last executing test programs:

15.034206035s ago: executing program 1 (id=5786):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x80000000}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000180)=0x400000001, 0xc2)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000140)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000240)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0x0, 0x0, 0xfffffe74)

14.140165352s ago: executing program 1 (id=5807):
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r0)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040)='proc\x00', 0x0, 0x0)
r1 = inotify_init1(0x0)
fcntl$setown(r1, 0x8, 0xffffffffffffffff)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000000000000000000004b84ffec850000006d000000850000002a000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r2}, 0x10)
fcntl$getownex(r1, 0x10, &(0x7f0000000140)={0x0, <r3=>0x0})
r4 = syz_open_procfs(r3, &(0x7f0000000600)='fd/4\x00')
ioctl$EXT4_IOC_GET_ES_CACHE(r4, 0xc020662a, &(0x7f0000000200)={0x0, 0x73d, 0x5, 0x0, 0x20})

14.021291833s ago: executing program 1 (id=5808):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f00000002c0), 0x104010, &(0x7f0000000440)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=7', @ANYRESHEX=r1, @ANYBLOB=',privport,aname=sched_switch\x00,\x00'])
r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000140)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000940)={r2, 0x0, 0x0, 0x4f, 0x0, &(0x7f0000000500)=""/79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
listen(r1, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001a00)={0x0, 0x0, 0x0}, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
socket$inet6(0xa, 0x2, 0x0)
syz_genetlink_get_family_id$fou(0x0, 0xffffffffffffffff)
r3 = socket$inet(0x2, 0x4000000805, 0x0)
listen(r3, 0x7)
sendmmsg(r3, &(0x7f0000000e40)=[{{&(0x7f0000000000)=@l2tp={0x2, 0x0, @local}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000540)="ae", 0x1}], 0x1}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000840000000500000010"], 0x18}}], 0x2, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000600)={0x0, 0x6c00, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73f72cc9f0ba1f848140000005e140602000000000e000a0010000000028000001294", 0x2e}], 0x1}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000280))
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x7}, 0x4)
syz_genetlink_get_family_id$devlink(&(0x7f00000002c0), 0xffffffffffffffff)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x19, 0x4, 0x8, 0x7fff}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB, @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r5}, &(0x7f0000000800), &(0x7f0000000840)=r6}, 0x20)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)

13.93433242s ago: executing program 1 (id=5813):
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, 0x0, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_mount_image$iso9660(&(0x7f0000001dc0), &(0x7f0000000000)='./file0\x00', 0x2110c12, &(0x7f0000001ec0)=ANY=[@ANYBLOB="636865636b3d72656c617865642c696f636861727365743d69736f383875392d312c6f76657272696465726f636b7065726d2c646d6f64653d3078303030303030300030303030303030392c686964652c6f76657272696465726f636b7065726d2c636865636b3d7374726963742c6d61703d6f66662c6d6f64653d3078303030303030303030303030303030312c696f636861727365743d63703933322c6e6f726f636b2c646d3d3078666666666666666666666666666366612c6d61703d6e6f72bf616c2c6d61703d61636f726e2c6d6f1c113d307830233030303030304b303030303030352c686964652c657569643e9bffbbc8dc0831f1f71752c0ec6370d60ec0e169761a3a8f175112119b57f387cea723b9c1ceb05c28c44fa818248d2baadc1b5d05f2db2b872312abba57baab497f38ff34f39d07", @ANYRESDEC=0x0, @ANYBLOB=',obj_user=&#@,euid=', @ANYRESDEC=0xee01, @ANYBLOB="2c66756e633d46494c455f434845434b2c00c908006b9886389093691e26915e00470861741a24da29fb8d9dbc30e8ee8b399804539c8292f8c9734ff8d4cfcd493fdb10269ac6e51782dbebb52050dfd47ae00b805a1f7ba86417cb7e89038a56e58befdf197afe3ea4aab62287b9e5a9de19b75c782680714f231a4ee857a00df71395b2e67d6907f4adb10fe0c31d8b0d2539dbf2fcd040e1f090478bdd220e7b3170fcef005a33f3537796ad0579b4fd8fb5f7a194a65cf510e562ceaa23478ff50ba77bb8fd73db4e6a88345ede55c6d5de7882612992a649950283a009bb455293526ac01832e59d7fa3955571d86938f9aeeefacd97f50628ac6e8d753c3c5095c52fe48a11e1ccb78daa4f523318c315b7201fc765e0abf72f1a9bf1dd6937723e20b8a8a6ec41b5ab7a903b088b7b6cb522b2318f839563cfe45cc9412852074635cc546b06bad3bd50634e04f760b215a7fa41798d620707fc7202d6e747c107eb721de19086681d934094c8f334"], 0x2, 0x9e8, &(0x7f0000000440)="$eJzs3c1vHOd9B/Dv8EWiaUOSbdV1BdtayZVM2yxFUrVUwYdWIlcSXb4UJAVY6MFyLaoQxNat3QK2UaAyUPRUowVa9JDcjJxyMuBLfAl8S27JKYcAgf8FIyflxGBml9SSXHJJhW+WPx9id+flN8/zm53Zebi7s/OE75alo6vGlpaq2yOO3/jxHmTMAXZl/JvPv/isvH16P4fSnTeKnyR9SWpJT5Lnk96x8dmZqQ4F3UtuJfk6KZIcTuNxS26l+O889XD86xQ/LOvd0KGtlkwnS3yv7ff+BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB1ExNj48PFIcysT0jbdrDUltnbHx2ZkiS0vr5ywv0/BV1et38VXHepOivKWvb7mr7+ePP5z9XJLa6bzQGHuh6pA8ffnkyeeOvflsT9fy8htl8wc5vPViP/z4k3vvLi4ufLAriRx81+rTE3MzE1OXr9VrE3MztUsXLgyfu351rnZ1YrI+d3Nuvj5VG5utX56fma0NjL1aG7l06XytPnRz5sb0tfGhyfryxIt/Njo8fKH21tDf1C/Pzs1Mn3traG7s+sTk5MT0tSqmnF3GXCx3xL+emK/N1y9P1Wp37i4unF+TU3fW7L9l0EinNSmDRjsFjQ6Pjo6MjI6OfNrsPXtlwoU3Lr1xcXi4Z3iNrIvYpZ2Wg+WJjTfzzh/E4RF1Ndr/ZDITmc6NvJ1a27+xjGc2M5naYH7Tcvt/5lx903pb2/9mK9/TMvtEeXc6LzVH+zZo/zfIZe/+PszH+ST38m4Ws5iFfLDvGe3t37XUM52JzGUmE5nK5WpKrTmllku5kAsZzju5npOZSy1XM5HJ1DOXm5nLfOrVHjWW2dRzOfOZyWxqGchYXk0tI7mUSzmfWuoZys3M5Eamcy3juVyVcid3q+f9/CY5rgSNbCVodJOgdY35ttv/+tp/Tvje2fmDODyipWb7f6hz6MDYXiQEAAAA7Lg/+XmOHH/mZ79JirxYfS5/dWKyPrzfaQEAAAA7qDpd74XyobccejGF9/8AAADwuCmq39gVSfpzsjG0/EsoHwIAAADAY6L6/v+lFCcfTvD+HwAAAB4zna+x3zGiGFy+/G/tduPxdjOiMVb0X52YrA+NzUy+OZKz1VUGql8arCutOyl6q58fvJZTjahT/Y3H/ocllnX2lVEjQ2+O5LWcbq7IwMvlw8sDbSJHG5GvNCJfaY3szqrI82UkADzuTm/SHm+1/X8tg42IwRNVk99zok0bPKxlBYCDYqWPnd81uzRr0/43I17aqP3/803e/5cRz+TOycYpBUN5L+9nMbczmOYZByfblbrcG0HjNITBDp8G9DdPWfjlxa4Mrvs8oG9lXVtjFzKawbafCLSUWyzncL4R17072wAA9trpTdvhrbX/gx3e//c7pRAADpSVHux3cWC/1xEAWE0rDQAAAAAAAAAAAAAAAAAAAAAAAAAAADtvSxfw/8XZZHFxIdmDzgJWBvq2k+HmA13Zo5z3faA7yX7V/pfZ9lLlNj4oT52B1QP7fGACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgTxRJd7vpXcnhJMNJzu19Vrvn/n4nsFNqj7ZY8SAP8lGO7HQ6AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADfd83r/3el8fhkY1J6upIzSW4l+dv9znEnPdjvBPbNP1T3Ldf/70p6s1Skp7HZU/SOjc/OTJWbvzhczv/m8y8+K2+dy17fq0JZQFnDqs4lmjW0TOldvdTT1VL94wsf3vuX9/+pNn6l2jGvzF+dHJ+6NvtXDwOfK75sdIHQ2g3Ccr7/duan/9My+VCz8i/LNW1vbb1Xq3rH19f7x+2W3qDeLbi7uDBa1jRff3v+X//x7kcts57JqeTlgWRgdU1/X942qOnU2udzteLb4j+LI/n/3Kq2f/lsFEtFuYmOVuv/xJ27iwtD772/eHslp39fldOxnExyO+nbek4nq+NJW9Ve19Vb1jpcBZV3xzuUt6mWEkc2eF6frnaZ/m2tQ23jdah0eN6bGZ1vm9H//vOzObvtLX22Q41tFd8Wvy6u51f5j5b+P7rK7X8mbV+dbYqoIlv2lNZ5q15eXY3Ias1HW2e8s7bMDV+V7IL/yt/lL1a2f1fL8b+5rfbmeNRSY/vXRbL918WPjq5rUR6qWqTja1qk5tFno2WaeR5vRG2Q5x/l9aTnxLaOKK93OKLs1uv/B8VAfpv7+v8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOviLpbje9KzmT5FiSo+V4LVlaG3P/Eerr6i8eJc0d8yg5f/cUG65o8SAP8lGO7HVGAAAAAAAAAOyOK+PffP7FZ+Wt+j6+O3/a1ZxTS3qSHCv+r3dsfHZmqkNBvcmt5a/0+7aXw63y7qmH41+XY893WGh/Tx8AgO+03wcAAP//BZNu0Q==")
bind$unix(0xffffffffffffffff, &(0x7f0000000300)=@file={0x1, './file0\x00'}, 0x6e)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x7f}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200))
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
ptrace(0x10, 0x1)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r3 = inotify_init()
readv(r3, &(0x7f0000000180)=[{&(0x7f0000000680)=""/139, 0x8b}], 0x1)

7.673750804s ago: executing program 3 (id=5932):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
sendmsg$NFC_CMD_START_POLL(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000003c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16, @ANYBLOB="0100230100003402000006000000080001"], 0x24}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@bloom_filter={0x1e, 0x100, 0x1, 0x8, 0x80, 0xffffffffffffffff, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x3, 0x4, 0xe}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)

7.583400082s ago: executing program 3 (id=5934):
mkdir(&(0x7f00000003c0)='./file0\x00', 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)={0x15, 0x65, 0xffff, 0x0, 0x8, '9P2000.u'}, 0x15)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='ext4_forget\x00'}, 0x10)
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000000)=0x68)

7.535616356s ago: executing program 3 (id=5936):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000001400000000000000ff000000850000000e000000850000000700000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, 0x2}, 0x90)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmsg$inet(r4, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r3, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
syz_usb_connect$printer(0x5, 0x36, &(0x7f0000000e80)=ANY=[], 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f})
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x80de, &(0x7f00000006c0)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x1}}, {@resuid={'resuid', 0x3d, 0xee01}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@nombcache}, {@noload}]}, 0x3, 0x440, &(0x7f0000000280)="$eJzs28tvG8UfAPDv2kn66+uXUJVHH0CgIMoradJSeuACAokDSEhwKMeQpFWo26AmSLSKICBUjqgSJy6IIxJ/ASe4IOCExBXuqFKFcmnhZLT2bmI7thunTlzqz0dad2Z33Jmvd8ee2ckG0LdG05ckYk9E/B4Rw9VsfYHR6j83V5am/15Zmk6iXH7zr6RS7sbK0nReNH/f7jwzEFH4NIlDTepduHT53FSpNHsxy48vnn9vfOHS5Wfnzk+dnT07e2Hy1KkTxyeePzn5XFfiTOO6cfDD+cMHXn376uvTp6++8/O3SR5/QxxdMtru4OPlcper6629NelkoIcNoSPFajeNwUr/H45irJ284Xjlk542DthS5XK5fF/rw8tl4C6WRK9bAPRG/kOfzn/zbZuGHneE6y9WJ0Bp3DezrXpkIApZmcGG+W03jUbE6eV/vkq32Jr7EAAAdb5Pxz/PNBv/FaL2vtD/szWUkYi4JyL2RcTJiNgfEfdGVMreHxEPdFh/4yLJ+vFP4dqmAtugdPz3Qra2VT/+y0d/MVLMcnsr8Q8mZ+ZKs8eyz+RoDO5I8xNt6vjh5d8+b3WsdvyXbmn9+Vgwa8e1gR3175mZWpy6nZhrXf844uBAs/iT1ZWAJCIORMTBTdYx99Q3h1sdu3X8bXRhnan8dcQT1fO/HA3x55L265Pj/4vS7LHx/KpY75dfr7zRqv7bir8L0vO/q+n1vxr/SFK7XrvQyf/+5ZPp65U/Pms5p9ns9T+UvFW374OpxcWLExFDyWvVRtfun2woN7lWPo3/6JHm/X9frH0ShyIivYgfjIiHIuLhrO2PRMSjEXGkzafw00uPvbv5+LdWGv9MR+d/LTEUjXuaJ4rnfvyurtKRTuJPz/+JSupotmcj338baVenVzMAAAD8VxUiYk8khbHVdKEwNlb9G/79satQml9YfPrM/PsXZqrPCIzEYCG/0zVccz90IpvW5/nJhvzx7L7xF8WdlfzY9HxpptfBQ5/b3aL/p/4s9rp1wJbzvBb0L/0f+pf+D/1L/4f+1aT/7+xFO4Dt1+z3/6MetAPYfg3937If9BHzf+hfm+n/vjPg7tC2Lw9tXzuAbbWwM279kLyExLpEFO6IZkhsUaLX30wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADd8W8AAAD//58P56I=")
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0)
write$cgroup_int(r5, &(0x7f0000000140)=0xfb05, 0x12)
ioctl$EXT4_IOC_MOVE_EXT(r5, 0x40305829, &(0x7f00000000c0)={0x17c04, 0xffffffffffffffff, 0xf503, 0x7fff})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x8943, &(0x7f0000000080))

6.848065846s ago: executing program 3 (id=5939):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000100), 0x1, 0x500, &(0x7f0000000500)="$eJzs3U9sI1cZAPBvJn/sTdMmhR4AFbqUwoJWayfeNqp6oZwqhCoheuSwDYkTRbHjKHZKE/aQPXJHohInOHHmgMQBqSfuSBzgxqUckAqsQA0SByOP7V3njzfWbmzvxr+fNJo38+L53tvRvGd91s4LYGJdj4ijiJiNiPcjYqFzPuls8XZ7a/3dZ/fvrh3fv7uWRLP53j+TrL51Lno+0/Jc55r5iPjBOxE/Sk4F/VNE/eBwe7VSKe91ThUb1d1i/eDw1lZ1dbO8Wd4plVaWV5bevP1G6dL6+kr1N59ei4jf/+7Ln/zx6Fs/aTVrvlPX24/L1O76zIM4LdMR8b1hBBuDqU5/Zh/nw4/1IS5TGhGfi4hXs+d/Iaayu3nSydv07RG2DgAYhmZzIZoLvccAwFWXZjmwJC10cgHzkaaFQjuH91LMpZVavXFzo7a/s97OlS3GTLqxVSkvdXKFizGTbGxNl5ezcve4Ui6dOr4dES9GxM9y17Ljwlqtsj7OLz4AMMGeOzX//yfXnv8BgCsu/7CYG2c7AIDRyY+7AQDAyJn/AWDymP8BYPKY/wFg8pj/AWDymP8BYKJ8/913W1vzuPP+6/UPDva3ax/cWi/XtwvV/bXCWm1vt7BZq21m7+ypXnS9Sq22u/x67H9YbJTrjWL94PBOtba/07iTvdf7TnlmJL0CAB7lxVc+/ksSEUdvXcu26Hnf/4Vz9cvDbh0wTOm4GwCMzdS4GwCMzdnVvoBJIR8P9CzRe6/ndP5M4bSPBrp8at1QePrc+OIT5P+BZ5r8P0yux8v/+y4PV4H8P0yuZjOx5j8ATBg5fiC5oL739/+lZs/BYL//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJU0n21JWuisBT4faVooRDwfEYsxk2xsVcpLEfFCRPw5N5NrHS9HhHWDAOBZlv496az/dWPhtfnTtbO5/+ayfUT8+Bfv/fzD1UZjbzliNvnXg/ONjzrnS+NoPwBwke483Z3Huz67f3etu42yPZ9+p724aCvucWdr10zHdLbPZ7mGuX8nneO21veVqUuIf3QvIr5wXv+TLDey2Fn59HT8VuznRxo/PRE/zera+9a/xecvoS0waT5ujT9vn/f8pXE925///OezEerJdce/4zPjX/pg/JvqM/5dHzTG63/47pmTzYV23b2IL01HHHcv3jP+dOMnfeK/NmD8v778lVf71TV/GXEjzut/ciJWsVHdLdYPDm9tVVc3y5vlnVJpZXll6c3bb5SKWY662M1Un/WPt26+0C9+q/9zfeLnL+j/1wfs/6/+9/4Pv/qI+N/82vn3/6VHxG/Nid8YMP7q3G/z/epa8df79P+i+39zwPif/O1wfcA/BQBGoH5wuL1aqZT3hl1Ihx8iKyQRRyPoTruQ+/VP3xlVrCEW4ulohsLTVBj3yAQM28OHftwtAQAAAAAAAAAAAAAA+hnFfycadx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uv4fAAD//5iA1Hs=")
r0 = open(&(0x7f0000000100)='./bus\x00', 0x101c42, 0x0)
fallocate(r0, 0x0, 0x0, 0x10000)
r1 = open(&(0x7f0000001780)='./bus\x00', 0x64842, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000340)='./bus\x00', 0x0, 0x1000, 0x0)
r2 = open(&(0x7f00000005c0)='./bus\x00', 0x0, 0x0)
syz_io_uring_setup(0x1526, &(0x7f0000000100), 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x4c02, &(0x7f0000000140))
pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x1}], 0x1, 0x0, 0x0, 0x14)
write$RDMA_USER_CM_CMD_SET_OPTION(r0, 0x0, 0x0)

6.735625405s ago: executing program 3 (id=5944):
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000400)='./file0/../file0\x00', &(0x7f00000001c0), 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x200000000000011, 0xa, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r2, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000300)={&(0x7f0000000700)={0x1f0, 0x1, 0x1, 0x201, 0x0, 0x0, {0x3}, [@CTA_TUPLE_MASTER={0x64, 0xe, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private2}, {0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x39}}}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @rand_addr=0x64010101}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x1, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x88}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x11}}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x76}, @CTA_SYNPROXY={0x24, 0x18, 0x0, 0x1, [@CTA_SYNPROXY_TSOFF={0x8, 0x3, 0x1, 0x0, 0x9}, @CTA_SYNPROXY_ISN={0x8, 0x1, 0x1, 0x0, 0x3}, @CTA_SYNPROXY_ISN={0x8, 0x1, 0x1, 0x0, 0x19fb}, @CTA_SYNPROXY_TSOFF={0x8}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x76af}, @CTA_HELP={0x14, 0x5, 0x0, 0x1, {0xf, 0x1, 'tftp-20000\x00'}}, @CTA_SYNPROXY={0x1c, 0x18, 0x0, 0x1, [@CTA_SYNPROXY_ISN={0x8, 0x1, 0x1, 0x0, 0x6}, @CTA_SYNPROXY_ITS={0x8, 0x2, 0x1, 0x0, 0xb}, @CTA_SYNPROXY_ISN={0x8, 0x1, 0x1, 0x0, 0x776cd839}]}, @CTA_LABELS_MASK={0x18, 0x17, [0x5, 0x1000, 0x70e2, 0x6, 0x1]}, @CTA_TUPLE_MASTER={0x3c, 0xe, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @dev={0xfe, 0x80, '\x00', 0x21}}, {0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}}}]}, @CTA_TUPLE_REPLY={0xc0, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @private=0xa010100}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private2={0xfc, 0x2, '\x00', 0x1}}, {0x14, 0x4, @private1={0xfc, 0x1, '\x00', 0x1}}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @rand_addr=' \x01\x00'}}}, @CTA_TUPLE_ZONE={0x6}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @remote}, {0x14, 0x4, @rand_addr=' \x01\x00'}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x82}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}]}]}, 0x1f0}, 0x1, 0x0, 0x0, 0x4000004}, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'macvlan0\x00', <r3=>0x0})
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000001880)=@nat={'nat\x00', 0x1b, 0x5, 0x888, 0x180, 0x180, 0xffffffff, 0x180, 0x0, 0x7b8, 0x7b8, 0xffffffff, 0x7b8, 0x7b8, 0x5, &(0x7f0000000040), {[{{@ipv6={@private2={0xfc, 0x2, '\x00', 0x1}, @private1, [0xff, 0xffffff00, 0xff, 0xff000000], [0x0, 0xffffff00, 0xff000000], 'batadv_slave_0\x00', 'ip6erspan0\x00', {0xff}, {0xff}, 0x29, 0x3c, 0x3, 0x2}, 0x0, 0x138, 0x180, 0x0, {}, [@common=@srh1={{0x90}, {0x2e, 0x2, 0x1, 0xb, 0x1, @empty, @loopback, @empty, [0x0, 0xff, 0xff000000, 0xffffffff], [0x0, 0xffffff00, 0xffffff, 0xff000000], [0xffffff00, 0xffffff00, 0xffffff00, 0xffffff00], 0x3900, 0xe0}}]}, @unspec=@DNAT1={0x48, 'DNAT\x00', 0x1, {0x2, @ipv4=@rand_addr=0x64010101, @ipv6=@ipv4={'\x00', '\xff\xff', @multicast2}, @port=0x4e22, @port=0x4e24}}}, {{@uncond, 0x0, 0x208, 0x250, 0x0, {}, [@common=@rt={{0x138}, {0xfffffffa, [0x8, 0x4], 0x8, 0x4, 0x3, [@dev={0xfe, 0x80, '\x00', 0x2b}, @mcast1, @rand_addr=' \x01\x00', @local, @mcast2, @remote, @private0, @private2, @mcast2, @empty, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @dev={0xfe, 0x80, '\x00', 0x10}, @remote, @private1={0xfc, 0x1, '\x00', 0x1}, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xf}}], 0x3}}, @common=@ipv6header={{0x28}, {0x9d, 0x88}}]}, @NETMAP={0x48, 'NETMAP\x00', 0x0, {0x14, @ipv4=@dev={0xac, 0x14, 0x14, 0xa}, @ipv4=@private=0xa010101, @icmp_id=0x65, @icmp_id=0x68}}}, {{@uncond, 0x0, 0x160, 0x1a0, 0x0, {}, [@common=@srh1={{0x90}, {0x89, 0x2, 0xe, 0x1, 0x800, @private1, @ipv4={'\x00', '\xff\xff', @broadcast}, @loopback, [0xffffff00, 0xbd3f3d3c68ecf258, 0xff000000, 0xffffffff], [0xff, 0xff, 0xff000000, 0xff], [0xff, 0xff000000, 0xffffff00, 0xffffff00], 0x43c, 0x800}}, @common=@icmp6={{0x28}, {0x11, "38b0", 0x1}}]}, @common=@inet=@TCPOPTSTRIP={0x40, 'TCPOPTSTRIP\x00', 0x0, {[0xffffffff, 0x10, 0x9, 0x5, 0x7, 0x3, 0x40, 0x9]}}}, {{@ipv6={@mcast2, @mcast2, [0xff, 0xff, 0xffffffff], [0xff, 0x0, 0xff, 0xff000000], 'pimreg\x00', 'syzkaller0\x00', {}, {}, 0x2c, 0x2, 0x0, 0x88}, 0x0, 0x200, 0x248, 0x0, {}, [@common=@inet=@policy={{0x158}, {[{@ipv6=@loopback, [0xffffff00, 0xff, 0xffffff00], @ipv6=@mcast2, [0x0, 0xff000000, 0xff000000, 0xffffffff], 0x4d3, 0x3503, 0x84, 0x0, 0x4, 0x2}, {@ipv4=@broadcast, [0xff, 0xffffff00, 0xff000000, 0xff000000], @ipv6=@private0, [0x0, 0xffffffff, 0xffffffff], 0x4d4, 0x0, 0x3c, 0x1, 0x0, 0x15}, {@ipv4=@dev={0xac, 0x14, 0x14, 0x41}, [0xffffff00, 0xffffff00, 0xffffffff, 0xff000000], @ipv6=@private0, [0xffffffff, 0xff, 0xff000000, 0xff000000], 0x4d2, 0x3507, 0xb6, 0x0, 0x1, 0x15}, {@ipv4=@empty, [0x0, 0xffffff00, 0x0, 0xffffff00], @ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', [0x0, 0x26f2ee845a667ff6, 0xffffffff, 0xff000000], 0x4d6, 0x3500, 0x2f}], 0xb, 0x3}}]}, @MASQUERADE={0x48, 'MASQUERADE\x00', 0x0, {0x8, @ipv6=@ipv4={'\x00', '\xff\xff', @multicast1}, @ipv4=@loopback, @gre_key=0xe358, @gre_key=0xa6fa}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x8e8)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="4c00000010000100000000000000000000100000", @ANYRES32=r3, @ANYBLOB="00000000000000002c0012800c0001006d6163766c616e001c000280080007000000000008000100100000000800030001"], 0x4c}}, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@bloom_filter={0x1e, 0x8, 0x4, 0x7, 0x100, 0xffffffffffffffff, 0x0, '\x00', r3, 0xffffffffffffffff, 0x0, 0x2, 0x5, 0x7}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
r6 = syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0x80000000}, &(0x7f0000000240), &(0x7f00000000c0))
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@bloom_filter={0x1e, 0x0, 0xa, 0xfffffffb, 0x14}, 0x48)
io_uring_register$IORING_REGISTER_BUFFERS(r6, 0x0, &(0x7f0000001840)=[{&(0x7f0000000440)=""/173, 0xad}, {0x0, 0x1c}], 0x2)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500"], 0x0}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r7}, 0x10)
umount2(&(0x7f00000006c0)='./file0\x00', 0x3)

6.619111656s ago: executing program 2 (id=5947):
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
semget$private(0x0, 0x207, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file2\x00', 0x200000, &(0x7f00000000c0)={[{@dioread_lock}, {@noblock_validity}, {@lazytime}, {@noblock_validity}]}, 0xfc, 0x564, &(0x7f00000008c0)="$eJzs3c9rHFUcAPDvbJI2/aFJoRT1IIEerNRumsQfFTzUo2ixoPe6JNNQsumW7KY0sWB7sBcvUgQRC6J37x6L/4B/RUELRUrQg5eV2cym22Y32aSbJu1+PjDJezOzee+7M9+XNzu7bAB9ayz7UYh4NSK+TSJGWrYNRr5xbHW/lYfXp7MliXr9s7+TSPJ1zf2T/PehvPJKRPz+dcTJwvp2q0vLc6VyOV3I6+O1+Svj1aXlU5fmS7PpbHp5cmrqzDtTk++/927PYn3z/L8/fHr3ozPfHF/5/tf7R24ncTYO59ta43gKN1orYzGWPydDcfaJHSd60Nhekux2B9iWgTzPhyIbA0ZiIM/6tuojz7JrwA77KktroE8l8h/6VHMe0Ly279F18HPjwYerF0Dr4x9cfW0khhvXRgdXkseujLLr3dEetJ+18dtfd25nS/TudQiATd24GRGnBwfXj39JPv5t3+ku9nmyDeMfPDt3s/nPW+3mP4W1+U+0mf8capO727F5/hfu96CZjrL53wdt579rN61GB/LaS40531By8VI5zca2lyPiRAztz+ob3M/5orByr95pY+v8L1uy9ptzwbwf9wf3P/6YmVKt9FRBt3hwM+K1tvPfZO34J22Of/Z8nO+yjWPpndc7bds8/p1V/znijbbH/9EdrWTj+5PjjfNhvHlWrPfPrWN/dGp/t+PPjv/BjeMfTVrv11a33sZPw/+lnbZt9/zfl3zeKO/L110r1WoLExH7kk/Wr5989Nhmvbl/Fv+J4xuPf+3O/wNZYncZ/62jt1p3Hd5a/Dsri39mS8d/64V7H3/5Y6f2uzv+bzdKJ/I13Yx/3XbwaZ47AAAAAAAA2GsKEXE4kkJxrVwoFIur7+84GgcL5Uq1dvJiZfHyTDQ+KzsaQ4Xmne6RlvdDTOTvh23WJ5+oT0XEkYj4buBAo16crpRndjt4AAAAAAAAAAAAAAAAAAAA2CMORQy3+/x/5s+B3e4dsOM2+Mpv4AXXOf/zLb34pidgT/L/H/qX/If+Jf+hf8l/6F/yH/qX/If+Jf+hf20l/385t4MdAQAAAAAAAAAAAAAAAAAAAAAAAAAAgBfD+XPnsqW+8vD6dFafubq0OFe5emomrc4V5xeni9OVhSvF2UpltpwWpyvzm/29cqVyZWIyFq+N19Jqbby6tHxhvrJ4uXbh0nxpNr2QDj2TqAAAAAAAAAAAAAAAAAAAAOD5Ul1aniuVy+mCgsK2CoN7oxsKPS7s9sgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI/8HwAA///F1Dry")
r2 = open(&(0x7f0000000040)='./file2\x00', 0x181042, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
write$P9_RREADDIR(r2, &(0x7f0000000100)={0xb, 0x29, 0x2, {0x5}}, 0xb)
sendfile(r2, r2, 0x0, 0x7f03)
sendmsg$tipc(0xffffffffffffffff, 0x0, 0x0)

6.618785775s ago: executing program 2 (id=5948):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000022a25eda0000000000feff800c0000000000000054000000a000020095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00', r0}, 0x10)
io_uring_setup(0x10d6, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x3, 0x200})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
r3 = syz_open_dev$usbfs(&(0x7f0000000100), 0x75, 0x1a1281)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x4)
inotify_add_watch(0xffffffffffffffff, 0x0, 0xa4000960)
r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0xffffffffffffffff, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
rmdir(0x0)
ptrace(0x10, r4)
perf_event_open(0x0, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x200}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r6}, 0x10)
bpf$MAP_CREATE(0x300000000000000, &(0x7f0000000100)=@base={0x18, 0x4, 0x41, 0x0, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4002, 0x1}, 0x48)
ioctl$USBDEVFS_SETCONFIGURATION(r3, 0x5522, 0x0)

6.599732457s ago: executing program 2 (id=5949):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000020007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000008100)={0x0, 0x0, &(0x7f00000080c0)={&(0x7f0000000240)=@newtaction={0x18, 0x32, 0xb, 0x0, 0x0, {}, [{0x4}]}, 0x18}}, 0x0)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x8)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = syz_open_dev$usbfs(&(0x7f0000000100), 0x2077, 0x101301)
ioctl$USBDEVFS_IOCTL(r3, 0x8004551a, 0x0)
r4 = socket$packet(0x11, 0x2, 0x300)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x5, 0x4, 0x7fe4, 0x1}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000001c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000009c0)='kfree\x00', r7}, 0x10)
r8 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r8, 0x0, 0x40, &(0x7f0000000780)=@raw={'raw\x00', 0x8, 0x3, 0x228, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x190, 0xffffffff, 0xffffffff, 0x190, 0xffffffff, 0x7fffffe, 0x0, {[{{@ip={@private, @local, 0x0, 0x0, 'batadv_slave_0\x00', 'pim6reg0\x00', {}, {}, 0x1}, 0x6, 0x98, 0x100, 0x0, {}, [@common=@icmp={{0x28}, {0x0, "e6bb"}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, '\x00', 'syz1\x00'}}}, {{@uncond, 0x0, 0x70, 0x90}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2a1)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r9}, 0x10)
mount(&(0x7f0000000180)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000200)='./cgroup.cpu/cpuset.cpus\x00', &(0x7f00000002c0)='hugetlbfs\x00', 0x10000, &(0x7f0000000300)=')-\x00')
write(0xffffffffffffffff, &(0x7f0000000040)="14000000140005b7ffccca38b9000000010860eb", 0x14)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', <r10=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x2, 0x4, 0x40018000, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', r10}, 0x48)
removexattr(&(0x7f0000000040)='./cgroup.cpu/cpuset.cpus\x00', &(0x7f0000000080)=@known='user.incfs.size\x00')

6.56650478s ago: executing program 2 (id=5950):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r4 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
pselect6(0x40, &(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x90)
socket(0x10, 0x80002, 0x0)
pipe(&(0x7f0000000080)={<r5=>0xffffffffffffffff})
mq_notify(r5, &(0x7f0000000000)={0x20000000, 0x4000000000003, 0x2})
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'team0\x00', <r6=>0x0})
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="300000001000010000003a194618d96d6d2e8553", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}, 0x1, 0x0, 0x0, 0x800}, 0x0)
r8 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000440)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x3, [@var={0xf, 0x0, 0x0, 0xe, 0x3, 0x1}, @const={0x5}]}, {0x0, [0x30]}}, &(0x7f00000003c0)=""/94, 0x37, 0x5e, 0x0, 0xfffffff8}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001600)={0x6, 0x1a, &(0x7f0000001480)=@framed={{0x18, 0x0, 0x0, 0x0, 0xd6bd, 0x0, 0x0, 0x0, 0x977}, [@cb_func={0x18, 0x2, 0x4, 0x0, 0xffffffffffffffff}, @tail_call={{0x18, 0x2, 0x1, 0x0, r4}}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffb}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x35}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}}, @generic={0x81, 0x0, 0x6, 0x7, 0xffff}, @jmp={0x5, 0x1, 0x4, 0xb, 0x1, 0x1, 0x1}]}, &(0x7f00000001c0)='syzkaller\x00', 0xfffffffc, 0x0, 0x0, 0x41100, 0x0, '\x00', r6, 0x25, r8, 0x8, 0x0, 0x0, 0x10, &(0x7f0000001580)={0x4, 0xa, 0x3f2b, 0x80}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000015c0)=[r4, r4, r4], 0x0, 0x10, 0xee}, 0x90)
bind$rxrpc(r3, &(0x7f0000000180)=@in4={0x21, 0x4, 0x2, 0x10, {0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x36}}}, 0x24)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c000200080001"], 0x3c}}, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000780)=ANY=[@ANYBLOB="5000000010001fff00"/18, @ANYRES32=0x0, @ANYBLOB, @ANYRES32], 0x50}}, 0x0)
fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000040)='\'!.}\x00', 0x0, r2)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r10, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a40000000060a09040000000000000000020000001400048010000180080001006c6f6700040002800900010073797a3000000000090002007379"], 0x68}, 0x1, 0x0, 0x0, 0x1}, 0x0)
close_range(r9, 0xffffffffffffffff, 0x0)

5.721623083s ago: executing program 2 (id=5956):
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x1)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010700000000000000030000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000042de00000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x0, &(0x7f0000000c00), 0x1, 0xba0, &(0x7f00000017c0)="$eJzs3M1rXOUaAPDnnHw0bXKb9HK597YIBqRWFKdpUxS6al2LCrrosmMyKSHTDzMRTCiY1r26EHFRkP4BLoRuXFkXrgQXdaH1LyjSIkU3rUjkzEc6NJkkNpO8Nf394J3zvvPOzPM8czJzzgtzEsATa7S4ySP2R8TpLGK4eX8eEf313kDEYuNx9+9enChaFktLb/6aRRYR9+5enGi9VtbcDjYHAxFx45Us/v3Byri1+YWZcrVamW2OD8+dvXC4Nr/w4vTZ8pnKmcq5Y+MvHxt/aXy8i7XeuvD2Z0/98Nqzl69+OPb6p3u/y+JEDDXn2uvoltEYXX5P2vVGRLnbwRLpadbTXmfWmzAhAADWlLedw/03hqMnHpy8Dce3PyZNDgAAAOiKpZ6IJQAAAGCHy6z/AQAAYIdr/Q7g3t2LE62W9hcJ2+vOyYgYadTfur65MdMbi/XtQPRFxJ7fsmi/rDVrPG3TRotI176vFC1WXIf81Re33+9CkDUsXoqI/6+2/7N6/SP1q7hX1p9HxFgX4o8+NN7uv7/N1H+iC/FT1w/Ak+n6ycaBbOXxL18+/4lVjn+9qxy7HkXq41/r/O/+ivO/B/X3dDj/e2ODMQ788fyNTnPt53+nPvp5sohfbDdV1N9w51LEgd7V6s+W68861H96gzEGJ25d6TRX1F/U22rbXf/S1YiDsXr9LVlc6/z/iQ5PTVcrY43bDjEOfnPqUKf47fu/aEX81lpgOxT7f0+H+tfb/xc2GGPkf7f3d5pbv/78l/7srXqvv3nPe+W5udkjEf3ZqyvvP7p2Lq3HtF6jqP+5Z9b+/K9Wf/GdsNh8H4q1wKXmthhffijm4MGjXz56/VurqH/yEff/xxuM8fnXV97pNJe6fgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+GfKIGIosLy3387xUihiMiP/Enrx6vjb3wtT5d89NFnMRI9GXT01XK2MRMdwYZ8X4SL3/YHz0ofF4ROyLiE+Gd9fHpYnz1cnUxQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALBsMCKGIstLEZFHxO/DeV4qpc4KAAAA6LqR1AkAAAAAW876HwAAAHY+638AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC22L6nr9/MImLx+O56K/Q35/qSZgZstTx1AkAyPakTAJLpTZ0AkIw1PpCtMz/QcWZX13MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4PF1aP/1m1lELB7fXW+F/uZc33pPXvcBwOMsT50AkExP6gSAZHpTJwAkYwkPZOvMD3Sc2dVp4s+lhs2kBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBjZqjesrwUEXm9n+elUsS/ImIk+rKp6WplLCL2RsRPw327ivGR1EkDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQdbX5hZlytVqZ1dHR2UQn32GfptTfTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAApFCbX5gpV6uV2VrqTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDUavMLM+VqtTK7hZ3UNQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAkM5fAQAA//8L/A/s")
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x1e, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
r1 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_inet_SIOCSIFADDR(r1, 0x8917, &(0x7f0000000000)={'veth1_to_hsr\x00', {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x22}}})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = openat$selinux_validatetrans(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
write$selinux_validatetrans(r2, &(0x7f0000000180)=ANY=[@ANYBLOB="73797374656d5f753a6f626a6563745f723a6170745f7661725f6c6991f4743a73302073797374656d5f753a6f626a6563745f723a6175646974645f7661725f72756e5f743a73302030303030303030303030303030303030323034382073797374656d5f753a73797374656d5f723a6b65726e656c5f743a733000"], 0x7c)

5.669130138s ago: executing program 2 (id=5957):
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, 0x0, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_mount_image$iso9660(&(0x7f0000001dc0), &(0x7f0000000000)='./file0\x00', 0x2110c12, &(0x7f0000001ec0)=ANY=[@ANYBLOB="636865636b3d72656c617865642c696f636861727365743d69736f383875392d312c6f76657272696465726f636b7065726d2c646d6f64653d3078303030303030300030303030303030392c686964652c6f76657272696465726f636b7065726d2c636865636b3d7374726963742c6d61703d6f66662c6d6f64653d3078303030303030303030303030303030312c696f636861727365743d63703933322c6e6f726f636b2c646d3d3078666666666666666666666666666366612c6d61703d6e6f72bf616c2c6d61703d61636f726e2c6d6f1c113d307830233030303030304b303030303030352c686964652c657569643e9bffbbc8dc0831f1f71752c0ec6370d60ec0e169761a3a8f175112119b57f387cea723b9c1ceb05c28c44fa818248d2baadc1b5d05f2db2b872312abba57baab497f38ff34f39d07", @ANYRESDEC=0x0, @ANYBLOB=',obj_user=&#@,euid=', @ANYRESDEC=0xee01, @ANYBLOB="2c66756e633d46494c455f434845434b2c00c908006b9886389093691e26915e00470861741a24da29fb8d9dbc30e8ee8b399804539c8292f8c9734ff8d4cfcd493fdb10269ac6e51782dbebb52050dfd47ae00b805a1f7ba86417cb7e89038a56e58befdf197afe3ea4aab62287b9e5a9de19b75c782680714f231a4ee857a00df71395b2e67d6907f4adb10fe0c31d8b0d2539dbf2fcd040e1f090478bdd220e7b3170fcef005a33f3537796ad0579b4fd8fb5f7a194a65cf510e562ceaa23478ff50ba77bb8fd73db4e6a88345ede55c6d5de7882612992a649950283a009bb455293526ac01832e59d7fa3955571d86938f9aeeefacd97f50628ac6e8d753c3c5095c52fe48a11e1ccb78daa4f523318c315b7201fc765e0abf72f1a9bf1dd6937723e20b8a8a6ec41b5ab7a903b088b7b6cb522b2318f839563cfe45cc9412852074635cc546b06bad3bd50634e04f760b215a7fa41798d620707fc7202d6e747c107eb721de19086681d934094c8f334"], 0x2, 0x9e8, &(0x7f0000000440)="$eJzs3c1vHOd9B/Dv8EWiaUOSbdV1BdtayZVM2yxFUrVUwYdWIlcSXb4UJAVY6MFyLaoQxNat3QK2UaAyUPRUowVa9JDcjJxyMuBLfAl8S27JKYcAgf8FIyflxGBml9SSXHJJhW+WPx9id+flN8/zm53Zebi7s/OE75alo6vGlpaq2yOO3/jxHmTMAXZl/JvPv/isvH16P4fSnTeKnyR9SWpJT5Lnk96x8dmZqQ4F3UtuJfk6KZIcTuNxS26l+O889XD86xQ/LOvd0KGtlkwnS3yv7ff+BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB1ExNj48PFIcysT0jbdrDUltnbHx2ZkiS0vr5ywv0/BV1et38VXHepOivKWvb7mr7+ePP5z9XJLa6bzQGHuh6pA8ffnkyeeOvflsT9fy8htl8wc5vPViP/z4k3vvLi4ufLAriRx81+rTE3MzE1OXr9VrE3MztUsXLgyfu351rnZ1YrI+d3Nuvj5VG5utX56fma0NjL1aG7l06XytPnRz5sb0tfGhyfryxIt/Njo8fKH21tDf1C/Pzs1Mn3traG7s+sTk5MT0tSqmnF3GXCx3xL+emK/N1y9P1Wp37i4unF+TU3fW7L9l0EinNSmDRjsFjQ6Pjo6MjI6OfNrsPXtlwoU3Lr1xcXi4Z3iNrIvYpZ2Wg+WJjTfzzh/E4RF1Ndr/ZDITmc6NvJ1a27+xjGc2M5naYH7Tcvt/5lx903pb2/9mK9/TMvtEeXc6LzVH+zZo/zfIZe/+PszH+ST38m4Ws5iFfLDvGe3t37XUM52JzGUmE5nK5WpKrTmllku5kAsZzju5npOZSy1XM5HJ1DOXm5nLfOrVHjWW2dRzOfOZyWxqGchYXk0tI7mUSzmfWuoZys3M5Eamcy3juVyVcid3q+f9/CY5rgSNbCVodJOgdY35ttv/+tp/Tvje2fmDODyipWb7f6hz6MDYXiQEAAAA7Lg/+XmOHH/mZ79JirxYfS5/dWKyPrzfaQEAAAA7qDpd74XyobccejGF9/8AAADwuCmq39gVSfpzsjG0/EsoHwIAAADAY6L6/v+lFCcfTvD+HwAAAB4zna+x3zGiGFy+/G/tduPxdjOiMVb0X52YrA+NzUy+OZKz1VUGql8arCutOyl6q58fvJZTjahT/Y3H/ocllnX2lVEjQ2+O5LWcbq7IwMvlw8sDbSJHG5GvNCJfaY3szqrI82UkADzuTm/SHm+1/X8tg42IwRNVk99zok0bPKxlBYCDYqWPnd81uzRr0/43I17aqP3/803e/5cRz+TOycYpBUN5L+9nMbczmOYZByfblbrcG0HjNITBDp8G9DdPWfjlxa4Mrvs8oG9lXVtjFzKawbafCLSUWyzncL4R17072wAA9trpTdvhrbX/gx3e//c7pRAADpSVHux3cWC/1xEAWE0rDQAAAAAAAAAAAAAAAAAAAAAAAAAAADtvSxfw/8XZZHFxIdmDzgJWBvq2k+HmA13Zo5z3faA7yX7V/pfZ9lLlNj4oT52B1QP7fGACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgTxRJd7vpXcnhJMNJzu19Vrvn/n4nsFNqj7ZY8SAP8lGO7HQ6AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADfd83r/3el8fhkY1J6upIzSW4l+dv9znEnPdjvBPbNP1T3Ldf/70p6s1Skp7HZU/SOjc/OTJWbvzhczv/m8y8+K2+dy17fq0JZQFnDqs4lmjW0TOldvdTT1VL94wsf3vuX9/+pNn6l2jGvzF+dHJ+6NvtXDwOfK75sdIHQ2g3Ccr7/duan/9My+VCz8i/LNW1vbb1Xq3rH19f7x+2W3qDeLbi7uDBa1jRff3v+X//x7kcts57JqeTlgWRgdU1/X942qOnU2udzteLb4j+LI/n/3Kq2f/lsFEtFuYmOVuv/xJ27iwtD772/eHslp39fldOxnExyO+nbek4nq+NJW9Ve19Vb1jpcBZV3xzuUt6mWEkc2eF6frnaZ/m2tQ23jdah0eN6bGZ1vm9H//vOzObvtLX22Q41tFd8Wvy6u51f5j5b+P7rK7X8mbV+dbYqoIlv2lNZ5q15eXY3Ias1HW2e8s7bMDV+V7IL/yt/lL1a2f1fL8b+5rfbmeNRSY/vXRbL918WPjq5rUR6qWqTja1qk5tFno2WaeR5vRG2Q5x/l9aTnxLaOKK93OKLs1uv/B8VAfpv7+v8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOviLpbje9KzmT5FiSo+V4LVlaG3P/Eerr6i8eJc0d8yg5f/cUG65o8SAP8lGO7HVGAAAAAAAAAOyOK+PffP7FZ+Wt+j6+O3/a1ZxTS3qSHCv+r3dsfHZmqkNBvcmt5a/0+7aXw63y7qmH41+XY893WGh/Tx8AgO+03wcAAP//BZNu0Q==")
bind$unix(0xffffffffffffffff, &(0x7f0000000300)=@file={0x1, './file0\x00'}, 0x6e)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x7f}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200))
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
ptrace(0x10, 0x1)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = inotify_init()
readv(r2, &(0x7f0000000180)=[{&(0x7f0000000680)=""/139, 0x8b}], 0x1)

2.117735996s ago: executing program 3 (id=5985):
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x75, 0x1a1281)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x1e, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x200}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r2}, 0x10)
ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="02002303100007006000000002000020d3"])

1.092094575s ago: executing program 0 (id=5995):
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x75, 0x1a1281)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x1e, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x200}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r2}, 0x10)
ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="02002303100007006000000002000020d3"])

1.060379898s ago: executing program 4 (id=5997):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x3}, 0x48)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x400e, &(0x7f00000001c0)={[{@i_version}, {@nobh}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x65}}, {@lazytime}, {@block_validity}, {@quota}]}, 0x1, 0x434, &(0x7f0000000d80)="$eJzs289rHFUcAPDvzCb9XRNL/dEfarSKwR9Jk9bagxdFwYOCoId6jElaYreNNBFsCRpF6lEK3sWj4F/gSS+ingSvepdCkVxaPa3M7kyyu9lNk3STrd3PB6Z9b+YN73135u2+Ny8TQM8ayv5JIvZFxB8RMVDLNhYYqv13a2lh8p+lhckkKpW3/06q5W4uLUwWRYvz9haZvoj08ySOtKh37vKV8xPl8vSlPD86f+GD0bnLV56fuTBxbvrc9MXx06dPnhh78dT4Cx2JM4vr5uGPZ48eev3da29Onrn23i/fJUX8TXF0yNBaB5+qVDpcXXftr0snfV1sCBtSqnXT6K/2/4EoxcrFG4jXPutq44AtValUKg+2P7xYAe5hSXS7BUB3FD/02fy32LZp6HFXuPFybQKUxX0r32pH+iLNy/Q3zW87aSgiziz++3W2xdY8hwAAaPBDNv55rtX4L43650L35WsogxFxf0QciIhTEXEwIh6IqJZ9KCIe3mD9zYskq8c/6fVNBbZO2fjvpXxtq3H8V4z+YrCU5/ZX4+9Pzs6Up4/nn8lw9O/M8mNr1PHjq79/2e5Y/fgv27L6i7Fg3o7rfTsbz5mamJ+4k5jr3fg04nBfq/iT5ZWAJCIORcThTdYx88y3R9sdu338a+jAOlPlm4ina9d/MZriLyRrr0+O7ory9PHR4q5Y7dffrr7Vrv47ir8Dsuu/p+X9vxz/YFK/Xju38Tqu/vlF2znNZu//Hck7Dfs+mpifvzQWsSN5o9bo+v3jTeXGV8pn8Q8fa93/D8TKJ3EkIrKb+JGIeDQiHsvb/nhEPBERx9aI/+dXnnx/8/FvrSz+qQ1d/5XEjmje0zpROv/T9w2VDm4k/uz6n6ymhvM96/n+W0+7Nnc3AwAAwP9PGhH7IklHltNpOjJS+xv+g7EnLc/OzT97dvbDi1O1dwQGoz8tnnQN1D0PHcun9UV+vCl/In9u/FVpdzU/Mjlbnup28NDj9rbp/5m/Sq3P2bWtLQS2lPe1oHfp/9C79H/oXfo/9K4W/X93N9oBbL9Wv/+fdKEdwPZr6v9tlv2Ae5H5P/Qu/R96l/4PPWlud9z+JXkJiVWJSO+KZkhsUaLb30wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACd8V8AAAD//5Ba5t0=")
r1 = open(&(0x7f0000000000)='./bus\x00', 0x145542, 0x0)
fgetxattr(r1, &(0x7f00000001c0)=@known='security.selinux\x00', 0x0, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000000000000000001811b2c1ac67450000", @ANYRES32=r0, @ANYRESHEX=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

999.342923ms ago: executing program 4 (id=5998):
r0 = socket(0x10, 0x804, 0x800004)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000180)={0x80000000, 0x0, 0xc, 0x80000000}, 0x10)
r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000280)='/proc/crypto\x00', 0x0, 0x0)
sendfile(r1, r2, &(0x7f0000000080)=0x8, 0x106f)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB="240000001a000100000000800000007f26d0c1173092001c14000000000000000000000800010040000000"], 0x24}}, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.current\x00', 0x275a, 0x0)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b704000008000000850000009500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000001680)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000001640)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='sys_enter\x00', r5}, 0x10)
flistxattr(r3, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x79, 0x10}, [@ldst={0x2, 0x0, 0x3}], {0x95, 0x0, 0x5}}, &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000080), 0x10}, 0x23)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x3, 0x7, 0x9}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000004e8100000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r8 = signalfd4(r6, &(0x7f0000000240)={[0x94d]}, 0x8, 0x80000)
ioctl$sock_inet6_SIOCSIFADDR(r8, 0x8916, &(0x7f0000000340)={@mcast1, 0x14})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r8}, &(0x7f0000000080), &(0x7f0000000200)=r7}, 0xfffffffffffffd9a)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10)
r9 = fsopen(&(0x7f0000000100)='logfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r9, 0x6, 0x0, 0x0, 0x0)
fsmount(r9, 0x0, 0x0)

938.580278ms ago: executing program 4 (id=5999):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_DELFLOWTABLE={0x58, 0x16, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x2c, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'netdevsim0\x00'}]}]}]}], {0x14, 0x10}}, 0xa0}}, 0x0)

922.36119ms ago: executing program 4 (id=6000):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB, @ANYRES32=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = syz_io_uring_setup(0x3b04, &(0x7f0000000080)={0x0, 0x0, 0x3e00}, &(0x7f0000000000), &(0x7f0000001000))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
ppoll(&(0x7f0000000040)=[{r2}], 0x1, 0x0, 0x0, 0x0)
r4 = getpid()
r5 = syz_pidfd_open(r4, 0x0)
setns(r5, 0x24020000)
syz_clone(0xd5ba2180, 0x0, 0x0, 0x0, 0x0, 0x0)

915.16525ms ago: executing program 0 (id=6001):
syz_emit_ethernet(0x6e, &(0x7f0000000340)={@multicast, @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "02adf7", 0x38, 0x3a, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[], @time_exceed={0x2, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, "fd9063", 0x0, 0x3a, 0x0, @mcast1, @private2, [], "1e520b4c951ee12e"}}}}}}}, 0x0)

899.160232ms ago: executing program 0 (id=6002):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000b600"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_DELFLOWTABLE={0x58, 0x16, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x2c, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'netdevsim0\x00'}]}]}]}], {0x14, 0x10}}, 0xa0}}, 0x0)

883.893833ms ago: executing program 0 (id=6003):
utimes(&(0x7f00000002c0)='./file0\x00', 0x0)

872.368754ms ago: executing program 0 (id=6004):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
close_range(r0, 0xffffffffffffffff, 0x0)

860.204845ms ago: executing program 0 (id=6005):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xb, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r1, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'\x00', 0x2})
ioctl$TUNSETOFFLOAD(r2, 0x400454c9, 0x3)
ioctl$TUNSETLINK(r2, 0x400454cd, 0xffff0339)
sendto$inet6(r1, 0x0, 0x0, 0x2409c8c1, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
sendto$inet6(r1, &(0x7f0000000e80)="0d0ad7c36d6617110e434332d6ac582208222cfb7c37ce1148f448455bc37f5f70c92774dcb201629979039d7c8943b207e5bdf9ab8eed9ace110469c51f4f211dd9fad815eb", 0x46, 0x6d91fb6102d8910c, 0x0, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x0, 0x0, 0x0)
recvfrom(r1, 0x0, 0x0, 0x12, 0x0, 0x0)
pipe2(&(0x7f0000000040), 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x275a, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x12, r4, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='memory.events\x00', 0x275a, 0x0)
writev(r5, &(0x7f0000000300)=[{&(0x7f00000000c0)="c0", 0x1}], 0x1)
syz_clone(0x4200000, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x4a1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7b, 0x12, r3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
open_tree(0xffffffffffffffff, &(0x7f0000000400)='./file1\x00', 0x1)

106.664541ms ago: executing program 1 (id=5975):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x8, &(0x7f0000000b80)=ANY=[@ANYBLOB="620af8ff0c030021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece87365d0d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7becf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff90326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000800007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b201768ee58969c41595221df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b595c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac8a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e6691dd7ae8ea6eb5064ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea137fec0a294752d018702a40da8daccf080942a486721737390cbf3774cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa370246c167b096e7e60fc3541a2ae05a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6f5210d7503000000a87a27602b81f76386f1535bef1497f921860837abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e04000000868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda8bd3168971ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db41a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd574d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b0000000046829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca4f8bc2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d0104361c37c61a43b5afd865b60d4cae891b73220f17d25979a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db1183b043ef2f79d5ad5527d149d076e1a87e2df27c0cb8a67ad726bf953e88f10447e125c2c0f1aebee1f3390a9e2ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e108e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e64701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed3ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c462fa36cabf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4faa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a2689217380400a9f3cb3811ac87c54c0000000000000005a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a000000000000000000000000000020bd79e41c682139c58ac1deb039a691ad640e12c12fe11d70fe495906f2d5d71778acbd4e0100a3996cb0de84bd2b059d60c0f96a53ea44e0b293865aa68df494f87db976e36ad6c06912244d4c883c4aaa60b4a1392ce0b2f2c519663b4652ff871e0f6dfff9f7d34ecf04be0a58c3d53174b67d1886e34b81ad8c60da56acc64739c3acab24aa8d0ac92d465074f915608b1b60a948bad401b1a7fb3627bbe6c45123ed44bfdf8cc143bd1b7a663dc3d0476b8e39becffc429e41f66b1e37ae52aacaff0f1dc8ea70b68c25072e20586b19127d75fa71577f265c51000000000000007db3d0ac3b73291e73bb6f598eab70fe1635334cb0fb1eb059db90894220865e00ac2209c1f510d5189f08fc58fc1797dec3955fa42ce3c7ee124866e733842644cf1d73f8c4f070c113e7806a60a5aa6d2384d6ea094c324f947ec772896855e5227086da5dfcb2ae984d1accdc39ca77d9f1899367dc298970a5d3e2e2791653fda4180122286f0f0248eb7e250033c751fb0e7537843ce5fc437094e6cf20bc659b95bd1828962f8e7b75e9e03916b45325d99a9a11bd2acc0e53fd4757a41a3d0eec80dca04eae5b7b84be215604a8c94f0bbbabce520337b78ad99ad4d42da8f0c8cce4c1f417811f6babab72daecc90ee55b7a848f9c9f5499c635dc00e5d6a8df77aeec4f41e4e328d8c8e3a59d88a1c556d56dea74bf98126ebcd647796b49a4c435e193b1de67a651bbf0fe4fe37a281896d72e66e9d8d9dd6b2070a58f78d40cece604040000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x49)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket$inet(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x4000000000000, 0x40, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={&(0x7f0000000700)='kmem_cache_free\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7b, 0x4)
bind$inet(r2, &(0x7f0000000000)={0x2, 0x4e23}, 0x10)
sendto$inet(r2, 0x0, 0x0, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23}, 0x10)
sendto$inet(r2, 0x0, 0x0, 0x0, 0x0, 0x0)
sendto$inet(r2, &(0x7f00000012c0), 0x0, 0x11, 0x0, 0x0)

68.087004ms ago: executing program 1 (id=6006):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a31b16ac5fb73fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9d66ebbc8bab4ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c31497e8112969a039d65aa297e2b046b5f4d11116a89f9f65693d4dc3e70fbfe0b2044fdb3f87e887d1daae8e38a0c19f668f776e19a02bb2449ee4384f6536879c85d7e41bc0276ee2b125d41ff358323311703ec01d64a573bdeb75bdcc87d01de38365ab9222713d2d1640a742d62fefb5403b2ed9969c32a0841e8c36b0107bb888eb14ac62e6d4bdfaeb9ee7436b97bf3825a19d6c8997ce285edf1d277ed703f560460417bfe702af833e83c5b987befb6d1fcf765ab7ea537d9dafb622a1ba8686cb9b1c63b84470364942e90d1cf856cead864f5e38c83b9ed86cc5725a"], 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r4 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x90)
socket(0x10, 0x80002, 0x0)
mq_notify(0xffffffffffffffff, &(0x7f0000000000)={0x20000000, 0x4000000000003, 0x2})
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="300000001000010000003a194618d96d6d2e8553", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}, 0x1, 0x0, 0x0, 0x800}, 0x0)
r6 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000440)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x3, [@var={0xf, 0x0, 0x0, 0xe, 0x3, 0x1}, @const={0x5}]}, {0x0, [0x30]}}, &(0x7f00000003c0)=""/94, 0x37, 0x5e, 0x0, 0xfffffff8}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001600)={0x6, 0x1a, &(0x7f0000001480)=@framed={{0x18, 0x0, 0x0, 0x0, 0xd6bd, 0x0, 0x0, 0x0, 0x977}, [@cb_func={0x18, 0x2, 0x4, 0x0, 0xffffffffffffffff}, @tail_call={{0x18, 0x2, 0x1, 0x0, r4}}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffb}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x35}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}}, @generic={0x81, 0x0, 0x6, 0x7, 0xffff}, @jmp={0x5, 0x1, 0x4, 0xb, 0x1, 0x1, 0x1}]}, &(0x7f00000001c0)='syzkaller\x00', 0xfffffffc, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, r6, 0x8, 0x0, 0x0, 0x10, &(0x7f0000001580)={0x4, 0xa, 0x3f2b, 0x80}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000015c0)=[r4, r4, r4], 0x0, 0x10, 0xee}, 0x90)
bind$rxrpc(r3, &(0x7f0000000180)=@in4={0x21, 0x4, 0x2, 0x10, {0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x36}}}, 0x24)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c000200080001"], 0x3c}}, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000780)=ANY=[@ANYBLOB="5000000010001fff00"/18, @ANYRES32=0x0, @ANYRES32], 0x50}}, 0x0)
fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000040)='\'!.}\x00', 0x0, r2)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a40000000060a09040000000000000000020000001400048010000180080001006c6f6700040002800900010073797a30000000000900020073797a3200000000090000001100010000000000000000000000000a"], 0x68}, 0x1, 0x0, 0x0, 0x1}, 0x0)
close_range(r7, 0xffffffffffffffff, 0x0)

66.781894ms ago: executing program 4 (id=6007):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f0000001540)={0x0, 0x0, 0x0}, 0x0)

0s ago: executing program 4 (id=6008):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000100), 0x1, 0x500, &(0x7f0000000500)="$eJzs3U9sI1cZAPBvJn/sTdMmhR4AFbqUwoJWayfeNqp6oZwqhCoheuSwDYkTRbHjKHZKE/aQPXJHohInOHHmgMQBqSfuSBzgxqUckAqsQA0SByOP7V3njzfWbmzvxr+fNJo38+L53tvRvGd91s4LYGJdj4ijiJiNiPcjYqFzPuls8XZ7a/3dZ/fvrh3fv7uWRLP53j+TrL51Lno+0/Jc55r5iPjBOxE/Sk4F/VNE/eBwe7VSKe91ThUb1d1i/eDw1lZ1dbO8Wd4plVaWV5bevP1G6dL6+kr1N59ei4jf/+7Ln/zx6Fs/aTVrvlPX24/L1O76zIM4LdMR8b1hBBuDqU5/Zh/nw4/1IS5TGhGfi4hXs+d/Iaayu3nSydv07RG2DgAYhmZzIZoLvccAwFWXZjmwJC10cgHzkaaFQjuH91LMpZVavXFzo7a/s97OlS3GTLqxVSkvdXKFizGTbGxNl5ezcve4Ui6dOr4dES9GxM9y17Ljwlqtsj7OLz4AMMGeOzX//yfXnv8BgCsu/7CYG2c7AIDRyY+7AQDAyJn/AWDymP8BYPKY/wFg8pj/AWDymP8BYKJ8/913W1vzuPP+6/UPDva3ax/cWi/XtwvV/bXCWm1vt7BZq21m7+ypXnS9Sq22u/x67H9YbJTrjWL94PBOtba/07iTvdf7TnlmJL0CAB7lxVc+/ksSEUdvXcu26Hnf/4Vz9cvDbh0wTOm4GwCMzdS4GwCMzdnVvoBJIR8P9CzRe6/ndP5M4bSPBrp8at1QePrc+OIT5P+BZ5r8P0yux8v/+y4PV4H8P0yuZjOx5j8ATBg5fiC5oL739/+lZs/BYL//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJU0n21JWuisBT4faVooRDwfEYsxk2xsVcpLEfFCRPw5N5NrHS9HhHWDAOBZlv496az/dWPhtfnTtbO5/+ayfUT8+Bfv/fzD1UZjbzliNvnXg/ONjzrnS+NoPwBwke483Z3Huz67f3etu42yPZ9+p724aCvucWdr10zHdLbPZ7mGuX8nneO21veVqUuIf3QvIr5wXv+TLDey2Fn59HT8VuznRxo/PRE/zera+9a/xecvoS0waT5ujT9vn/f8pXE925///OezEerJdce/4zPjX/pg/JvqM/5dHzTG63/47pmTzYV23b2IL01HHHcv3jP+dOMnfeK/NmD8v778lVf71TV/GXEjzut/ciJWsVHdLdYPDm9tVVc3y5vlnVJpZXll6c3bb5SKWY662M1Un/WPt26+0C9+q/9zfeLnL+j/1wfs/6/+9/4Pv/qI+N/82vn3/6VHxG/Nid8YMP7q3G/z/epa8df79P+i+39zwPif/O1wfcA/BQBGoH5wuL1aqZT3hl1Ihx8iKyQRRyPoTruQ+/VP3xlVrCEW4ulohsLTVBj3yAQM28OHftwtAQAAAAAAAAAAAAAA+hnFfycadx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uv4fAAD//5iA1Hs=")
r0 = open(&(0x7f0000000100)='./bus\x00', 0x101c42, 0x0)
fallocate(r0, 0x0, 0x0, 0x10000)
r1 = open(&(0x7f0000001780)='./bus\x00', 0x64842, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000340)='./bus\x00', 0x0, 0x1000, 0x0)
r2 = open(&(0x7f00000005c0)='./bus\x00', 0x0, 0x0)
syz_io_uring_setup(0x1526, &(0x7f0000000100), 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x4c02, &(0x7f0000000140))
pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x1}], 0x1, 0x0, 0x0, 0x14)
write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000300)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)

kernel console output (not intermixed with test programs):

 entered promiscuous mode
[  347.818005][T19391] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[  347.849668][T19391] Cannot create hsr debugfs directory
[  347.978481][T19399] loop1: detected capacity change from 0 to 512
[  347.993445][T19399] EXT4-fs: Ignoring removed mblk_io_submit option
[  348.018236][T19399] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  348.041970][T19399] ext4 filesystem being mounted at /31/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  348.096392][T19146] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  348.163061][T19405] loop1: detected capacity change from 0 to 512
[  348.187005][T19405] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  348.208525][T19405] ext4 filesystem being mounted at /33/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  348.297313][T19146] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  348.568775][T19414] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5414'.
[  348.578059][T19414] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5414'.
[  348.590994][T19414] ip6gretap0: entered promiscuous mode
[  348.597720][T19414] batadv_slave_1: entered promiscuous mode
[  348.603932][T19414] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[  348.612687][T19414] Cannot create hsr debugfs directory
[  348.800999][T19418] netlink: 'syz.0.5416': attribute type 10 has an invalid length.
[  348.817676][T19420] loop3: detected capacity change from 0 to 512
[  348.824311][T19420] EXT4-fs: Ignoring removed i_version option
[  348.830356][T19420] EXT4-fs: Ignoring removed nobh option
[  348.836182][T19420] EXT4-fs: Invalid want_extra_isize 101
[  348.896267][T19432] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5423'.
[  349.362256][T19443] chnl_net:caif_netlink_parms(): no params data found
[  349.399522][T19443] bridge0: port 1(bridge_slave_0) entered blocking state
[  349.406739][T19443] bridge0: port 1(bridge_slave_0) entered disabled state
[  349.416854][T19443] bridge_slave_0: entered allmulticast mode
[  349.423482][T19443] bridge_slave_0: entered promiscuous mode
[  349.431315][T19443] bridge0: port 2(bridge_slave_1) entered blocking state
[  349.438570][T19443] bridge0: port 2(bridge_slave_1) entered disabled state
[  349.447293][T19443] bridge_slave_1: entered allmulticast mode
[  349.453809][T19443] bridge_slave_1: entered promiscuous mode
[  349.470506][   T40] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  349.492184][T19443] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  349.502591][T19443] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  349.519268][   T40] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  349.536051][T19443] team0: Port device team_slave_0 added
[  349.542654][T19443] team0: Port device team_slave_1 added
[  349.556404][T19443] batman_adv: batadv0: Adding interface: batadv_slave_0
[  349.563355][T19443] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  349.589569][T19443] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  349.601009][T19443] batman_adv: batadv0: Adding interface: batadv_slave_1
[  349.607966][T19443] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  349.634084][T19443] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  349.650226][   T40] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  349.672914][T19443] hsr_slave_0: entered promiscuous mode
[  349.679054][T19443] hsr_slave_1: entered promiscuous mode
[  349.685209][T19443] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  349.692809][T19443] Cannot create hsr debugfs directory
[  349.701495][   T40] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  349.728159][   T29] kauditd_printk_skb: 332 callbacks suppressed
[  349.728173][   T29] audit: type=1326 audit(1725701860.618:17054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19458 comm="syz.0.5427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f231ae4cef9 code=0x7ffc0000
[  349.759142][   T29] audit: type=1326 audit(1725701860.618:17055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19458 comm="syz.0.5427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f231ae4cef9 code=0x7ffc0000
[  349.783013][   T29] audit: type=1326 audit(1725701860.618:17056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19458 comm="syz.0.5427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f231ae4cef9 code=0x7ffc0000
[  349.807217][   T29] audit: type=1326 audit(1725701860.618:17057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19458 comm="syz.0.5427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f231ae4cef9 code=0x7ffc0000
[  349.830990][   T29] audit: type=1326 audit(1725701860.618:17058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19458 comm="syz.0.5427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f231ae4cef9 code=0x7ffc0000
[  349.854696][   T29] audit: type=1326 audit(1725701860.618:17059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19458 comm="syz.0.5427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f231ae4cef9 code=0x7ffc0000
[  349.872425][T19462] loop3: detected capacity change from 0 to 1024
[  349.878307][   T29] audit: type=1326 audit(1725701860.618:17060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19458 comm="syz.0.5427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f231ae4cef9 code=0x7ffc0000
[  349.895618][T19462] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  349.908447][   T29] audit: type=1326 audit(1725701860.618:17061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19458 comm="syz.0.5427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f231ae4cef9 code=0x7ffc0000
[  349.944615][   T29] audit: type=1326 audit(1725701860.618:17062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19458 comm="syz.0.5427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f231ae4cef9 code=0x7ffc0000
[  349.968240][   T29] audit: type=1326 audit(1725701860.618:17063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19458 comm="syz.0.5427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f231ae4cef9 code=0x7ffc0000
[  350.029645][T19257] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  350.066179][   T40] bridge_slave_1: left allmulticast mode
[  350.071850][   T40] bridge_slave_1: left promiscuous mode
[  350.077606][   T40] bridge0: port 2(bridge_slave_1) entered disabled state
[  350.090281][   T40] bridge_slave_0: left allmulticast mode
[  350.096151][   T40] bridge_slave_0: left promiscuous mode
[  350.101928][   T40] bridge0: port 1(bridge_slave_0) entered disabled state
[  350.175891][   T40] ip6gretap0 (unregistering): left promiscuous mode
[  350.181801][T19491] loop1: detected capacity change from 0 to 512
[  350.191724][T19491] EXT4-fs: Ignoring removed i_version option
[  350.197802][T19491] EXT4-fs: Ignoring removed nobh option
[  350.203596][T19491] EXT4-fs: Invalid want_extra_isize 101
[  350.226454][T19497] 9pnet_fd: Insufficient options for proto=fd
[  350.241324][T19499] loop1: detected capacity change from 0 to 512
[  350.257092][T19499] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  350.269860][T19499] ext4 filesystem being mounted at /41/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  350.282568][   T40] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  350.283967][T19499] syz.1.5446[19499] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  350.291250][T19499] syz.1.5446[19499] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  350.309232][   T40] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  350.332292][T19146] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  350.342590][   T40] bond0 (unregistering): Released all slaves
[  350.362060][T19506] netlink: 'syz.0.5448': attribute type 10 has an invalid length.
[  350.422138][T19519] loop1: detected capacity change from 0 to 512
[  350.429020][T19519] EXT4-fs: Ignoring removed i_version option
[  350.435053][T19519] EXT4-fs: Ignoring removed nobh option
[  350.440640][T19519] EXT4-fs: Invalid want_extra_isize 101
[  350.454933][   T40] batadv_slave_1: left promiscuous mode
[  350.462125][T19520] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5453'.
[  350.473033][   T40] hsr_slave_0: left promiscuous mode
[  350.480059][   T40] hsr_slave_1: left promiscuous mode
[  350.486267][   T40] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  350.493708][   T40] batman_adv: batadv0: Removing interface: batadv_slave_0
[  350.501299][   T40] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  350.508871][   T40] batman_adv: batadv0: Removing interface: batadv_slave_1
[  350.517619][   T40] veth1_macvtap: left promiscuous mode
[  350.523203][   T40] veth0_macvtap: left promiscuous mode
[  350.528860][   T40] veth1_vlan: left promiscuous mode
[  350.534104][   T40] veth0_vlan: left promiscuous mode
[  350.612161][   T40] team0 (unregistering): Port device team_slave_1 removed
[  350.623620][   T40] team0 (unregistering): Port device team_slave_0 removed
[  350.672322][T19526] bridge_slave_0: left allmulticast mode
[  350.678066][T19526] bridge_slave_0: left promiscuous mode
[  350.683698][T19526] bridge0: port 1(bridge_slave_0) entered disabled state
[  350.692645][T19526] bridge_slave_1: left allmulticast mode
[  350.698468][T19526] bridge_slave_1: left promiscuous mode
[  350.704186][T19526] bridge0: port 2(bridge_slave_1) entered disabled state
[  350.715716][T19526] bond0: (slave bond_slave_0): Releasing backup interface
[  350.727755][T19526] bond0: (slave bond_slave_1): Releasing backup interface
[  350.741926][T19526] team0: Port device team_slave_0 removed
[  350.753246][T19526] team0: Port device team_slave_1 removed
[  350.760055][T19526] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  350.767718][T19526] batman_adv: batadv0: Removing interface: batadv_slave_0
[  350.776795][T19526] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  350.784308][T19526] batman_adv: batadv0: Removing interface: batadv_slave_1
[  350.802159][T19528] netlink: 48 bytes leftover after parsing attributes in process `syz.1.5456'.
[  350.897497][T19443] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  350.906212][T19443] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  350.914663][T19443] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  350.923219][T19443] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  350.956505][T19443] 8021q: adding VLAN 0 to HW filter on device bond0
[  350.969082][T19443] 8021q: adding VLAN 0 to HW filter on device team0
[  350.979455][ T1609] bridge0: port 1(bridge_slave_0) entered blocking state
[  350.986892][ T1609] bridge0: port 1(bridge_slave_0) entered forwarding state
[  350.999226][   T28] bridge0: port 2(bridge_slave_1) entered blocking state
[  351.006383][   T28] bridge0: port 2(bridge_slave_1) entered forwarding state
[  351.084443][T19443] 8021q: adding VLAN 0 to HW filter on device batadv0
[  351.118155][T19544] No such timeout policy "syz1"
[  351.124177][T19544] hugetlbfs: Unknown parameter ')-'
[  351.182249][T19554] netlink: 'syz.3.5462': attribute type 10 has an invalid length.
[  351.196033][T19554] 8021q: adding VLAN 0 to HW filter on device batadv0
[  351.203932][T19554] team0: Port device batadv0 added
[  351.236510][T19443] veth0_vlan: entered promiscuous mode
[  351.253687][T19443] veth1_vlan: entered promiscuous mode
[  351.279700][T19443] veth0_macvtap: entered promiscuous mode
[  351.287285][T19443] veth1_macvtap: entered promiscuous mode
[  351.303140][T19443] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  351.313933][T19443] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  351.323825][T19443] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  351.334302][T19443] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  351.349431][T19565] loop3: detected capacity change from 0 to 512
[  351.360104][T19565] EXT4-fs: Ignoring removed i_version option
[  351.363461][T19443] batman_adv: batadv0: Interface activated: batadv_slave_0
[  351.366217][T19565] EXT4-fs: Ignoring removed nobh option
[  351.375215][T19443] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  351.389707][T19443] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  351.399660][T19443] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  351.408516][T19565] EXT4-fs: Invalid want_extra_isize 101
[  351.410148][T19443] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  351.436198][T19443] batman_adv: batadv0: Interface activated: batadv_slave_1
[  351.460069][T19443] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  351.468777][T19577] loop3: detected capacity change from 0 to 512
[  351.468898][T19443] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  351.484042][T19443] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  351.492958][T19443] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  351.522518][T19577] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  351.537631][T19577] ext4 filesystem being mounted at /25/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  351.569220][T19257] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  351.594802][T19592] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5473'.
[  351.638206][T19595] team0: Port device batadv0 removed
[  351.720317][T19600] ip6gretap0: entered promiscuous mode
[  351.750873][T19600] batadv_slave_1: entered promiscuous mode
[  351.770319][T19600] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[  351.791541][T19600] Cannot create hsr debugfs directory
[  352.068633][T19590] syz.3.5477 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  352.079660][T19590] CPU: 1 UID: 0 PID: 19590 Comm: syz.3.5477 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0
[  352.090492][T19590] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  352.100719][T19590] Call Trace:
[  352.104538][T19590]  <TASK>
[  352.107553][T19590]  dump_stack_lvl+0xf2/0x150
[  352.112185][T19590]  dump_stack+0x15/0x20
[  352.116452][T19590]  dump_header+0x83/0x2d0
[  352.120786][T19590]  oom_kill_process+0x341/0x4c0
[  352.125841][T19590]  out_of_memory+0x9af/0xbe0
[  352.130454][T19590]  ? __rcu_read_unlock+0x4e/0x70
[  352.135502][T19590]  mem_cgroup_out_of_memory+0x13e/0x190
[  352.141052][T19590]  try_charge_memcg+0x51b/0x810
[  352.145914][T19590]  mem_cgroup_swapin_charge_folio+0x107/0x1a0
[  352.151988][T19590]  __read_swap_cache_async+0x2b7/0x520
[  352.157554][T19590]  swap_cluster_readahead+0x276/0x3f0
[  352.163029][T19590]  swapin_readahead+0xe4/0x760
[  352.167808][T19590]  ? __filemap_get_folio+0x420/0x5b0
[  352.173205][T19590]  ? swap_cache_get_folio+0x77/0x210
[  352.178516][T19590]  do_swap_page+0x3da/0x1ef0
[  352.183681][T19590]  ? cgroup_rstat_updated+0x99/0x550
[  352.189072][T19590]  ? __rcu_read_lock+0x36/0x50
[  352.194001][T19590]  ? pte_offset_map_nolock+0x124/0x1d0
[  352.199603][T19590]  handle_mm_fault+0x8cb/0x2a30
[  352.204475][T19590]  exc_page_fault+0x3b9/0x650
[  352.210006][T19590]  asm_exc_page_fault+0x26/0x30
[  352.214868][T19590] RIP: 0033:0x7ff0957709a8
[  352.219275][T19590] Code: 31 d2 48 f7 f1 48 01 d8 49 39 c4 4c 0f 42 e0 83 3d f8 70 2e 00 00 0f 8e 99 fd ff ff e8 31 e5 fe ff 49 39 c4 72 64 0f 1f 40 00 <69> 3d e6 4c e1 00 e8 03 00 00 48 8d 1d c7 55 2e 00 e8 92 c4 12 00
[  352.239194][T19590] RSP: 002b:00007ffc711c6440 EFLAGS: 00010202
[  352.245318][T19590] RAX: 0000000000055f03 RBX: 00007ff095a57a80 RCX: 0000000000055f00
[  352.253281][T19590] RDX: 0000000000000003 RSI: 00007ffc711c6420 RDI: 0000000000000001
[  352.261252][T19590] RBP: 00007ff095a57a80 R08: 000000003bd154b0 R09: 7fffffffffffffff
[  352.269236][T19590] R10: 00007ff0965940b8 R11: 00007ff096594080 R12: 0000000000056095
[  352.277203][T19590] R13: 00007ffc711c6540 R14: 0000000000000032 R15: ffffffffffffffff
[  352.285223][T19590]  </TASK>
[  352.288496][T19590] memory: usage 307200kB, limit 307200kB, failcnt 31494
[  352.295537][T19590] memory+swap: usage 307388kB, limit 9007199254740988kB, failcnt 0
[  352.303764][T19590] kmem: usage 307108kB, limit 9007199254740988kB, failcnt 0
[  352.311210][T19590] Memory cgroup stats for /syz3:
[  352.345476][T19590] cache 81920
[  352.353894][T19590] rss 0
[  352.356691][T19590] shmem 0
[  352.359617][T19590] mapped_file 135168
[  352.363546][T19590] dirty 81920
[  352.366837][T19590] writeback 8192
[  352.370368][T19590] workingset_refault_anon 515
[  352.375682][T19590] workingset_refault_file 12053
[  352.380523][T19590] swap 196608
[  352.383799][T19590] swapcached 8192
[  352.387648][T19590] pgpgin 291668
[  352.391166][T19590] pgpgout 291646
[  352.394969][T19590] pgfault 373049
[  352.399016][T19590] pgmajfault 259
[  352.402542][T19590] inactive_anon 0
[  352.406279][T19590] active_anon 8192
[  352.410016][T19590] inactive_file 0
[  352.413644][T19590] active_file 81920
[  352.417460][T19590] unevictable 0
[  352.421000][T19590] hierarchical_memory_limit 314572800
[  352.426525][T19590] hierarchical_memsw_limit 9223372036854771712
[  352.432791][T19590] total_cache 81920
[  352.438108][T19590] total_rss 0
[  352.442005][T19590] total_shmem 0
[  352.445666][T19590] total_mapped_file 135168
[  352.450314][T19590] total_dirty 81920
[  352.454127][T19590] total_writeback 8192
[  352.458647][T19590] total_workingset_refault_anon 515
[  352.464122][T19590] total_workingset_refault_file 12053
[  352.470653][T19590] total_swap 196608
[  352.474505][T19590] total_swapcached 8192
[  352.478703][T19590] total_pgpgin 291691
[  352.482934][T19590] total_pgpgout 291669
[  352.487050][T19590] total_pgfault 373100
[  352.491182][T19590] total_pgmajfault 260
[  352.495284][T19590] total_inactive_anon 0
[  352.499459][T19590] total_active_anon 8192
[  352.503693][T19590] total_inactive_file 0
[  352.508123][T19590] total_active_file 81920
[  352.514440][T19590] total_unevictable 0
[  352.518507][T19590] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.5477,pid=19590,uid=0
[  352.534715][T19590] Memory cgroup out of memory: Killed process 19590 (syz.3.5477) total-vm:87120kB, anon-rss:604kB, file-rss:16040kB, shmem-rss:0kB, UID:0 pgtables:108kB oom_score_adj:1000
[  352.588974][T19604] __nla_validate_parse: 4 callbacks suppressed
[  352.588989][T19604] netlink: 48 bytes leftover after parsing attributes in process `syz.0.5478'.
[  352.620842][T19606] loop1: detected capacity change from 0 to 1024
[  352.646690][T19606] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  352.682661][T19146] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  352.717148][T19610] loop1: detected capacity change from 0 to 512
[  352.726526][T19610] EXT4-fs: Ignoring removed i_version option
[  352.732759][T19610] EXT4-fs: Ignoring removed nobh option
[  352.740975][T19610] EXT4-fs: Invalid want_extra_isize 101
[  352.767633][T19614] netlink: 'syz.1.5482': attribute type 10 has an invalid length.
[  352.786934][T19614] 8021q: adding VLAN 0 to HW filter on device batadv0
[  352.803712][T19614] team0: Port device batadv0 added
[  352.833393][T19622] loop3: detected capacity change from 0 to 512
[  352.847459][T19622] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  352.861209][T19622] ext4 filesystem being mounted at /30/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  352.890437][T19627] netlink: 'syz.1.5487': attribute type 10 has an invalid length.
[  352.890447][T19257] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  352.948854][T19631] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5489'.
[  352.975413][T19634] No such timeout policy "syz1"
[  352.981569][T19634] hugetlbfs: Unknown parameter ')-'
[  352.989141][T19635] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5488'.
[  353.020266][T19637] netlink: 'syz.1.5500': attribute type 10 has an invalid length.
[  353.281554][T19642] loop1: detected capacity change from 0 to 512
[  353.297952][T19642] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  353.311008][T19642] ext4 filesystem being mounted at /60/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  353.338928][T19146] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  353.449894][T19660] team0: Port device batadv0 removed
[  353.478302][T19661] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5496'.
[  353.487397][T19661] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5496'.
[  353.508921][T19660] netlink: 48 bytes leftover after parsing attributes in process `syz.1.5498'.
[  353.611289][T19665] No such timeout policy "syz1"
[  353.618290][T19665] hugetlbfs: Unknown parameter ')-'
[  354.440279][T19697] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5512'.
[  354.449391][T19697] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5512'.
[  354.536373][T19701] netlink: 'syz.4.5516': attribute type 10 has an invalid length.
[  354.556219][T19701] 8021q: adding VLAN 0 to HW filter on device batadv0
[  354.563830][T19701] team0: Port device batadv0 added
[  354.754136][T19712] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5521'.
[  354.808664][T19717] loop3: detected capacity change from 0 to 512
[  354.827129][T19717] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  354.840712][T19717] ext4 filesystem being mounted at /39/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  354.875628][T19257] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  354.912004][T19724] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  354.920818][T19724] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[  354.943767][   T29] kauditd_printk_skb: 299 callbacks suppressed
[  354.943781][   T29] audit: type=1326 audit(1725701865.828:17363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19726 comm="syz.2.5526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff2b614cef9 code=0x7ffc0000
[  354.977305][   T29] audit: type=1326 audit(1725701865.868:17364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19726 comm="syz.2.5526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7ff2b614cef9 code=0x7ffc0000
[  355.001075][   T29] audit: type=1326 audit(1725701865.868:17365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19726 comm="syz.2.5526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff2b614cef9 code=0x7ffc0000
[  355.024813][   T29] audit: type=1326 audit(1725701865.868:17366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19726 comm="syz.2.5526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=290 compat=0 ip=0x7ff2b614cef9 code=0x7ffc0000
[  355.048955][   T29] audit: type=1326 audit(1725701865.868:17367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19726 comm="syz.2.5526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff2b614cef9 code=0x7ffc0000
[  355.072923][   T29] audit: type=1326 audit(1725701865.868:17368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19726 comm="syz.2.5526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=427 compat=0 ip=0x7ff2b614cef9 code=0x7ffc0000
[  355.096729][   T29] audit: type=1326 audit(1725701865.868:17369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19726 comm="syz.2.5526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff2b614cef9 code=0x7ffc0000
[  355.120386][   T29] audit: type=1326 audit(1725701865.868:17370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19726 comm="syz.2.5526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff2b614cef9 code=0x7ffc0000
[  355.146768][T19728] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5523'.
[  355.151996][T19730] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  355.201359][T19732] loop1: detected capacity change from 0 to 512
[  355.217049][T19732] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  355.230655][T19732] ext4 filesystem being mounted at /67/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  355.257109][T19146] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  355.297204][   T29] audit: type=1326 audit(1725701866.188:17371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19737 comm="syz.1.5530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05c1fecef9 code=0x7ffc0000
[  355.337301][   T29] audit: type=1326 audit(1725701866.208:17372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19737 comm="syz.1.5530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f05c1fecef9 code=0x7ffc0000
[  355.377850][T19740] netlink: 'syz.1.5531': attribute type 10 has an invalid length.
[  355.389651][T19740] 8021q: adding VLAN 0 to HW filter on device batadv0
[  355.400177][T19744] loop3: detected capacity change from 0 to 512
[  355.408942][T19740] team0: Port device batadv0 added
[  355.420285][T19744] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  355.433142][T19744] ext4 filesystem being mounted at /41/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  355.457608][T19257] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  355.460527][T19754] loop1: detected capacity change from 0 to 512
[  355.476443][T19754] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  355.489109][T19754] ext4 filesystem being mounted at /71/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  355.514282][T19146] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  355.532786][T19760] loop1: detected capacity change from 0 to 512
[  355.540331][T19760] EXT4-fs: Ignoring removed mblk_io_submit option
[  355.553624][T19761] team0: Port device batadv0 removed
[  355.568219][T19760] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  355.569545][T19761] bridge_slave_0: left allmulticast mode
[  355.582659][T19765] 9pnet_fd: Insufficient options for proto=fd
[  355.586478][T19761] bridge_slave_0: left promiscuous mode
[  355.586645][T19761] bridge0: port 1(bridge_slave_0) entered disabled state
[  355.604239][T19760] ext4 filesystem being mounted at /72/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  355.615228][T19768] loop4: detected capacity change from 0 to 512
[  355.623672][T19761] bridge_slave_1: left allmulticast mode
[  355.629608][T19761] bridge_slave_1: left promiscuous mode
[  355.635431][T19761] bridge0: port 2(bridge_slave_1) entered disabled state
[  355.643555][T19146] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  355.652877][T19761] bond0: (slave bond_slave_0): Releasing backup interface
[  355.655576][T19768] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  355.673105][T19768] ext4 filesystem being mounted at /14/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  355.691439][T19761] bond0: (slave bond_slave_1): Releasing backup interface
[  355.703487][T19443] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  355.729850][T19761] team0: Port device team_slave_0 removed
[  355.752059][T19761] team0: Port device team_slave_1 removed
[  355.759185][T19779] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  355.763751][T19761] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  355.774007][T19761] batman_adv: batadv0: Removing interface: batadv_slave_0
[  355.783710][T19761] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  355.791204][T19761] batman_adv: batadv0: Removing interface: batadv_slave_1
[  355.817546][T19780] netlink: 'syz.1.5544': attribute type 10 has an invalid length.
[  355.992210][T19784] ip6gretap0: entered promiscuous mode
[  356.015340][T19784] batadv_slave_1: entered promiscuous mode
[  356.033121][T19784] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[  356.055373][T19784] Cannot create hsr debugfs directory
[  356.097860][T19790] loop4: detected capacity change from 0 to 512
[  356.117248][T19790] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  356.130403][T19790] ext4 filesystem being mounted at /18/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  356.153312][T19443] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  356.165796][T19794] No such timeout policy "syz1"
[  356.171588][T19794] hugetlbfs: Unknown parameter ')-'
[  356.395813][T19814] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  356.678338][T19799] syz.2.5552 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  356.689564][T19799] CPU: 0 UID: 0 PID: 19799 Comm: syz.2.5552 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0
[  356.700342][T19799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  356.710485][T19799] Call Trace:
[  356.713786][T19799]  <TASK>
[  356.716712][T19799]  dump_stack_lvl+0xf2/0x150
[  356.721368][T19799]  dump_stack+0x15/0x20
[  356.725583][T19799]  dump_header+0x83/0x2d0
[  356.729911][T19799]  oom_kill_process+0x341/0x4c0
[  356.734820][T19799]  out_of_memory+0x9af/0xbe0
[  356.739474][T19799]  ? __rcu_read_unlock+0x4e/0x70
[  356.744409][T19799]  mem_cgroup_out_of_memory+0x13e/0x190
[  356.749993][T19799]  try_charge_memcg+0x51b/0x810
[  356.754850][T19799]  mem_cgroup_swapin_charge_folio+0x107/0x1a0
[  356.760963][T19799]  __read_swap_cache_async+0x2b7/0x520
[  356.766459][T19799]  swap_cluster_readahead+0x276/0x3f0
[  356.771833][T19799]  swapin_readahead+0xe4/0x760
[  356.776615][T19799]  ? __filemap_get_folio+0x420/0x5b0
[  356.781979][T19799]  ? swap_cache_get_folio+0x77/0x210
[  356.787276][T19799]  do_swap_page+0x3da/0x1ef0
[  356.791908][T19799]  ? cgroup_rstat_updated+0x99/0x550
[  356.797201][T19799]  ? __rcu_read_lock+0x36/0x50
[  356.802093][T19799]  ? pte_offset_map_nolock+0x124/0x1d0
[  356.807612][T19799]  handle_mm_fault+0x8cb/0x2a30
[  356.812549][T19799]  exc_page_fault+0x3b9/0x650
[  356.817317][T19799]  asm_exc_page_fault+0x26/0x30
[  356.822259][T19799] RIP: 0033:0x7ff2b60209cc
[  356.826703][T19799] Code: 72 64 0f 1f 40 00 69 3d e6 4c e1 00 e8 03 00 00 48 8d 1d c7 55 2e 00 e8 92 c4 12 00 eb 0c 48 81 c3 d8 00 00 00 48 39 dd 74 24 <80> 7b 20 00 74 ee 8b 43 0c 85 c0 74 e7 48 89 df 48 81 c3 d8 00 00
[  356.846435][T19799] RSP: 002b:00007ffe11cecdf0 EFLAGS: 00010216
[  356.852496][T19799] RAX: 0000000000000000 RBX: 00007ff2b6306058 RCX: 0000000000000000
[  356.860781][T19799] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000055558a6b9808
[  356.868754][T19799] RBP: 00007ff2b6307a80 R08: 0000000000000000 R09: 7fffffffffffffff
[  356.876974][T19799] R10: 0000000000000000 R11: 0000000000000293 R12: 00000000000572a3
[  356.884999][T19799] R13: 00007ffe11cecef0 R14: 0000000000000032 R15: ffffffffffffffff
[  356.892971][T19799]  </TASK>
[  356.897332][T19799] memory: usage 307196kB, limit 307200kB, failcnt 39411
[  356.905018][T19799] memory+swap: usage 307384kB, limit 9007199254740988kB, failcnt 0
[  356.912942][T19799] kmem: usage 307176kB, limit 9007199254740988kB, failcnt 0
[  356.920253][T19799] Memory cgroup stats for /syz2:
[  356.984610][T19799] cache 4096
[  356.993004][T19799] rss 8192
[  356.996091][T19799] shmem 0
[  356.999032][T19799] mapped_file 57344
[  357.003523][T19799] dirty 4096
[  357.006803][T19799] writeback 0
[  357.010182][T19799] workingset_refault_anon 330
[  357.015072][T19799] workingset_refault_file 19161
[  357.020017][T19799] swap 192512
[  357.023448][T19799] swapcached 16384
[  357.027263][T19799] pgpgin 300968
[  357.030715][T19799] pgpgout 300963
[  357.034261][T19799] pgfault 335491
[  357.037829][T19799] pgmajfault 173
[  357.041387][T19799] inactive_anon 8192
[  357.045756][T19799] active_anon 8192
[  357.050337][T19799] inactive_file 0
[  357.054264][T19799] active_file 4096
[  357.058395][T19799] unevictable 0
[  357.061854][T19799] hierarchical_memory_limit 314572800
[  357.067304][T19799] hierarchical_memsw_limit 9223372036854771712
[  357.073523][T19799] total_cache 4096
[  357.077252][T19799] total_rss 8192
[  357.080804][T19799] total_shmem 0
[  357.084257][T19799] total_mapped_file 57344
[  357.088613][T19799] total_dirty 4096
[  357.093107][T19799] total_writeback 0
[  357.096983][T19799] total_workingset_refault_anon 330
[  357.102169][T19799] total_workingset_refault_file 19161
[  357.107562][T19799] total_swap 192512
[  357.111370][T19799] total_swapcached 16384
[  357.115642][T19799] total_pgpgin 300968
[  357.119627][T19799] total_pgpgout 300963
[  357.123821][T19799] total_pgfault 335533
[  357.127914][T19799] total_pgmajfault 173
[  357.132007][T19799] total_inactive_anon 8192
[  357.136452][T19799] total_active_anon 8192
[  357.140694][T19799] total_inactive_file 0
[  357.144964][T19799] total_active_file 4096
[  357.149328][T19799] total_unevictable 0
[  357.153395][T19799] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.5552,pid=19799,uid=0
[  357.168430][T19799] Memory cgroup out of memory: Killed process 19799 (syz.2.5552) total-vm:87120kB, anon-rss:568kB, file-rss:16040kB, shmem-rss:0kB, UID:0 pgtables:104kB oom_score_adj:1000
[  357.209895][T19824] loop4: detected capacity change from 0 to 512
[  357.257823][T19824] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  357.275129][T19824] ext4 filesystem being mounted at /20/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  357.348918][T19443] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  357.392170][T19830] No such timeout policy "syz1"
[  357.407817][T19830] hugetlbfs: Unknown parameter ')-'
[  357.464100][T19839] team0: Port device batadv0 removed
[  357.480743][T19839] bridge_slave_0: left allmulticast mode
[  357.486602][T19839] bridge_slave_0: left promiscuous mode
[  357.492493][T19839] bridge0: port 1(bridge_slave_0) entered disabled state
[  357.503546][T19839] bridge_slave_1: left allmulticast mode
[  357.509904][T19839] bridge_slave_1: left promiscuous mode
[  357.515585][T19839] bridge0: port 2(bridge_slave_1) entered disabled state
[  357.528470][T19839] bond0: (slave bond_slave_0): Releasing backup interface
[  357.547848][T19839] bond0: (slave bond_slave_1): Releasing backup interface
[  357.577965][T19839] team0: Port device team_slave_0 removed
[  357.605242][T19839] team0: Port device team_slave_1 removed
[  357.622547][T19839] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  357.630236][T19839] batman_adv: batadv0: Removing interface: batadv_slave_0
[  357.641832][T19839] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  357.649407][T19839] batman_adv: batadv0: Removing interface: batadv_slave_1
[  357.681418][T19840] netlink: 'syz.1.5566': attribute type 10 has an invalid length.
[  357.705715][T19849] __nla_validate_parse: 5 callbacks suppressed
[  357.705730][T19849] netlink: 48 bytes leftover after parsing attributes in process `syz.2.5564'.
[  357.755211][T19857] 9pnet_fd: Insufficient options for proto=fd
[  358.005376][T19875] netlink: 'syz.0.5581': attribute type 10 has an invalid length.
[  358.020970][T19875] 8021q: adding VLAN 0 to HW filter on device batadv0
[  358.035840][T19875] team0: Port device batadv0 added
[  358.055843][T19879] netlink: 'syz.3.5583': attribute type 10 has an invalid length.
[  358.076515][T19879] 8021q: adding VLAN 0 to HW filter on device batadv0
[  358.085720][T19879] team0: Port device batadv0 added
[  358.137978][T19883] 9pnet_fd: Insufficient options for proto=fd
[  358.260193][T19895] loop4: detected capacity change from 0 to 512
[  358.297738][T19895] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  358.354262][T19895] ext4 filesystem being mounted at /22/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  358.381985][T19903] loop2: detected capacity change from 0 to 512
[  358.407918][T19903] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  358.446985][T19903] ext4 filesystem being mounted at /34/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  358.473650][T19443] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  358.543977][T19068] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  358.573152][T19909] loop4: detected capacity change from 0 to 1024
[  358.597517][T19909] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  358.638178][T19443] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  358.649468][T19915] netlink: 'syz.2.5597': attribute type 10 has an invalid length.
[  358.660644][T19915] 8021q: adding VLAN 0 to HW filter on device batadv0
[  358.668480][T19915] team0: Port device batadv0 added
[  358.695937][T19917] 9pnet_fd: Insufficient options for proto=fd
[  358.791302][T19922] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5600'.
[  359.032162][T19928] team0: Port device batadv0 removed
[  359.143343][T19934] netlink: 48 bytes leftover after parsing attributes in process `syz.1.5601'.
[  359.254611][T19940] loop3: detected capacity change from 0 to 512
[  359.278430][T19940] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  359.305354][T19940] ext4 filesystem being mounted at /57/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  359.343370][T19257] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  359.447421][T19950] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5608'.
[  359.456708][T19950] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5608'.
[  359.491081][T19951] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5609'.
[  359.500217][T19951] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5609'.
[  359.668554][T19956] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5610'.
[  359.788265][T19960] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  359.802309][T19960] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[  359.843190][T19962] loop1: detected capacity change from 0 to 512
[  359.866771][T19962] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  359.885654][T19962] ext4 filesystem being mounted at /83/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  359.933655][T19146] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  360.084075][T19970] loop1: detected capacity change from 0 to 512
[  360.116606][T19970] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  360.148442][T19970] ext4 filesystem being mounted at /86/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  360.255328][T19146] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  360.305473][T19978] netlink: 'syz.1.5617': attribute type 4 has an invalid length.
[  360.337052][   T29] kauditd_printk_skb: 158 callbacks suppressed
[  360.337143][   T29] audit: type=1400 audit(1725701871.228:17531): avc:  denied  { watch } for  pid=19977 comm="syz.1.5617" path="/87" dev="tmpfs" ino=482 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  360.374139][T19980] loop3: detected capacity change from 0 to 512
[  360.425105][T19980] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  360.475428][T19980] ext4 filesystem being mounted at /60/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  360.527284][   T29] audit: type=1326 audit(1725701871.418:17532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19987 comm="syz.1.5622" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05c1fecef9 code=0x7ffc0000
[  360.561128][T19257] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  360.575221][   T29] audit: type=1326 audit(1725701871.418:17533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19987 comm="syz.1.5622" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05c1fecef9 code=0x7ffc0000
[  360.599344][   T29] audit: type=1326 audit(1725701871.418:17534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19987 comm="syz.1.5622" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f05c1fecef9 code=0x7ffc0000
[  360.622967][   T29] audit: type=1326 audit(1725701871.418:17535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19987 comm="syz.1.5622" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05c1fecef9 code=0x7ffc0000
[  360.646974][   T29] audit: type=1326 audit(1725701871.418:17536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19987 comm="syz.1.5622" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f05c1fecef9 code=0x7ffc0000
[  360.671170][   T29] audit: type=1326 audit(1725701871.448:17537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19987 comm="syz.1.5622" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05c1fecef9 code=0x7ffc0000
[  360.694929][   T29] audit: type=1326 audit(1725701871.448:17538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19987 comm="syz.1.5622" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05c1fecef9 code=0x7ffc0000
[  360.779883][T19996] loop3: detected capacity change from 0 to 512
[  360.793807][T20005] loop2: detected capacity change from 0 to 1024
[  360.816088][T20005] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  360.829867][T19996] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  360.858503][T19996] ext4 filesystem being mounted at /61/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  360.869730][T20018] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5631'.
[  360.873346][T19068] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  360.897520][   T29] audit: type=1326 audit(1725701871.788:17539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20019 comm="syz.1.5636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05c1fecef9 code=0x7ffc0000
[  360.921174][   T29] audit: type=1326 audit(1725701871.788:17540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20019 comm="syz.1.5636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05c1fecef9 code=0x7ffc0000
[  360.948705][T19257] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  361.098752][T20041] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5639'.
[  361.862525][T20056] loop1: detected capacity change from 0 to 512
[  361.916842][T20056] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  361.944530][T20056] ext4 filesystem being mounted at /96/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  361.971005][T20062] FAULT_INJECTION: forcing a failure.
[  361.971005][T20062] name failslab, interval 1, probability 0, space 0, times 0
[  361.984541][T20062] CPU: 1 UID: 0 PID: 20062 Comm: syz.0.5652 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0
[  361.996608][T20062] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  362.006674][T20062] Call Trace:
[  362.009951][T20062]  <TASK>
[  362.012916][T20062]  dump_stack_lvl+0xf2/0x150
[  362.017535][T20062]  dump_stack+0x15/0x20
[  362.021736][T20062]  should_fail_ex+0x229/0x230
[  362.026442][T20062]  ? audit_log_start+0x34c/0x6b0
[  362.031418][T20062]  should_failslab+0x8f/0xb0
[  362.036048][T20062]  kmem_cache_alloc_noprof+0x4c/0x290
[  362.042017][T20062]  audit_log_start+0x34c/0x6b0
[  362.047626][T20062]  audit_seccomp+0x4b/0x130
[  362.052134][T20062]  __seccomp_filter+0x6fa/0x1180
[  362.057089][T20062]  ? proc_fail_nth_write+0x130/0x160
[  362.062395][T20062]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  362.068028][T20062]  ? vfs_write+0x5a5/0x900
[  362.072451][T20062]  __secure_computing+0x9f/0x1c0
[  362.077426][T20062]  syscall_trace_enter+0xd1/0x1f0
[  362.082568][T20062]  do_syscall_64+0xaa/0x1c0
[  362.087150][T20062]  ? clear_bhb_loop+0x55/0xb0
[  362.091921][T20062]  ? clear_bhb_loop+0x55/0xb0
[  362.096654][T20062]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  362.102608][T20062] RIP: 0033:0x7f231ae4cef9
[  362.107118][T20062] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  362.126758][T20062] RSP: 002b:00007f2319ac7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000095
[  362.135253][T20062] RAX: ffffffffffffffda RBX: 00007f231b005f80 RCX: 00007f231ae4cef9
[  362.143248][T20062] RDX: 0000000000000000 RSI: 0000000000800000 RDI: 0000000020000000
[  362.151749][T20062] RBP: 00007f2319ac7090 R08: 0000000000000000 R09: 0000000000000000
[  362.159752][T20062] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  362.167913][T20062] R13: 0000000000000000 R14: 00007f231b005f80 R15: 00007ffde05e2f28
[  362.175987][T20062]  </TASK>
[  362.187055][T19146] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  362.220053][T20065] netlink: 'syz.3.5654': attribute type 10 has an invalid length.
[  362.312182][T20073] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  362.445743][T20083] loop2: detected capacity change from 0 to 512
[  362.456509][T20083] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  362.470119][T20083] ext4 filesystem being mounted at /48/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  362.502360][T19068] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  362.585636][T20089] loop2: detected capacity change from 0 to 512
[  362.594038][T20089] EXT4-fs: Ignoring removed i_version option
[  362.601284][T20089] EXT4-fs: Ignoring removed nobh option
[  362.608200][T20089] EXT4-fs: Invalid want_extra_isize 101
[  362.638603][T20091] loop2: detected capacity change from 0 to 512
[  362.645799][T20091] EXT4-fs: Ignoring removed mblk_io_submit option
[  362.656679][T20091] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  362.669703][T20091] ext4 filesystem being mounted at /51/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  362.712074][T20095] loop2: detected capacity change from 0 to 512
[  362.727358][T20095] ext4 filesystem being mounted at /52/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  362.872881][T20101] __nla_validate_parse: 2 callbacks suppressed
[  362.872896][T20101] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5665'.
[  362.888095][T20101] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5665'.
[  362.928334][T20101] ip6gretap0: entered promiscuous mode
[  362.935840][T20101] batadv_slave_1: entered promiscuous mode
[  362.942115][T20101] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[  362.951017][T20101] Cannot create hsr debugfs directory
[  363.086918][T20105] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  363.156484][T20104] No such timeout policy "syz1"
[  363.163912][T20104] hugetlbfs: Unknown parameter ')-'
[  363.172860][T20113] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  363.183721][T20113] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[  363.235515][T20116] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  363.251934][T20116] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[  363.280073][T20123] loop3: detected capacity change from 0 to 512
[  363.288987][T20124] FAULT_INJECTION: forcing a failure.
[  363.288987][T20124] name failslab, interval 1, probability 0, space 0, times 0
[  363.289152][T20123] EXT4-fs: Ignoring removed mblk_io_submit option
[  363.301730][T20124] CPU: 1 UID: 0 PID: 20124 Comm: syz.0.5673 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0
[  363.318908][T20124] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  363.328970][T20124] Call Trace:
[  363.332243][T20124]  <TASK>
[  363.335173][T20124]  dump_stack_lvl+0xf2/0x150
[  363.339824][T20124]  dump_stack+0x15/0x20
[  363.343980][T20124]  should_fail_ex+0x229/0x230
[  363.348717][T20124]  ? rtnl_newlink+0x5d/0x1690
[  363.353448][T20124]  should_failslab+0x8f/0xb0
[  363.358037][T20124]  __kmalloc_cache_noprof+0x4b/0x2a0
[  363.363444][T20124]  rtnl_newlink+0x5d/0x1690
[  363.367998][T20124]  ? __memcg_slab_free_hook+0xc9/0x1e0
[  363.373450][T20124]  ? __rcu_read_unlock+0x4e/0x70
[  363.378385][T20124]  ? avc_has_perm_noaudit+0x1cc/0x210
[  363.383768][T20124]  ? selinux_capable+0x1f2/0x260
[  363.388870][T20124]  ? security_capable+0x64/0x80
[  363.393800][T20124]  ? ns_capable+0x7d/0xb0
[  363.398122][T20124]  ? __pfx_rtnl_newlink+0x10/0x10
[  363.403141][T20124]  rtnetlink_rcv_msg+0x6aa/0x710
[  363.408076][T20124]  ? ref_tracker_free+0x3a5/0x410
[  363.413181][T20124]  ? __dev_queue_xmit+0x161/0x1fe0
[  363.418284][T20124]  ? should_fail_ex+0xd7/0x230
[  363.423122][T20124]  netlink_rcv_skb+0x12c/0x230
[  363.427918][T20124]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  363.433414][T20124]  rtnetlink_rcv+0x1c/0x30
[  363.437832][T20124]  netlink_unicast+0x599/0x670
[  363.442640][T20124]  netlink_sendmsg+0x5cc/0x6e0
[  363.447426][T20124]  ? __pfx_netlink_sendmsg+0x10/0x10
[  363.452742][T20124]  __sock_sendmsg+0x140/0x180
[  363.457493][T20124]  sock_sendmsg+0x96/0xe0
[  363.462114][T20124]  splice_to_socket+0x657/0x9d0
[  363.467100][T20124]  ? __pfx_splice_to_socket+0x10/0x10
[  363.472470][T20124]  do_splice+0x99b/0x1150
[  363.476805][T20124]  ? get_pid_task+0x8e/0xc0
[  363.481390][T20124]  ? proc_fail_nth_write+0x130/0x160
[  363.486702][T20124]  ? __fget_files+0x1da/0x210
[  363.491401][T20124]  __se_sys_splice+0x24c/0x390
[  363.496160][T20124]  __x64_sys_splice+0x78/0x90
[  363.500865][T20124]  x64_sys_call+0x2945/0x2d60
[  363.505553][T20124]  do_syscall_64+0xc9/0x1c0
[  363.510106][T20124]  ? clear_bhb_loop+0x55/0xb0
[  363.514853][T20124]  ? clear_bhb_loop+0x55/0xb0
[  363.519603][T20124]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  363.525499][T20124] RIP: 0033:0x7f231ae4cef9
[  363.529910][T20124] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  363.549506][T20124] RSP: 002b:00007f2319aa6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000113
[  363.557919][T20124] RAX: ffffffffffffffda RBX: 00007f231b006058 RCX: 00007f231ae4cef9
[  363.565951][T20124] RDX: 0000000000000007 RSI: 0000000000000000 RDI: 0000000000000005
[  363.573916][T20124] RBP: 00007f2319aa6090 R08: 000000000004ffe6 R09: 0000000000000000
[  363.581877][T20124] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  363.589835][T20124] R13: 0000000000000001 R14: 00007f231b006058 R15: 00007ffde05e2f28
[  363.597924][T20124]  </TASK>
[  363.621374][T20123] ext4 filesystem being mounted at /67/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  363.662055][T20132] loop4: detected capacity change from 0 to 512
[  363.693491][T20132] ext4 filesystem being mounted at /39/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  363.868263][T20152] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  363.885930][T20152] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[  363.899408][T20153] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5683'.
[  363.940899][T20155] loop3: detected capacity change from 0 to 512
[  363.950671][T20149] netlink: 48 bytes leftover after parsing attributes in process `syz.1.5683'.
[  363.967692][T20155] ext4 filesystem being mounted at /72/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  364.044526][T20155] loop3: detected capacity change from 512 to 511
[  364.064534][T20158] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.5687: bg 0: block 16032: padding at end of block bitmap is not set
[  364.112261][T20158] EXT4-fs error (device loop3): ext4_discard_preallocations:5606: comm syz.3.5687: Error -117 reading block bitmap for 0
[  364.150783][T20162] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  364.162919][T19257] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 3: comm syz-executor: path /72/file0: bad entry in directory: directory entry overrun - offset=2016, inode=2, rec_len=2036, size=2048 fake=1
[  364.206793][T19257] EXT4-fs error (device loop3): ext4_lookup:1815: inode #2: comm syz-executor: deleted inode referenced: 12
[  364.218827][T19257] EXT4-fs error (device loop3): ext4_lookup:1815: inode #2: comm syz-executor: deleted inode referenced: 12
[  364.327875][T20170] loop2: detected capacity change from 0 to 512
[  364.346988][T20170] ext4 filesystem being mounted at /57/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  364.407913][T20178] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  364.419554][T20178] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[  364.458244][T20180] netlink: 'syz.0.5698': attribute type 10 has an invalid length.
[  364.527720][ T1609] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  364.620259][ T1609] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  364.642922][T20197] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  364.718307][ T1609] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  364.729377][T20205] loop1: detected capacity change from 0 to 512
[  364.746777][T20205] ext4 filesystem being mounted at /105/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  364.779993][ T1609] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  364.854762][T20210] FAULT_INJECTION: forcing a failure.
[  364.854762][T20210] name failslab, interval 1, probability 0, space 0, times 0
[  364.867469][T20210] CPU: 0 UID: 0 PID: 20210 Comm: syz.1.5708 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0
[  364.878353][T20210] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  364.888413][T20210] Call Trace:
[  364.891688][T20210]  <TASK>
[  364.894626][T20210]  dump_stack_lvl+0xf2/0x150
[  364.899408][T20210]  dump_stack+0x15/0x20
[  364.903559][T20210]  should_fail_ex+0x229/0x230
[  364.908389][T20210]  ? audit_log_start+0x34c/0x6b0
[  364.913378][T20210]  should_failslab+0x8f/0xb0
[  364.917999][T20210]  kmem_cache_alloc_noprof+0x4c/0x290
[  364.923413][T20210]  audit_log_start+0x34c/0x6b0
[  364.928282][T20210]  audit_seccomp+0x4b/0x130
[  364.932800][T20210]  __seccomp_filter+0x6fa/0x1180
[  364.937792][T20210]  ? proc_fail_nth_write+0x130/0x160
[  364.943074][T20210]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  364.948795][T20210]  ? vfs_write+0x5a5/0x900
[  364.953261][T20210]  ? __fget_files+0x1da/0x210
[  364.958041][T20210]  __secure_computing+0x9f/0x1c0
[  364.962999][T20210]  syscall_trace_enter+0xd1/0x1f0
[  364.968101][T20210]  ? fpregs_assert_state_consistent+0x83/0xa0
[  364.974243][T20210]  do_syscall_64+0xaa/0x1c0
[  364.978798][T20210]  ? clear_bhb_loop+0x55/0xb0
[  364.983644][T20210]  ? clear_bhb_loop+0x55/0xb0
[  364.988446][T20210]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  364.994425][T20210] RIP: 0033:0x7f05c1fecef9
[  364.998891][T20210] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  365.018598][T20210] RSP: 002b:00007f05c0c67038 EFLAGS: 00000246 ORIG_RAX: 00000000000001c1
[  365.027128][T20210] RAX: ffffffffffffffda RBX: 00007f05c21a5f80 RCX: 00007f05c1fecef9
[  365.035107][T20210] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000020001080
[  365.043156][T20210] RBP: 00007f05c0c67090 R08: 0000000000000001 R09: 0000000000000000
[  365.051570][T20210] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  365.059559][T20210] R13: 0000000000000000 R14: 00007f05c21a5f80 R15: 00007ffc761dd248
[  365.067550][T20210]  </TASK>
[  365.083504][T20186] chnl_net:caif_netlink_parms(): no params data found
[  365.163303][ T1609] ip6gretap0 (unregistering): left promiscuous mode
[  365.217283][ T1609] bond0 (unregistering): Released all slaves
[  365.238621][T20186] bridge0: port 1(bridge_slave_0) entered blocking state
[  365.245883][T20186] bridge0: port 1(bridge_slave_0) entered disabled state
[  365.255764][T20186] bridge_slave_0: entered allmulticast mode
[  365.262171][T20186] bridge_slave_0: entered promiscuous mode
[  365.271562][T20186] bridge0: port 2(bridge_slave_1) entered blocking state
[  365.278749][T20186] bridge0: port 2(bridge_slave_1) entered disabled state
[  365.288203][T20186] bridge_slave_1: entered allmulticast mode
[  365.295364][T20186] bridge_slave_1: entered promiscuous mode
[  365.315954][T20186] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  365.327077][T20186] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  365.344842][   T29] kauditd_printk_skb: 295 callbacks suppressed
[  365.344855][   T29] audit: type=1326 audit(1725701876.238:17832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20209 comm="syz.1.5708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f05c1fe3ea7 code=0x7ffc0000
[  365.374620][   T29] audit: type=1326 audit(1725701876.238:17833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20209 comm="syz.1.5708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f05c1f88859 code=0x7ffc0000
[  365.398097][   T29] audit: type=1326 audit(1725701876.238:17834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20209 comm="syz.1.5708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7f05c1fecef9 code=0x7ffc0000
[  365.422178][   T29] audit: type=1326 audit(1725701876.238:17835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20217 comm="syz.4.5711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f90380e3ea7 code=0x7ffc0000
[  365.445712][   T29] audit: type=1326 audit(1725701876.238:17836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20217 comm="syz.4.5711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9038088859 code=0x7ffc0000
[  365.469240][   T29] audit: type=1326 audit(1725701876.238:17837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20217 comm="syz.4.5711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7f90380ecef9 code=0x7ffc0000
[  365.493435][   T29] audit: type=1326 audit(1725701876.238:17838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20209 comm="syz.1.5708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f05c1fe3ea7 code=0x7ffc0000
[  365.516929][   T29] audit: type=1326 audit(1725701876.238:17839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20209 comm="syz.1.5708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f05c1f88859 code=0x7ffc0000
[  365.540488][   T29] audit: type=1326 audit(1725701876.238:17840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20209 comm="syz.1.5708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7f05c1fecef9 code=0x7ffc0000
[  365.564129][   T29] audit: type=1326 audit(1725701876.238:17841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20217 comm="syz.4.5711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f90380e3ea7 code=0x7ffc0000
[  365.589214][ T1609] batadv_slave_1: left promiscuous mode
[  365.592574][T20228] loop2: detected capacity change from 0 to 4096
[  365.605473][ T1609] hsr_slave_0: left promiscuous mode
[  365.611323][ T1609] hsr_slave_1: left promiscuous mode
[  365.619207][ T1609] veth1_macvtap: left promiscuous mode
[  365.624750][ T1609] veth0_macvtap: left promiscuous mode
[  365.630398][ T1609] veth1_vlan: left promiscuous mode
[  365.635698][ T1609] veth0_vlan: left promiscuous mode
[  365.767572][ T1609] team0 (unregistering): Port device batadv0 removed
[  365.790151][T20186] team0: Port device team_slave_0 added
[  365.806390][T20248] 9pnet_fd: Insufficient options for proto=fd
[  365.823628][T20186] team0: Port device team_slave_1 added
[  365.861238][T20186] batman_adv: batadv0: Adding interface: batadv_slave_0
[  365.868417][T20186] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  365.894365][T20186] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  365.906337][T20186] batman_adv: batadv0: Adding interface: batadv_slave_1
[  365.913317][T20186] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  365.939405][T20186] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  365.975193][T20186] hsr_slave_0: entered promiscuous mode
[  365.981436][T20186] hsr_slave_1: entered promiscuous mode
[  366.167223][T20263] loop4: detected capacity change from 0 to 164
[  366.174765][T20263] isofs_fill_super: root inode is not a directory. Corrupted media?
[  366.183917][T20263] Non-string source
[  366.342346][T20186] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  366.351277][T20186] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  366.361281][T20186] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  366.379650][T20186] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  366.421928][T20186] 8021q: adding VLAN 0 to HW filter on device bond0
[  366.441538][T20186] 8021q: adding VLAN 0 to HW filter on device team0
[  366.452043][ T3367] bridge0: port 1(bridge_slave_0) entered blocking state
[  366.462722][ T3367] bridge0: port 1(bridge_slave_0) entered forwarding state
[  366.474689][ T3367] bridge0: port 2(bridge_slave_1) entered blocking state
[  366.482740][ T3367] bridge0: port 2(bridge_slave_1) entered forwarding state
[  366.559097][T20186] 8021q: adding VLAN 0 to HW filter on device batadv0
[  366.643996][T20186] veth0_vlan: entered promiscuous mode
[  366.653377][T20186] veth1_vlan: entered promiscuous mode
[  366.670188][T20186] veth0_macvtap: entered promiscuous mode
[  366.710324][T20186] veth1_macvtap: entered promiscuous mode
[  366.723663][T20186] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  366.736373][T20186] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  366.749245][T20186] batman_adv: batadv0: Interface activated: batadv_slave_0
[  366.758884][T20286] FAULT_INJECTION: forcing a failure.
[  366.758884][T20286] name failslab, interval 1, probability 0, space 0, times 0
[  366.772664][T20286] CPU: 1 UID: 0 PID: 20286 Comm: syz.1.5730 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0
[  366.783572][T20286] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  366.794062][T20286] Call Trace:
[  366.797381][T20286]  <TASK>
[  366.800474][T20286]  dump_stack_lvl+0xf2/0x150
[  366.805673][T20286]  dump_stack+0x15/0x20
[  366.810179][T20286]  should_fail_ex+0x229/0x230
[  366.815015][T20286]  ? tcf_action_init_1+0x121/0x490
[  366.820697][T20286]  should_failslab+0x8f/0xb0
[  366.825403][T20286]  __kmalloc_cache_noprof+0x4b/0x2a0
[  366.830772][T20286]  tcf_action_init_1+0x121/0x490
[  366.835711][T20286]  ? try_module_get+0xae/0x1a0
[  366.840956][T20286]  ? tc_action_load_ops+0x1a9/0x410
[  366.848575][T20286]  tcf_action_init+0x1a0/0x530
[  366.853801][T20286]  tc_ctl_action+0x292/0x840
[  366.858784][T20286]  ? __pfx_tc_ctl_action+0x10/0x10
[  366.864594][T20286]  rtnetlink_rcv_msg+0x6aa/0x710
[  366.869655][T20286]  ? netlink_rcv_skb+0xf9/0x230
[  366.874633][T20286]  netlink_rcv_skb+0x12c/0x230
[  366.879420][T20286]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  366.885115][T20286]  rtnetlink_rcv+0x1c/0x30
[  366.889610][T20286]  netlink_unicast+0x599/0x670
[  366.894554][T20286]  netlink_sendmsg+0x5cc/0x6e0
[  366.899424][T20286]  ? __pfx_netlink_sendmsg+0x10/0x10
[  366.904817][T20286]  __sock_sendmsg+0x140/0x180
[  366.909532][T20286]  ____sys_sendmsg+0x312/0x410
[  366.914355][T20286]  __sys_sendmsg+0x1e9/0x280
[  366.919154][T20286]  __x64_sys_sendmsg+0x46/0x50
[  366.923976][T20286]  x64_sys_call+0x2689/0x2d60
[  366.928698][T20286]  do_syscall_64+0xc9/0x1c0
[  366.933225][T20286]  ? clear_bhb_loop+0x55/0xb0
[  366.937907][T20286]  ? clear_bhb_loop+0x55/0xb0
[  366.942743][T20286]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  366.948708][T20286] RIP: 0033:0x7f05c1fecef9
[  366.953120][T20286] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  366.973065][T20286] RSP: 002b:00007f05c0c67038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  366.981630][T20286] RAX: ffffffffffffffda RBX: 00007f05c21a5f80 RCX: 00007f05c1fecef9
[  366.989598][T20286] RDX: 0000000000000000 RSI: 00000000200037c0 RDI: 0000000000000005
[  366.997566][T20286] RBP: 00007f05c0c67090 R08: 0000000000000000 R09: 0000000000000000
[  367.005624][T20286] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  367.013645][T20286] R13: 0000000000000000 R14: 00007f05c21a5f80 R15: 00007ffc761dd248
[  367.021740][T20286]  </TASK>
[  367.039108][T20186] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  367.045178][T20293] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  367.049773][T20186] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  367.072529][T20186] batman_adv: batadv0: Interface activated: batadv_slave_1
[  367.082564][T20290] syz.0.5731 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  367.083404][T20186] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  367.102736][T20186] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  367.105188][T20297] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  367.111589][T20186] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  367.127606][T20186] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  367.127797][T20297] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[  367.146647][T20295] 9pnet_fd: Insufficient options for proto=fd
[  367.259012][T20313] netlink: 36 bytes leftover after parsing attributes in process `syz.2.5741'.
[  367.294181][T20316] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5736'.
[  367.303438][T20316] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5736'.
[  367.317254][T20320] FAULT_INJECTION: forcing a failure.
[  367.317254][T20320] name failslab, interval 1, probability 0, space 0, times 0
[  367.330065][T20320] CPU: 0 UID: 0 PID: 20320 Comm: syz.1.5743 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0
[  367.340834][T20320] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  367.350906][T20320] Call Trace:
[  367.354443][T20320]  <TASK>
[  367.357380][T20320]  dump_stack_lvl+0xf2/0x150
[  367.362434][T20320]  dump_stack+0x15/0x20
[  367.366630][T20320]  should_fail_ex+0x229/0x230
[  367.371373][T20320]  ? __alloc_skb+0x10b/0x310
[  367.377112][T20320]  should_failslab+0x8f/0xb0
[  367.382461][T20320]  kmem_cache_alloc_node_noprof+0x51/0x2b0
[  367.388295][T20320]  __alloc_skb+0x10b/0x310
[  367.392856][T20320]  audit_log_start+0x368/0x6b0
[  367.397653][T20320]  audit_seccomp+0x4b/0x130
[  367.402299][T20320]  __seccomp_filter+0x6fa/0x1180
[  367.407624][T20320]  ? proc_fail_nth_write+0x130/0x160
[  367.413711][T20320]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  367.419649][T20320]  ? vfs_write+0x5a5/0x900
[  367.424248][T20320]  __secure_computing+0x9f/0x1c0
[  367.430255][T20320]  syscall_trace_enter+0xd1/0x1f0
[  367.436799][T20320]  do_syscall_64+0xaa/0x1c0
[  367.443400][T20320]  ? clear_bhb_loop+0x55/0xb0
[  367.450357][T20320]  ? clear_bhb_loop+0x55/0xb0
[  367.457153][T20320]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  367.463098][T20320] RIP: 0033:0x7f05c1fecef9
[  367.467505][T20320] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  367.488969][T20320] RSP: 002b:00007f05c0c67038 EFLAGS: 00000246 ORIG_RAX: 0000000000000051
[  367.499635][T20320] RAX: ffffffffffffffda RBX: 00007f05c21a5f80 RCX: 00007f05c1fecef9
[  367.508294][T20320] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  367.516542][T20320] RBP: 00007f05c0c67090 R08: 0000000000000000 R09: 0000000000000000
[  367.524599][T20320] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  367.532766][T20320] R13: 0000000000000000 R14: 00007f05c21a5f80 R15: 00007ffc761dd248
[  367.541019][T20320]  </TASK>
[  367.589853][T20324] 9pnet_fd: Insufficient options for proto=fd
[  367.611439][T20330] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  367.620164][T20330] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[  367.669536][T20334] FAULT_INJECTION: forcing a failure.
[  367.669536][T20334] name failslab, interval 1, probability 0, space 0, times 0
[  367.685844][T20334] CPU: 1 UID: 0 PID: 20334 Comm: syz.2.5750 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0
[  367.696617][T20334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  367.708593][T20334] Call Trace:
[  367.712502][T20334]  <TASK>
[  367.716340][T20334]  dump_stack_lvl+0xf2/0x150
[  367.722821][T20334]  dump_stack+0x15/0x20
[  367.727625][T20334]  should_fail_ex+0x229/0x230
[  367.734088][T20334]  ? getname_flags+0x81/0x3b0
[  367.740792][T20334]  should_failslab+0x8f/0xb0
[  367.747374][T20334]  kmem_cache_alloc_noprof+0x4c/0x290
[  367.754803][T20334]  getname_flags+0x81/0x3b0
[  367.760821][T20334]  __x64_sys_linkat+0x78/0xa0
[  367.766991][T20334]  x64_sys_call+0x2b89/0x2d60
[  367.772303][T20334]  do_syscall_64+0xc9/0x1c0
[  367.778840][T20334]  ? clear_bhb_loop+0x55/0xb0
[  367.783896][T20334]  ? clear_bhb_loop+0x55/0xb0
[  367.789839][T20334]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  367.796088][T20334] RIP: 0033:0x7ff2b614cef9
[  367.800860][T20334] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  367.822351][T20334] RSP: 002b:00007ff2b4dc7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000109
[  367.831054][T20334] RAX: ffffffffffffffda RBX: 00007ff2b6305f80 RCX: 00007ff2b614cef9
[  367.839114][T20334] RDX: ffffffffffffffff RSI: 0000000000000000 RDI: ffffffffffffffff
[  367.847324][T20334] RBP: 00007ff2b4dc7090 R08: 0000000000000000 R09: 0000000000000000
[  367.855300][T20334] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  367.863276][T20334] R13: 0000000000000000 R14: 00007ff2b6305f80 R15: 00007ffe11cecc88
[  367.871244][T20334]  </TASK>
[  367.921427][T20341] netlink: 'syz.2.5753': attribute type 10 has an invalid length.
[  368.034703][T20350] loop2: detected capacity change from 0 to 512
[  368.057623][T20350] ext4 filesystem being mounted at /80/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  368.156940][T20358] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  368.194425][T20358] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[  368.273875][T20361] sch_tbf: burst 4 is lower than device lo mtu (65550) !
[  368.298740][T20361] syz.2.5760[20361] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  368.298858][T20361] syz.2.5760[20361] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  368.383745][T20362] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5758'.
[  368.494795][T20368] FAULT_INJECTION: forcing a failure.
[  368.494795][T20368] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  368.507988][T20368] CPU: 1 UID: 0 PID: 20368 Comm: syz.0.5762 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0
[  368.518773][T20368] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  368.529187][T20368] Call Trace:
[  368.532469][T20368]  <TASK>
[  368.535474][T20368]  dump_stack_lvl+0xf2/0x150
[  368.540236][T20368]  dump_stack+0x15/0x20
[  368.544410][T20368]  should_fail_ex+0x229/0x230
[  368.549214][T20368]  should_fail+0xb/0x10
[  368.553393][T20368]  should_fail_usercopy+0x1a/0x20
[  368.558439][T20368]  copy_to_user_nofault+0x7a/0x110
[  368.563591][T20368]  bpf_probe_write_user+0x80/0xc0
[  368.568748][T20368]  bpf_prog_5cb5524816e22ab1+0x47/0x4d
[  368.574383][T20368]  bpf_trace_run2+0x104/0x1d0
[  368.579275][T20368]  __bpf_trace_sys_enter+0x9/0x10
[  368.584524][T20368]  trace_sys_enter+0x65/0xa0
[  368.589268][T20368]  syscall_trace_enter+0x13f/0x1f0
[  368.594851][T20368]  ? fpregs_assert_state_consistent+0x83/0xa0
[  368.601312][T20368]  do_syscall_64+0xaa/0x1c0
[  368.606021][T20368]  ? clear_bhb_loop+0x55/0xb0
[  368.610985][T20368]  ? clear_bhb_loop+0x55/0xb0
[  368.615973][T20368]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  368.621935][T20368] RIP: 0033:0x7f231ae4cef9
[  368.626643][T20368] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  368.646616][T20368] RSP: 002b:00007f2319ac7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  368.655365][T20368] RAX: ffffffffffffffda RBX: 00007f231b005f80 RCX: 00007f231ae4cef9
[  368.663669][T20368] RDX: 0000000000000010 RSI: 0000000020000980 RDI: 000000000000000f
[  368.671950][T20368] RBP: 00007f2319ac7090 R08: 0000000000000000 R09: 0000000000000000
[  368.679909][T20368] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  368.687889][T20368] R13: 0000000000000000 R14: 00007f231b005f80 R15: 00007ffde05e2f28
[  368.695855][T20368]  </TASK>
[  368.830676][T20374] netlink: 'syz.1.5765': attribute type 10 has an invalid length.
[  368.885532][T20374] 8021q: adding VLAN 0 to HW filter on device batadv0
[  368.909901][T20374] team0: Port device batadv0 added
[  369.201113][T20392] team0: Port device batadv0 removed
[  369.221365][T20392] bridge_slave_0: left allmulticast mode
[  369.227077][T20392] bridge_slave_0: left promiscuous mode
[  369.232784][T20392] bridge0: port 1(bridge_slave_0) entered disabled state
[  369.238942][T20394] 9pnet_fd: Insufficient options for proto=fd
[  369.246459][T20394] FAULT_INJECTION: forcing a failure.
[  369.246459][T20394] name failslab, interval 1, probability 0, space 0, times 0
[  369.259162][T20394] CPU: 1 UID: 0 PID: 20394 Comm: syz.0.5772 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0
[  369.269942][T20394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  369.280060][T20394] Call Trace:
[  369.283354][T20394]  <TASK>
[  369.286324][T20394]  dump_stack_lvl+0xf2/0x150
[  369.290999][T20394]  dump_stack+0x15/0x20
[  369.295156][T20394]  should_fail_ex+0x229/0x230
[  369.299834][T20394]  ? vm_area_alloc+0x2c/0x130
[  369.304501][T20394]  should_failslab+0x8f/0xb0
[  369.309092][T20394]  kmem_cache_alloc_noprof+0x4c/0x290
[  369.314549][T20394]  vm_area_alloc+0x2c/0x130
[  369.319072][T20394]  mmap_region+0x88b/0x1620
[  369.323646][T20394]  ? security_mmap_addr+0x4c/0x70
[  369.328764][T20394]  ? __get_unmapped_area+0x2d1/0x300
[  369.334040][T20394]  do_mmap+0x72a/0xb70
[  369.338100][T20394]  ? security_mmap_file+0x128/0x150
[  369.343303][T20394]  vm_mmap_pgoff+0x133/0x290
[  369.348054][T20394]  ksys_mmap_pgoff+0xd0/0x340
[  369.352741][T20394]  ? fpregs_assert_state_consistent+0x83/0xa0
[  369.358845][T20394]  x64_sys_call+0x1884/0x2d60
[  369.363550][T20394]  do_syscall_64+0xc9/0x1c0
[  369.368047][T20394]  ? clear_bhb_loop+0x55/0xb0
[  369.372714][T20394]  ? clear_bhb_loop+0x55/0xb0
[  369.377407][T20394]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  369.383365][T20394] RIP: 0033:0x7f231ae4cf33
[  369.387767][T20394] Code: f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 41 89 ca 41 f7 c1 ff 0f 00 00 75 14 b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 25 c3 0f 1f 40 00 48 c7 c0 a8 ff ff ff 64 c7
[  369.407515][T20394] RSP: 002b:00007f2319aa5e18 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  369.416062][T20394] RAX: ffffffffffffffda RBX: 0000000000000494 RCX: 00007f231ae4cf33
[  369.424288][T20394] RDX: 0000000000000003 RSI: 0000000008400000 RDI: 0000000000000000
[  369.432250][T20394] RBP: 0000000020000f42 R08: 00000000ffffffff R09: 0000000000000000
[  369.440221][T20394] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000000008
[  369.448199][T20394] R13: 00007f2319aa5ef0 R14: 00007f2319aa5eb0 R15: 00000000200000c0
[  369.456336][T20394]  </TASK>
[  369.464348][T20392] bridge_slave_1: left allmulticast mode
[  369.470035][T20392] bridge_slave_1: left promiscuous mode
[  369.475876][T20392] bridge0: port 2(bridge_slave_1) entered disabled state
[  369.483685][T20399] loop3: detected capacity change from 0 to 512
[  369.491982][T20392] bond0: (slave bond_slave_0): Releasing backup interface
[  369.495974][T20399] ext4 filesystem being mounted at /3/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  369.519714][T20392] bond0: (slave bond_slave_1): Releasing backup interface
[  369.533686][T20392] team0: Port device team_slave_0 removed
[  369.557494][T20392] team0: Port device team_slave_1 removed
[  369.564231][T20392] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  369.571729][T20392] batman_adv: batadv0: Removing interface: batadv_slave_0
[  369.593231][T20392] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  369.600978][T20392] batman_adv: batadv0: Removing interface: batadv_slave_1
[  369.623428][T20397] netlink: 48 bytes leftover after parsing attributes in process `syz.4.5771'.
[  369.715723][T20415] netlink: 'syz.0.5780': attribute type 10 has an invalid length.
[  369.801784][T20425] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5778'.
[  369.810911][T20425] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5778'.
[  369.824050][T20425] ip6gretap0: entered promiscuous mode
[  369.831659][T20425] batadv_slave_1: entered promiscuous mode
[  369.839822][T20425] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[  369.847767][T20425] Cannot create hsr debugfs directory
[  369.928473][T20433] tmpfs: Unknown parameter 'n'
[  370.007988][T20442] No such timeout policy "syz1"
[  370.013556][T20442] hugetlbfs: Unknown parameter ')-'
[  370.118710][T20453] netlink: 'syz.2.5795': attribute type 10 has an invalid length.
[  370.237882][T20461] tmpfs: Unknown parameter 'n'
[  370.323868][T20465] team0: Port device batadv0 removed
[  370.358854][T20465] netlink: 48 bytes leftover after parsing attributes in process `syz.2.5799'.
[  370.598398][T20471] loop3: detected capacity change from 0 to 512
[  370.604897][T20471] EXT4-fs: Ignoring removed mblk_io_submit option
[  370.616381][T20471] ext4 filesystem being mounted at /7/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  370.660703][   T29] kauditd_printk_skb: 504 callbacks suppressed
[  370.660718][   T29] audit: type=1326 audit(1725701881.548:18344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20478 comm="syz.3.5805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a39dacef9 code=0x7ffc0000
[  370.694836][   T29] audit: type=1326 audit(1725701881.548:18345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20478 comm="syz.3.5805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a39dacef9 code=0x7ffc0000
[  370.718626][   T29] audit: type=1326 audit(1725701881.548:18346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20478 comm="syz.3.5805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=71 compat=0 ip=0x7f3a39dacef9 code=0x7ffc0000
[  370.742201][   T29] audit: type=1326 audit(1725701881.558:18347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20478 comm="syz.3.5805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a39dacef9 code=0x7ffc0000
[  370.765840][   T29] audit: type=1326 audit(1725701881.558:18348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20478 comm="syz.3.5805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a39dacef9 code=0x7ffc0000
[  370.789503][   T29] audit: type=1326 audit(1725701881.558:18349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20478 comm="syz.3.5805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3a39dacef9 code=0x7ffc0000
[  370.813115][   T29] audit: type=1326 audit(1725701881.558:18350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20478 comm="syz.3.5805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a39dacef9 code=0x7ffc0000
[  370.836884][   T29] audit: type=1326 audit(1725701881.558:18351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20478 comm="syz.3.5805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3a39dacef9 code=0x7ffc0000
[  370.843342][T20482] loop3: detected capacity change from 0 to 512
[  370.860655][   T29] audit: type=1326 audit(1725701881.558:18352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20478 comm="syz.3.5805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a39dacef9 code=0x7ffc0000
[  370.891116][   T29] audit: type=1326 audit(1725701881.558:18353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20478 comm="syz.3.5805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a39dacef9 code=0x7ffc0000
[  370.929334][T20486] netlink: 'syz.1.5808': attribute type 10 has an invalid length.
[  370.931024][T20482] ext4 filesystem being mounted at /9/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  371.006729][T20496] loop3: detected capacity change from 0 to 512
[  371.028260][T20496] ext4 filesystem being mounted at /12/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  371.333681][T20528] bridge_slave_0: left allmulticast mode
[  371.339465][T20528] bridge_slave_0: left promiscuous mode
[  371.345402][T20528] bridge0: port 1(bridge_slave_0) entered disabled state
[  371.354379][T20528] bridge_slave_1: left allmulticast mode
[  371.360078][T20528] bridge_slave_1: left promiscuous mode
[  371.365754][T20528] bridge0: port 2(bridge_slave_1) entered disabled state
[  371.375547][T20528] bond0: (slave bond_slave_0): Releasing backup interface
[  371.386051][T20528] bond0: (slave bond_slave_1): Releasing backup interface
[  371.399759][T20528] team0: Port device team_slave_0 removed
[  371.414664][T20528] team0: Port device team_slave_1 removed
[  371.422404][T20528] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  371.430113][T20528] batman_adv: batadv0: Removing interface: batadv_slave_0
[  371.438909][T20528] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  371.446572][T20528] batman_adv: batadv0: Removing interface: batadv_slave_1
[  371.472277][T20530] netlink: 48 bytes leftover after parsing attributes in process `syz.3.5825'.
[  371.699397][T20535] netlink: 104 bytes leftover after parsing attributes in process `syz.4.5827'.
[  372.124601][T20555] loop3: detected capacity change from 0 to 512
[  372.136835][T20555] ext4 filesystem being mounted at /22/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  372.185500][   T50] ip6gretap0 (unregistering): left promiscuous mode
[  372.190379][T20562] loop3: detected capacity change from 0 to 512
[  372.208938][T20562] ext4 filesystem being mounted at /23/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  372.276150][T20562] loop3: detected capacity change from 512 to 511
[  372.283950][T20565] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.5838: bg 0: block 16032: padding at end of block bitmap is not set
[  372.284920][   T50] bond0 (unregistering): Released all slaves
[  372.300450][T20565] EXT4-fs error (device loop3): ext4_discard_preallocations:5606: comm syz.3.5838: Error -117 reading block bitmap for 0
[  372.326770][T20186] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 3: comm syz-executor: path /23/file0: bad entry in directory: directory entry overrun - offset=2016, inode=2, rec_len=2036, size=2048 fake=1
[  372.348719][T20186] EXT4-fs error (device loop3): ext4_lookup:1815: inode #2: comm syz-executor: deleted inode referenced: 12
[  372.362127][T20186] EXT4-fs error (device loop3): ext4_lookup:1815: inode #2: comm syz-executor: deleted inode referenced: 12
[  372.417587][   T50] batadv_slave_1: left promiscuous mode
[  372.425322][   T50] hsr_slave_0: left promiscuous mode
[  372.431177][   T50] hsr_slave_1: left promiscuous mode
[  372.438672][   T50] veth1_macvtap: left promiscuous mode
[  372.444625][   T50] veth0_macvtap: left promiscuous mode
[  372.450322][   T50] veth1_vlan: left promiscuous mode
[  372.455707][   T50] veth0_vlan: left promiscuous mode
[  372.674761][T20575] netlink: 'syz.4.5843': attribute type 10 has an invalid length.
[  372.683539][T20575] 8021q: adding VLAN 0 to HW filter on device batadv0
[  372.692367][T20575] team0: Port device batadv0 added
[  372.899270][T20591] loop4: detected capacity change from 0 to 128
[  372.971700][T20598] loop4: detected capacity change from 0 to 1024
[  372.985773][T20598] EXT4-fs mount: 29 callbacks suppressed
[  372.985789][T20598] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  373.029123][T19443] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  373.060501][T20602] netlink: 'syz.4.5854': attribute type 10 has an invalid length.
[  373.995856][ T1609] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  374.213697][ T1609] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  374.358264][ T1609] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  374.417767][ T1609] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  374.540467][ T1609] ip6gretap0 (unregistering): left promiscuous mode
[  374.631380][T20666] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  374.638972][T20666] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[  374.641136][ T1609] bond0 (unregistering): Released all slaves
[  374.717350][T20639] chnl_net:caif_netlink_parms(): no params data found
[  374.726942][ T1609] batadv_slave_1: left promiscuous mode
[  374.736515][ T1609] hsr_slave_0: left promiscuous mode
[  374.742293][ T1609] hsr_slave_1: left promiscuous mode
[  374.750293][ T1609] veth1_macvtap: left promiscuous mode
[  374.755907][ T1609] veth0_macvtap: left promiscuous mode
[  374.761466][ T1609] veth1_vlan: left promiscuous mode
[  374.766727][ T1609] veth0_vlan: left promiscuous mode
[  374.973547][T20639] bridge0: port 1(bridge_slave_0) entered blocking state
[  374.980687][T20639] bridge0: port 1(bridge_slave_0) entered disabled state
[  374.994661][T20639] bridge_slave_0: entered allmulticast mode
[  375.001446][T20639] bridge_slave_0: entered promiscuous mode
[  375.011210][T20639] bridge0: port 2(bridge_slave_1) entered blocking state
[  375.018403][T20639] bridge0: port 2(bridge_slave_1) entered disabled state
[  375.027577][T20639] bridge_slave_1: entered allmulticast mode
[  375.034173][T20639] bridge_slave_1: entered promiscuous mode
[  375.074364][T20639] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  375.090573][T20639] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  375.120864][T20639] team0: Port device team_slave_0 added
[  375.131288][T20639] team0: Port device team_slave_1 added
[  375.155275][T20639] batman_adv: batadv0: Adding interface: batadv_slave_0
[  375.162300][T20639] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  375.188434][T20639] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  375.199906][T20639] batman_adv: batadv0: Adding interface: batadv_slave_1
[  375.206879][T20639] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  375.233101][T20639] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  375.268531][T20639] hsr_slave_0: entered promiscuous mode
[  375.275731][T20639] hsr_slave_1: entered promiscuous mode
[  375.363154][T20692] loop4: detected capacity change from 0 to 512
[  375.373008][T20692] EXT4-fs: Ignoring removed mblk_io_submit option
[  375.407432][T20692] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  375.428250][T20692] ext4 filesystem being mounted at /85/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  375.455404][T19443] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  375.487886][T20699] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  375.495930][T20699] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[  375.552928][    C1] IPv4: Oversized IP packet from 172.20.20.24
[  375.619803][T20639] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  375.629813][T20639] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  375.647308][T20639] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  375.656742][T20639] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  375.701808][T20639] 8021q: adding VLAN 0 to HW filter on device bond0
[  375.716676][T20639] 8021q: adding VLAN 0 to HW filter on device team0
[  375.743482][T20716] team0: Port device batadv0 removed
[  375.774742][ T1609] bridge0: port 1(bridge_slave_0) entered blocking state
[  375.781923][ T1609] bridge0: port 1(bridge_slave_0) entered forwarding state
[  375.803029][ T1609] bridge0: port 2(bridge_slave_1) entered blocking state
[  375.810234][ T1609] bridge0: port 2(bridge_slave_1) entered forwarding state
[  375.882608][T20639] 8021q: adding VLAN 0 to HW filter on device batadv0
[  375.962648][T20639] veth0_vlan: entered promiscuous mode
[  375.972711][T20639] veth1_vlan: entered promiscuous mode
[  375.989254][T20639] veth0_macvtap: entered promiscuous mode
[  375.999216][T20639] veth1_macvtap: entered promiscuous mode
[  376.010964][T20639] batman_adv: batadv0: Interface activated: batadv_slave_0
[  376.025978][T20639] batman_adv: batadv0: Interface activated: batadv_slave_1
[  376.037717][T20639] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  376.046580][T20639] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  376.056406][T20639] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  376.065782][T20639] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  376.163971][   T29] kauditd_printk_skb: 259 callbacks suppressed
[  376.163985][   T29] audit: type=1326 audit(1725701887.048:18611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20743 comm="syz.2.5906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff2b614cef9 code=0x7ffc0000
[  376.195027][   T29] audit: type=1326 audit(1725701887.048:18612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20743 comm="syz.2.5906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7ff2b614cef9 code=0x7ffc0000
[  376.219863][   T29] audit: type=1326 audit(1725701887.058:18613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20743 comm="syz.2.5906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff2b614cef9 code=0x7ffc0000
[  376.243773][   T29] audit: type=1326 audit(1725701887.058:18614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20743 comm="syz.2.5906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff2b614cef9 code=0x7ffc0000
[  376.267438][   T29] audit: type=1326 audit(1725701887.058:18615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20743 comm="syz.2.5906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7ff2b614cef9 code=0x7ffc0000
[  376.291239][   T29] audit: type=1326 audit(1725701887.088:18616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20743 comm="syz.2.5906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff2b614cef9 code=0x7ffc0000
[  376.322093][T20746] 9pnet_fd: Insufficient options for proto=fd
[  376.331591][T20748] loop3: detected capacity change from 0 to 512
[  376.347302][T20748] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  376.360866][T20748] ext4 filesystem being mounted at /2/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  376.377207][   T29] audit: type=1326 audit(1725701887.268:18617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20747 comm="syz.3.5908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24ababcef9 code=0x7ffc0000
[  376.400961][   T29] audit: type=1326 audit(1725701887.268:18618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20747 comm="syz.3.5908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24ababcef9 code=0x7ffc0000
[  376.425065][   T29] audit: type=1326 audit(1725701887.268:18619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20747 comm="syz.3.5908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f24ababcef9 code=0x7ffc0000
[  376.448723][   T29] audit: type=1326 audit(1725701887.268:18620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20747 comm="syz.3.5908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24ababcef9 code=0x7ffc0000
[  376.523994][T20639] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  376.566207][T20759] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0
[  376.697775][T20777] 9pnet_fd: Insufficient options for proto=fd
[  376.729254][T20779] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  376.736880][T20779] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[  376.759978][T20781] netlink: 'syz.3.5921': attribute type 10 has an invalid length.
[  376.786082][T20781] 8021q: adding VLAN 0 to HW filter on device batadv0
[  376.807844][T20781] team0: Port device batadv0 added
[  376.841438][T20785] loop4: detected capacity change from 0 to 1024
[  376.852188][T20785] EXT4-fs: Ignoring removed orlov option
[  376.858036][T20785] EXT4-fs: Ignoring removed nomblk_io_submit option
[  376.879171][T20785] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  376.894724][T20785] FAULT_INJECTION: forcing a failure.
[  376.894724][T20785] name failslab, interval 1, probability 0, space 0, times 0
[  376.909150][T20785] CPU: 0 UID: 0 PID: 20785 Comm: syz.4.5923 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0
[  376.920322][T20785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  376.931658][T20785] Call Trace:
[  376.935898][T20785]  <TASK>
[  376.941144][T20785]  dump_stack_lvl+0xf2/0x150
[  376.946757][T20785]  dump_stack+0x15/0x20
[  376.948133][T20794] netlink: 32 bytes leftover after parsing attributes in process `syz.3.5925'.
[  376.951741][T20785]  should_fail_ex+0x229/0x230
[  376.951904][T20785]  ? alloc_empty_file+0xd0/0x310
[  376.951925][T20785]  should_failslab+0x8f/0xb0
[  376.951961][T20785]  kmem_cache_alloc_noprof+0x4c/0x290
[  376.982250][T20785]  ? __rcu_read_unlock+0x4e/0x70
[  376.987204][T20785]  alloc_empty_file+0xd0/0x310
[  376.992049][T20785]  path_openat+0x6a/0x1f10
[  376.996477][T20785]  ? mntput+0x49/0x70
[  377.000470][T20785]  ? terminate_walk+0x260/0x280
[  377.005383][T20785]  ? path_openat+0x19bc/0x1f10
[  377.010165][T20785]  ? _parse_integer_limit+0x167/0x180
[  377.015619][T20785]  do_filp_open+0xf7/0x200
[  377.020178][T20785]  alloc_bprm+0xd5/0x760
[  377.024443][T20785]  ? __check_object_size+0x35b/0x510
[  377.030256][T20785]  do_execveat_common+0x134/0x800
[  377.035794][T20785]  __x64_sys_execve+0x5a/0x70
[  377.040991][T20785]  x64_sys_call+0x1277/0x2d60
[  377.045926][T20785]  do_syscall_64+0xc9/0x1c0
[  377.050517][T20785]  ? clear_bhb_loop+0x55/0xb0
[  377.055461][T20785]  ? clear_bhb_loop+0x55/0xb0
[  377.060526][T20785]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  377.067503][T20785] RIP: 0033:0x7f90380ecef9
[  377.072008][T20785] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  377.092296][T20785] RSP: 002b:00007f9036d67038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
[  377.101134][T20785] RAX: ffffffffffffffda RBX: 00007f90382a5f80 RCX: 00007f90380ecef9
[  377.109096][T20785] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000000
[  377.117278][T20785] RBP: 00007f9036d67090 R08: 0000000000000000 R09: 0000000000000000
[  377.126008][T20785] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  377.134048][T20785] R13: 0000000000000000 R14: 00007f90382a5f80 R15: 00007fffd062aa18
[  377.142695][T20785]  </TASK>
[  377.160550][T19443] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  377.365629][T20812] team0: Port device batadv0 removed
[  377.407429][T20820] loop3: detected capacity change from 0 to 512
[  377.414092][T20822] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5933'.
[  377.414512][T20820] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  377.425990][T20818] syzkaller0: entered promiscuous mode
[  377.435696][T20820] EXT4-fs (loop3): 1 truncate cleaned up
[  377.438613][T20818] syzkaller0: entered allmulticast mode
[  377.452839][T20820] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  377.468715][T20825] bridge0: entered promiscuous mode
[  377.474070][T20812] netlink: 48 bytes leftover after parsing attributes in process `syz.4.5930'.
[  377.493892][T20818] bridge0: left promiscuous mode
[  378.042265][T20639] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  378.060549][T20831] loop3: detected capacity change from 0 to 512
[  378.077549][T20831] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  378.090247][T20831] ext4 filesystem being mounted at /16/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  378.155657][T20831] loop3: detected capacity change from 512 to 511
[  378.163298][T20841] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.5939: bg 0: block 16032: padding at end of block bitmap is not set
[  378.178370][T20841] EXT4-fs error (device loop3): ext4_discard_preallocations:5606: comm syz.3.5939: Error -117 reading block bitmap for 0
[  378.200153][T20639] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 3: comm syz-executor: path /16/file0: bad entry in directory: directory entry overrun - offset=2016, inode=2, rec_len=2036, size=2048 fake=1
[  378.221189][T20639] EXT4-fs error (device loop3): ext4_lookup:1815: inode #2: comm syz-executor: deleted inode referenced: 12
[  378.236174][T20639] EXT4-fs error (device loop3): ext4_lookup:1815: inode #2: comm syz-executor: deleted inode referenced: 12
[  378.263035][T20765] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  378.346920][T20855] No such timeout policy "syz1"
[  378.352945][T20855] hugetlbfs: Unknown parameter ')-'
[  378.459508][T20858] netlink: 48 bytes leftover after parsing attributes in process `syz.2.5950'.
[  378.469700][T20860] netlink: 'syz.0.5951': attribute type 10 has an invalid length.
[  378.478711][T20860] 8021q: adding VLAN 0 to HW filter on device batadv0
[  378.486385][T20860] team0: Port device batadv0 added
[  378.570599][T20863] team0: Port device batadv0 removed
[  378.606176][T20863] netlink: 48 bytes leftover after parsing attributes in process `syz.0.5952'.
[  379.009519][T20867] loop4: detected capacity change from 0 to 512
[  379.026395][T20867] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  379.039054][T20867] ext4 filesystem being mounted at /106/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  379.094430][T20867] loop4: detected capacity change from 512 to 511
[  379.101920][T20867] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.5954: bg 0: block 16032: padding at end of block bitmap is not set
[  379.117049][T20867] EXT4-fs error (device loop4): ext4_discard_preallocations:5606: comm syz.4.5954: Error -117 reading block bitmap for 0
[  379.135730][T19443] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 3: comm syz-executor: path /106/file0: bad entry in directory: directory entry overrun - offset=2016, inode=2, rec_len=2036, size=2048 fake=1
[  379.156381][T19443] EXT4-fs error (device loop4): ext4_lookup:1815: inode #2: comm syz-executor: deleted inode referenced: 12
[  379.168292][T19443] EXT4-fs error (device loop4): ext4_lookup:1815: inode #2: comm syz-executor: deleted inode referenced: 12
[  379.336102][T20126] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  379.405600][T20880] No such timeout policy "syz1"
[  379.411465][T20880] hugetlbfs: Unknown parameter ')-'
[  379.740203][T20889] chnl_net:caif_netlink_parms(): no params data found
[  379.772449][T20889] bridge0: port 1(bridge_slave_0) entered blocking state
[  379.779664][T20889] bridge0: port 1(bridge_slave_0) entered disabled state
[  379.786953][T20889] bridge_slave_0: entered allmulticast mode
[  379.793247][T20889] bridge_slave_0: entered promiscuous mode
[  379.800174][T20889] bridge0: port 2(bridge_slave_1) entered blocking state
[  379.807366][T20889] bridge0: port 2(bridge_slave_1) entered disabled state
[  379.814706][T20889] bridge_slave_1: entered allmulticast mode
[  379.821241][T20889] bridge_slave_1: entered promiscuous mode
[  379.840044][T20889] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  379.851092][T20889] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  379.869517][T20889] team0: Port device team_slave_0 added
[  379.876260][T20889] team0: Port device team_slave_1 added
[  379.890827][T20889] batman_adv: batadv0: Adding interface: batadv_slave_0
[  379.897818][T20889] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  379.924344][T20889] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  379.935684][T20889] batman_adv: batadv0: Adding interface: batadv_slave_1
[  379.942685][T20889] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  379.968819][T20889] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  379.994146][T20889] hsr_slave_0: entered promiscuous mode
[  380.000309][T20889] hsr_slave_1: entered promiscuous mode
[  380.006338][T20889] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  380.014739][T20889] Cannot create hsr debugfs directory
[  380.066145][T20889] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  380.117564][T20889] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  380.157584][T20889] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  380.207386][T20889] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  380.267747][T20889] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  380.277169][T20889] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  380.286377][T20889] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  380.295371][T20889] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  380.310815][T20889] bridge0: port 2(bridge_slave_1) entered blocking state
[  380.318264][T20889] bridge0: port 2(bridge_slave_1) entered forwarding state
[  380.325659][T20889] bridge0: port 1(bridge_slave_0) entered blocking state
[  380.332716][T20889] bridge0: port 1(bridge_slave_0) entered forwarding state
[  380.365873][T20889] 8021q: adding VLAN 0 to HW filter on device bond0
[  380.378257][   T40] bridge0: port 1(bridge_slave_0) entered disabled state
[  380.387389][   T40] bridge0: port 2(bridge_slave_1) entered disabled state
[  380.400641][T20889] 8021q: adding VLAN 0 to HW filter on device team0
[  380.411694][   T40] bridge0: port 1(bridge_slave_0) entered blocking state
[  380.418833][   T40] bridge0: port 1(bridge_slave_0) entered forwarding state
[  380.431714][ T1609] bridge0: port 2(bridge_slave_1) entered blocking state
[  380.438878][ T1609] bridge0: port 2(bridge_slave_1) entered forwarding state
[  380.442660][T20909] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  380.454480][T20909] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[  380.512914][T20889] 8021q: adding VLAN 0 to HW filter on device batadv0
[  380.540086][T20921] netlink: 'syz.0.5971': attribute type 10 has an invalid length.
[  380.550321][T20921] 8021q: adding VLAN 0 to HW filter on device batadv0
[  380.558149][T20921] team0: Port device batadv0 added
[  380.648746][T20889] veth0_vlan: entered promiscuous mode
[  380.657316][T20889] veth1_vlan: entered promiscuous mode
[  380.666435][T20936] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5973'.
[  380.672065][T20889] veth0_macvtap: entered promiscuous mode
[  380.685595][T20889] veth1_macvtap: entered promiscuous mode
[  380.697225][T20889] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  380.707949][T20889] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  380.718773][T20889] batman_adv: batadv0: Interface activated: batadv_slave_0
[  380.729040][T20889] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  380.739568][T20889] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  380.750326][T20889] batman_adv: batadv0: Interface activated: batadv_slave_1
[  380.761306][T20889] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  380.770383][T20889] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  380.779215][T20889] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  380.787925][T20889] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  380.837240][T20942] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  381.214060][   T29] kauditd_printk_skb: 326 callbacks suppressed
[  381.214076][   T29] audit: type=1400 audit(1725701892.098:18947): avc:  denied  { override_creds } for  pid=20946 comm="syz.4.5976" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  381.345695][ T1609] ip6gretap0 (unregistering): left promiscuous mode
[  381.428524][ T1609] bond0 (unregistering): Released all slaves
[  381.451326][T20944] chnl_net:caif_netlink_parms(): no params data found
[  381.481947][   T29] audit: type=1326 audit(1725701892.368:18948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20959 comm="syz.0.5977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f231ae4cef9 code=0x7ffc0000
[  381.509811][   T29] audit: type=1326 audit(1725701892.378:18949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20959 comm="syz.0.5977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f231ae4cef9 code=0x7ffc0000
[  381.534277][   T29] audit: type=1326 audit(1725701892.378:18950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20959 comm="syz.0.5977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f231ae4cef9 code=0x7ffc0000
[  381.559737][   T29] audit: type=1326 audit(1725701892.378:18951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20959 comm="syz.0.5977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f231ae4cef9 code=0x7ffc0000
[  381.584768][   T29] audit: type=1326 audit(1725701892.378:18952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20959 comm="syz.0.5977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f231ae4cef9 code=0x7ffc0000
[  381.610220][   T29] audit: type=1326 audit(1725701892.378:18953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20959 comm="syz.0.5977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f231ae4cef9 code=0x7ffc0000
[  381.634957][   T29] audit: type=1326 audit(1725701892.378:18954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20959 comm="syz.0.5977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f231ae4cef9 code=0x7ffc0000
[  381.658873][   T29] audit: type=1326 audit(1725701892.378:18955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20959 comm="syz.0.5977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f231ae4cef9 code=0x7ffc0000
[  381.685286][   T29] audit: type=1326 audit(1725701892.378:18956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20959 comm="syz.0.5977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f231ae4cef9 code=0x7ffc0000
[  381.738377][T20965] netlink: 140 bytes leftover after parsing attributes in process `syz.0.5978'.
[  381.755363][T20944] bridge0: port 1(bridge_slave_0) entered blocking state
[  381.762653][T20944] bridge0: port 1(bridge_slave_0) entered disabled state
[  381.773338][T20944] bridge_slave_0: entered allmulticast mode
[  381.780024][T20944] bridge_slave_0: entered promiscuous mode
[  381.787578][ T1609] batadv_slave_1: left promiscuous mode
[  381.795272][ T1609] hsr_slave_0: left promiscuous mode
[  381.801149][ T1609] hsr_slave_1: left promiscuous mode
[  381.809185][ T1609] veth1_macvtap: left promiscuous mode
[  381.814762][ T1609] veth0_macvtap: left promiscuous mode
[  381.820317][ T1609] veth1_vlan: left promiscuous mode
[  381.825882][ T1609] veth0_vlan: left promiscuous mode
[  382.300162][T20944] bridge0: port 2(bridge_slave_1) entered blocking state
[  382.307374][T20944] bridge0: port 2(bridge_slave_1) entered disabled state
[  382.366541][T20944] bridge_slave_1: entered allmulticast mode
[  382.380092][T20944] bridge_slave_1: entered promiscuous mode
[  382.427363][T20944] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  382.438509][T20944] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  382.460426][T20944] team0: Port device team_slave_0 added
[  382.467711][T20944] team0: Port device team_slave_1 added
[  382.487982][T20944] batman_adv: batadv0: Adding interface: batadv_slave_0
[  382.495038][T20944] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  382.521022][T20944] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  382.533020][T20944] batman_adv: batadv0: Adding interface: batadv_slave_1
[  382.540000][T20944] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  382.566117][T20944] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  382.624776][T20944] hsr_slave_0: entered promiscuous mode
[  382.639267][T20944] hsr_slave_1: entered promiscuous mode
[  382.647198][T20972] loop4: detected capacity change from 0 to 1024
[  382.654235][T20944] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  382.662157][T20944] Cannot create hsr debugfs directory
[  382.668174][T20974] netlink: 'syz.0.5981': attribute type 10 has an invalid length.
[  382.678289][T20972] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  382.716025][T20889] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  382.752574][T20982] No such timeout policy "syz1"
[  382.759150][T20982] hugetlbfs: Unknown parameter ')-'
[  382.773871][T20944] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  382.805165][ T1609] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  382.838186][T20944] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  382.869189][ T1609] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  382.883629][T20994] SELinux:  Context system_u:object_r:ssh_keygen_exec_t:s0 is not valid (left unmapped).
[  382.895949][T20995] bridge_slave_0: left allmulticast mode
[  382.901678][T20995] bridge_slave_0: left promiscuous mode
[  382.907592][T20995] bridge0: port 1(bridge_slave_0) entered disabled state
[  382.917557][T20995] bridge_slave_1: left allmulticast mode
[  382.923248][T20995] bridge_slave_1: left promiscuous mode
[  382.929103][T20995] bridge0: port 2(bridge_slave_1) entered disabled state
[  382.942391][T20995] bond0: (slave bond_slave_0): Releasing backup interface
[  382.959729][T20995] bond0: (slave bond_slave_1): Releasing backup interface
[  382.967970][T21001] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5989'.
[  382.985003][T20995] team0: Port device team_slave_0 removed
[  382.995971][T20995] team0: Port device team_slave_1 removed
[  383.003148][T20995] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  383.010643][T20995] batman_adv: batadv0: Removing interface: batadv_slave_0
[  383.019575][T20995] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  383.027232][T20995] batman_adv: batadv0: Removing interface: batadv_slave_1
[  383.051596][T20944] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  383.072653][ T1609] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  383.097791][T20944] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  383.156981][ T1609] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  383.168423][T20990] chnl_net:caif_netlink_parms(): no params data found
[  383.210186][T20990] bridge0: port 1(bridge_slave_0) entered blocking state
[  383.217554][T20990] bridge0: port 1(bridge_slave_0) entered disabled state
[  383.224845][T20990] bridge_slave_0: entered allmulticast mode
[  383.231253][T20990] bridge_slave_0: entered promiscuous mode
[  383.240165][T20990] bridge0: port 2(bridge_slave_1) entered blocking state
[  383.247412][T20990] bridge0: port 2(bridge_slave_1) entered disabled state
[  383.254785][T20990] bridge_slave_1: entered allmulticast mode
[  383.261288][T20990] bridge_slave_1: entered promiscuous mode
[  383.268212][T20944] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  383.287110][T20944] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  383.297472][T20990] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  383.308058][T20990] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  383.317327][T20944] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  383.328135][T20944] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  383.349516][T20990] team0: Port device team_slave_0 added
[  383.356379][T20990] team0: Port device team_slave_1 added
[  383.378074][ T1609] bridge_slave_1: left allmulticast mode
[  383.383782][ T1609] bridge_slave_1: left promiscuous mode
[  383.389510][ T1609] bridge0: port 2(bridge_slave_1) entered disabled state
[  383.397369][ T1609] bridge_slave_0: left allmulticast mode
[  383.403249][ T1609] bridge_slave_0: left promiscuous mode
[  383.409082][ T1609] bridge0: port 1(bridge_slave_0) entered disabled state
[  383.477087][ T1609] ip6gretap0 (unregistering): left promiscuous mode
[  383.587933][ T1609] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  383.598243][ T1609] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  383.608339][ T1609] bond0 (unregistering): Released all slaves
[  383.617238][ T1609] bond0 (unregistering): Released all slaves
[  383.625806][T20990] batman_adv: batadv0: Adding interface: batadv_slave_0
[  383.632963][T20990] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  383.659518][T20990] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  383.672067][T20990] batman_adv: batadv0: Adding interface: batadv_slave_1
[  383.679053][T20990] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  383.705057][T20990] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  383.759730][T20990] hsr_slave_0: entered promiscuous mode
[  383.768871][T20990] hsr_slave_1: entered promiscuous mode
[  383.775426][T20990] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  383.783149][T20990] Cannot create hsr debugfs directory
[  383.795363][T21019] netlink: 'syz.4.5992': attribute type 10 has an invalid length.
[  383.808767][T21023] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  383.817921][T21019] 8021q: adding VLAN 0 to HW filter on device batadv0
[  383.825765][T21019] team0: Port device batadv0 added
[  383.848264][ T1609] hsr_slave_0: left promiscuous mode
[  383.854029][ T1609] hsr_slave_1: left promiscuous mode
[  383.861489][ T1609] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  383.868945][ T1609] batman_adv: batadv0: Removing interface: batadv_slave_0
[  383.878687][ T1609] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  383.882490][T21028] loop4: detected capacity change from 0 to 512
[  383.886718][ T1609] batman_adv: batadv0: Removing interface: batadv_slave_1
[  383.892678][T21028] EXT4-fs: Ignoring removed i_version option
[  383.905688][T21028] EXT4-fs: Ignoring removed nobh option
[  383.912024][T21028] EXT4-fs: Invalid want_extra_isize 101
[  383.914616][ T1609] batadv_slave_1: left promiscuous mode
[  383.927172][ T1609] hsr_slave_0: left promiscuous mode
[  383.933149][ T1609] hsr_slave_1: left promiscuous mode
[  383.943092][ T1609] veth1_macvtap: left promiscuous mode
[  383.948796][ T1609] veth0_macvtap: left promiscuous mode
[  383.954343][ T1609] veth1_vlan: left promiscuous mode
[  383.959588][ T1609] veth0_vlan: left promiscuous mode
[  383.965533][ T1609] veth1_macvtap: left promiscuous mode
[  383.971013][ T1609] veth0_macvtap: left promiscuous mode
[  383.976611][ T1609] veth1_vlan: left promiscuous mode
[  383.981894][ T1609] veth0_vlan: left promiscuous mode
[  384.128244][ T1609] team0 (unregistering): Port device team_slave_1 removed
[  384.139144][ T1609] team0 (unregistering): Port device team_slave_0 removed
[  384.169829][ T1609] team0 (unregistering): Port device batadv0 removed
[  384.233395][ T1609] team0 (unregistering): Port device batadv0 removed
[  384.255146][T21048] tap0: tun_chr_ioctl cmd 1074025677
[  384.261234][T21048] tap0: linktype set to 825
[  384.310250][T20944] 8021q: adding VLAN 0 to HW filter on device bond0
[  384.345897][T20944] 8021q: adding VLAN 0 to HW filter on device team0
[  384.355503][ T3348] bridge0: port 1(bridge_slave_0) entered blocking state
[  384.362661][ T3348] bridge0: port 1(bridge_slave_0) entered forwarding state
[  384.376766][   T40] bridge0: port 2(bridge_slave_1) entered blocking state
[  384.383872][   T40] bridge0: port 2(bridge_slave_1) entered forwarding state
[  384.408446][T20944] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  384.469470][T20944] 8021q: adding VLAN 0 to HW filter on device batadv0
[  384.561460][T20944] veth0_vlan: entered promiscuous mode
[  384.581664][T20944] veth1_vlan: entered promiscuous mode
[  384.601737][T20990] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  384.610946][T20990] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  384.625831][T20990] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  384.635847][T20944] veth0_macvtap: entered promiscuous mode
[  384.642934][T20990] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  384.653718][T20944] veth1_macvtap: entered promiscuous mode
[  384.675824][T20944] batman_adv: batadv0: Interface activated: batadv_slave_0
[  384.691655][T20944] batman_adv: batadv0: Interface activated: batadv_slave_1
[  384.708591][T20944] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  384.717384][T20944] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  384.727245][T20944] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  384.736209][T20944] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  384.782259][T20990] 8021q: adding VLAN 0 to HW filter on device bond0
[  384.820260][T20990] 8021q: adding VLAN 0 to HW filter on device team0
[  384.833468][ T3348] bridge0: port 1(bridge_slave_0) entered blocking state
[  384.840688][ T3348] bridge0: port 1(bridge_slave_0) entered forwarding state
[  384.850773][ T3348] bridge0: port 2(bridge_slave_1) entered blocking state
[  384.857966][ T3348] bridge0: port 2(bridge_slave_1) entered forwarding state
[  384.904143][T21070] loop4: detected capacity change from 0 to 512
[  384.919389][T21070] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  384.931994][T21070] ext4 filesystem being mounted at /17/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  384.950788][T21076] bridge_slave_0: left allmulticast mode
[  384.956754][T21076] bridge_slave_0: left promiscuous mode
[  384.962611][T21076] bridge0: port 1(bridge_slave_0) entered disabled state
[  384.971802][T21076] bridge_slave_1: left allmulticast mode
[  384.977593][T21076] bridge_slave_1: left promiscuous mode
[  384.983260][T21076] bridge0: port 2(bridge_slave_1) entered disabled state
[  384.991461][ T3467] ==================================================================
[  384.999542][ T3467] BUG: KCSAN: data-race in __netdev_update_features / netif_skb_features
[  385.004728][T21070] loop4: detected capacity change from 512 to 511
[  385.007933][ T3467] 
[  385.007942][ T3467] write to 0xffff888114b4a0b8 of 8 bytes by task 21076 on cpu 1:
[  385.007957][ T3467]  __netdev_update_features+0xd42/0xf60
[  385.023100][T21070] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.6008: bg 0: block 16032: padding at end of block bitmap is not set
[  385.024347][ T3467]  netdev_update_features+0x28/0x90
[  385.024377][ T3467]  br_del_if+0x1bf/0x1e0
[  385.024401][ T3467]  br_del_slave+0x24/0x30
[  385.024419][ T3467]  do_setlink+0x9c6/0x2490
[  385.024441][ T3467]  rtnl_newlink+0xbc6/0x1690
[  385.030410][T21070] EXT4-fs error (device loop4): ext4_discard_preallocations:5606: comm syz.4.6008: Error -117 reading block bitmap for 0
[  385.044502][ T3467]  rtnetlink_rcv_msg+0x6aa/0x710
[  385.044532][ T3467]  netlink_rcv_skb+0x12c/0x230
[  385.044550][ T3467]  rtnetlink_rcv+0x1c/0x30
[  385.044569][ T3467]  netlink_unicast+0x599/0x670
[  385.044584][ T3467]  netlink_sendmsg+0x5cc/0x6e0
[  385.044603][ T3467]  __sock_sendmsg+0x140/0x180
[  385.044627][ T3467]  ____sys_sendmsg+0x312/0x410
[  385.044645][ T3467]  __sys_sendmsg+0x1e9/0x280
[  385.044663][ T3467]  __x64_sys_sendmsg+0x46/0x50
[  385.044682][ T3467]  x64_sys_call+0x2689/0x2d60
[  385.060573][T21070] EXT4-fs error (device loop4): ext4_mb_discard_group_preallocations:5431: comm syz.4.6008: Error -117 reading block bitmap for 0
[  385.062786][ T3467]  do_syscall_64+0xc9/0x1c0
[  385.062810][ T3467]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  385.068552][T21070] EXT4-fs error (device loop4): ext4_mb_discard_group_preallocations:5431: comm syz.4.6008: Error -117 reading block bitmap for 0
[  385.079933][ T3467] 
[  385.079943][ T3467] read to 0xffff888114b4a0b8 of 8 bytes by task 3467 on cpu 0:
[  385.079958][ T3467]  netif_skb_features+0x39/0x700
[  385.079980][ T3467]  validate_xmit_skb+0x26/0x8d0
[  385.102056][T20889] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 3: comm syz-executor: path /17/file0: bad entry in directory: directory entry overrun - offset=2016, inode=2, rec_len=2036, size=2048 fake=1
[  385.104173][ T3467]  __dev_queue_xmit+0xde9/0x1fe0
[  385.111546][T20889] EXT4-fs error (device loop4): ext4_lookup:1815: inode #2: comm syz-executor: deleted inode referenced: 12
[  385.113699][ T3467]  ip6_finish_output2+0xa41/0xd20
[  385.118526][T20889] EXT4-fs error (device loop4): ext4_lookup:1815: inode #2: comm syz-executor: deleted inode referenced: 12
[  385.123025][ T3467]  ip6_finish_output+0x438/0x540
[  385.242907][ T3467]  ip6_output+0xf5/0x230
[  385.247151][ T3467]  mld_sendpack+0x421/0x6d0
[  385.251732][ T3467]  mld_ifc_work+0x51a/0x7e0
[  385.256329][ T3467]  process_scheduled_works+0x483/0x9a0
[  385.261774][ T3467]  worker_thread+0x526/0x6e0
[  385.266393][ T3467]  kthread+0x1d1/0x210
[  385.270461][ T3467]  ret_from_fork+0x4b/0x60
[  385.274965][ T3467]  ret_from_fork_asm+0x1a/0x30
[  385.279724][ T3467] 
[  385.282027][ T3467] value changed: 0x00002007ffdd78e9 -> 0x00002007ffff78e9
[  385.289216][ T3467] 
[  385.291566][ T3467] Reported by Kernel Concurrency Sanitizer on:
[  385.297692][ T3467] CPU: 0 UID: 0 PID: 3467 Comm: kworker/0:6 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0
[  385.308430][ T3467] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  385.318476][ T3467] Workqueue: mld mld_ifc_work
[  385.323146][ T3467] ==================================================================
[  385.333444][T21076] bond0: (slave bond_slave_0): Releasing backup interface
[  385.353267][T21076] bond0: (slave bond_slave_1): Releasing backup interface
[  385.371120][T21076] team0: Port device team_slave_0 removed
[  385.391144][T21076] team0: Port device team_slave_1 removed
[  385.407730][T21076] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  385.415210][T21076] batman_adv: batadv0: Removing interface: batadv_slave_0
[  385.424865][T21076] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  385.432360][T21076] batman_adv: batadv0: Removing interface: batadv_slave_1
[  385.454443][T21080] netlink: 48 bytes leftover after parsing attributes in process `syz.1.6006'.
[  385.497400][T20990] 8021q: adding VLAN 0 to HW filter on device batadv0
[  385.505607][T20985] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  385.575620][T20990] veth0_vlan: entered promiscuous mode
[  385.583768][T20990] veth1_vlan: entered promiscuous mode
[  385.600569][T20990] veth0_macvtap: entered promiscuous mode
[  385.608334][T20990] veth1_macvtap: entered promiscuous mode
[  385.619379][T20990] batman_adv: batadv0: Interface activated: batadv_slave_0
[  385.631211][T20990] batman_adv: batadv0: Interface activated: batadv_slave_1
[  385.641584][T20990] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  385.650392][T20990] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  385.659585][T20990] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  385.668877][T20990] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  386.474242][   T40] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  386.538067][   T40] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  386.598718][   T40] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  386.657528][   T40] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  386.827687][   T40] bond0 (unregistering): Released all slaves
[  386.926777][   T40] hsr_slave_0: left promiscuous mode
[  386.932590][   T40] hsr_slave_1: left promiscuous mode
[  386.940938][   T40] veth1_macvtap: left promiscuous mode
[  386.946576][   T40] veth0_macvtap: left promiscuous mode
[  386.952219][   T40] veth1_vlan: left promiscuous mode
[  386.957517][   T40] veth0_vlan: left promiscuous mode
[  387.079783][   T40] team0 (unregistering): Port device batadv0 removed