffMwnb9f6OVS9212eCaxYft+gPt9EU6/nmq2fgvtzz+iSbjn+76sfuvxy1/8+M/d+dxy9hIOv57pv5s25rx3/JDawMdWe5vtTFfV3L5SqmYntv+HhFD0dWd5kdqmzYfuQ3d//1+q/Kz8d/H6fTzu69+lJafzle2yN3p7H70NeNj1c5vHjfwzL2b0Zcl18SfLLd/0mL8e2GLZbzw9JsftFqXxp/G25jWx7+3lm5FnGja/ittmWz4fOJwrTsMNzpFE599/35fq/JXt386peWn892PtLl7N6PWAZJkZR/U1yzHP5Csfl6zsv0yvr3V/2WrdZvH37T/jx1JXq6lj2TLro9VqzMjEUeSF9cvP73y2ka+sX0a/9B/mx//9WKb9//0PeGlLcbfeffHT3Ye/95K4x/fuP+vaf+ebPHKks0Stx9OdrQqf2vtP1pLDWVL0vbfLK6t1GtnvRkAAAAAAAAAAAAAAAAAAAAAAAAAti8XEcciyeWX07lcPl//De9/Rl+uVK5UT14uz06PR+23sgeiK9f4qsv+Vd+HOpJ9H34jf3pN/omI+EdEvNfdW8vnC+XSeLuDBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDM0Ra//5/6obvdtQMA9kxPuysAAOw7138AOHy2d/3v3bN6AAD7x/t/ADh8tnz9v7S39QAA9o/3/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOyxC+fPp9PSr4sLhTQ/fm1udrJ87dR4sTKZn5ot5Avlmav5iXJ5olTMF8pTLf/RjfqsVC5fHY3p2evD1WKlOlyZm784VZ6drl68MjU2UbxY7Nq3yAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABg6ypz85NjpVJx5i+RuLES2C7/5962xtV3MHbvqkRnHIhqHOhEdxyIauwwsfos0duGMxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAn8MfAQAA//94WBdi")
openat2$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0)={0x28cd40, 0x40, 0x5}, 0x18)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/address_bits', 0x2800, 0xa1ca0563eb951e5e)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000400)={0xffffffffffffffff, 0xe0, &(0x7f0000000f80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f00000001c0)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x6, 0x3, &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000240)=[0x0, 0x0, 0x0], 0x0, 0x29, &(0x7f0000000280)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0xb6, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r5, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000001940)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r6, @ANYBLOB="03000000000000000000210000000c00018008000100", @ANYRES32], 0x20}}, 0x0)

1.250648302s ago: executing program 1 (id=889):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73f72cc9f0ba1f848140000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000000)='kmem_cache_free\x00', r1, 0x0, 0xd4}, 0x18)
socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x146680, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
unshare(0x20060400)
r4 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x3, 0x8, &(0x7f0000000940)=ANY=[@ANYBLOB="1809000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000100000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffff000000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000000e}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kfree\x00', r6, 0x0, 0x101}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r4, <r7=>0xffffffffffffffff}, &(0x7f0000000540), &(0x7f0000000580)=r5}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000007c0)={r7, &(0x7f0000000780)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000480)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]})
sendmsg$inet(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000340)="5c00000013006bcd9e3fe3dc4e48aa31086b8703140000001f03000000330000040014000d000a000d0000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x840)
r8 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r8, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f00000000c0)=@ethtool_stats})

969.560284ms ago: executing program 1 (id=890):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c30000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x7fff}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a300000000048000000030a05020000000000000000010000000900030073797a320000000014000480080002400000000008000140000000000900010073797a30"], 0xcc}}, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)

913.279244ms ago: executing program 1 (id=891):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000040000000000000020018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1}, 0x10)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000000)={0x1f, 0xffff, 0x2}, 0x6)
recvmmsg(r2, &(0x7f0000000580)=[{{&(0x7f0000000080)=@nl=@unspec, 0x80, 0x0}}], 0x1, 0x0, 0x0)
r3 = syz_mount_image$ext4(&(0x7f0000000500)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x0, &(0x7f00000021c0), 0x1, 0x783, &(0x7f0000002200)="$eJzs3M9rXOUaAOD3nGaa/si9kwt3ce+mCi20UDpJmk27Mm7ETaFQcFtDMgkhJ5mSmdQkFpq6E4TabFQE0b1Lt0Kpf4A7KSi4F0RrXKibkTOZTNt0Zjptk04bnwdO5vvOfN9533dm8uUcyJkA/rFezX8kEUMRcTEiis39aUQcbLQORaxvjdu8d20q35Ko1y/9kuTTYrNebB0raT4ejcaU+F9E3ClEnH7v0bjV1bX5ySwrLzX7I7WFKyPV1bUzcwuTs+XZ8uLY+PnRc+Pj50bHd63WE2+dP3zr2zc2Nr77qnbz2MCZJCYadUeztl0L9ICt16QQEzv2L+5FsD5Kehgz8BzyAACgu/w8/0Dz3KwQxTjQ7SzNCRwAAAC8lOqD9V792fNIAAAA4AWTRL8zAAAAAPbW9v8BbN/bu1f3wXby8+sRMdwu/kDjHuKIQ1GIiCObyUO3HyRb0+CZrN+IiNsTbT5/vdzR3N3o/ebh3Tkiu+12vv5MtFt/0tb6E23Wn4Ht7054Rp3Xv/vxD3RY/y72GOPrz/5f6Bj/RnXl/WPt4iet+EmH+G/3GP/mxge3Oj1X/yLiZNu/P8lDsbp8P8TIzFzW7lerle6dv07d7Vx/xJFH4idJI2rSvf4rPdb/7uZv8+td4p863v3934o/+NC8/DPxYTOPNCJuNR/z/saOGMcXvv/m0cjJ+nb86Q6vf/v3/81W/Z/3WP+PXw6u9DgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGtKIGIokLbXaaVoqRRyNiP/GkTSrVGunZyrLi9P5cxHDUUhn5rLyaEQUt/pJ3h9rtO/3z+7oj0fEf344vBV0LiuXpirZdL+LBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoOVoRAxFkpYiIo2I34tpWir1OysAAABg1w33OwEAAABgz7n+BwAAgP3vaa//k13OAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjXLl64kG/1zXvXpvL+9NXV5fnK1TPT5ep8aWF5qjRVWbpSmq1UZrNyaaqy8LjjpRExdj6WV0Zq5WptpLq6dnmhsrxYuzy3MDlbvlwuPJeqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFJDjS1JSxGRNtppWipF/CsihqOQzMxl5dGI+HdE3C0WBvP+WL+TBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNdVV9fmJ7OsvPRyN+r7q5yeG5FEvABpdGh80nxXuo1J1iP6nmraTPRZjhPxJLOuP+Zl6XfjlT6tRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9Fd1dW1+MsvKS9V+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB/pT8lEZFvJ4snhnY+ezD5o9h4jIh3Pr300cpkrbY0lu//tbW/9nFz/9kHJl5/njUAAADAvvfakwzevk7fvo4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoVXV1bX4yy8pLe9iIG/2uEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBp/BwAA//9Js7nR")
r4 = openat(0xffffffffffffff9c, &(0x7f00000005c0)='./file1\x00', 0x189180, 0x2e0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r4, 0x8004587d, &(0x7f0000000040)={@id={0x2, 0x0, @b}})
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
ioctl$F2FS_IOC_FLUSH_DEVICE(r5, 0x4008f50a, &(0x7f00000000c0)={0x1, 0x8e})
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='syzkaller\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
r7 = syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/pid_for_children\x00')
ioctl$TUNGETVNETHDRSZ(r7, 0x8004b707, 0x0)
pwritev(r3, &(0x7f00000003c0)=[{&(0x7f0000000200)="9f6415bbfe35d7dbc376e75ab102ca6879304dbb72e3cc543d6746a7c0b0e5789aeac72b9edbca3e827cebaf3f48c275cd84c2613923f76f8ae84ee918bf0a6f676370a4bd64f0a5d3995732aae5f94661a8a0ac19bd3b22aa1db956610f5f3313ca88b6557450526fb9bab04e7ab7ad810c3656388a5526ae86b90424a8eb1320a4794238c403a87f43989d733f6908711db6edcb180be168611d67c6e7f565722288f961cd586a40cade7241f367c646aac5bfff94629db1cb6324d383ba8f024212af29606a86a1144344d1b7a5a59b74eb459570ee3b", 0xd8}], 0x1, 0x9, 0x3)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000540), 0x381000, 0x0)
ioctl$TUNSETOFFLOAD(r8, 0x400454d0, 0x11)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x18)
ioctl$BTRFS_IOC_BALANCE(0xffffffffffffffff, 0x5000940c, 0x0)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000200)={r9}, 0x4)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x10, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r9, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r10}, 0x10)
syz_usbip_server_init(0x5)

848.772185ms ago: executing program 0 (id=892):
pipe(0x0)
write(0xffffffffffffffff, 0x0, 0x0)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x1100000000f336, 0x8)
r0 = openat2$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001004900000001000000", @ANYRES32, @ANYRES32=0x0], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xd, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], &(0x7f0000000040)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='kmem_cache_free\x00', r3}, 0x18)
r4 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r4, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000300), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r4, 0x10e, 0x4, &(0x7f0000000640)=0xcde, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r4)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet_udp(0x2, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000000), 0xffffffffffffffff)
fsconfig$FSCONFIG_SET_PATH_EMPTY(0xffffffffffffffff, 0x4, 0x0, &(0x7f0000000140)='./file0\x00', r0)
r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r5, 0x8983, &(0x7f0000001ec0)={0x0, 'macvlan1\x00', {}, 0x79c6})

801.006605ms ago: executing program 3 (id=893):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="0a000000040000000100000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000040000000000000020018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1}, 0x10)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000000)={0x1f, 0xffff, 0x2}, 0x6)
recvmmsg(r2, &(0x7f0000000580)=[{{&(0x7f0000000080)=@nl=@unspec, 0x80, 0x0}}], 0x1, 0x0, 0x0)
r3 = syz_mount_image$ext4(&(0x7f0000000500)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x0, &(0x7f00000021c0), 0x1, 0x783, &(0x7f0000002200)="$eJzs3M9rXOUaAOD3nGaa/si9kwt3ce+mCi20UDpJmk27Mm7ETaFQcFtDMgkhJ5mSmdQkFpq6E4TabFQE0b1Lt0Kpf4A7KSi4F0RrXKibkTOZTNt0Zjptk04bnwdO5vvOfN9533dm8uUcyJkA/rFezX8kEUMRcTEiis39aUQcbLQORaxvjdu8d20q35Ko1y/9kuTTYrNebB0raT4ejcaU+F9E3ClEnH7v0bjV1bX5ySwrLzX7I7WFKyPV1bUzcwuTs+XZ8uLY+PnRc+Pj50bHd63WE2+dP3zr2zc2Nr77qnbz2MCZJCYadUeztl0L9ICt16QQEzv2L+5FsD5Kehgz8BzyAACgu/w8/0Dz3KwQxTjQ7SzNCRwAAAC8lOqD9V792fNIAAAA4AWTRL8zAAAAAPbW9v8BbN/bu1f3wXby8+sRMdwu/kDjHuKIQ1GIiCObyUO3HyRb0+CZrN+IiNsTbT5/vdzR3N3o/ebh3Tkiu+12vv5MtFt/0tb6E23Wn4Ht7054Rp3Xv/vxD3RY/y72GOPrz/5f6Bj/RnXl/WPt4iet+EmH+G/3GP/mxge3Oj1X/yLiZNu/P8lDsbp8P8TIzFzW7lerle6dv07d7Vx/xJFH4idJI2rSvf4rPdb/7uZv8+td4p863v3934o/+NC8/DPxYTOPNCJuNR/z/saOGMcXvv/m0cjJ+nb86Q6vf/v3/81W/Z/3WP+PXw6u9DgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGtKIGIokLbXaaVoqRRyNiP/GkTSrVGunZyrLi9P5cxHDUUhn5rLyaEQUt/pJ3h9rtO/3z+7oj0fEf344vBV0LiuXpirZdL+LBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoOVoRAxFkpYiIo2I34tpWir1OysAAABg1w33OwEAAABgz7n+BwAAgP3vaa//k13OAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjXLl64kG/1zXvXpvL+9NXV5fnK1TPT5ep8aWF5qjRVWbpSmq1UZrNyaaqy8LjjpRExdj6WV0Zq5WptpLq6dnmhsrxYuzy3MDlbvlwuPJeqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFJDjS1JSxGRNtppWipF/CsihqOQzMxl5dGI+HdE3C0WBvP+WL+TBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNdVV9fmJ7OsvPRyN+r7q5yeG5FEvABpdGh80nxXuo1J1iP6nmraTPRZjhPxJLOuP+Zl6XfjlT6tRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9Fd1dW1+MsvKS9V+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB/pT8lEZFvJ4snhnY+ezD5o9h4jIh3Pr300cpkrbY0lu//tbW/9nFz/9kHJl5/njUAAADAvvfakwzevk7fvo4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoVXV1bX4yy8pLe9iIG/2uEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBp/BwAA//9Js7nR")
r4 = openat(0xffffffffffffff9c, &(0x7f00000005c0)='./file1\x00', 0x189180, 0x2e0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r4, 0x8004587d, &(0x7f0000000040)={@id={0x2, 0x0, @b}})
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
sendto$inet(r4, &(0x7f0000000100)="5eccdcf01c0a986c4ee65a07a2ae12a37a87dc6294c8daf647c2d57a157fe8c3eda49ceebec53f3f482c3e36a115c7aa5a98598e32e81537ca2244c7bf909428d86d81337fa34962827e12f3a5f6cf54d46259c8dd7650cf3fabee76e86affd23b8755a9f576c6445ec97efca4ba740036", 0x71, 0x4044000, &(0x7f0000000180)={0x2, 0x4e21, @empty}, 0x10)
ioctl$F2FS_IOC_FLUSH_DEVICE(r5, 0x4008f50a, &(0x7f00000000c0)={0x1, 0x8e})
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='syzkaller\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
r7 = syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/pid_for_children\x00')
ioctl$TUNGETVNETHDRSZ(r7, 0x8004b707, 0x0)
pwritev(r3, &(0x7f00000003c0)=[{&(0x7f0000000200)="9f6415bbfe35d7dbc376e75ab102ca6879304dbb72e3cc543d6746a7c0b0e5789aeac72b9edbca3e827cebaf3f48c275cd84c2613923f76f8ae84ee918bf0a6f676370a4bd64f0a5d3995732aae5f94661a8a0ac19bd3b22aa1db956610f5f3313ca88b6557450526fb9bab04e7ab7ad810c3656388a5526ae86b90424a8eb1320a4794238c403a87f43989d733f6908711db6edcb180be168611d67c6e7f565722288f961cd586a40cade7241f367c646aac5bfff94629db1cb6324d383ba8f024212af29606a86a1144344d1b7a5a59b74eb459570ee3b", 0xd8}], 0x1, 0x9, 0x3)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000540), 0x381000, 0x0)
ioctl$TUNSETOFFLOAD(r8, 0x400454d0, 0x11)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x18)
ioctl$BTRFS_IOC_BALANCE(0xffffffffffffffff, 0x5000940c, 0x0)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000200)={r9}, 0x4)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x10, &(0x7f0000000740)=ANY=[@ANYBLOB, @ANYRES32=r9, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r10}, 0x10)
syz_usbip_server_init(0x5)

772.127785ms ago: executing program 0 (id=894):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0100000004000000e27f00000100000041400000caca6408f62ba9375ba7ce7d0232070c4929c34c4cddd0a4dddc61d0b8165d3b6f6faae88eb313039cfdd9dfd412789828293a1b0c9eefd30bfd5008ee95bc302955202999e22c92f69b97b92c0427fb5450923e11119f6c7ada2db43cb2b6ec75372a475c", @ANYRES32, @ANYBLOB="feffffff00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0}, &(0x7f0000000000), 0x0}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x11, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000007000000000000000500000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000040000008500000083000000bf0900000000000055090100000000009500000000000000959373912acd781103005f9448c951000000000000008500000044000000bf91000062d6ab7d5aee579bec847752d7fac400000000b7020000010000008500000001000000b7000000000000007f00000000000000bc37d70b6aa777e1c651eb484ea09382ebf2c9dcbfb4fd40bc573e9f18b271210f59a1f8ada30fe7f6596c8e"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1000000}, 0x94)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x13f, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_BIND(r2, &(0x7f0000000140)={0x14, 0x88, 0xfa00, {0xffffffffffffffff, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {}, 0x2000000000001005, 0x19dff}}}, 0x90)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000280)={<r4=>0xffffffffffffffff}, 0x106, 0x2}}, 0xfe5e)
write$RDMA_USER_CM_CMD_SET_OPTION(r3, &(0x7f0000000080)={0xe, 0x18, 0xfa00, @id_afonly={&(0x7f0000000000)=0x1, r4, 0x0, 0x2, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_BIND(r3, &(0x7f0000000140)={0x14, 0x88, 0xfa00, {r4, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {}, 0x2000000000001005, 0x19dff}}}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
process_mrelease(0xffffffffffffffff, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
r7 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_mptcp_buf(r7, 0x11c, 0x2, &(0x7f0000000100)=""/222, &(0x7f0000000000)=0x61637876)
sendmsg$ETHTOOL_MSG_STRSET_GET(r5, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000640)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="0100d0000000fbdbdf3a2700000018000180140002007665746831"], 0x2c}, 0x1, 0x0, 0x0, 0x840}, 0x4008800)
memfd_create(&(0x7f0000000080)='GPL\x00', 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r8 = getpid()
sched_setscheduler(r8, 0x2, &(0x7f0000000200)=0x7)
r9 = msgget$private(0x0, 0x3ac)
msgrcv(r9, 0x0, 0x0, 0xe4b43f0e2aa28c96, 0x2000)
msgsnd(r9, &(0x7f0000000540)=ANY=[@ANYBLOB="02"], 0x95, 0x800)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000400)=ANY=[@ANYBLOB="2800000000000200000008000000e00000020c00088008000c00ca0fe49326b791f96bbb5e798e7c5581718c2a2f3daff7591185170e18eb779b030000001536c7aa20ad62b059ad9563b7905a5c907b5d11870ba335d719ac169c76463c0c9a7c25de504a1fa8c8cf01f2846d27f2fd", @ANYRES32, @ANYBLOB], 0x28}}, 0x0)

667.871056ms ago: executing program 0 (id=895):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[], &(0x7f0000000000)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000a80)='kfree\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18)
kexec_load(0x4, 0xa, 0x0, 0x0)
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x38, 0x1403, 0x1, 0x70bd2d, 0x25dfdbfb, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'bond_slave_0\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x24000811}, 0xe000000)
r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), 0xffffffffffffffff)
r3 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00'})
sendmsg$nl_route_sched(r3, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2}, 0x2000400c)
r4 = gettid()
ustat(0x3, &(0x7f0000000040))
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000005c0), 0xffffffffffffffff)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8458, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
pipe2$9p(&(0x7f0000000380)={0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x88000)
write$9p(r7, &(0x7f0000000500)="653a6993a97f7fd06b0a556cf55d7697986563bf4cab9d100b26006c0095d1669ecf87b374c6af6a206dfa5c32b5dfa6e8ae2f9e1978fd94ae56b2899956d1f5a0f7c25d178a9de54817e4b54ba034d2ab29d59390189ed4a3127bb475cc9691bc20209a3270ecc2972499e00cc5abdd97009817d988d20a2a4165862e6f3186f4571621f1b3004907a757da32c3df17785d8766d528484b7cef66b463ba56a9e8a1c45dd60a", 0xa6)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5}, 0x38)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', 0xffffffffffffffff, 0x0, 0xff}, 0x18)
sysinfo(&(0x7f0000000000)=""/177)
sendmsg$NFT_BATCH(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x24, r2, 0x1, 0x70bd28, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_PID={0x8, 0x1c, r4}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000040}, 0x4000000)
socket(0xa, 0xa, 0x3)

633.337556ms ago: executing program 4 (id=896):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={0x0, r1}, 0x18)
r2 = syz_open_procfs(0x0, &(0x7f00000015c0)='net/raw6\x00')
preadv(r2, &(0x7f0000000000)=[{&(0x7f0000000580)=""/4077, 0xfed}], 0x1, 0xa3, 0x3)

592.456857ms ago: executing program 4 (id=897):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x6, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000008c0)=ANY=[], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x201, 0x0, 0x0, {0x1}}, @NFT_MSG_NEWFLOWTABLE={0x58, 0x16, 0xa, 0x1, 0x0, 0x0, {0x1}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_FLOWTABLE_HOOK={0x2c, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'veth1_to_bond\x00'}]}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}]}]}, @NFT_MSG_DELFLOWTABLE={0x58, 0x16, 0xa, 0x101, 0xb00, 0x0, {0x1}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x2c, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'veth1_to_bond\x00'}]}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x10}]}]}], {0x14, 0x10}}, 0xec}}, 0x0)

579.931617ms ago: executing program 4 (id=898):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000001000000000000000000851000000600000018000000", @ANYRES32=0x0, @ANYBLOB="00000000000100006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000a80)='kfree\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18)
kexec_load(0x4, 0xa, 0x0, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x38, 0x1403, 0x1, 0x70bd2d, 0x25dfdbfb, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'bond_slave_0\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x24000811}, 0xe000000)
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), 0xffffffffffffffff)
r4 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00'})
sendmsg$nl_route_sched(r4, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2}, 0x2000400c)
r5 = gettid()
ustat(0x3, &(0x7f0000000040))
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000005c0), r1)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8458, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
pipe2$9p(0x0, 0x88000)
write$9p(0xffffffffffffffff, &(0x7f0000000500)="653a6993a97f7fd06b0a556cf55d7697986563bf4cab9d100b26006c0095d1669ecf87b374c6af6a206dfa5c32b5dfa6e8ae2f9e1978fd94ae56b2899956d1f5a0f7c25d178a9de54817e4b54ba034d2ab29d59390189ed4a3127bb475cc9691bc20209a3270ecc2972499e00cc5abdd97009817d988d20a2a4165862e6f3186f4571621f1b3004907a757da32c3df17785d8766d528484b7cef66b463ba56a9e8a1c45dd60a", 0xa6)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5}, 0x38)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', 0xffffffffffffffff, 0x0, 0xff}, 0x18)
sysinfo(&(0x7f0000000000)=""/177)
sendmsg$NFT_BATCH(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x24, r3, 0x1, 0x70bd28, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_PID={0x8, 0x1c, r5}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000040}, 0x4000000)
socket(0xa, 0xa, 0x3)

523.271227ms ago: executing program 0 (id=899):
r0 = socket(0x15, 0x5, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x18)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000700000045000000a0000200"], &(0x7f0000000800)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r3 = socket$netlink(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r4, 0x1, 0x200000, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x40840d4}, 0x0)
r5 = socket$xdp(0x2c, 0x3, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b10000000000000010000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
setsockopt$XDP_RX_RING(r5, 0x11b, 0x2, &(0x7f00000004c0)=0x1000000, 0x4)
io_setup(0x8, &(0x7f0000000040))
socket$pppoe(0x18, 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r2}, 0x18)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB], 0x50)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r8, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r9}, 0x18)
timer_getoverrun(0x0)
openat$pidfd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendmsg$AUDIT_MAKE_EQUIV(r0, &(0x7f0000000340)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x28, 0x3f7, 0x800, 0x70bd2b, 0x25dfdbfe, {0x7, 0x7, './file0', './file0'}, ["", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x20008004}, 0x24000000)
r10 = syz_open_procfs(0x0, &(0x7f0000000040)='map_files\x00')
getdents64(r10, 0x0, 0x0)

518.483157ms ago: executing program 4 (id=900):
r0 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x3, 0x3, 0x3}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r1}, 0x18)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f0000000000), 0x4000000000001f2, 0x0)
sendmsg$tipc(r0, &(0x7f00000005c0)={&(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x2, 0x3}, 0x2}}, 0x10, 0x0}, 0x4008801)

495.419807ms ago: executing program 4 (id=901):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73f72cc9f0ba1f848140000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000000)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0xd4}, 0x18)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e26, 0xc, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xff}}, 0x2}, 0x1c)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x146680, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
unshare(0x20060400)
r4 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x3, 0x8, &(0x7f0000000940)=ANY=[@ANYBLOB="1809000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000100000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffff000000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000000e}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kfree\x00', r6, 0x0, 0x101}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r4, <r7=>0xffffffffffffffff}, &(0x7f0000000540), &(0x7f0000000580)=r5}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000007c0)={r7, &(0x7f0000000780)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000480)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]})
sendmsg$inet(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000340)="5c00000013006bcd9e3fe3dc4e48aa31086b8703140000001f03000000330000040014000d000a000d0000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x840)
r8 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r8, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f00000000c0)=@ethtool_stats})

333.119798ms ago: executing program 4 (id=902):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000340), 0x208101, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x8, 0x4}}]}}]}, 0x48}}, 0x20040084)
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x0)
close(r4)
socket$unix(0x1, 0x1, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

180.517009ms ago: executing program 0 (id=903):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="0a000000040000000100000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000040000000000000020018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1}, 0x10)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000000)={0x1f, 0xffff, 0x2}, 0x6)
recvmmsg(r2, &(0x7f0000000580)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
r3 = syz_mount_image$ext4(&(0x7f0000000500)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x0, &(0x7f00000021c0), 0x1, 0x783, &(0x7f0000002200)="$eJzs3M9rXOUaAOD3nGaa/si9kwt3ce+mCi20UDpJmk27Mm7ETaFQcFtDMgkhJ5mSmdQkFpq6E4TabFQE0b1Lt0Kpf4A7KSi4F0RrXKibkTOZTNt0Zjptk04bnwdO5vvOfN9533dm8uUcyJkA/rFezX8kEUMRcTEiis39aUQcbLQORaxvjdu8d20q35Ko1y/9kuTTYrNebB0raT4ejcaU+F9E3ClEnH7v0bjV1bX5ySwrLzX7I7WFKyPV1bUzcwuTs+XZ8uLY+PnRc+Pj50bHd63WE2+dP3zr2zc2Nr77qnbz2MCZJCYadUeztl0L9ICt16QQEzv2L+5FsD5Kehgz8BzyAACgu/w8/0Dz3KwQxTjQ7SzNCRwAAAC8lOqD9V792fNIAAAA4AWTRL8zAAAAAPbW9v8BbN/bu1f3wXby8+sRMdwu/kDjHuKIQ1GIiCObyUO3HyRb0+CZrN+IiNsTbT5/vdzR3N3o/ebh3Tkiu+12vv5MtFt/0tb6E23Wn4Ht7054Rp3Xv/vxD3RY/y72GOPrz/5f6Bj/RnXl/WPt4iet+EmH+G/3GP/mxge3Oj1X/yLiZNu/P8lDsbp8P8TIzFzW7lerle6dv07d7Vx/xJFH4idJI2rSvf4rPdb/7uZv8+td4p863v3934o/+NC8/DPxYTOPNCJuNR/z/saOGMcXvv/m0cjJ+nb86Q6vf/v3/81W/Z/3WP+PXw6u9DgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGtKIGIokLbXaaVoqRRyNiP/GkTSrVGunZyrLi9P5cxHDUUhn5rLyaEQUt/pJ3h9rtO/3z+7oj0fEf344vBV0LiuXpirZdL+LBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoOVoRAxFkpYiIo2I34tpWir1OysAAABg1w33OwEAAABgz7n+BwAAgP3vaa//k13OAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjXLl64kG/1zXvXpvL+9NXV5fnK1TPT5ep8aWF5qjRVWbpSmq1UZrNyaaqy8LjjpRExdj6WV0Zq5WptpLq6dnmhsrxYuzy3MDlbvlwuPJeqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFJDjS1JSxGRNtppWipF/CsihqOQzMxl5dGI+HdE3C0WBvP+WL+TBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNdVV9fmJ7OsvPRyN+r7q5yeG5FEvABpdGh80nxXuo1J1iP6nmraTPRZjhPxJLOuP+Zl6XfjlT6tRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9Fd1dW1+MsvKS9V+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB/pT8lEZFvJ4snhnY+ezD5o9h4jIh3Pr300cpkrbY0lu//tbW/9nFz/9kHJl5/njUAAADAvvfakwzevk7fvo4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoVXV1bX4yy8pLe9iIG/2uEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBp/BwAA//9Js7nR")
r4 = openat(0xffffffffffffff9c, &(0x7f00000005c0)='./file1\x00', 0x189180, 0x2e0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r4, 0x8004587d, &(0x7f0000000040)={@id={0x2, 0x0, @b}})
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
sendto$inet(r4, &(0x7f0000000100)="5eccdcf01c0a986c4ee65a07a2ae12a37a87dc6294c8daf647c2d57a157fe8c3eda49ceebec53f3f482c3e36a115c7aa5a98598e32e81537ca2244c7bf909428d86d81337fa34962827e12f3a5f6cf54d46259c8dd7650cf3fabee76e86affd23b8755a9f576c6445ec97efca4ba740036", 0x71, 0x4044000, &(0x7f0000000180)={0x2, 0x4e21, @empty}, 0x10)
ioctl$F2FS_IOC_FLUSH_DEVICE(r5, 0x4008f50a, &(0x7f00000000c0)={0x1, 0x8e})
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='syzkaller\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
r7 = syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/pid_for_children\x00')
ioctl$TUNGETVNETHDRSZ(r7, 0x8004b707, 0x0)
pwritev(r3, &(0x7f00000003c0)=[{&(0x7f0000000200)="9f6415bbfe35d7dbc376e75ab102ca6879304dbb72e3cc543d6746a7c0b0e5789aeac72b9edbca3e827cebaf3f48c275cd84c2613923f76f8ae84ee918bf0a6f676370a4bd64f0a5d3995732aae5f94661a8a0ac19bd3b22aa1db956610f5f3313ca88b6557450526fb9bab04e7ab7ad810c3656388a5526ae86b90424a8eb1320a4794238c403a87f43989d733f6908711db6edcb180be168611d67c6e7f565722288f961cd586a40cade7241f367c646aac5bfff94629db1cb6324d383ba8f024212af29606a86a1144344d1b7a5a59b74eb459570ee3b", 0xd8}], 0x1, 0x9, 0x3)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000540), 0x381000, 0x0)
ioctl$TUNSETOFFLOAD(r8, 0x400454d0, 0x11)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x18)
ioctl$BTRFS_IOC_BALANCE(0xffffffffffffffff, 0x5000940c, 0x0)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000200)={r9}, 0x4)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x10, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r9, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r10}, 0x10)
syz_usbip_server_init(0x5)

131.730849ms ago: executing program 1 (id=904):
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000400)={'#! ', './file0', [{0x20, '\t\t6\x8f/&\x05\xf6\x11\x17M\x9b\x9dy\a\x82\x7f\x95\xbdf\xe8\xb2\x8d,\x11\x84\xe9\xbah\xe5\xa2\xebkc\x92M\x18\xb1\xf3O7\xc6\xb6\x06\xe4\xdd\xfa#\xe2W\xafx\fk\xdf\xdd\x91\xd5y\x9e\b\x16?\x1ea\x10_\xa9=\a0\xa6\xa3\xf8\x90z\x04\xb1f\xc0\xfd\xe5\xf1\xaeF\xd4H(\x9f\xc4\xf4\xb0\xdc\xcfQ\xdbG\xa7\xefx\xd81\x89\x86\x11d\xc5]\"\t\xd4\x048~c\xad\t\x930b%\x18\xd7\xe8\x81\xd7\a\x8fd\xce\x14\x10\xfe\x0e\xad\x8d\xdb\xec\xf5\xb0\xa8MX\x14PI\xb3Et\xeaE)\xac\xb1\x93=*\x93\x92v\xae\x82\x05\x14kA\xebGA \x8e\xf6\xbd@\x1c\xbeB>\x9e\xee6\xd6\x88\xc5\xb9\x87\xdc\xa2i\xfe\xe4\xa1\x868@\xb7\xceZ\xd2h\x8b\xa5\xa3\x8co\x93\xd6'}]}, 0xdb)
memfd_create(0x0, 0x2)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000002500)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb86dd6000000000142c00fe8000000000000000000000000000bbfe8000000000000000000000000000aa0600ff"], 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ec}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000080)={r1, 0x0, 0x2d, 0x0, @val=@netfilter={0xa, 0x1, 0x353a, 0x1}}, 0x20)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000002c0)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff6, 0x0, 0x0, 0x10, 0x3}, 0x94)
r3 = socket$pppoe(0x18, 0x1, 0x0)
accept4(r3, &(0x7f0000001080)=@pptp={0x18, 0x2, {0x0, @dev}}, &(0x7f0000001100)=0x80, 0x800)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0xffffffffffffff62, &(0x7f0000000000)="ff", 0x0, 0x149c, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe, 0x7000000}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r4}, 0x10)
r5 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_ERR_FILTER(r5, 0x65, 0x7, &(0x7f00000001c0)=0x8, 0x4)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'vxcan1\x00', <r6=>0x0})
sendmsg$can_raw(r5, &(0x7f0000000140)={&(0x7f0000000000)={0x1d, r6}, 0x10, &(0x7f00000005c0)={&(0x7f0000000100)=@can={{}, 0x80, 0x3, 0x4, 0x2, "07000000008000"}, 0x210}}, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_wait_time\x00', 0x275a, 0x0)
lseek(r8, 0xf9ff100000000000, 0x3)
ioctl$TCSBRK(r8, 0x5409, 0x21363c1)

78.60996ms ago: executing program 3 (id=905):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0}, 0x94)
socket(0xa, 0x2, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5e8, &(0x7f0000001200)="$eJzs3c9vFdUeAPDv3P6gpbzXQl7ee7iQJsZAorS0gCHGBWwNafBH3Lix0oJIgYbWaNGEkuDGxLgxxsSVC/G/UCJbVrpy4caVISFqWJp4zdzOlP6Y2x+X207T+XySS2fOmeGc4fLtOXPuOXMDqKzB9I9axMGImE4i+pP5xbzOyDIHF4579OdH59NXEvX6a78nkWRp+fFJ9rMvO7knIn78IYkDHavLnZm7cXl8amryerY/PHtlenhm7sbRS1fGL05enLw6+sLoqZMnTp4aOdbSdd0sSDt7+933+z8Ze/Obr/5KRr79ZSyJ0/FyduDS62iXwRhs/Jskq7P6TrW7sJJ0ZP9Plr7FSWeJFWJT8vevKyL+F/3REY/fvP74+JVSKwdsqXoSUQcqKhH/UFF5PyC/t195H1wrpVcCbIeHZxYGAFbHf+fC2GD0NMYG9j5KYumwThIRrY3MLbcvIu7fG7t94d7Y7diicTig2PytiPh/UfwnjfgfiJ4YaMR/bVn8p/2Cc9nPNP3VFstfOVQs/mH7LMR/z5rxH03i/60l8f92i+UPPt58p3dZ/Pe2ekkAAAAAAABQWXfPRMTzRZ//1xbn/0TB/J++iDjdhvIHV+yv/vy/9qANxQAFHp6JeKlw/m8tn/070JFt/asxH6AruXBpavJYRPw7Io5E1550f2SNMo5+euDLZnmD2fy//JWWfz+bC5jV40HnnuXnTIzPjj/pdQMRD29FPFU4/zdZbP+TgvY//X0wvcEyDjx751yzvPXjH9gq9a8jDhe2/4+fWpGs/XyO4UZ/YDjvFaz29Ieffdes/Fbj3yMm4Mml7f/eteN/IFn6vJ6ZzZdxfK6z3iyv1f5/d/J645Ez3VnaB+Ozs9dHIrqTsx1p6rL00c3XGXajPB7yeEnj/8gza4//FfX/eyNifsXfnfyxfE1x7r9/9/3arD76/1CeNP4nNtX+b35j9M7A983K31j7f6LR1h/JUoz/wYIv8jDtXp5eEI6dRVnbXV8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2A1qEbEvktrQ4natNjQU0RcR/4m9talrM7PPXbj23tWJNK/x/f+1/Jt++xf2k/z7/weW7I+u2D8eEfsj4vOO3sb+0PlrUxNlXzwAAAAAAAAAAAAAAAAAAADsEH1N1v+nfusou3bAlussuwJAaQri/6cy6gFsP+0/VJf4h+oS/1Bd4h+qq8X472p3PYDtp/2H6hL/UF3iHwAAAAAAdpX9h+7+nETE/Iu9jVeqO8szvwd2t1rZFQBK4xE/UF2m/kB1uccHknXye5qetN6Za5k+/wQnAwAAAAAAAAAAAEDlHD5o/T9UlfX/UF3W/0N15ev/D5VcD2D7uccHYp2V/IXr/9c9CwAAAAAAAAAAAABop5m5G5fHp6Ymr9t4Y2dUox0b6Tu7kYPr9frNxrEtlbVnB1zpjtrIp8LvlPqs2MjX+m3srNJ+JQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACv8EwAA//8IGSKz")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x1)
r2 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r2, &(0x7f0000004200)='t', 0x1)
sendfile(r2, r1, 0x0, 0x3ffff)
sendfile(r2, r1, 0x0, 0x7ffff000)

0s ago: executing program 1 (id=906):
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26}, 0x20)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="070000000400000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x3, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000400), 0x101201, 0x0)
ppoll(&(0x7f0000000100)=[{r2, 0x1004}], 0x1, 0x0, 0x0, 0x0)
ioctl$IMADDTIMER(r2, 0x80044940, &(0x7f0000000600)=0x14)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000440)='kfree\x00', r1, 0x0, 0x5}, 0x18)

kernel console output (not intermixed with test programs):

gistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   54.659792][ T4370] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   54.679372][ T4370] EXT4-fs error (device loop1): ext4_iget_extra_inode:5075: inode #15: comm syz.1.294: corrupted in-inode xattr: bad e_name length
[   54.707118][  T155] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   54.717643][  T155] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   54.732442][ T4386] netlink: 'syz.3.300': attribute type 10 has an invalid length.
[   54.742090][  T155] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   54.750840][ T4386] batadv0: left allmulticast mode
[   54.755903][ T4386] batadv0: left promiscuous mode
[   54.760978][ T4386] bridge0: port 3(batadv0) entered disabled state
[   54.768839][ T4383] loop4: detected capacity change from 0 to 4096
[   54.788333][ T4386] 8021q: adding VLAN 0 to HW filter on device batadv0
[   54.800269][ T4389] loop0: detected capacity change from 0 to 1024
[   54.811675][ T4383] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   54.826582][ T4389] EXT4-fs: test_dummy_encryption option not supported
[   54.831236][ T4386] bond0: (slave batadv0): Enslaving as an active interface with an up link
[   54.842162][  T155] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   54.890084][ T4370] siw: device registration error -23
[   54.899014][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.911122][ T4394] loop0: detected capacity change from 0 to 2048
[   54.913269][ T4386] netlink: 'syz.3.300': attribute type 10 has an invalid length.
[   54.925328][ T4386] netlink: 40 bytes leftover after parsing attributes in process `syz.3.300'.
[   54.936666][ T4386] batadv0: entered promiscuous mode
[   54.941923][ T4386] batadv0: entered allmulticast mode
[   54.960181][ T4394] ext4 filesystem being mounted at /49/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   54.971236][ T4386] bond0: (slave batadv0): Releasing backup interface
[   54.979976][ T4386] bridge0: port 3(batadv0) entered blocking state
[   54.986549][ T4386] bridge0: port 3(batadv0) entered disabled state
[   55.044102][ T4392] lo speed is unknown, defaulting to 1000
[   55.151983][ T4424] 9pnet_fd: Insufficient options for proto=fd
[   55.178277][ T4427] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4427 comm=syz.2.316
[   55.200218][ T4427] IPv6: NLM_F_CREATE should be specified when creating new route
[   55.320148][ T4444] loop4: detected capacity change from 0 to 2048
[   55.332084][ T4452] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=4452 comm=syz.2.316
[   55.344536][ T4452] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=4452 comm=syz.2.316
[   55.389844][ T4444] ext4 filesystem being mounted at /54/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   55.403439][ T4444] EXT4-fs (loop4): shut down requested (2)
[   55.411384][ T4444] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(13)
[   55.418032][ T4444] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   55.425806][ T4444] vhci_hcd vhci_hcd.0: Device attached
[   55.431801][ T4464] vhci_hcd: connection closed
[   55.432043][   T52] vhci_hcd: stop threads
[   55.440964][   T52] vhci_hcd: release socket
[   55.445366][   T52] vhci_hcd: disconnect device
[   55.482486][ T4468] FAULT_INJECTION: forcing a failure.
[   55.482486][ T4468] name failslab, interval 1, probability 0, space 0, times 0
[   55.495273][ T4468] CPU: 0 UID: 0 PID: 4468 Comm: syz.3.325 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   55.495299][ T4468] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   55.495363][ T4468] Call Trace:
[   55.495369][ T4468]  <TASK>
[   55.495377][ T4468]  __dump_stack+0x1d/0x30
[   55.495398][ T4468]  dump_stack_lvl+0xe8/0x140
[   55.495418][ T4468]  dump_stack+0x15/0x1b
[   55.495434][ T4468]  should_fail_ex+0x265/0x280
[   55.495453][ T4468]  should_failslab+0x8c/0xb0
[   55.495553][ T4468]  kmem_cache_alloc_noprof+0x50/0x480
[   55.495659][ T4468]  ? getname_flags+0x80/0x3b0
[   55.495687][ T4468]  getname_flags+0x80/0x3b0
[   55.495782][ T4468]  user_path_at+0x28/0x130
[   55.495800][ T4468]  do_faccessat+0x380/0x800
[   55.495886][ T4468]  __x64_sys_faccessat2+0x51/0x60
[   55.495911][ T4468]  x64_sys_call+0x200f/0x3000
[   55.495966][ T4468]  do_syscall_64+0xd2/0x200
[   55.495987][ T4468]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   55.496009][ T4468]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   55.496076][ T4468]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   55.496095][ T4468] RIP: 0033:0x7f933dcbefc9
[   55.496108][ T4468] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   55.496170][ T4468] RSP: 002b:00007f933c727038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b7
[   55.496187][ T4468] RAX: ffffffffffffffda RBX: 00007f933df15fa0 RCX: 00007f933dcbefc9
[   55.496197][ T4468] RDX: 0000000000000000 RSI: 0000200000000240 RDI: ffffffffffffff9c
[   55.496207][ T4468] RBP: 00007f933c727090 R08: 0000000000000000 R09: 0000000000000000
[   55.496218][ T4468] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000001
[   55.496232][ T4468] R13: 00007f933df16038 R14: 00007f933df15fa0 R15: 00007ffc0e811678
[   55.496247][ T4468]  </TASK>
[   55.765475][ T4481] 9pnet_fd: Insufficient options for proto=fd
[   55.863976][ T4492] loop1: detected capacity change from 0 to 512
[   55.871693][ T4492] EXT4-fs error (device loop1): ext4_xattr_inode_iget:441: inode #12: comm syz.1.335: missing EA_INODE flag
[   55.883682][ T4492] EXT4-fs error (device loop1): ext4_xattr_inode_iget:446: comm syz.1.335: error while reading EA inode 12 err=-117
[   55.896267][ T4492] EXT4-fs (loop1): 1 orphan inode deleted
[   55.930230][ T4496] rdma_rxe: rxe_newlink: failed to add bond_slave_0
[   56.051599][ T4511] blktrace: Concurrent blktraces are not allowed on loop6
[   56.111789][ T4512] loop3: detected capacity change from 0 to 512
[   56.135101][ T4512] EXT4-fs error (device loop3): ext4_xattr_inode_iget:441: inode #12: comm syz.3.343: missing EA_INODE flag
[   56.149425][ T4512] EXT4-fs error (device loop3): ext4_xattr_inode_iget:446: comm syz.3.343: error while reading EA inode 12 err=-117
[   56.174428][ T4512] EXT4-fs (loop3): 1 orphan inode deleted
[   56.180713][   T29] kauditd_printk_skb: 514 callbacks suppressed
[   56.180726][   T29] audit: type=1326 audit(1761852063.086:1760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4516 comm="syz.1.346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c563fefc9 code=0x7ffc0000
[   56.210196][   T29] audit: type=1326 audit(1761852063.086:1761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4516 comm="syz.1.346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=448 compat=0 ip=0x7f3c563fefc9 code=0x7ffc0000
[   56.233636][   T29] audit: type=1326 audit(1761852063.086:1762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4516 comm="syz.1.346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c563fefc9 code=0x7ffc0000
[   56.256940][   T29] audit: type=1326 audit(1761852063.086:1763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4516 comm="syz.1.346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3c563fefc9 code=0x7ffc0000
[   56.280171][   T29] audit: type=1326 audit(1761852063.086:1764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4516 comm="syz.1.346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c563fefc9 code=0x7ffc0000
[   56.303507][   T29] audit: type=1326 audit(1761852063.086:1765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4516 comm="syz.1.346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3c56400ee7 code=0x7ffc0000
[   56.326716][   T29] audit: type=1326 audit(1761852063.086:1766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4516 comm="syz.1.346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f3c56400e5c code=0x7ffc0000
[   56.349966][   T29] audit: type=1326 audit(1761852063.086:1767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4516 comm="syz.1.346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f3c56400d94 code=0x7ffc0000
[   56.358238][   T41] Bluetooth: hci0: Frame reassembly failed (-84)
[   56.373206][   T29] audit: type=1326 audit(1761852063.086:1768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4516 comm="syz.1.346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f3c56400d94 code=0x7ffc0000
[   56.402706][   T29] audit: type=1326 audit(1761852063.086:1769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4516 comm="syz.1.346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f3c563fdc2a code=0x7ffc0000
[   56.464045][ T4523] 9pnet_fd: Insufficient options for proto=fd
[   56.470372][ T4525] loop3: detected capacity change from 0 to 2048
[   56.482837][ T4525] EXT4-fs error (device loop3): ext4_iget_extra_inode:5075: inode #15: comm syz.3.349: corrupted in-inode xattr: bad e_name length
[   56.591181][ T4541] veth0: entered promiscuous mode
[   56.596440][ T4537] syz0: rxe_newlink: already configured on bond_slave_0
[   56.603561][ T4533] loop1: detected capacity change from 0 to 2048
[   56.666899][ T4549] loop2: detected capacity change from 0 to 2048
[   56.686839][ T4554] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   56.718524][ T4542] lo speed is unknown, defaulting to 1000
[   56.844297][ T4554] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   56.913006][ T4554] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   56.991181][ T4554] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   57.039939][ T1385] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   57.053221][ T1385] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   57.067097][ T1385] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   57.080912][ T1385] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   57.412178][ T4576] tipc: Started in network mode
[   57.417148][ T4576] tipc: Node identity 663ec4d8cf35, cluster identity 4711
[   57.424402][ T4576] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   57.444552][ T4576] syzkaller0: entered promiscuous mode
[   57.450060][ T4576] syzkaller0: entered allmulticast mode
[   57.460136][ T4576] tipc: Resetting bearer <eth:syzkaller0>
[   57.467106][ T4575] tipc: Resetting bearer <eth:syzkaller0>
[   57.474814][ T4575] tipc: Disabling bearer <eth:syzkaller0>
[   57.582768][ T4583] __nla_validate_parse: 10 callbacks suppressed
[   57.582781][ T4583] netlink: 60 bytes leftover after parsing attributes in process `syz.3.366'.
[   57.595148][ T4568] loop0: detected capacity change from 0 to 764
[   57.640735][    T9] usb 10-1: device descriptor read/8, error -110
[   57.697824][ T4654] loop3: detected capacity change from 0 to 2048
[   57.712701][ T4654] EXT4-fs error (device loop3): ext4_iget_extra_inode:5075: inode #15: comm syz.3.371: corrupted in-inode xattr: bad e_name length
[   57.750380][    T9] usb 10-1: new SuperSpeed USB device number 2 using vhci_hcd
[   57.770433][    T9] usb 10-1: enqueue for inactive port 0
[   57.777196][    T9] usb 10-1: enqueue for inactive port 0
[   57.789431][    T9] usb 10-1: enqueue for inactive port 0
[   57.846581][ T4659] netlink: 8 bytes leftover after parsing attributes in process `syz.1.372'.
[   57.909056][ T4660] lo speed is unknown, defaulting to 1000
[   57.917690][ T4665] loop1: detected capacity change from 0 to 512
[   57.931757][ T4665] EXT4-fs error (device loop1): ext4_xattr_inode_iget:441: inode #12: comm syz.1.374: missing EA_INODE flag
[   57.945783][ T4665] EXT4-fs error (device loop1): ext4_xattr_inode_iget:446: comm syz.1.374: error while reading EA inode 12 err=-117
[   57.958269][ T4665] EXT4-fs (loop1): 1 orphan inode deleted
[   58.019519][ T4676] loop1: detected capacity change from 0 to 512
[   58.026669][ T4676] EXT4-fs (loop1): #blocks per group too big: 16384
[   58.286359][ T4685] FAULT_INJECTION: forcing a failure.
[   58.286359][ T4685] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   58.300319][    C0] hrtimer: interrupt took 38137 ns
[   58.306955][ T4685] CPU: 0 UID: 0 PID: 4685 Comm: syz.1.382 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   58.307038][ T4685] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   58.307049][ T4685] Call Trace:
[   58.307054][ T4685]  <TASK>
[   58.307060][ T4685]  __dump_stack+0x1d/0x30
[   58.307079][ T4685]  dump_stack_lvl+0xe8/0x140
[   58.307143][ T4685]  dump_stack+0x15/0x1b
[   58.307159][ T4685]  should_fail_ex+0x265/0x280
[   58.307176][ T4685]  should_fail+0xb/0x20
[   58.307188][ T4685]  should_fail_usercopy+0x1a/0x20
[   58.307205][ T4685]  _copy_from_user+0x1c/0xb0
[   58.307266][ T4685]  __sys_sendto+0x19e/0x330
[   58.307301][ T4685]  __x64_sys_sendto+0x76/0x90
[   58.307368][ T4685]  x64_sys_call+0x2d14/0x3000
[   58.307425][ T4685]  do_syscall_64+0xd2/0x200
[   58.307442][ T4685]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   58.307469][ T4685]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   58.307486][ T4685] RIP: 0033:0x7f3c563fefc9
[   58.307574][ T4685] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   58.307593][ T4685] RSP: 002b:00007f3c54e5f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[   58.307610][ T4685] RAX: ffffffffffffffda RBX: 00007f3c56655fa0 RCX: 00007f3c563fefc9
[   58.307620][ T4685] RDX: 0000000000000001 RSI: 0000200000000080 RDI: 0000000000000006
[   58.307631][ T4685] RBP: 00007f3c54e5f090 R08: 00002000000000c0 R09: 000000000000001c
[   58.307642][ T4685] R10: 0000000004000050 R11: 0000000000000246 R12: 0000000000000001
[   58.307653][ T4685] R13: 00007f3c56656038 R14: 00007f3c56655fa0 R15: 00007ffffc471428
[   58.307668][ T4685]  </TASK>
[   58.475340][ T3823] Bluetooth: hci0: command 0x1003 tx timeout
[   58.481542][ T3677] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   58.629519][ T4685] loop1: detected capacity change from 0 to 1024
[   58.717113][ T4698] loop4: detected capacity change from 0 to 2048
[   58.745846][ T4698] ext4 filesystem being mounted at /58/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   58.772114][ T4698] EXT4-fs (loop4): shut down requested (2)
[   58.791635][ T4698] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(13)
[   58.798326][ T4698] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   58.806024][ T4698] vhci_hcd vhci_hcd.0: Device attached
[   58.812155][ T4704] vhci_hcd: connection closed
[   58.812351][ T4625] vhci_hcd: stop threads
[   58.821381][ T4625] vhci_hcd: release socket
[   58.825804][ T4625] vhci_hcd: disconnect device
[   58.859075][ T4711] FAULT_INJECTION: forcing a failure.
[   58.859075][ T4711] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   58.872181][ T4711] CPU: 1 UID: 0 PID: 4711 Comm: syz.1.390 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   58.872269][ T4711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   58.872333][ T4711] Call Trace:
[   58.872339][ T4711]  <TASK>
[   58.872415][ T4711]  __dump_stack+0x1d/0x30
[   58.872434][ T4711]  dump_stack_lvl+0xe8/0x140
[   58.872450][ T4711]  dump_stack+0x15/0x1b
[   58.872464][ T4711]  should_fail_ex+0x265/0x280
[   58.872482][ T4711]  should_fail+0xb/0x20
[   58.872514][ T4711]  should_fail_usercopy+0x1a/0x20
[   58.872597][ T4711]  _copy_from_user+0x1c/0xb0
[   58.872617][ T4711]  __sys_bpf+0x183/0x7c0
[   58.872638][ T4711]  __x64_sys_bpf+0x41/0x50
[   58.872666][ T4711]  x64_sys_call+0x2aee/0x3000
[   58.872733][ T4711]  do_syscall_64+0xd2/0x200
[   58.872753][ T4711]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   58.872780][ T4711]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   58.872808][ T4711]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   58.872852][ T4711] RIP: 0033:0x7f3c563fefc9
[   58.872865][ T4711] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   58.872878][ T4711] RSP: 002b:00007f3c54e5f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   58.872895][ T4711] RAX: ffffffffffffffda RBX: 00007f3c56655fa0 RCX: 00007f3c563fefc9
[   58.872907][ T4711] RDX: 0000000000000094 RSI: 0000200000000440 RDI: 0000000000000005
[   58.872920][ T4711] RBP: 00007f3c54e5f090 R08: 0000000000000000 R09: 0000000000000000
[   58.872956][ T4711] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   58.872968][ T4711] R13: 00007f3c56656038 R14: 00007f3c56655fa0 R15: 00007ffffc471428
[   58.872986][ T4711]  </TASK>
[   59.165988][ T4721] syz0: rxe_newlink: already configured on bond_slave_0
[   59.225028][ T4725] rdma_rxe: rxe_newlink: failed to add bond_slave_0
[   59.280105][ T4733] netlink: 12 bytes leftover after parsing attributes in process `syz.0.399'.
[   59.351319][ T4747] netlink: 8 bytes leftover after parsing attributes in process `syz.0.406'.
[   59.469519][ T4755] netlink: 60 bytes leftover after parsing attributes in process `syz.4.409'.
[   59.511693][ T4760] netlink: 12 bytes leftover after parsing attributes in process `syz.4.411'.
[   59.577918][ T4763] loop0: detected capacity change from 0 to 512
[   59.633216][ T4763] EXT4-fs error (device loop0): ext4_xattr_inode_iget:441: inode #12: comm syz.0.414: missing EA_INODE flag
[   59.720587][ T4763] EXT4-fs error (device loop0): ext4_xattr_inode_iget:446: comm syz.0.414: error while reading EA inode 12 err=-117
[   59.735288][ T4763] EXT4-fs (loop0): 1 orphan inode deleted
[   59.911920][ T4780] netlink: 8 bytes leftover after parsing attributes in process `syz.0.418'.
[   59.928681][ T4767] loop3: detected capacity change from 0 to 1024
[   60.097328][ T4787] loop0: detected capacity change from 0 to 2048
[   60.112087][ T4789] netlink: 'syz.3.423': attribute type 10 has an invalid length.
[   60.120078][ T4789] batadv0: left allmulticast mode
[   60.125456][ T4789] batadv0: left promiscuous mode
[   60.130735][ T4789] bridge0: port 3(batadv0) entered disabled state
[   60.141053][ T4787] ext4 filesystem being mounted at /75/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   60.152510][ T4795] netlink: 12 bytes leftover after parsing attributes in process `syz.2.424'.
[   60.152638][ T4789] 8021q: adding VLAN 0 to HW filter on device batadv0
[   60.169636][ T4784] EXT4-fs (loop0): shut down requested (2)
[   60.179467][ T4784] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(10)
[   60.186076][ T4784] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   60.193915][ T4784] vhci_hcd vhci_hcd.0: Device attached
[   60.208591][ T4789] bond0: (slave batadv0): Enslaving as an active interface with an up link
[   60.228288][ T4802] netlink: 8 bytes leftover after parsing attributes in process `syz.2.426'.
[   60.242851][ T4789] netlink: 'syz.3.423': attribute type 10 has an invalid length.
[   60.250689][ T4789] netlink: 40 bytes leftover after parsing attributes in process `syz.3.423'.
[   60.259739][ T4789] batadv0: entered promiscuous mode
[   60.265003][ T4789] batadv0: entered allmulticast mode
[   60.270811][ T4797] vhci_hcd: connection closed
[   60.271122][ T4650] vhci_hcd: stop threads
[   60.280391][ T4650] vhci_hcd: release socket
[   60.284933][ T4650] vhci_hcd: disconnect device
[   60.290726][ T4789] bond0: (slave batadv0): Releasing backup interface
[   60.301263][ T4804] 9pnet_fd: Insufficient options for proto=fd
[   60.309921][ T4789] bridge0: port 3(batadv0) entered blocking state
[   60.316550][ T4789] bridge0: port 3(batadv0) entered disabled state
[   60.424829][ T4828] netlink: 'syz.3.437': attribute type 10 has an invalid length.
[   60.438819][ T4828] batadv0: left allmulticast mode
[   60.444770][ T4828] batadv0: left promiscuous mode
[   60.449997][ T4828] bridge0: port 3(batadv0) entered disabled state
[   60.458969][ T4828] 8021q: adding VLAN 0 to HW filter on device batadv0
[   60.468004][ T4828] bond0: (slave batadv0): Enslaving as an active interface with an up link
[   60.510079][ T4828] netlink: 'syz.3.437': attribute type 10 has an invalid length.
[   60.523244][ T4828] batadv0: entered promiscuous mode
[   60.528596][ T4828] batadv0: entered allmulticast mode
[   60.549123][ T4828] bond0: (slave batadv0): Releasing backup interface
[   60.562147][ T4836] 9pnet_fd: Insufficient options for proto=fd
[   60.572745][ T4828] bridge0: port 3(batadv0) entered blocking state
[   60.579321][ T4828] bridge0: port 3(batadv0) entered disabled state
[   60.656644][ T4843] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   60.703197][ T4843] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   60.784727][ T4863] loop2: detected capacity change from 0 to 2048
[   60.810428][ T4625] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[   60.819680][ T4625] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[   60.840506][ T4874] 9pnet_fd: Insufficient options for proto=fd
[   60.860107][ T4863] ext4 filesystem being mounted at /80/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   60.909418][ T4887] netlink: 'syz.0.455': attribute type 10 has an invalid length.
[   60.919988][ T4843] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   60.932465][ T4887] batadv0: left allmulticast mode
[   60.937603][ T4887] batadv0: left promiscuous mode
[   60.942927][ T4887] bridge0: port 3(batadv0) entered disabled state
[   60.968395][ T4887] 8021q: adding VLAN 0 to HW filter on device batadv0
[   60.978918][ T4887] bond0: (slave batadv0): Enslaving as an active interface with an up link
[   60.991141][ T4863] EXT4-fs (loop2): shut down requested (2)
[   60.993572][ T4843] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   61.015060][ T4863] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(13)
[   61.021696][ T4863] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   61.029434][ T4863] vhci_hcd vhci_hcd.0: Device attached
[   61.043778][ T4887] netlink: 'syz.0.455': attribute type 10 has an invalid length.
[   61.055712][ T4887] batadv0: entered promiscuous mode
[   61.061148][ T4887] batadv0: entered allmulticast mode
[   61.082470][ T4887] bond0: (slave batadv0): Releasing backup interface
[   61.107403][ T4905] loop3: detected capacity change from 0 to 2048
[   61.116382][ T4887] bridge0: port 3(batadv0) entered blocking state
[   61.123268][ T4887] bridge0: port 3(batadv0) entered disabled state
[   61.124365][ T4905] ext4 filesystem being mounted at /122/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   61.143543][ T4905] EXT4-fs (loop3): shut down requested (2)
[   61.151393][ T4905] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(13)
[   61.158040][ T4905] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   61.165865][ T4905] vhci_hcd vhci_hcd.0: Device attached
[   61.182360][ T4625] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   61.190976][ T4625] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   61.200670][ T4910] vhci_hcd: connection closed
[   61.200972][ T4623] vhci_hcd: stop threads
[   61.209889][ T4623] vhci_hcd: release socket
[   61.214377][ T4623] vhci_hcd: disconnect device
[   61.219864][ T4625] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   61.239848][ T4625] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   61.359033][ T4921] 9pnet_fd: Insufficient options for proto=fd
[   61.389650][ T1040] usb 6-1: SetAddress Request (2) to port 0
[   61.395623][ T1040] usb 6-1: new SuperSpeed USB device number 2 using vhci_hcd
[   61.425581][   T29] kauditd_printk_skb: 280 callbacks suppressed
[   61.425595][   T29] audit: type=1326 audit(1761852068.336:2050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4925 comm="syz.4.470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f153451efc9 code=0x7ffc0000
[   61.460009][   T29] audit: type=1326 audit(1761852068.356:2051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4925 comm="syz.4.470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=278 compat=0 ip=0x7f153451efc9 code=0x7ffc0000
[   61.483671][   T29] audit: type=1326 audit(1761852068.356:2052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4925 comm="syz.4.470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f153451efc9 code=0x7ffc0000
[   61.507114][   T29] audit: type=1326 audit(1761852068.356:2053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4925 comm="syz.4.470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f153451efc9 code=0x7ffc0000
[   61.530451][ T4898] vhci_hcd: connection reset by peer
[   61.537304][ T4625] vhci_hcd: stop threads
[   61.541641][ T4625] vhci_hcd: release socket
[   61.546091][ T4625] vhci_hcd: disconnect device
[   61.593811][   T29] audit: type=1326 audit(1761852068.506:2054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4919 comm="syz.1.468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c563fefc9 code=0x7ffc0000
[   61.617232][   T29] audit: type=1326 audit(1761852068.506:2055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4919 comm="syz.1.468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c563fefc9 code=0x7ffc0000
[   61.640609][   T29] audit: type=1326 audit(1761852068.506:2056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4919 comm="syz.1.468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3c563fefc9 code=0x7ffc0000
[   61.663932][   T29] audit: type=1326 audit(1761852068.506:2057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4919 comm="syz.1.468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c563fefc9 code=0x7ffc0000
[   61.687301][   T29] audit: type=1326 audit(1761852068.506:2058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4919 comm="syz.1.468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c563fefc9 code=0x7ffc0000
[   61.701995][ T4936] loop4: detected capacity change from 0 to 512
[   61.710611][   T29] audit: type=1326 audit(1761852068.506:2059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4919 comm="syz.1.468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3c563fefc9 code=0x7ffc0000
[   61.767239][ T4936] EXT4-fs error (device loop4): ext4_xattr_inode_iget:441: inode #12: comm syz.4.474: missing EA_INODE flag
[   61.779741][ T4936] EXT4-fs error (device loop4): ext4_xattr_inode_iget:446: comm syz.4.474: error while reading EA inode 12 err=-117
[   61.809508][ T4936] EXT4-fs (loop4): 1 orphan inode deleted
[   61.899345][ T4950] 9pnet_fd: Insufficient options for proto=fd
[   61.915897][ T4952] rdma_rxe: rxe_newlink: failed to add bond_slave_0
[   62.034123][ T4960] loop4: detected capacity change from 0 to 512
[   62.042082][ T4960] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   62.055710][ T4960] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.482: inode has both inline data and extents flags
[   62.069025][ T4960] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.482: couldn't read orphan inode 15 (err -117)
[   62.232687][ T4965] loop0: detected capacity change from 0 to 512
[   62.273360][ T4965] EXT4-fs error (device loop0): ext4_xattr_inode_iget:441: inode #12: comm syz.0.485: missing EA_INODE flag
[   62.290260][ T4965] EXT4-fs error (device loop0): ext4_xattr_inode_iget:446: comm syz.0.485: error while reading EA inode 12 err=-117
[   62.303352][ T4965] EXT4-fs (loop0): 1 orphan inode deleted
[   62.637233][ T4974] loop3: detected capacity change from 0 to 2048
[   62.709829][ T4974] ext4 filesystem being mounted at /127/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   62.812306][ T4974] EXT4-fs (loop3): shut down requested (2)
[   62.900571][ T4974] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(13)
[   62.907270][ T4974] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   62.914956][ T4974] vhci_hcd vhci_hcd.0: Device attached
[   63.052688][ T4982] vhci_hcd: connection closed
[   63.052938][ T4625] vhci_hcd: stop threads
[   63.061954][ T4625] vhci_hcd: release socket
[   63.066383][ T4625] vhci_hcd: disconnect device
[   63.162856][ T4987] syz0: rxe_newlink: already configured on bond_slave_0
[   63.753150][ T4991] __nla_validate_parse: 10 callbacks suppressed
[   63.753164][ T4991] netlink: 8 bytes leftover after parsing attributes in process `syz.0.493'.
[   63.848362][ T4996] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   64.066672][ T5000] loop0: detected capacity change from 0 to 2048
[   64.104636][ T5000] ext4 filesystem being mounted at /95/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   64.140501][ T5000] EXT4-fs (loop0): shut down requested (2)
[   64.160388][ T5000] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(12)
[   64.167013][ T5000] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   64.174685][ T5000] vhci_hcd vhci_hcd.0: Device attached
[   64.200366][ T5005] vhci_hcd: connection closed
[   64.200922][ T4622] vhci_hcd: stop threads
[   64.209940][ T4622] vhci_hcd: release socket
[   64.214379][ T4622] vhci_hcd: disconnect device
[   64.294475][ T5010] netlink: 8 bytes leftover after parsing attributes in process `syz.2.499'.
[   64.594953][ T5017] netlink: 'syz.3.502': attribute type 21 has an invalid length.
[   64.635000][ T5019] loop3: detected capacity change from 0 to 2048
[   64.667081][ T5019] ext4 filesystem being mounted at /130/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   64.684967][ T5019] EXT4-fs (loop3): shut down requested (2)
[   64.797350][ T5027] netlink: 'syz.4.506': attribute type 10 has an invalid length.
[   64.812130][ T5027] batadv0: left allmulticast mode
[   64.817222][ T5027] batadv0: left promiscuous mode
[   64.817328][ T5025] loop2: detected capacity change from 0 to 512
[   64.822424][ T5027] bridge0: port 3(batadv0) entered disabled state
[   64.838482][ T5027] 8021q: adding VLAN 0 to HW filter on device batadv0
[   64.850578][ T5019] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(11)
[   64.854916][ T5027] bond0: (slave batadv0): Enslaving as an active interface with an up link
[   64.857227][ T5019] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   64.873548][ T5019] vhci_hcd vhci_hcd.0: Device attached
[   64.883380][ T5025] EXT4-fs error (device loop2): ext4_xattr_inode_iget:441: inode #12: comm syz.2.505: missing EA_INODE flag
[   64.912846][ T5025] EXT4-fs error (device loop2): ext4_xattr_inode_iget:446: comm syz.2.505: error while reading EA inode 12 err=-117
[   64.929204][ T5027] netlink: 'syz.4.506': attribute type 10 has an invalid length.
[   64.936971][ T5027] netlink: 40 bytes leftover after parsing attributes in process `syz.4.506'.
[   64.956210][ T5027] batadv0: entered promiscuous mode
[   64.961600][ T5027] batadv0: entered allmulticast mode
[   64.967289][ T5025] EXT4-fs (loop2): 1 orphan inode deleted
[   64.976998][ T5031] vhci_hcd: connection closed
[   64.977237][ T4625] vhci_hcd: stop threads
[   64.986266][ T4625] vhci_hcd: release socket
[   64.990691][ T4625] vhci_hcd: disconnect device
[   64.999751][ T5027] bond0: (slave batadv0): Releasing backup interface
[   65.011997][ T5027] bridge0: port 3(batadv0) entered blocking state
[   65.018588][ T5027] bridge0: port 3(batadv0) entered disabled state
[   65.034145][ T5039] ªªªªªª: renamed from vlan0 (while UP)
[   65.043081][ T5042] netlink: 8 bytes leftover after parsing attributes in process `syz.2.511'.
[   65.082022][ T5045] loop4: detected capacity change from 0 to 512
[   65.102750][ T5045] EXT4-fs error (device loop4): ext4_xattr_inode_iget:441: inode #12: comm syz.4.513: missing EA_INODE flag
[   65.120514][ T5045] EXT4-fs error (device loop4): ext4_xattr_inode_iget:446: comm syz.4.513: error while reading EA inode 12 err=-117
[   65.141138][ T5045] EXT4-fs (loop4): 1 orphan inode deleted
[   65.223098][ T5056] loop4: detected capacity change from 0 to 2048
[   65.261308][ T5056] EXT4-fs mount: 46 callbacks suppressed
[   65.261324][ T5056] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   65.298038][ T5056] ext4 filesystem being mounted at /79/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   65.314271][ T5056] EXT4-fs (loop4): shut down requested (2)
[   65.334860][ T5056] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(13)
[   65.341606][ T5056] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   65.349321][ T5056] vhci_hcd vhci_hcd.0: Device attached
[   65.356216][ T5063] vhci_hcd: connection closed
[   65.356327][ T4650] vhci_hcd: stop threads
[   65.365416][ T4650] vhci_hcd: release socket
[   65.367639][ T5058] netlink: 8 bytes leftover after parsing attributes in process `syz.2.518'.
[   65.369820][ T4650] vhci_hcd: disconnect device
[   65.466833][ T5069] loop1: detected capacity change from 0 to 512
[   65.474329][ T5069] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   65.500641][ T4650] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[   65.509917][ T4650] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[   65.520449][ T5069] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.520: inode has both inline data and extents flags
[   65.533695][ T5069] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.520: couldn't read orphan inode 15 (err -117)
[   65.546336][ T5069] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   65.611861][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   65.636237][ T5072] netlink: 12 bytes leftover after parsing attributes in process `syz.2.521'.
[   65.675471][ T5072] macvlan2: entered promiscuous mode
[   65.680925][ T5072] macvlan2: entered allmulticast mode
[   65.687247][ T5072] bond2: entered promiscuous mode
[   65.692887][ T5072] 8021q: adding VLAN 0 to HW filter on device macvlan2
[   65.701643][ T5072] bond2: left promiscuous mode
[   65.814836][ T5076] netlink: 8 bytes leftover after parsing attributes in process `syz.2.523'.
[   65.860090][ T5078] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   65.868183][ T5078] syzkaller0: entered promiscuous mode
[   65.873694][ T5078] syzkaller0: entered allmulticast mode
[   65.886552][ T5078] tipc: Resetting bearer <eth:syzkaller0>
[   65.894918][ T5077] tipc: Resetting bearer <eth:syzkaller0>
[   65.902331][ T5077] tipc: Disabling bearer <eth:syzkaller0>
[   65.930836][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   65.984901][ T5080] rdma_rxe: rxe_newlink: failed to add bond_slave_0
[   66.372655][ T5086] netlink: 44 bytes leftover after parsing attributes in process `syz.2.528'.
[   66.392492][ T5088] 9pnet_fd: Insufficient options for proto=fd
[   66.404975][ T5086] netlink: 40 bytes leftover after parsing attributes in process `syz.2.528'.
[   66.415263][ T5091] rdma_rxe: rxe_newlink: failed to add bond_slave_0
[   66.426375][ T5086] hub 2-0:1.0: USB hub found
[   66.431099][ T5086] hub 2-0:1.0: 8 ports detected
[   66.440428][ T1040] usb 6-1: device descriptor read/8, error -110
[   66.471632][ T5093] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth0_to_bond, syncid = 0, id = 0
[   66.550386][ T1040] usb 6-1: new SuperSpeed USB device number 2 using vhci_hcd
[   66.580499][ T1040] usb 6-1: enqueue for inactive port 0
[   66.586028][ T1040] usb 6-1: enqueue for inactive port 0
[   66.591751][ T1040] usb 6-1: enqueue for inactive port 0
[   66.671615][ T5103] loop3: detected capacity change from 0 to 512
[   66.679548][ T5103] EXT4-fs error (device loop3): ext4_xattr_inode_iget:441: inode #12: comm syz.3.531: missing EA_INODE flag
[   66.701659][ T5103] EXT4-fs error (device loop3): ext4_xattr_inode_iget:446: comm syz.3.531: error while reading EA inode 12 err=-117
[   66.718971][ T5103] EXT4-fs (loop3): 1 orphan inode deleted
[   66.730801][ T5103] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   66.752364][ T5103] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   66.777557][ T5109] loop2: detected capacity change from 0 to 2048
[   66.804764][ T5109] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   66.833569][ T5109] ext4 filesystem being mounted at /101/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   66.890774][ T5109] EXT4-fs (loop2): shut down requested (2)
[   66.911662][ T5117] loop3: detected capacity change from 0 to 2048
[   66.920342][ T5109] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(12)
[   66.927019][ T5109] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   66.934815][ T5109] vhci_hcd vhci_hcd.0: Device attached
[   66.950902][ T3323] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   66.966949][ T5118] vhci_hcd: connection closed
[   66.967004][ T4650] vhci_hcd: stop threads
[   66.976029][ T4650] vhci_hcd: release socket
[   66.980453][ T4650] vhci_hcd: disconnect device
[   66.991010][ T5121] rdma_rxe: rxe_newlink: failed to add bond_slave_0
[   66.998733][ T5117] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   67.017259][ T5117] ext4 filesystem being mounted at /134/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   67.038032][ T5117] EXT4-fs (loop3): shut down requested (2)
[   67.046095][ T5117] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(13)
[   67.052725][ T5117] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   67.060554][ T5117] vhci_hcd vhci_hcd.0: Device attached
[   67.066704][ T5127] vhci_hcd: connection closed
[   67.066841][ T4650] vhci_hcd: stop threads
[   67.075838][ T4650] vhci_hcd: release socket
[   67.080462][ T4650] vhci_hcd: disconnect device
[   67.106571][   T29] kauditd_printk_skb: 70 callbacks suppressed
[   67.106640][   T29] audit: type=1326 audit(1761852074.016:2130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5129 comm="syz.1.538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c563fefc9 code=0x7ffc0000
[   67.136183][   T29] audit: type=1326 audit(1761852074.016:2131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5129 comm="syz.1.538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=278 compat=0 ip=0x7f3c563fefc9 code=0x7ffc0000
[   67.159719][   T29] audit: type=1326 audit(1761852074.016:2132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5129 comm="syz.1.538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c563fefc9 code=0x7ffc0000
[   67.183032][   T29] audit: type=1326 audit(1761852074.016:2133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5129 comm="syz.1.538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c563fefc9 code=0x7ffc0000
[   67.215826][   T29] audit: type=1326 audit(1761852074.126:2134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5131 comm="syz.1.539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c563fefc9 code=0x7ffc0000
[   67.239192][   T29] audit: type=1326 audit(1761852074.126:2135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5131 comm="syz.1.539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c563fefc9 code=0x7ffc0000
[   67.262493][   T29] audit: type=1326 audit(1761852074.126:2136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5131 comm="syz.1.539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=252 compat=0 ip=0x7f3c563fefc9 code=0x7ffc0000
[   67.285815][   T29] audit: type=1326 audit(1761852074.126:2137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5131 comm="syz.1.539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c563fefc9 code=0x7ffc0000
[   67.309155][   T29] audit: type=1326 audit(1761852074.126:2138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5131 comm="syz.1.539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f3c563fefc9 code=0x7ffc0000
[   67.332368][   T29] audit: type=1326 audit(1761852074.126:2139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5131 comm="syz.1.539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c563fefc9 code=0x7ffc0000
[   67.359276][ T5132] loop1: detected capacity change from 0 to 512
[   67.366740][ T5132] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   67.379916][ T5132] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   67.391244][ T5132] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 214 vs 220 free clusters
[   67.405972][ T5132] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2853: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   67.419235][ T5132] EXT4-fs (loop1): 1 truncate cleaned up
[   67.425279][ T5132] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   67.449875][ T3323] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   67.570752][ T5137] netlink: 8 bytes leftover after parsing attributes in process `syz.4.542'.
[   67.582707][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   67.620679][ T5151] netlink: 'syz.2.546': attribute type 10 has an invalid length.
[   67.651627][ T5153] netlink: 'syz.4.548': attribute type 10 has an invalid length.
[   67.677171][ T5153] batadv0: left allmulticast mode
[   67.682344][ T5153] batadv0: left promiscuous mode
[   67.687642][ T5153] bridge0: port 3(batadv0) entered disabled state
[   67.696461][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   67.711770][ T5155] netlink: 'syz.4.548': attribute type 10 has an invalid length.
[   67.722856][ T5151] netlink: 'syz.2.546': attribute type 10 has an invalid length.
[   67.731055][ T5153] 8021q: adding VLAN 0 to HW filter on device batadv0
[   67.747857][ T5153] bond0: (slave batadv0): Enslaving as an active interface with an up link
[   67.756664][ T5151] batadv0: entered promiscuous mode
[   67.761952][ T5151] batadv0: entered allmulticast mode
[   67.767920][ T5151] bond0: (slave batadv0): Releasing backup interface
[   67.775522][ T5151] bridge0: port 3(batadv0) entered blocking state
[   67.782031][ T5151] bridge0: port 3(batadv0) entered disabled state
[   67.782204][ T5156] loop0: detected capacity change from 0 to 2048
[   67.794903][ T5155] batadv0: entered promiscuous mode
[   67.800104][ T5155] batadv0: entered allmulticast mode
[   67.810984][ T5155] bond0: (slave batadv0): Releasing backup interface
[   67.822299][ T5156] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   67.835045][ T5155] bridge0: port 3(batadv0) entered blocking state
[   67.837696][ T5156] ext4 filesystem being mounted at /101/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   67.841655][ T5155] bridge0: port 3(batadv0) entered disabled state
[   67.856054][ T5164] rdma_rxe: rxe_newlink: failed to add bond_slave_0
[   67.880621][ T4625] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[   67.890846][ T4625] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[   67.910648][ T5156] EXT4-fs (loop0): shut down requested (2)
[   67.926519][ T5156] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(12)
[   67.933137][ T5156] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   67.940848][ T5156] vhci_hcd vhci_hcd.0: Device attached
[   67.957752][ T5168] vhci_hcd: connection closed
[   67.960010][ T4650] vhci_hcd: stop threads
[   67.970983][ T4650] vhci_hcd: release socket
[   67.975403][ T4650] vhci_hcd: disconnect device
[   68.142200][ T5186] tipc: Started in network mode
[   68.147183][ T5186] tipc: Node identity aa5913d4ac63, cluster identity 4711
[   68.153421][ T5188] FAULT_INJECTION: forcing a failure.
[   68.153421][ T5188] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   68.154367][ T5186] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   68.167344][ T5188] CPU: 0 UID: 0 PID: 5188 Comm: syz.3.559 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   68.167369][ T5188] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   68.167381][ T5188] Call Trace:
[   68.167389][ T5188]  <TASK>
[   68.167397][ T5188]  __dump_stack+0x1d/0x30
[   68.167480][ T5188]  dump_stack_lvl+0xe8/0x140
[   68.167498][ T5188]  dump_stack+0x15/0x1b
[   68.167515][ T5188]  should_fail_ex+0x265/0x280
[   68.167533][ T5188]  should_fail+0xb/0x20
[   68.167548][ T5188]  should_fail_usercopy+0x1a/0x20
[   68.167637][ T5188]  _copy_from_user+0x1c/0xb0
[   68.167726][ T5188]  __copy_msghdr+0x244/0x300
[   68.167755][ T5188]  ___sys_sendmsg+0x109/0x1d0
[   68.167794][ T5188]  __x64_sys_sendmsg+0xd4/0x160
[   68.167873][ T5188]  x64_sys_call+0x191e/0x3000
[   68.167924][ T5188]  do_syscall_64+0xd2/0x200
[   68.167941][ T5188]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   68.167963][ T5188]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   68.167986][ T5188]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.168049][ T5188] RIP: 0033:0x7f933dcbefc9
[   68.168064][ T5188] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   68.168122][ T5188] RSP: 002b:00007f933c727038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   68.168140][ T5188] RAX: ffffffffffffffda RBX: 00007f933df15fa0 RCX: 00007f933dcbefc9
[   68.168152][ T5188] RDX: 0000000020000001 RSI: 0000200000000780 RDI: 0000000000000004
[   68.168162][ T5188] RBP: 00007f933c727090 R08: 0000000000000000 R09: 0000000000000000
[   68.168173][ T5188] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   68.168183][ T5188] R13: 00007f933df16038 R14: 00007f933df15fa0 R15: 00007ffc0e811678
[   68.168199][ T5188]  </TASK>
[   68.348354][ T5194] syzkaller0: entered promiscuous mode
[   68.353911][ T5194] syzkaller0: entered allmulticast mode
[   68.365146][ T5194] tipc: Resetting bearer <eth:syzkaller0>
[   68.382557][ T5184] tipc: Resetting bearer <eth:syzkaller0>
[   68.406433][ T5184] tipc: Disabling bearer <eth:syzkaller0>
[   68.428202][ T5209] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   68.440215][ T5205] syzkaller1: entered promiscuous mode
[   68.445861][ T5205] syzkaller1: entered allmulticast mode
[   68.454876][ T5205] netlink: 'syz.3.565': attribute type 153 has an invalid length.
[   68.511115][ T5213] netlink: 'syz.4.569': attribute type 10 has an invalid length.
[   68.522555][ T3313] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.532197][ T5213] batadv0: left allmulticast mode
[   68.537303][ T5213] batadv0: left promiscuous mode
[   68.542430][ T5213] bridge0: port 3(batadv0) entered disabled state
[   68.569095][ T5213] 8021q: adding VLAN 0 to HW filter on device batadv0
[   68.577510][ T5213] bond0: (slave batadv0): Enslaving as an active interface with an up link
[   68.591339][ T5216] netlink: 'syz.4.569': attribute type 10 has an invalid length.
[   68.611070][ T5209] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   68.641450][ T5216] batadv0: entered promiscuous mode
[   68.646705][ T5216] batadv0: entered allmulticast mode
[   68.654816][ T5216] bond0: (slave batadv0): Releasing backup interface
[   68.664988][ T5216] bridge0: port 3(batadv0) entered blocking state
[   68.671581][ T5216] bridge0: port 3(batadv0) entered disabled state
[   68.698014][ T5209] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   68.722044][ T5209] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   68.761750][ T5232] loop4: detected capacity change from 0 to 2048
[   68.776585][ T4625] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   68.793720][ T4625] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   68.803261][ T5232] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   68.805847][ T4625] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   68.820615][ T5234] __nla_validate_parse: 9 callbacks suppressed
[   68.820632][ T5234] netlink: 28 bytes leftover after parsing attributes in process `syz.0.575'.
[   68.823748][ T4625] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   68.854428][ T5232] EXT4-fs error (device loop4): ext4_iget_extra_inode:5075: inode #15: comm syz.4.574: corrupted in-inode xattr: bad e_name length
[   68.951139][ T5238] siw: device registration error -23
[   69.109854][ T5249] tipc: Started in network mode
[   69.114817][ T5249] tipc: Node identity 2a33762649e1, cluster identity 4711
[   69.122024][ T5249] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   69.126686][ T4650] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[   69.133265][ T5244] loop0: detected capacity change from 0 to 1024
[   69.137888][ T4650] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[   69.145559][ T5249] syzkaller0: entered promiscuous mode
[   69.158773][ T5249] syzkaller0: entered allmulticast mode
[   69.192535][ T5244] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   69.215181][ T5244] FAULT_INJECTION: forcing a failure.
[   69.215181][ T5244] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[   69.228444][ T5244] CPU: 0 UID: 0 PID: 5244 Comm: syz.0.578 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   69.228471][ T5244] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   69.228482][ T5244] Call Trace:
[   69.228488][ T5244]  <TASK>
[   69.228570][ T5244]  __dump_stack+0x1d/0x30
[   69.228589][ T5244]  dump_stack_lvl+0xe8/0x140
[   69.228606][ T5244]  dump_stack+0x15/0x1b
[   69.228623][ T5244]  should_fail_ex+0x265/0x280
[   69.228643][ T5244]  should_fail_alloc_page+0xf2/0x100
[   69.228703][ T5244]  alloc_pages_bulk_noprof+0xef/0x540
[   69.228851][ T5244]  copy_splice_read+0xf3/0x660
[   69.228893][ T5244]  ? __pfx_ext4_file_splice_read+0x10/0x10
[   69.228954][ T5244]  splice_direct_to_actor+0x290/0x680
[   69.228977][ T5244]  ? __pfx_direct_splice_actor+0x10/0x10
[   69.229004][ T5244]  do_splice_direct+0xda/0x150
[   69.229087][ T5244]  ? __pfx_direct_file_splice_eof+0x10/0x10
[   69.229146][ T5244]  do_sendfile+0x380/0x650
[   69.229175][ T5244]  __x64_sys_sendfile64+0x105/0x150
[   69.229199][ T5244]  x64_sys_call+0x2bb4/0x3000
[   69.229219][ T5244]  do_syscall_64+0xd2/0x200
[   69.229285][ T5244]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   69.229307][ T5244]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   69.229330][ T5244]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.229389][ T5244] RIP: 0033:0x7fc36015efc9
[   69.229402][ T5244] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   69.229415][ T5244] RSP: 002b:00007fc35ebc7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[   69.229431][ T5244] RAX: ffffffffffffffda RBX: 00007fc3603b5fa0 RCX: 00007fc36015efc9
[   69.229441][ T5244] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000005
[   69.229453][ T5244] RBP: 00007fc35ebc7090 R08: 0000000000000000 R09: 0000000000000000
[   69.229478][ T5244] R10: 000000000003ffff R11: 0000000000000246 R12: 0000000000000001
[   69.229491][ T5244] R13: 00007fc3603b6038 R14: 00007fc3603b5fa0 R15: 00007fffbdfa18a8
[   69.229509][ T5244]  </TASK>
[   69.295021][ T5232] lo speed is unknown, defaulting to 1000
[   69.359875][ T5249] tipc: Resetting bearer <eth:syzkaller0>
[   69.458969][ T5256] loop2: detected capacity change from 0 to 2048
[   69.470760][ T3313] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.480355][ T5248] tipc: Resetting bearer <eth:syzkaller0>
[   69.486723][ T5256] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   69.499223][ T5256] ext4 filesystem being mounted at /109/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   69.510414][ T5248] tipc: Disabling bearer <eth:syzkaller0>
[   69.516870][ T5263] FAULT_INJECTION: forcing a failure.
[   69.516870][ T5263] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   69.530006][ T5263] CPU: 0 UID: 0 PID: 5263 Comm: syz.0.582 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   69.530072][ T5263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   69.530082][ T5263] Call Trace:
[   69.530088][ T5263]  <TASK>
[   69.530095][ T5263]  __dump_stack+0x1d/0x30
[   69.530113][ T5263]  dump_stack_lvl+0xe8/0x140
[   69.530129][ T5263]  dump_stack+0x15/0x1b
[   69.530206][ T5263]  should_fail_ex+0x265/0x280
[   69.530353][ T5263]  should_fail+0xb/0x20
[   69.530432][ T5263]  should_fail_usercopy+0x1a/0x20
[   69.530449][ T5263]  _copy_to_user+0x20/0xa0
[   69.530468][ T5263]  simple_read_from_buffer+0xb5/0x130
[   69.530488][ T5263]  proc_fail_nth_read+0x10e/0x150
[   69.530518][ T5263]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   69.530540][ T5263]  vfs_read+0x1a8/0x770
[   69.530558][ T5263]  ? __rcu_read_unlock+0x4f/0x70
[   69.530578][ T5263]  ? __fget_files+0x184/0x1c0
[   69.530661][ T5263]  ksys_read+0xda/0x1a0
[   69.530680][ T5263]  __x64_sys_read+0x40/0x50
[   69.530699][ T5263]  x64_sys_call+0x27c0/0x3000
[   69.530783][ T5263]  do_syscall_64+0xd2/0x200
[   69.530824][ T5263]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   69.530844][ T5263]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   69.530866][ T5263]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.530882][ T5263] RIP: 0033:0x7fc36015d9dc
[   69.530895][ T5263] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   69.530972][ T5263] RSP: 002b:00007fc35ebc7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   69.530987][ T5263] RAX: ffffffffffffffda RBX: 00007fc3603b5fa0 RCX: 00007fc36015d9dc
[   69.530998][ T5263] RDX: 000000000000000f RSI: 00007fc35ebc70a0 RDI: 0000000000000004
[   69.531008][ T5263] RBP: 00007fc35ebc7090 R08: 0000000000000000 R09: 0000000000000000
[   69.531114][ T5263] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   69.531124][ T5263] R13: 00007fc3603b6038 R14: 00007fc3603b5fa0 R15: 00007fffbdfa18a8
[   69.531139][ T5263]  </TASK>
[   69.730511][ T5256] EXT4-fs (loop2): shut down requested (2)
[   69.742805][ T5256] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(12)
[   69.749434][ T5256] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   69.757140][ T5256] vhci_hcd vhci_hcd.0: Device attached
[   69.763121][ T5264] vhci_hcd: connection closed
[   69.763716][ T4624] vhci_hcd: stop threads
[   69.772668][ T4624] vhci_hcd: release socket
[   69.777077][ T4624] vhci_hcd: disconnect device
[   69.809728][ T5261] 9pnet_fd: Insufficient options for proto=fd
[   69.837282][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.888122][ T5267] netlink: 8 bytes leftover after parsing attributes in process `syz.0.585'.
[   69.924617][ T5275] loop3: detected capacity change from 0 to 512
[   69.931700][ T5275] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   69.948616][ T5275] FAT-fs (loop3): error, invalid access to FAT (entry 0x0fffff00)
[   69.982968][ T4625] Bluetooth: hci0: Frame reassembly failed (-84)
[   70.276012][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.301415][ T5308] netlink: 4 bytes leftover after parsing attributes in process `syz.2.600'.
[   70.348993][ T5317] loop3: detected capacity change from 0 to 512
[   70.356855][ T5317] EXT4-fs error (device loop3): ext4_xattr_inode_iget:441: inode #12: comm syz.3.605: missing EA_INODE flag
[   70.368828][ T5317] EXT4-fs error (device loop3): ext4_xattr_inode_iget:446: comm syz.3.605: error while reading EA inode 12 err=-117
[   70.381466][ T5317] EXT4-fs (loop3): 1 orphan inode deleted
[   70.387564][ T5317] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   70.408128][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.714807][ T5331] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   70.751772][ T5331] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   70.849325][ T5331] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   70.901561][ T5331] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   70.956762][ T4624] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   70.968304][ T4624] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   70.976644][ T5336] loop4: detected capacity change from 0 to 2048
[   70.981218][ T4624] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   70.994441][ T4650] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   71.021048][ T5336] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   71.033302][ T5336] ext4 filesystem being mounted at /95/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   71.046742][ T5336] EXT4-fs (loop4): shut down requested (2)
[   71.056933][ T5336] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(12)
[   71.063571][ T5336] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   71.071419][ T5336] vhci_hcd vhci_hcd.0: Device attached
[   71.077506][ T5339] vhci_hcd: connection closed
[   71.077737][ T4625] vhci_hcd: stop threads
[   71.086678][ T4625] vhci_hcd: release socket
[   71.091140][ T4625] vhci_hcd: disconnect device
[   71.159891][ T5345] loop2: detected capacity change from 0 to 2048
[   71.169463][ T5348] Driver unsupported XDP return value 0 on prog  (id 423) dev N/A, expect packet loss!
[   71.180658][ T5345] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   71.193110][ T5345] ext4 filesystem being mounted at /111/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   71.205195][ T5345] EXT4-fs (loop2): shut down requested (2)
[   71.212902][ T5345] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(13)
[   71.219533][ T5345] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   71.227282][ T5345] vhci_hcd vhci_hcd.0: Device attached
[   71.233214][ T5353] vhci_hcd: connection closed
[   71.233894][ T4623] vhci_hcd: stop threads
[   71.242884][ T4623] vhci_hcd: release socket
[   71.247504][ T4623] vhci_hcd: disconnect device
[   71.261931][ T5358] netlink: 4 bytes leftover after parsing attributes in process `syz.3.618'.
[   71.586199][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.603859][ T5364] netlink: 8 bytes leftover after parsing attributes in process `syz.4.619'.
[   71.743222][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.779267][ T5371] netlink: 8 bytes leftover after parsing attributes in process `syz.2.622'.
[   71.788695][ T5371] netlink: 16 bytes leftover after parsing attributes in process `syz.2.622'.
[   71.891354][ T5382] FAULT_INJECTION: forcing a failure.
[   71.891354][ T5382] name failslab, interval 1, probability 0, space 0, times 0
[   71.904042][ T5382] CPU: 0 UID: 0 PID: 5382 Comm: syz.2.626 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   71.904078][ T5382] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   71.904160][ T5382] Call Trace:
[   71.904166][ T5382]  <TASK>
[   71.904174][ T5382]  __dump_stack+0x1d/0x30
[   71.904196][ T5382]  dump_stack_lvl+0xe8/0x140
[   71.904212][ T5382]  dump_stack+0x15/0x1b
[   71.904226][ T5382]  should_fail_ex+0x265/0x280
[   71.904241][ T5382]  should_failslab+0x8c/0xb0
[   71.904269][ T5382]  __kvmalloc_node_noprof+0x12e/0x670
[   71.904300][ T5382]  ? io_alloc_cache_init+0x36/0xb0
[   71.904325][ T5382]  io_alloc_cache_init+0x36/0xb0
[   71.904348][ T5382]  io_rsrc_cache_init+0x26/0x50
[   71.904403][ T5382]  io_ring_ctx_alloc+0x31c/0x670
[   71.904468][ T5382]  io_uring_create+0x134/0x630
[   71.904523][ T5382]  __se_sys_io_uring_setup+0x1f7/0x210
[   71.904556][ T5382]  __x64_sys_io_uring_setup+0x31/0x40
[   71.904661][ T5382]  x64_sys_call+0x2b25/0x3000
[   71.904681][ T5382]  do_syscall_64+0xd2/0x200
[   71.904696][ T5382]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   71.904779][ T5382]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   71.904803][ T5382]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   71.904877][ T5382] RIP: 0033:0x7fbc085cefc9
[   71.904929][ T5382] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   71.904943][ T5382] RSP: 002b:00007fbc07036fc8 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9
[   71.904959][ T5382] RAX: ffffffffffffffda RBX: 00007fbc08825fa0 RCX: 00007fbc085cefc9
[   71.904971][ T5382] RDX: 0000200000000000 RSI: 00002000000004c0 RDI: 0000000000001104
[   71.904983][ T5382] RBP: 00002000000004c0 R08: 0000000000000000 R09: 0000200000000000
[   71.904996][ T5382] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   71.905008][ T5382] R13: 00002000000003c0 R14: 0000000000001104 R15: 0000200000000000
[   71.905023][ T5382]  </TASK>
[   72.101321][ T3677] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   72.119034][   T29] kauditd_printk_skb: 467 callbacks suppressed
[   72.119061][   T29] audit: type=1326 audit(1761852079.016:2607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5283 comm="syz.0.592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc36015efc9 code=0x7ffc0000
[   72.148632][   T29] audit: type=1326 audit(1761852079.016:2608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5283 comm="syz.0.592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc36015efc9 code=0x7ffc0000
[   72.172043][   T29] audit: type=1326 audit(1761852079.016:2609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5357 comm="syz.3.618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f933dcb5e67 code=0x7ffc0000
[   72.195300][   T29] audit: type=1326 audit(1761852079.016:2610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5357 comm="syz.3.618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f933dc5b099 code=0x7ffc0000
[   72.218593][   T29] audit: type=1326 audit(1761852079.016:2611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5357 comm="syz.3.618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f933dcbefc9 code=0x7ffc0000
[   72.241733][   T29] audit: type=1326 audit(1761852079.026:2612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5357 comm="syz.3.618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f933dcb5e67 code=0x7ffc0000
[   72.264956][   T29] audit: type=1326 audit(1761852079.026:2613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5357 comm="syz.3.618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f933dc5b099 code=0x7ffc0000
[   72.288181][   T29] audit: type=1326 audit(1761852079.026:2614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5357 comm="syz.3.618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f933dcbefc9 code=0x7ffc0000
[   72.312291][   T29] audit: type=1326 audit(1761852079.026:2615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5357 comm="syz.3.618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f933dcb5e67 code=0x7ffc0000
[   72.335519][   T29] audit: type=1326 audit(1761852079.026:2616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5357 comm="syz.3.618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f933dc5b099 code=0x7ffc0000
[   72.395078][ T5390] netlink: 'syz.2.629': attribute type 3 has an invalid length.
[   72.400834][ T5392] rdma_rxe: rxe_newlink: failed to add bond_slave_0
[   72.428573][ T5390] netlink: 12 bytes leftover after parsing attributes in process `syz.2.629'.
[   72.437528][ T5390] netlink: 'syz.2.629': attribute type 2 has an invalid length.
[   72.493667][ T5396] loop3: detected capacity change from 0 to 2048
[   72.499793][ T5398] loop2: detected capacity change from 0 to 2048
[   72.512266][ T5398] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   72.515168][ T5396] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   72.525375][ T5398] ext4 filesystem being mounted at /119/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   72.555203][ T5396] EXT4-fs error (device loop3): ext4_iget_extra_inode:5075: inode #15: comm syz.3.631: corrupted in-inode xattr: bad e_name length
[   72.568990][ T5398] EXT4-fs (loop2): shut down requested (2)
[   72.580528][ T5398] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(13)
[   72.587178][ T5398] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   72.594874][ T5398] vhci_hcd vhci_hcd.0: Device attached
[   72.611958][ T5404] vhci_hcd: connection closed
[   72.612012][ T4625] vhci_hcd: stop threads
[   72.621073][ T4625] vhci_hcd: release socket
[   72.625517][ T4625] vhci_hcd: disconnect device
[   72.645715][ T5407] rdma_rxe: rxe_newlink: failed to add bond_slave_0
[   72.676260][ T5410] netlink: 12 bytes leftover after parsing attributes in process `+}[@'.
[   72.697018][ T5414] FAULT_INJECTION: forcing a failure.
[   72.697018][ T5414] name failslab, interval 1, probability 0, space 0, times 0
[   72.710412][ T5414] CPU: 1 UID: 0 PID: 5414 Comm: syz.0.635 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   72.710435][ T5414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   72.710444][ T5414] Call Trace:
[   72.710449][ T5414]  <TASK>
[   72.710456][ T5414]  __dump_stack+0x1d/0x30
[   72.710481][ T5414]  dump_stack_lvl+0xe8/0x140
[   72.710542][ T5414]  dump_stack+0x15/0x1b
[   72.710557][ T5414]  should_fail_ex+0x265/0x280
[   72.710568][ T5414]  ? nft_trans_table_add+0x36/0x190
[   72.710580][ T5414]  should_failslab+0x8c/0xb0
[   72.710637][ T5414]  __kmalloc_cache_noprof+0x4c/0x4a0
[   72.710654][ T5414]  nft_trans_table_add+0x36/0x190
[   72.710706][ T5414]  nf_tables_newtable+0x955/0xea0
[   72.710726][ T5414]  nfnetlink_rcv+0xbc9/0x16c0
[   72.710762][ T5414]  ? kmem_cache_free+0xe4/0x3d0
[   72.710790][ T5414]  netlink_unicast+0x5c0/0x690
[   72.710806][ T5414]  netlink_sendmsg+0x58b/0x6b0
[   72.710817][ T5414]  ? __pfx_netlink_sendmsg+0x10/0x10
[   72.710913][ T5414]  __sock_sendmsg+0x145/0x180
[   72.710926][ T5414]  ____sys_sendmsg+0x31e/0x4e0
[   72.710944][ T5414]  ___sys_sendmsg+0x17b/0x1d0
[   72.711031][ T5414]  __x64_sys_sendmsg+0xd4/0x160
[   72.711049][ T5414]  x64_sys_call+0x191e/0x3000
[   72.711061][ T5414]  do_syscall_64+0xd2/0x200
[   72.711071][ T5414]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   72.711132][ T5414]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   72.711148][ T5414]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   72.711159][ T5414] RIP: 0033:0x7fc36015efc9
[   72.711244][ T5414] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   72.711254][ T5414] RSP: 002b:00007fc35ebc7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   72.711265][ T5414] RAX: ffffffffffffffda RBX: 00007fc3603b5fa0 RCX: 00007fc36015efc9
[   72.711346][ T5414] RDX: 0000000000040050 RSI: 0000200000000100 RDI: 0000000000000003
[   72.711376][ T5414] RBP: 00007fc35ebc7090 R08: 0000000000000000 R09: 0000000000000000
[   72.711383][ T5414] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   72.711389][ T5414] R13: 00007fc3603b6038 R14: 00007fc3603b5fa0 R15: 00007fffbdfa18a8
[   72.711399][ T5414]  </TASK>
[   72.948622][ T5417] loop4: detected capacity change from 0 to 1024
[   72.955641][ T5417] EXT4-fs: Ignoring removed orlov option
[   72.967570][ T5417] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   72.978673][ T5408] lo speed is unknown, defaulting to 1000
[   73.089717][ T5424] mmap: syz.4.637 (5424) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   73.105681][ T5424] geneve2: entered promiscuous mode
[   73.110945][ T5424] geneve2: entered allmulticast mode
[   73.118073][ T4650] netdevsim netdevsim4 eth0: set [1, 1] type 2 family 0 port 20000 - 0
[   73.126487][ T4650] netdevsim netdevsim4 eth1: set [1, 1] type 2 family 0 port 20000 - 0
[   73.134859][ T4650] netdevsim netdevsim4 eth2: set [1, 1] type 2 family 0 port 20000 - 0
[   73.143637][ T4650] netdevsim netdevsim4 eth3: set [1, 1] type 2 family 0 port 20000 - 0
[   73.161544][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.232481][ T5432] 9pnet_fd: Insufficient options for proto=fd
[   73.337193][ T5434] tipc: Enabling of bearer <eth:syzkaller> rejected, failed to enable media
[   73.355888][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.367564][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.375897][ T5436] netlink: 8 bytes leftover after parsing attributes in process `syz.4.645'.
[   73.414595][ T5445] rdma_rxe: rxe_newlink: failed to add bond_slave_0
[   73.638328][ T5468] loop3: detected capacity change from 0 to 2048
[   73.682280][ T5468] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   73.697789][ T5468] EXT4-fs error (device loop3): ext4_iget_extra_inode:5075: inode #15: comm syz.3.654: corrupted in-inode xattr: bad e_name length
[   73.729262][ T5472] loop4: detected capacity change from 0 to 2048
[   73.751141][ T5472] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   73.770385][ T5472] ext4 filesystem being mounted at /110/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   73.791499][ T5472] EXT4-fs (loop4): shut down requested (2)
[   73.810227][ T5472] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(13)
[   73.816920][ T5472] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   73.824651][ T5472] vhci_hcd vhci_hcd.0: Device attached
[   73.833196][ T5476] vhci_hcd: connection closed
[   73.833864][ T4624] vhci_hcd: stop threads
[   73.842990][ T4624] vhci_hcd: release socket
[   73.847392][ T4624] vhci_hcd: disconnect device
[   73.858910][ T5482] netlink: 8 bytes leftover after parsing attributes in process `syz.2.657'.
[   73.886388][ T5486] rdma_rxe: rxe_newlink: failed to add bond_slave_0
[   73.898111][ T5488] lo speed is unknown, defaulting to 1000
[   73.904726][ T5488] lo speed is unknown, defaulting to 1000
[   73.912089][ T5488] lo speed is unknown, defaulting to 1000
[   73.923202][ T5491] loop2: detected capacity change from 0 to 512
[   73.946564][ T5491] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.661: inode has both inline data and extents flags
[   73.963055][ T5494] netlink: 'syz.0.660': attribute type 10 has an invalid length.
[   73.963122][ T5491] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.661: couldn't read orphan inode 15 (err -117)
[   73.990675][ T5491] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.995611][ T5481] lo speed is unknown, defaulting to 1000
[   74.009268][ T5488] infiniband s
z1: set active
[   74.013989][ T5488] infiniband s
z1: added lo
[   74.022288][ T1040] lo speed is unknown, defaulting to 1000
[   74.027231][ T5494] ipvlan0: entered allmulticast mode
[   74.033399][ T5494] veth0_vlan: entered allmulticast mode
[   74.040571][ T5494] team0: Device ipvlan0 failed to register rx_handler
[   74.056569][ T5488] RDS/IB: s
z1: added
[   74.062928][ T5488] smc: adding ib device s
z1 with port count 1
[   74.069267][ T5488] smc:    ib device s
z1 port 1 has no pnetid
[   74.075533][ T1040] lo speed is unknown, defaulting to 1000
[   74.081441][ T5488] lo speed is unknown, defaulting to 1000
[   74.120109][ T5488] lo speed is unknown, defaulting to 1000
[   74.154357][ T5488] lo speed is unknown, defaulting to 1000
[   74.177708][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.195025][ T5488] lo speed is unknown, defaulting to 1000
[   74.229650][ T5506] netlink: 'syz.1.664': attribute type 10 has an invalid length.
[   74.237659][ T5506] batadv0: left allmulticast mode
[   74.242866][ T5506] batadv0: left promiscuous mode
[   74.247955][ T5506] bridge0: port 3(batadv0) entered disabled state
[   74.258004][ T5506] 8021q: adding VLAN 0 to HW filter on device batadv0
[   74.266911][ T5506] bond0: (slave batadv0): Enslaving as an active interface with an up link
[   74.275636][ T5488] lo speed is unknown, defaulting to 1000
[   74.285074][ T5506] netlink: 'syz.1.664': attribute type 10 has an invalid length.
[   74.292903][ T5506] netlink: 40 bytes leftover after parsing attributes in process `syz.1.664'.
[   74.302080][ T5506] batadv0: entered promiscuous mode
[   74.307426][ T5506] batadv0: entered allmulticast mode
[   74.313429][ T5506] bond0: (slave batadv0): Releasing backup interface
[   74.322435][ T5506] bridge0: port 3(batadv0) entered blocking state
[   74.328939][ T5506] bridge0: port 3(batadv0) entered disabled state
[   74.336943][ T5488] lo speed is unknown, defaulting to 1000
[   74.361241][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.453146][ T5520] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   74.470849][ T5520] syzkaller0: entered promiscuous mode
[   74.476470][ T5520] syzkaller0: entered allmulticast mode
[   74.505277][ T5520] tipc: Resetting bearer <eth:syzkaller0>
[   74.525509][ T5519] tipc: Resetting bearer <eth:syzkaller0>
[   74.532209][ T5525] netlink: 8 bytes leftover after parsing attributes in process `syz.2.672'.
[   74.552007][ T5519] tipc: Disabling bearer <eth:syzkaller0>
[   74.560204][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.586754][ T5527] netlink: 8 bytes leftover after parsing attributes in process `syz.2.674'.
[   74.596175][ T5527] netlink: 16 bytes leftover after parsing attributes in process `syz.2.674'.
[   74.610670][ T5529] loop0: detected capacity change from 0 to 512
[   74.634394][ T5531] SELinux:  Context system_u:object_r:system_cron_spool_t:s0 is not valid (left unmapped).
[   74.659907][ T5536] 9pnet_fd: Insufficient options for proto=fd
[   74.660495][ T5529] EXT4-fs error (device loop0): ext4_xattr_inode_iget:441: inode #12: comm syz.0.675: missing EA_INODE flag
[   74.682147][ T5529] EXT4-fs error (device loop0): ext4_xattr_inode_iget:446: comm syz.0.675: error while reading EA inode 12 err=-117
[   74.696796][ T5529] EXT4-fs (loop0): 1 orphan inode deleted
[   74.727339][ T5540] loop2: detected capacity change from 0 to 2048
[   74.742447][ T5529] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   74.783643][ T5540] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   74.814281][ T5540] ext4 filesystem being mounted at /134/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   74.842340][ T5540] EXT4-fs (loop2): shut down requested (2)
[   74.851552][ T3313] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.855887][ T5555] netlink: 8 bytes leftover after parsing attributes in process `syz.3.686'.
[   74.869741][ T5540] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(13)
[   74.876388][ T5540] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   74.884137][ T5540] vhci_hcd vhci_hcd.0: Device attached
[   74.893364][ T5557] netlink: 8 bytes leftover after parsing attributes in process `syz.1.685'.
[   74.933946][ T5558] vhci_hcd: connection closed
[   74.934073][ T4624] vhci_hcd: stop threads
[   74.943204][ T4624] vhci_hcd: release socket
[   74.947619][ T4624] vhci_hcd: disconnect device
[   74.953410][ T5566] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   74.992157][ T5566] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   75.037987][ T5574] rdma_rxe: rxe_newlink: failed to add bond_slave_0
[   75.120786][ T5588] syz0: rxe_newlink: already configured on bond_slave_0
[   75.155822][ T5566] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   75.201618][ T5566] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   75.227380][ T5596] netlink: 8 bytes leftover after parsing attributes in process `syz.0.700'.
[   75.271743][ T4622] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   75.283737][ T4622] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   75.298665][ T4622] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   75.309328][ T4622] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   75.450024][ T5607] loop1: detected capacity change from 0 to 2048
[   75.451742][ T5601] loop0: detected capacity change from 0 to 1024
[   75.493094][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.505059][ T5607] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   75.542088][ T5617] netlink: 8 bytes leftover after parsing attributes in process `syz.3.710'.
[   75.551217][ T5617] netlink: 16 bytes leftover after parsing attributes in process `syz.3.710'.
[   75.556631][ T5607] ext4 filesystem being mounted at /143/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   75.582782][ T5619] rdma_rxe: rxe_newlink: failed to add bond_slave_0
[   75.597538][ T5607] EXT4-fs (loop1): shut down requested (2)
[   75.608047][ T5607] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(12)
[   75.614671][ T5607] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   75.622386][ T5607] vhci_hcd vhci_hcd.0: Device attached
[   75.632350][ T5626] vhci_hcd: connection closed
[   75.632729][ T4622] vhci_hcd: stop threads
[   75.641963][ T4622] vhci_hcd: release socket
[   75.646519][ T4622] vhci_hcd: disconnect device
[   75.652941][ T5624] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   75.787609][ T5640] loop3: detected capacity change from 0 to 2048
[   75.819610][ T5624] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   75.822436][ T5640] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   75.850406][ T5640] ext4 filesystem being mounted at /192/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   75.865316][ T5643] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   75.872509][ T5643] syzkaller0: entered promiscuous mode
[   75.878027][ T5643] syzkaller0: entered allmulticast mode
[   75.888563][ T5643] tipc: Resetting bearer <eth:syzkaller0>
[   75.892620][ T5640] EXT4-fs (loop3): shut down requested (2)
[   75.900320][ T5642] tipc: Resetting bearer <eth:syzkaller0>
[   75.911568][ T5642] tipc: Disabling bearer <eth:syzkaller0>
[   75.923729][ T5640] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(11)
[   75.930356][ T5640] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   75.938081][ T5640] vhci_hcd vhci_hcd.0: Device attached
[   75.944505][ T5649] vhci_hcd: connection closed
[   75.944681][ T4625] vhci_hcd: stop threads
[   75.953677][ T4625] vhci_hcd: release socket
[   75.958088][ T4625] vhci_hcd: disconnect device
[   75.963089][ T5624] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   76.034171][ T5624] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   76.082666][ T5661] rdma_rxe: rxe_newlink: failed to add lo
[   76.096718][ T4625] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   76.111826][ T4625] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   76.133484][ T4625] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   76.142155][ T4625] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   76.166332][ T5665] loop4: detected capacity change from 0 to 1024
[   76.182175][ T3323] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.192533][ T5665] EXT4-fs: inline encryption not supported
[   76.208697][ T5665] EXT4-fs: test_dummy_encryption option not supported
[   76.337988][ T5685] rdma_rxe: rxe_newlink: failed to add lo
[   76.372303][ T5692] loop4: detected capacity change from 0 to 2048
[   76.379545][ T5696] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   76.392984][ T5698] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   76.404587][ T5692] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   76.416702][ T5692] ext4 filesystem being mounted at /120/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   76.428716][ T5692] EXT4-fs (loop4): shut down requested (2)
[   76.455056][ T5692] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(12)
[   76.461696][ T5692] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   76.469515][ T5692] vhci_hcd vhci_hcd.0: Device attached
[   76.484295][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.497693][ T5705] vhci_hcd: connection closed
[   76.498027][ T4622] vhci_hcd: stop threads
[   76.507107][ T4622] vhci_hcd: release socket
[   76.511594][ T4622] vhci_hcd: disconnect device
[   76.541924][ T5696] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   76.589781][ T5713] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   76.677348][ T5698] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   76.700595][ T5713] syzkaller0: entered promiscuous mode
[   76.706205][ T5713] syzkaller0: entered allmulticast mode
[   76.716803][ T5696] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   76.732102][ T5713] tipc: Resetting bearer <eth:syzkaller0>
[   76.738968][ T5712] tipc: Resetting bearer <eth:syzkaller0>
[   76.746190][ T5712] tipc: Disabling bearer <eth:syzkaller0>
[   76.754403][ T5698] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   76.774998][ T5696] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   76.812442][ T5698] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   76.894166][ T5731] rdma_rxe: rxe_newlink: failed to add lo
[   76.927147][ T4622] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   77.016690][ T4625] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   77.028820][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.052566][ T5738] loop4: detected capacity change from 0 to 512
[   77.060779][ T5738] EXT4-fs error (device loop4): ext4_xattr_inode_iget:441: inode #12: comm syz.4.754: missing EA_INODE flag
[   77.072652][ T5738] EXT4-fs error (device loop4): ext4_xattr_inode_iget:446: comm syz.4.754: error while reading EA inode 12 err=-117
[   77.090335][ T4622] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   77.100410][ T4622] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   77.100961][ T5738] EXT4-fs (loop4): 1 orphan inode deleted
[   77.117413][ T5738] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   77.163080][ T5738] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.180212][ T5747] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   77.187384][ T5747] syzkaller0: entered promiscuous mode
[   77.192944][ T5747] syzkaller0: entered allmulticast mode
[   77.234633][ T5747] tipc: Resetting bearer <eth:syzkaller0>
[   77.270959][ T5746] tipc: Resetting bearer <eth:syzkaller0>
[   77.286096][   T29] kauditd_printk_skb: 228 callbacks suppressed
[   77.286128][   T29] audit: type=1326 audit(1761852084.196:2845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5756 comm=7955394FFAFF03 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc085cefc9 code=0x7ffc0000
[   77.316990][   T29] audit: type=1326 audit(1761852084.196:2846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5756 comm=7955394FFAFF03 exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbc085cefc9 code=0x7ffc0000
[   77.341424][   T29] audit: type=1326 audit(1761852084.196:2847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5756 comm=7955394FFAFF03 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc085cefc9 code=0x7ffc0000
[   77.365096][   T29] audit: type=1326 audit(1761852084.196:2848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5756 comm=7955394FFAFF03 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc085cefc9 code=0x7ffc0000
[   77.401379][ T5746] tipc: Disabling bearer <eth:syzkaller0>
[   77.431770][ T5765] FAULT_INJECTION: forcing a failure.
[   77.431770][ T5765] name failslab, interval 1, probability 0, space 0, times 0
[   77.444604][ T5765] CPU: 1 UID: 0 PID: 5765 Comm: syz.2.763 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   77.444627][ T5765] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   77.444679][ T5765] Call Trace:
[   77.444686][ T5765]  <TASK>
[   77.444694][ T5765]  __dump_stack+0x1d/0x30
[   77.444717][ T5765]  dump_stack_lvl+0xe8/0x140
[   77.444737][ T5765]  dump_stack+0x15/0x1b
[   77.444818][ T5765]  should_fail_ex+0x265/0x280
[   77.444900][ T5765]  should_failslab+0x8c/0xb0
[   77.444924][ T5765]  __kmalloc_node_track_caller_noprof+0xa5/0x580
[   77.444954][ T5765]  ? sidtab_sid2str_get+0xa0/0x130
[   77.445039][ T5765]  kmemdup_noprof+0x2b/0x70
[   77.445094][ T5765]  sidtab_sid2str_get+0xa0/0x130
[   77.445118][ T5765]  security_sid_to_context_core+0x1eb/0x2e0
[   77.445145][ T5765]  security_sid_to_context+0x27/0x40
[   77.445224][ T5765]  avc_audit_post_callback+0x9d/0x520
[   77.445253][ T5765]  ? __pfx_avc_audit_post_callback+0x10/0x10
[   77.445279][ T5765]  common_lsm_audit+0x1bb/0x230
[   77.445306][ T5765]  ? __pfx_avc_audit_post_callback+0x10/0x10
[   77.445331][ T5765]  ? avc_update_node+0x1e9/0x5f0
[   77.445346][ T5765]  slow_avc_audit+0x104/0x140
[   77.445425][ T5765]  audit_inode_permission+0x111/0x150
[   77.445452][ T5765]  selinux_inode_permission+0x69b/0x740
[   77.445477][ T5765]  security_inode_permission+0x6d/0xb0
[   77.445497][ T5765]  inode_permission+0x106/0x310
[   77.445542][ T5765]  may_open+0x255/0x350
[   77.445609][ T5765]  path_openat+0x1b4a/0x2170
[   77.445628][ T5765]  ? css_rstat_updated+0xb7/0x240
[   77.445692][ T5765]  do_filp_open+0x109/0x230
[   77.445719][ T5765]  do_sys_openat2+0xa6/0x110
[   77.445751][ T5765]  __x64_sys_openat+0xf2/0x120
[   77.445771][ T5765]  x64_sys_call+0x2eab/0x3000
[   77.445791][ T5765]  do_syscall_64+0xd2/0x200
[   77.445836][ T5765]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   77.445862][ T5765]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   77.445920][ T5765]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   77.445958][ T5765] RIP: 0033:0x7fbc085cd810
[   77.446024][ T5765] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 69 95 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 bc 95 02 00 8b 44
[   77.446041][ T5765] RSP: 002b:00007fbc07034ef0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[   77.446059][ T5765] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fbc085cd810
[   77.446072][ T5765] RDX: 0000000000000002 RSI: 00007fbc08651c6c RDI: 00000000ffffff9c
[   77.446084][ T5765] RBP: 00007fbc08651c6c R08: 0000000000000000 R09: 0000000000000000
[   77.446095][ T5765] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[   77.446106][ T5765] R13: 000000000000005a R14: 0000200000000080 R15: 00007ffc8b82d2e8
[   77.446127][ T5765]  </TASK>
[   77.446671][   T29] audit: type=1400 audit(1761852084.346:2849): avc:  denied  { read } for  pid=5764 comm="syz.2.763" name="raw-gadget" dev="devtmpfs" ino=142 ssid=137 tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   77.487680][ T5765] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   77.683341][ T5768] 9pnet_fd: Insufficient options for proto=fd
[   77.687436][ T5765] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   78.122611][ T5798] netlink: 'syz.4.773': attribute type 10 has an invalid length.
[   78.130690][ T5798] batadv0: left allmulticast mode
[   78.135736][ T5798] batadv0: left promiscuous mode
[   78.140974][ T5798] bridge0: port 3(batadv0) entered disabled state
[   78.148744][ T5798] 8021q: adding VLAN 0 to HW filter on device batadv0
[   78.156900][ T5798] bond0: (slave batadv0): Enslaving as an active interface with an up link
[   78.172184][ T5800] loop1: detected capacity change from 0 to 1024
[   78.178825][ T5800] EXT4-fs: Ignoring removed orlov option
[   78.186455][ T5800] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   78.186761][   T29] audit: type=1326 audit(1761852085.096:2850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5797 comm="syz.4.773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f153451efc9 code=0x7ffc0000
[   78.222295][   T29] audit: type=1326 audit(1761852085.096:2851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5797 comm="syz.4.773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f153451efc9 code=0x7ffc0000
[   78.245952][ T5798] netlink: 'syz.4.773': attribute type 10 has an invalid length.
[   78.246001][   T29] audit: type=1326 audit(1761852085.166:2852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5797 comm="syz.4.773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f153451efc9 code=0x7ffc0000
[   78.253896][ T5798] batadv0: entered promiscuous mode
[   78.282199][ T5798] batadv0: entered allmulticast mode
[   78.288923][ T5798] bond0: (slave batadv0): Releasing backup interface
[   78.299215][ T5798] bridge0: port 3(batadv0) entered blocking state
[   78.305732][ T5798] bridge0: port 3(batadv0) entered disabled state
[   78.334509][ T5806] geneve2: entered promiscuous mode
[   78.339883][ T5806] geneve2: entered allmulticast mode
[   78.342918][   T29] audit: type=1326 audit(1761852085.206:2853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5803 comm="syz.2.775" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc085cefc9 code=0x7ffc0000
[   78.349237][ T4625] netdevsim netdevsim1 eth0: set [1, 1] type 2 family 0 port 20000 - 0
[   78.369717][   T29] audit: type=1326 audit(1761852085.206:2854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5803 comm="syz.2.775" exe="/root/syz-executor" sig=0 arch=c000003e syscall=278 compat=0 ip=0x7fbc085cefc9 code=0x7ffc0000
[   78.401854][ T4622] netdevsim netdevsim1 eth1: set [1, 1] type 2 family 0 port 20000 - 0
[   78.410246][ T4622] netdevsim netdevsim1 eth2: set [1, 1] type 2 family 0 port 20000 - 0
[   78.441994][ T4622] netdevsim netdevsim1 eth3: set [1, 1] type 2 family 0 port 20000 - 0
[   78.451520][ T5813] loop2: detected capacity change from 0 to 128
[   78.471446][ T5813] FAT-fs (loop2): Directory bread(block 32) failed
[   78.478027][ T5813] FAT-fs (loop2): Directory bread(block 33) failed
[   78.484650][ T5813] FAT-fs (loop2): Directory bread(block 34) failed
[   78.491192][ T5813] FAT-fs (loop2): Directory bread(block 35) failed
[   78.497773][ T5813] FAT-fs (loop2): Directory bread(block 36) failed
[   78.504299][ T5813] FAT-fs (loop2): Directory bread(block 37) failed
[   78.510860][ T5813] FAT-fs (loop2): Directory bread(block 38) failed
[   78.517373][ T5813] FAT-fs (loop2): Directory bread(block 39) failed
[   78.523994][ T5813] FAT-fs (loop2): Directory bread(block 40) failed
[   78.530533][ T5813] FAT-fs (loop2): Directory bread(block 41) failed
[   78.549407][ T5813] syz.2.776: attempt to access beyond end of device
[   78.549407][ T5813] loop2: rw=0, sector=4108, nr_sectors = 4 limit=128
[   78.562819][ T5813] FAULT_INJECTION: forcing a failure.
[   78.562819][ T5813] name failslab, interval 1, probability 0, space 0, times 0
[   78.575484][ T5813] CPU: 1 UID: 0 PID: 5813 Comm: syz.2.776 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   78.575508][ T5813] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   78.575518][ T5813] Call Trace:
[   78.575524][ T5813]  <TASK>
[   78.575530][ T5813]  __dump_stack+0x1d/0x30
[   78.575688][ T5813]  dump_stack_lvl+0xe8/0x140
[   78.575703][ T5813]  dump_stack+0x15/0x1b
[   78.575767][ T5813]  should_fail_ex+0x265/0x280
[   78.575789][ T5813]  should_failslab+0x8c/0xb0
[   78.575810][ T5813]  kmem_cache_alloc_noprof+0x50/0x480
[   78.575831][ T5813]  ? fat_cache_add+0x1ef/0x4a0
[   78.575886][ T5813]  ? fat16_ent_get+0x4c/0x70
[   78.575902][ T5813]  fat_cache_add+0x1ef/0x4a0
[   78.576032][ T5813]  fat_get_cluster+0x5de/0x7b0
[   78.576082][ T5813]  ? fat_mirror_bhs+0x31e/0x320
[   78.576100][ T5813]  fat_get_mapped_cluster+0xe4/0x240
[   78.576125][ T5813]  fat_bmap+0x254/0x280
[   78.576148][ T5813]  fat_get_block+0x3b1/0x5e0
[   78.576169][ T5813]  __block_write_begin_int+0x400/0xf90
[   78.576194][ T5813]  ? __pfx_fat_get_block+0x10/0x10
[   78.576215][ T5813]  cont_write_begin+0x5fc/0x970
[   78.576277][ T5813]  ? should_fail_ex+0x30/0x280
[   78.576292][ T5813]  fat_write_begin+0x4f/0xe0
[   78.576310][ T5813]  ? __pfx_fat_get_block+0x10/0x10
[   78.576349][ T5813]  cont_write_begin+0x1b0/0x970
[   78.576371][ T5813]  ? strcmp+0x22/0x50
[   78.576388][ T5813]  fat_write_begin+0x4f/0xe0
[   78.576456][ T5813]  ? __pfx_fat_get_block+0x10/0x10
[   78.576475][ T5813]  generic_perform_write+0x184/0x490
[   78.576575][ T5813]  __generic_file_write_iter+0x9e/0x120
[   78.576592][ T5813]  ? __pfx_generic_file_write_iter+0x10/0x10
[   78.576607][ T5813]  generic_file_write_iter+0x8d/0x2f0
[   78.576671][ T5813]  ? _parse_integer+0x27/0x40
[   78.576693][ T5813]  ? kstrtoull+0x111/0x140
[   78.576715][ T5813]  ? kstrtouint+0x76/0xc0
[   78.576764][ T5813]  ? kstrtouint_from_user+0x9f/0xf0
[   78.576783][ T5813]  ? 0xffffffff81000000
[   78.576793][ T5813]  ? __rcu_read_unlock+0x4f/0x70
[   78.576812][ T5813]  ? avc_policy_seqno+0x15/0x30
[   78.576868][ T5813]  ? selinux_file_permission+0x1e4/0x320
[   78.576892][ T5813]  ? __pfx_generic_file_write_iter+0x10/0x10
[   78.576908][ T5813]  vfs_write+0x52a/0x960
[   78.576930][ T5813]  __x64_sys_pwrite64+0xfd/0x150
[   78.576951][ T5813]  x64_sys_call+0xc4d/0x3000
[   78.577007][ T5813]  do_syscall_64+0xd2/0x200
[   78.577022][ T5813]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   78.577113][ T5813]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   78.577135][ T5813]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.577220][ T5813] RIP: 0033:0x7fbc085cefc9
[   78.577232][ T5813] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   78.577246][ T5813] RSP: 002b:00007fbc07037038 EFLAGS: 00000246 ORIG_RAX: 0000000000000012
[   78.577261][ T5813] RAX: ffffffffffffffda RBX: 00007fbc08825fa0 RCX: 00007fbc085cefc9
[   78.577272][ T5813] RDX: 0000000000000001 RSI: 0000200000000140 RDI: 0000000000000004
[   78.577281][ T5813] RBP: 00007fbc07037090 R08: 0000000000000000 R09: 0000000000000000
[   78.577291][ T5813] R10: 0000000008080c62 R11: 0000000000000246 R12: 0000000000000001
[   78.577319][ T5813] R13: 00007fbc08826038 R14: 00007fbc08825fa0 R15: 00007ffc8b82d2e8
[   78.577333][ T5813]  </TASK>
[   78.577384][ T5813] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 196)
[   78.903367][ T5813] FAT-fs (loop2): Filesystem has been set read-only
[   78.911694][ T3323] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.944910][ T5825] __nla_validate_parse: 15 callbacks suppressed
[   78.944925][ T5825] netlink: 8 bytes leftover after parsing attributes in process `syz.2.780'.
[   78.977291][ T5831] IPv6: Can't replace route, no match found
[   78.977329][ T5829] loop4: detected capacity change from 0 to 512
[   78.991278][ T5829] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.783: inode has both inline data and extents flags
[   79.004902][ T5829] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.783: couldn't read orphan inode 15 (err -117)
[   79.017413][ T5829] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   79.144719][ T5841] netlink: 'syz.1.788': attribute type 10 has an invalid length.
[   79.152736][ T5841] batadv0: left allmulticast mode
[   79.154320][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.157780][ T5841] batadv0: left promiscuous mode
[   79.171924][ T5841] bridge0: port 3(batadv0) entered disabled state
[   79.179834][ T5841] 8021q: adding VLAN 0 to HW filter on device batadv0
[   79.188013][ T5841] bond0: (slave batadv0): Enslaving as an active interface with an up link
[   79.216500][ T5841] netlink: 'syz.1.788': attribute type 10 has an invalid length.
[   79.224325][ T5841] netlink: 40 bytes leftover after parsing attributes in process `syz.1.788'.
[   79.233416][ T5841] batadv0: entered promiscuous mode
[   79.238613][ T5841] batadv0: entered allmulticast mode
[   79.286290][ T5850] FAULT_INJECTION: forcing a failure.
[   79.286290][ T5850] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   79.299482][ T5850] CPU: 1 UID: 0 PID: 5850 Comm: syz.2.786 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   79.299540][ T5850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   79.299553][ T5850] Call Trace:
[   79.299560][ T5850]  <TASK>
[   79.299568][ T5850]  __dump_stack+0x1d/0x30
[   79.299589][ T5850]  dump_stack_lvl+0xe8/0x140
[   79.299605][ T5850]  dump_stack+0x15/0x1b
[   79.299619][ T5850]  should_fail_ex+0x265/0x280
[   79.299681][ T5850]  should_fail+0xb/0x20
[   79.299694][ T5850]  should_fail_usercopy+0x1a/0x20
[   79.299714][ T5850]  _copy_from_user+0x1c/0xb0
[   79.299737][ T5850]  ___sys_sendmsg+0xc1/0x1d0
[   79.299813][ T5850]  __x64_sys_sendmsg+0xd4/0x160
[   79.299844][ T5850]  x64_sys_call+0x191e/0x3000
[   79.299861][ T5850]  do_syscall_64+0xd2/0x200
[   79.299876][ T5850]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   79.299915][ T5850]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   79.299938][ T5850]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   79.299954][ T5850] RIP: 0033:0x7fbc085cefc9
[   79.299968][ T5850] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   79.299985][ T5850] RSP: 002b:00007fbc06ff5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   79.300025][ T5850] RAX: ffffffffffffffda RBX: 00007fbc08826180 RCX: 00007fbc085cefc9
[   79.300038][ T5850] RDX: 0000000004000054 RSI: 0000200000000480 RDI: 0000000000000006
[   79.300051][ T5850] RBP: 00007fbc06ff5090 R08: 0000000000000000 R09: 0000000000000000
[   79.300064][ T5850] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   79.300076][ T5850] R13: 00007fbc08826218 R14: 00007fbc08826180 R15: 00007ffc8b82d2e8
[   79.300096][ T5850]  </TASK>
[   79.470327][ T5841] bond0: (slave batadv0): Releasing backup interface
[   79.545527][ T5841] bridge0: port 3(batadv0) entered blocking state
[   79.552052][ T5841] bridge0: port 3(batadv0) entered disabled state
[   79.606707][ T5856] loop4: detected capacity change from 0 to 2048
[   79.632064][ T5856] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   79.645165][ T5856] ext4 filesystem being mounted at /136/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   79.656807][ T5856] EXT4-fs (loop4): shut down requested (2)
[   79.666594][ T5856] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(13)
[   79.673291][ T5856] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   79.681021][ T5856] vhci_hcd vhci_hcd.0: Device attached
[   79.686972][ T5864] vhci_hcd: connection closed
[   79.687291][ T4622] vhci_hcd: stop threads
[   79.696277][ T4622] vhci_hcd: release socket
[   79.700694][ T4622] vhci_hcd: disconnect device
[   79.732642][ T5871] netlink: 8 bytes leftover after parsing attributes in process `syz.1.795'.
[   79.769604][ T5875] 9pnet_fd: Insufficient options for proto=fd
[   79.842607][ T5877] rdma_rxe: rxe_newlink: failed to add bond_slave_0
[   79.939020][ T5885] netlink: 8 bytes leftover after parsing attributes in process `syz.2.801'.
[   79.951224][ T5885] loop2: detected capacity change from 0 to 1024
[   79.957884][ T5885] EXT4-fs: inline encryption not supported
[   79.963858][ T5885] EXT4-fs: test_dummy_encryption option not supported
[   79.980594][ T4625] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[   79.989827][ T4625] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[   80.197285][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.217304][ T5891] netlink: 8 bytes leftover after parsing attributes in process `syz.4.803'.
[   80.226355][ T5891] netlink: 16 bytes leftover after parsing attributes in process `syz.4.803'.
[   80.317669][ T5901] loop4: detected capacity change from 0 to 2048
[   80.341747][ T5901] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   80.353885][ T5901] ext4 filesystem being mounted at /142/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   80.366581][ T5901] EXT4-fs (loop4): shut down requested (2)
[   80.375211][ T5901] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(13)
[   80.381811][ T5901] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   80.389593][ T5901] vhci_hcd vhci_hcd.0: Device attached
[   80.397693][ T5904] vhci_hcd: connection closed
[   80.397764][ T4622] vhci_hcd: stop threads
[   80.406784][ T4622] vhci_hcd: release socket
[   80.411508][ T4622] vhci_hcd: disconnect device
[   80.414266][ T5907] rdma_rxe: rxe_newlink: failed to add lo
[   80.437877][ T5909] loop3: detected capacity change from 0 to 512
[   80.445734][ T5909] EXT4-fs error (device loop3): ext4_xattr_inode_iget:441: inode #12: comm syz.3.810: missing EA_INODE flag
[   80.457378][ T5909] EXT4-fs error (device loop3): ext4_xattr_inode_iget:446: comm syz.3.810: error while reading EA inode 12 err=-117
[   80.470143][ T5909] EXT4-fs (loop3): 1 orphan inode deleted
[   80.476293][ T5909] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   80.489617][ T5909] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.519208][ T5912] loop3: detected capacity change from 0 to 2048
[   80.531758][ T5912] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   80.545108][ T5912] EXT4-fs error (device loop3): ext4_iget_extra_inode:5075: inode #15: comm syz.3.811: corrupted in-inode xattr: bad e_name length
[   80.709215][ T5915] lo speed is unknown, defaulting to 1000
[   80.715464][ T5915] lo speed is unknown, defaulting to 1000
[   80.834076][ T5922] netlink: 8 bytes leftover after parsing attributes in process `syz.1.813'.
[   80.944040][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.981873][ T4624] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   81.001122][ T5937] rdma_rxe: rxe_newlink: failed to add bond_slave_0
[   81.009830][ T4624] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   81.028978][ T4624] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   81.041652][ T5940] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   81.052034][ T4624] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   81.070826][ T5940] syzkaller0: entered promiscuous mode
[   81.076378][ T5940] syzkaller0: entered allmulticast mode
[   81.091849][ T5940] tipc: Resetting bearer <eth:syzkaller0>
[   81.098486][ T5939] tipc: Resetting bearer <eth:syzkaller0>
[   81.105952][ T5939] tipc: Disabling bearer <eth:syzkaller0>
[   81.110153][ T5946] loop2: detected capacity change from 0 to 128
[   81.125367][ T5946] EXT4-fs: Ignoring removed nobh option
[   81.142049][ T5946] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   81.156919][ T5946] ext4 filesystem being mounted at /164/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   81.177501][ T5954] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[   81.193524][ T5954] loop4: detected capacity change from 0 to 1024
[   81.200509][ T5954] EXT4-fs: inline encryption not supported
[   81.212387][ T5954] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   81.229822][ T5960] syz.2.822 uses obsolete (PF_INET,SOCK_PACKET)
[   81.280701][ T5966] loop4: detected capacity change from 0 to 1024
[   81.287425][ T5966] EXT4-fs: Ignoring removed orlov option
[   81.377856][ T5971] loop0: detected capacity change from 0 to 1024
[   81.389260][ T5971] EXT4-fs: Ignoring removed orlov option
[   81.413361][ T5973] netlink: 'syz.3.831': attribute type 10 has an invalid length.
[   81.470612][ T5973] batadv0: left allmulticast mode
[   81.475750][ T5973] batadv0: left promiscuous mode
[   81.480859][ T5973] bridge0: port 3(batadv0) entered disabled state
[   81.541661][ T5973] 8021q: adding VLAN 0 to HW filter on device batadv0
[   81.571596][ T5973] bond0: (slave batadv0): Enslaving as an active interface with an up link
[   81.586816][ T5973] netlink: 'syz.3.831': attribute type 10 has an invalid length.
[   81.594746][ T5973] netlink: 40 bytes leftover after parsing attributes in process `syz.3.831'.
[   81.650220][ T5973] batadv0: entered promiscuous mode
[   81.655561][ T5973] batadv0: entered allmulticast mode
[   81.668914][ T5973] bond0: (slave batadv0): Releasing backup interface
[   81.680416][ T5973] bridge0: port 3(batadv0) entered blocking state
[   81.686910][ T5973] bridge0: port 3(batadv0) entered disabled state
[   81.711054][ T5982] loop0: detected capacity change from 0 to 2048
[   81.732306][ T5982] ext4 filesystem being mounted at /136/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   81.744135][ T5982] EXT4-fs (loop0): shut down requested (2)
[   81.746161][ T5984] netlink: 8 bytes leftover after parsing attributes in process `syz.4.834'.
[   81.770810][ T5990] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   81.778129][ T5990] syzkaller0: entered promiscuous mode
[   81.783639][ T5990] syzkaller0: entered allmulticast mode
[   81.789472][ T5982] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(12)
[   81.796066][ T5982] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   81.803805][ T5982] vhci_hcd vhci_hcd.0: Device attached
[   81.841210][ T5990] tipc: Resetting bearer <eth:syzkaller0>
[   81.852591][ T5989] vhci_hcd: connection closed
[   81.852816][ T4622] vhci_hcd: stop threads
[   81.861882][ T4622] vhci_hcd: release socket
[   81.866281][ T4622] vhci_hcd: disconnect device
[   81.871500][ T5986] tipc: Resetting bearer <eth:syzkaller0>
[   81.879057][ T5986] tipc: Disabling bearer <eth:syzkaller0>
[   81.914340][ T5998] loop4: detected capacity change from 0 to 512
[   81.922019][ T5998] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   81.970018][ T5998] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 214 vs 220 free clusters
[   82.075384][ T5998] EXT4-fs (loop4): 1 truncate cleaned up
[   82.129475][ T6001] netlink: 8 bytes leftover after parsing attributes in process `syz.3.839'.
[   82.138443][ T4622] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[   82.147734][ T4622] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[   82.236238][ T6011] netlink: 'syz.2.843': attribute type 10 has an invalid length.
[   82.244722][ T6011] batadv0: left allmulticast mode
[   82.249758][ T6011] batadv0: left promiscuous mode
[   82.254938][ T6011] bridge0: port 3(batadv0) entered disabled state
[   82.265132][ T6011] 8021q: adding VLAN 0 to HW filter on device batadv0
[   82.278771][ T6011] bond0: (slave batadv0): Enslaving as an active interface with an up link
[   82.295695][ T6015] loop3: detected capacity change from 0 to 2048
[   82.314942][   T29] kauditd_printk_skb: 216 callbacks suppressed
[   82.314956][   T29] audit: type=1326 audit(1761852089.226:3071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6010 comm="syz.2.843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc085cefc9 code=0x7ffc0000
[   82.334728][ T6015] EXT4-fs error (device loop3): ext4_iget_extra_inode:5075: inode #15: comm syz.3.845: corrupted in-inode xattr: bad e_name length
[   82.344991][ T6011] netlink: 'syz.2.843': attribute type 10 has an invalid length.
[   82.358351][   T29] audit: type=1326 audit(1761852089.266:3072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6010 comm="syz.2.843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fbc085cefc9 code=0x7ffc0000
[   82.396244][ T6011] batadv0: entered promiscuous mode
[   82.401516][ T6011] batadv0: entered allmulticast mode
[   82.413342][ T6018] loop1: detected capacity change from 0 to 2048
[   82.420578][ T6011] bond0: (slave batadv0): Releasing backup interface
[   82.448521][ T6018] ext4 filesystem being mounted at /180/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   82.450752][ T6011] bridge0: port 3(batadv0) entered blocking state
[   82.465549][ T6011] bridge0: port 3(batadv0) entered disabled state
[   82.470041][ T6018] EXT4-fs (loop1): shut down requested (2)
[   82.510403][   T29] audit: type=1326 audit(1761852089.396:3073): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6010 comm="syz.2.843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc085cefc9 code=0x7ffc0000
[   82.533767][   T29] audit: type=1326 audit(1761852089.396:3074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6010 comm="syz.2.843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc085cefc9 code=0x7ffc0000
[   82.575328][ T6018] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(13)
[   82.581963][ T6018] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   82.589722][ T6018] vhci_hcd vhci_hcd.0: Device attached
[   82.595602][ T6033] loop0: detected capacity change from 0 to 1024
[   82.604645][ T6028] vhci_hcd: connection closed
[   82.604771][ T4624] vhci_hcd: stop threads
[   82.613776][ T4624] vhci_hcd: release socket
[   82.618320][ T4624] vhci_hcd: disconnect device
[   82.621455][ T6033] EXT4-fs: Ignoring removed orlov option
[   82.660475][   T29] audit: type=1326 audit(1761852089.566:3075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6042 comm="syz.2.854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc085cefc9 code=0x7ffc0000
[   82.683941][   T29] audit: type=1326 audit(1761852089.566:3076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6042 comm="syz.2.854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=448 compat=0 ip=0x7fbc085cefc9 code=0x7ffc0000
[   82.707344][   T29] audit: type=1326 audit(1761852089.566:3077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6042 comm="syz.2.854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc085cefc9 code=0x7ffc0000
[   82.730803][   T29] audit: type=1326 audit(1761852089.566:3078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6042 comm="syz.2.854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc085cefc9 code=0x7ffc0000
[   82.738685][ T6038] lo speed is unknown, defaulting to 1000
[   82.754127][   T29] audit: type=1326 audit(1761852089.566:3079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6042 comm="syz.2.854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fbc085cefc9 code=0x7ffc0000
[   82.754156][   T29] audit: type=1326 audit(1761852089.566:3080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6042 comm="syz.2.854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc085cefc9 code=0x7ffc0000
[   82.783534][ T6038] lo speed is unknown, defaulting to 1000
[   82.813596][ T4622] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[   82.822842][ T4622] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[   83.085225][ T6057] loop4: detected capacity change from 0 to 2048
[   83.102011][ T6057] ext4 filesystem being mounted at /157/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   83.116977][ T6057] EXT4-fs (loop4): shut down requested (2)
[   83.129621][ T6057] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(12)
[   83.136277][ T6057] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   83.144065][ T6057] vhci_hcd vhci_hcd.0: Device attached
[   83.150421][ T6061] vhci_hcd: connection closed
[   83.150679][ T4621] vhci_hcd: stop threads
[   83.159629][ T4621] vhci_hcd: release socket
[   83.164123][ T4621] vhci_hcd: disconnect device
[   83.304695][ T6067] loop1: detected capacity change from 0 to 1024
[   83.313175][ T6067] EXT4-fs: Ignoring removed orlov option
[   83.657477][ T6083] loop3: detected capacity change from 0 to 1024
[   83.673795][ T6083] EXT4-fs: inline encryption not supported
[   83.684928][ T6083] EXT4-fs: test_dummy_encryption option not supported
[   83.728610][ T6088] veth0: entered promiscuous mode
[   83.819588][ T6092] loop3: detected capacity change from 0 to 2048
[   83.869606][ T6095] loop1: detected capacity change from 0 to 512
[   83.894836][ T6095] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   83.956901][ T6095] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.868: inode has both inline data and extents flags
[   83.970841][ T6095] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.868: couldn't read orphan inode 15 (err -117)
[   84.092524][ T6102] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   84.099872][ T6102] syzkaller0: entered promiscuous mode
[   84.105479][ T6102] syzkaller0: entered allmulticast mode
[   84.180683][ T6102] tipc: Resetting bearer <eth:syzkaller0>
[   84.188841][ T6101] tipc: Resetting bearer <eth:syzkaller0>
[   84.196554][ T6101] tipc: Disabling bearer <eth:syzkaller0>
[   84.216380][ T6104] loop4: detected capacity change from 0 to 512
[   84.263132][ T6104] EXT4-fs error (device loop4): ext4_xattr_inode_iget:441: inode #12: comm syz.4.871: missing EA_INODE flag
[   84.294337][ T6104] EXT4-fs error (device loop4): ext4_xattr_inode_iget:446: comm syz.4.871: error while reading EA inode 12 err=-117
[   84.310253][ T6104] EXT4-fs (loop4): 1 orphan inode deleted
[   84.405300][ T6109] __nla_validate_parse: 8 callbacks suppressed
[   84.405357][ T6109] netlink: 8 bytes leftover after parsing attributes in process `syz.3.872'.
[   84.430459][ T6112] netlink: 'syz.0.873': attribute type 10 has an invalid length.
[   84.446351][ T6112] batadv0: left allmulticast mode
[   84.451451][ T6112] batadv0: left promiscuous mode
[   84.456521][ T6112] bridge0: port 3(batadv0) entered disabled state
[   84.561246][ T6116] loop2: detected capacity change from 0 to 1024
[   84.783834][ T6117] netlink: 'syz.0.873': attribute type 10 has an invalid length.
[   84.791703][ T6117] netlink: 40 bytes leftover after parsing attributes in process `syz.0.873'.
[   84.821496][ T6116] EXT4-fs: Ignoring removed orlov option
[   84.854964][ T6112] 8021q: adding VLAN 0 to HW filter on device batadv0
[   84.863395][ T6112] bond0: (slave batadv0): Enslaving as an active interface with an up link
[   84.872495][ T6117] batadv0: entered promiscuous mode
[   84.877754][ T6117] batadv0: entered allmulticast mode
[   84.887374][ T6117] bond0: (slave batadv0): Releasing backup interface
[   84.901363][ T6117] bridge0: port 3(batadv0) entered blocking state
[   84.907885][ T6117] bridge0: port 3(batadv0) entered disabled state
[   84.966298][ T6127] geneve2: entered promiscuous mode
[   84.971560][ T6127] geneve2: entered allmulticast mode
[   84.979615][ T4625] netdevsim netdevsim2 eth0: set [1, 1] type 2 family 0 port 20000 - 0
[   85.004493][ T4625] netdevsim netdevsim2 eth1: set [1, 1] type 2 family 0 port 20000 - 0
[   85.035644][ T4625] netdevsim netdevsim2 eth2: set [1, 1] type 2 family 0 port 20000 - 0
[   85.086230][ T4625] netdevsim netdevsim2 eth3: set [1, 1] type 2 family 0 port 20000 - 0
[   85.362356][ T6142] netlink: 8 bytes leftover after parsing attributes in process `syz.4.881'.
[   85.371341][ T4624] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[   85.380557][ T4624] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[   85.442189][ T6141] loop0: detected capacity change from 0 to 2048
[   85.491642][ T6141] ext4 filesystem being mounted at /143/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   85.527192][ T6141] EXT4-fs (loop0): shut down requested (2)
[   85.565051][ T6141] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(13)
[   85.571722][ T6141] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   85.579402][ T6141] vhci_hcd vhci_hcd.0: Device attached
[   85.635752][ T6147] vhci_hcd: connection closed
[   85.635888][ T4624] vhci_hcd: stop threads
[   85.644872][ T4624] vhci_hcd: release socket
[   85.649297][ T4624] vhci_hcd: disconnect device
[   85.673763][ T6156] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   85.683697][ T6156] netdevsim netdevsim4 eth3 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[   85.710173][ T6154] netlink: 4 bytes leftover after parsing attributes in process `syz.1.886'.
[   85.727429][ T6154] loop1: detected capacity change from 0 to 2048
[   85.774016][ T6164] netlink: 'syz.1.889': attribute type 10 has an invalid length.
[   85.851746][ T6167] netlink: 'syz.1.889': attribute type 10 has an invalid length.
[   85.854390][ T6156] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   85.859531][ T6167] netlink: 40 bytes leftover after parsing attributes in process `syz.1.889'.
[   85.869241][ T6156] netdevsim netdevsim4 eth2 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[   85.905384][ T6164] batadv0: left allmulticast mode
[   85.910573][ T6164] batadv0: left promiscuous mode
[   85.915638][ T6164] bridge0: port 3(batadv0) entered disabled state
[   85.923662][ T6164] 8021q: adding VLAN 0 to HW filter on device batadv0
[   85.932194][ T6164] bond0: (slave batadv0): Enslaving as an active interface with an up link
[   85.941148][ T6167] batadv0: entered promiscuous mode
[   85.946400][ T6167] batadv0: entered allmulticast mode
[   85.953384][ T6167] bond0: (slave batadv0): Releasing backup interface
[   85.963105][ T6167] bridge0: port 3(batadv0) entered blocking state
[   85.969601][ T6167] bridge0: port 3(batadv0) entered disabled state
[   85.977272][ T6166] loop2: detected capacity change from 0 to 128
[   85.987452][ T6156] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   85.997355][ T6156] netdevsim netdevsim4 eth1 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[   86.047792][ T6171] netlink: 8 bytes leftover after parsing attributes in process `syz.1.890'.
[   86.057676][ T6156] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   86.067565][ T6156] netdevsim netdevsim4 eth0 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[   86.130487][ T4624] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 20000 - 0
[   86.138873][ T4624] netdevsim netdevsim4 eth0: set [1, 1] type 2 family 0 port 6081 - 0
[   86.160557][ T4624] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 20000 - 0
[   86.168848][ T4624] netdevsim netdevsim4 eth1: set [1, 1] type 2 family 0 port 6081 - 0
[   86.188053][ T4624] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 20000 - 0
[   86.196411][ T4624] netdevsim netdevsim4 eth2: set [1, 1] type 2 family 0 port 6081 - 0
[   86.205207][ T4624] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 20000 - 0
[   86.213585][ T4624] netdevsim netdevsim4 eth3: set [1, 1] type 2 family 0 port 6081 - 0
[   86.238840][ T6173] loop1: detected capacity change from 0 to 2048
[   86.251932][ T6173] ext4 filesystem being mounted at /188/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   86.278342][ T6177] loop3: detected capacity change from 0 to 2048
[   86.285857][ T6173] EXT4-fs (loop1): shut down requested (2)
[   86.296537][ T6173] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(12)
[   86.303235][ T6173] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   86.310978][ T6173] vhci_hcd vhci_hcd.0: Device attached
[   86.317831][ T6182] vhci_hcd: connection closed
[   86.318117][ T4625] vhci_hcd: stop threads
[   86.327115][ T4625] vhci_hcd: release socket
[   86.331649][ T4625] vhci_hcd: disconnect device
[   86.342780][ T6177] ext4 filesystem being mounted at /218/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   86.354317][ T6187] syz0: rxe_newlink: already configured on bond_slave_0
[   86.362620][ T6177] EXT4-fs (loop3): shut down requested (2)
[   86.373181][ T6177] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(13)
[   86.379881][ T6177] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   86.387670][ T6177] vhci_hcd vhci_hcd.0: Device attached
[   86.395344][ T6189] vhci_hcd: connection closed
[   86.399509][ T4625] vhci_hcd: stop threads
[   86.408538][ T4625] vhci_hcd: release socket
[   86.412974][ T4625] vhci_hcd: disconnect device
[   86.439254][ T6198] rdma_rxe: rxe_newlink: failed to add bond_slave_0
[   86.450748][ T6200] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   86.492201][ T6200] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   86.514791][ T6207] netlink: 'syz.4.901': attribute type 10 has an invalid length.
[   86.523883][ T6207] batadv0: left allmulticast mode
[   86.528934][ T6207] batadv0: left promiscuous mode
[   86.534056][ T6207] bridge0: port 3(batadv0) entered disabled state
[   86.541850][ T6207] 8021q: adding VLAN 0 to HW filter on device batadv0
[   86.550018][ T6207] bond0: (slave batadv0): Enslaving as an active interface with an up link
[   86.565090][ T6207] netlink: 'syz.4.901': attribute type 10 has an invalid length.
[   86.572888][ T6207] netlink: 40 bytes leftover after parsing attributes in process `syz.4.901'.
[   86.606548][ T6200] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   86.617532][ T6207] batadv0: entered promiscuous mode
[   86.623003][ T6207] batadv0: entered allmulticast mode
[   86.629911][ T6207] bond0: (slave batadv0): Releasing backup interface
[   86.638107][ T6207] bridge0: port 3(batadv0) entered blocking state
[   86.644618][ T6207] bridge0: port 3(batadv0) entered disabled state
[   86.652915][ T6200] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   86.678686][ T6211] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   86.686143][ T6211] syzkaller0: entered promiscuous mode
[   86.691896][ T6211] syzkaller0: entered allmulticast mode
[   86.701307][ T6211] tipc: Resetting bearer <eth:syzkaller0>
[   86.708478][ T6210] tipc: Resetting bearer <eth:syzkaller0>
[   86.715591][ T6210] tipc: Disabling bearer <eth:syzkaller0>
[   86.725248][ T4650] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   86.736192][ T4650] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   86.747266][ T4650] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   86.758397][ T4622] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   86.840090][ T6213] loop0: detected capacity change from 0 to 2048
[   86.851560][ T6213] ext4 filesystem being mounted at /148/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   86.867906][ T6213] EXT4-fs (loop0): shut down requested (2)
[   86.877729][ T6213] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(13)
[   86.884529][ T6213] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   86.892237][ T6213] vhci_hcd vhci_hcd.0: Device attached
[   86.898040][ T6216] vhci_hcd: connection closed
[   86.898519][ T4650] vhci_hcd: stop threads
[   86.907535][ T4650] vhci_hcd: release socket
[   86.911984][ T4650] vhci_hcd: disconnect device
[   86.942002][ T6221] loop3: detected capacity change from 0 to 1024
[   86.949193][ T6221] EXT4-fs: Ignoring removed orlov option
[   87.036795][ T6221] ==================================================================
[   87.044903][ T6221] BUG: KCSAN: data-race in generic_buffers_fsync_noflush / writeback_single_inode
[   87.054123][ T6221] 
[   87.056439][ T6221] write to 0xffff888119490ea8 of 4 bytes by task 6226 on cpu 1:
[   87.064061][ T6221]  writeback_single_inode+0x150/0x3f0
[   87.069449][ T6221]  sync_inode_metadata+0x5b/0x90
[   87.074411][ T6221]  generic_buffers_fsync_noflush+0xd9/0x120
[   87.080320][ T6221]  ext4_sync_file+0x1ab/0x690
[   87.084996][ T6221]  vfs_fsync_range+0x10d/0x130
[   87.089752][ T6221]  ext4_buffered_write_iter+0x34f/0x3c0
[   87.095297][ T6221]  ext4_file_write_iter+0x387/0xf60
[   87.100498][ T6221]  iter_file_splice_write+0x666/0xa60
[   87.105876][ T6221]  direct_splice_actor+0x156/0x2a0
[   87.110992][ T6221]  splice_direct_to_actor+0x312/0x680
[   87.116352][ T6221]  do_splice_direct+0xda/0x150
[   87.121111][ T6221]  do_sendfile+0x380/0x650
[   87.125527][ T6221]  __x64_sys_sendfile64+0x105/0x150
[   87.130725][ T6221]  x64_sys_call+0x2bb4/0x3000
[   87.135391][ T6221]  do_syscall_64+0xd2/0x200
[   87.140492][ T6221]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.146386][ T6221] 
[   87.148702][ T6221] read to 0xffff888119490ea8 of 4 bytes by task 6221 on cpu 0:
[   87.156229][ T6221]  generic_buffers_fsync_noflush+0x80/0x120
[   87.162117][ T6221]  ext4_sync_file+0x1ab/0x690
[   87.166814][ T6221]  vfs_fsync_range+0x10d/0x130
[   87.171569][ T6221]  ext4_buffered_write_iter+0x34f/0x3c0
[   87.177106][ T6221]  ext4_file_write_iter+0x387/0xf60
[   87.182290][ T6221]  iter_file_splice_write+0x666/0xa60
[   87.187653][ T6221]  direct_splice_actor+0x156/0x2a0
[   87.192748][ T6221]  splice_direct_to_actor+0x312/0x680
[   87.198116][ T6221]  do_splice_direct+0xda/0x150
[   87.202881][ T6221]  do_sendfile+0x380/0x650
[   87.207296][ T6221]  __x64_sys_sendfile64+0x105/0x150
[   87.212487][ T6221]  x64_sys_call+0x2bb4/0x3000
[   87.217153][ T6221]  do_syscall_64+0xd2/0x200
[   87.221643][ T6221]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.227521][ T6221] 
[   87.229828][ T6221] value changed: 0x00000070 -> 0x00000002
[   87.235523][ T6221] 
[   87.237829][ T6221] Reported by Kernel Concurrency Sanitizer on:
[   87.243973][ T6221] CPU: 0 UID: 0 PID: 6221 Comm: syz.3.905 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   87.253609][ T6221] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   87.263694][ T6221] ==================================================================