last executing test programs:

2.325024s ago: executing program 1 (id=711):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x12, 0x8, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000100)={r1, 0x0}, 0x20)

2.176806307s ago: executing program 1 (id=712):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
eventfd2(0x7, 0x80001)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$USBDEVFS_FREE_STREAMS(r2, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="02002303100007006000000002000020d3"])
ioctl$USBDEVFS_CONTROL(r2, 0xc0185500, &(0x7f0000000240)={0x80, 0x0, 0x73, 0x0, 0x0, 0x0, 0x0})
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x64}, 0x1, 0x0, 0x0, 0x20048800}, 0x0)
syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0)

2.040376783s ago: executing program 0 (id=713):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, 0x0, 0x0)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_ADD_NAN_FUNCTION(r0, &(0x7f0000000340)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000300)={&(0x7f0000001780)={0x948, r1, 0x100, 0x70bd2a, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_NAN_FUNC={0xc, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_TYPE={0x5}]}, @NL80211_ATTR_NAN_FUNC={0x208, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_PUBLISH_BCAST={0x4}, @NL80211_NAN_FUNC_SERVICE_INFO={0x5c, 0xb, "53a6501eaf761f4d7b7155e8ed2bcec783f962ae84c96133412471f5a462be3dc5b0ba3a512d5cd058a718b2ac98d490f6e7bd24987414f726d69d074896a12143344cecd6e62457c4cdf3c76427c8644ac67cb5dd2ba14d"}, @NL80211_NAN_FUNC_SERVICE_INFO={0x9d, 0xb, "35602006ea16f4b8ebad6519c2a29f018d71ddc229bf1ae07ee2f9529e9b9017ea8e80390d911576ec69f326c69655a18def6b9495e49d6add717608b852ad6cc94bd495d7ecf761f220a708532bd2a4451da92bbd9b4410ef7a9fbf28f8d50e9aceba50c4ef63e51427b7ca0dbac3851ee6fe91133d4e904e63717be197a98b8ae2893ae5d50eccc8844725df1ba8de784d2e517d524c17af"}, @NL80211_NAN_FUNC_RX_MATCH_FILTER={0x100, 0xd, 0x0, 0x1, [{0xfc, 0x0, "bdd76f71e3acefb933ab5cded0699a9e2f2b2272da4ca28abf4dd11d2fd338bac4ba064cdcd185f382a0d61d53dd44f1156da25dc7e87c1a697d70bce98e8c92e47ddfac1f28bf83e642534137ee72b61cc3009f60425066c65dec609b4b1c8268c8331713015c02c479fe377f9bc3d8fd327913696831218447ef1d807b637f637c8cd93461ddeeb3e385721213514379a2b4389ef7dcfcdab3517cc10cad2fa6c520f1abb704d172053c557a716f811036c487a783478698171b5779924bacb09a0c4ba0c581c53bac47daf553c7df10e702041ce45b4bd04128dfde7cc975d80f1f3454a1ac2ae1dd1279db95d2be9348a6e7cacdc239"}]}, @NL80211_NAN_FUNC_CLOSE_RANGE={0x4}]}, @NL80211_ATTR_NAN_FUNC={0x5bc, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_FOLLOW_UP_DEST={0xa, 0x8, @broadcast}, @NL80211_NAN_FUNC_SERVICE_ID={0xa, 0x2, "c3f0734647ce"}, @NL80211_NAN_FUNC_RX_MATCH_FILTER={0x570, 0xd, 0x0, 0x1, [{0x2d, 0x0, "59a4ff8ac7106a7a1cb066bc2f642f6d50dc884c9ca1dbb8b2c854fe6432b2010073dbed52a8dacbc2"}, {0x74, 0x0, "1d92f5c973800c9918d68d9371f0ad0dbf328d18e98c8b1118e9bfc09be465ac50c48d3928bc75c09ac775333988acf89430a44b2cbf013dc2176c0414b6f4905ba63a199421cb02ff32e72f7248f938a80747957b9cc6bf4046a1300759ecadfbe6755a9e5cad32f21c803fbfeea90b"}, {0xb3, 0x0, "9d9b3c3233fd30ddfa199cd91e8d5c350bbba500a835fee675856ab26d90210600000048b4c367ee75331e576543a3b418f10b899c57e5cbcc88019c0968dd7dd4c22fa55aa03fe51c7b5ce88a08afa4a055ebcea06999f3685fbf945e6cd9542c26d5876dff992a92cad2edcf27eab73dd8585ecdeb9892fd66bbee12f68bc25d5b686960ffd8ac70a643aa00b052f02e3969571841778a4a0f172df40266ac206fc6ccc3326b63da8a4b3deb5400"}, {0x184, 0x0, "65bbddf06f1d20700bcbda16fa4169423a9e928616cd9d0d01d20213143b1ba63f8728eea2428675d886e739bce04ee94185296660baaf546c08e6f6beec2c859e3301cb52766f16c3198c6da0b9b0f66b1ab7be5bb28108d85b44a517cfbdc17a231bb1595e98f855ab679196e9aa58e42da710f9c7c9e45421c8bf06722e35fb063f28fa2363c41c85344f6b1cc27e8ed8ad603d3c0a12d2cdef85011c48c8cc75f8b97868280c8297545069221b277be8438e46303ecf7c6070f6388772a5c895df77a75c3faafcee5b3f59e90239dfdef960076e14d3d7d1d10a727cc4ac738c41c56fcc8d94dda51cbc9eb421010d70af3c661c38db18b9c3b40acd428a45a277681ef6d97934151eb915ab3ba2378c04f60aa1958e99b5e78edad1a218278ccd94c19ba6c9ff2a378778eed65d92f78c1ba8a51a6f40d753c883c6d808f7c39e90b7ec9f2c95d25b9853cd820705b2020d4f1a8da5c6f60438e28bf9d76b5a24ec53f07777efe4e1b69a52f906181dcbbc83ed6930f5048d77cf6cb1cf"}, {0x2b, 0x0, "d0244f37b8de5590209561a0f2f181601214a22fe73462cc0d603331e2b1023b459fc9b6853f2a"}, {0x9e, 0x0, "df0a72b1a97375968f538aba469990ed15229a1fd34d8dc1e75327b29b1d22f503f291ea48809f0d74aeef65bc16e7681c75760e125f196aa1fa684655f82576d4f619146e7ae2e284f17281cf0416445fcee531fec633a4fd4149e36053786b9f53406a5346b1ad238704a75591d42e7f37d1a5e9b93f336f3f895c99e8dc40139fef093270d02bea9d6485c5b374d62c0d9915a81e49397723"}, {0xe3, 0x0, "fecd979c0948e1ec440f7d8c213e4f7cc5bd52f2d20c41469adecd600c0e22c35c79ceb914b0e3ab5f9d70062893d02769308455abc5b3a4eea0a2733064729f9120ab32fc296c2eb71536b217c0d5ef01dfd80efcbcdafd3590d96b51721b230d33099d3c8396439c8146906212a4677c86a81f00dbc25f844caab1821a057d22cdab63382df380cf5f65dc29ce142e28e0a7bf862540541cd14d1ad70c22bb57e138d1a460ac6536e27727a197a06ad2224f3e02516fd1ff7e133b8a4da38e17fe25690d08604884af369c40c2fb00"/223}, {0xde, 0x0, "132b5f92c51aa8fc69ab822a616a7a00aab987dcd811e05b51b14b52a8d7f85f0f84bfe262c6e4c44bad947bf9b68cf34e8a51b94788b5945bdeffc99fe0aeac516b0597f1026f6449b66707f00489c880dd9438cd285c767856c8cc2da8587f780e8ad02a23ef0e90f3e301773f81e86e063b3ffca69b37ce6088a164fa99507625c97d36ff2ff4f7d3df57e9e15a1c4b9fca565ea58612f3c317e4b9ecabb0f97b2e9331f7c09f7a654cdf47e1facff0252afa1862a13ad1177ba570144e0b764cd0226704c232ea89024611dae2e20525eff7d95bfceaae8d"}]}, @NL80211_NAN_FUNC_FOLLOW_UP_DEST={0xa, 0x8, @device_b}, @NL80211_NAN_FUNC_TYPE={0x5}, @NL80211_NAN_FUNC_TTL={0x8, 0xa, 0x6}, @NL80211_NAN_FUNC_CLOSE_RANGE={0x4}, @NL80211_NAN_FUNC_SERVICE_ID={0xa, 0x2, "b28da86ebd33"}, @NL80211_NAN_FUNC_PUBLISH_BCAST={0x4}]}, @NL80211_ATTR_NAN_FUNC={0x14, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_TERM_REASON={0x5, 0x10, 0x3}, @NL80211_NAN_FUNC_FOLLOW_UP_ID={0x5, 0x6, 0x9}]}, @NL80211_ATTR_NAN_FUNC={0x10, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_SERVICE_ID={0xa, 0x2, "5ed6b863dfa4"}]}, @NL80211_ATTR_NAN_FUNC={0x130, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_PUBLISH_BCAST={0x4}, @NL80211_NAN_FUNC_SERVICE_ID={0xa, 0x2, "7ff35268c14f"}, @NL80211_NAN_FUNC_FOLLOW_UP_DEST={0xa, 0x8, @device_b}, @NL80211_NAN_FUNC_SRF={0x108, 0xc, 0x0, 0x1, [@NL80211_NAN_SRF_BF={0x103, 0x2, "1a90f493fbf0aec0226a8de23c2ccb9ff83b426e279758c3474eb5ecac9fd2e2cf0fdb8a304ff27f4e7932bd751ddc4e9eb7ec6b5db86c645b045f3c021a963cd0b79b6fcc2e4b29f3ceacaea5c3ea80143d425676ad201c33d46bf104ec04de00f213f7f85d53e1104e15b9faa7067d8548224bc870ec7a01f2da7aeac68aa011e7f544dddf232487b3c64d5cc9b127f1a500906d115b71c43a1acf4512a2a4142813bd4ad4af637d630328dfdc2592653d6dc83ea50d78ce220fc86b6d85d244949153a12dc8619b81da5afb741e28da372a28f01b89d14cd9f125faccc09ab200b5c07bcea7b8e2f2e09a14c82d3dfe40b70300a7ddc1ad146bce1fe5bd"}]}, @NL80211_NAN_FUNC_PUBLISH_TYPE={0x5, 0x3, 0xf}]}, @NL80211_ATTR_NAN_FUNC={0x10, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_FOLLOW_UP_DEST={0xa, 0x8, @broadcast}]}]}, 0x948}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x40, &(0x7f00000008c0)={[{@nobh}, {@noauto_da_alloc}, {@jqfmt_vfsold}, {@data_err_ignore}, {@resuid}, {@dioread_nolock}, {@usrjquota}, {@discard}, {@jqfmt_vfsv1}]}, 0xfc, 0x564, &(0x7f0000002bc0)="$eJzs3c9rHFUcAPDvbLL9rU2hFPUggR6s1G6axB8VPNSjaLGg97ok01Cy6ZbspjSxYHuwFy9SBBEL4h/gyYvH4j/gX1HQQpES9OAlMpvZdNPdTbbJtkm7nw9M8t7M7L757sz38WbfLhvAwBrN/hQiXo2Ib5OIwy3bhiPfOLq63/LD61PZksTKymd/J5Hk65r7J/n/g3nllYj4/euIk4X2dmuLS7PlSiWdz+tj9bkrY7XFpVOX5soz6Ux6eWJy8sw7kxPvv/du32J98/y/P3x696Mz3xxf/v6X+0duJ3E2DuXbWuPYhhutldEYzV+TYpx9bMfxPjS2myQ7fQBsyVCe58XI+oDDMZRnPfDi+yoiVoABlch/GFDNcUDz3r5P98HPjQcfrt4Atcc/vPreSOxr3BsdWE7W3Rll97sjfWg/a+O3v+7czpbo3/sQAJu6cTMiTg8Pt/d/Sd7/bd3pHvZ5vA39Hzw7d7Pxz1udxj+FtfFPdBj/HOyQu1uxef4X7vehma6y8d8HHce/a5NWI0N57aXGmK+YXLxUSbO+7eWIOBHFvVl9o/mcM8v3Vtav+XWt1Dr+y5as/eZYMD+O+8N71z96ulwvbzfupgc3I17rOP5N1s5/0uH8Z6/H+R7bOJbeeb3bts3jf7pWfo54o+P5fzSjlWw8PznWuB7GmldFu39uHfujW/s9xF/sY7htsvN/YOP4R5LW+dpat2fqPm/0077/0m7btnr970k+b5T35Ouulev1+fGIPckn7esnHj22WW/un8V/4vjG/V+n639/RHzRNeL1bh291XXXnb7+s/inn+j8P3nh3sdf/tit/d7O/9uN0ol8TS/9X68HuJ3XDgAAAAAAAHabQkQciqRQWisXCqXS6uc7jsaBQqVaq5+8WF24PB2N78qORLHQnOk+3PJ5iPH887DN+sRj9cmIOBIR3w3tb9RLU9XK9E4HDwAAAAAAAAAAAAAAAAAAALvEwYh9nb7/n/lzaKePDnjq2n66QeLDwOj+0y35ln780hOwK3XPf+BFJ/9hcMl/GFzyHwaX/IfBJf9hcMl/GFzyHwAAAAAAAAAAAAAAAAAAAAAAAAAAAPrq/Llz2bKy/PD6VFafvrq4MFu9emo6rc2W5hamSlPV+SulmWp1ppKWpqpzmz1fpVq9Mj4RC9fG6mmtPlZbXLowV124XL9waa48k15Ii88kKgAAAAAAAAAAAAAAAAAAAHi+1BaXZsuVSjqvoLClwvDuOAyFPhd2umcCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEf+DwAA//9MBzmC")
r2 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r2, &(0x7f0000001740)={0x0, 0x0, 0x0}, 0x0)
setsockopt$sock_attach_bpf(r2, 0x110, 0x2, 0x0, 0x0)
ioprio_set$pid(0x1, 0x0, 0x0)
r3 = open(&(0x7f0000000200)='./bus\x00', 0x14507e, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x3c, 0x3c, 0x2, [@func_proto={0x0, 0x1, 0x0, 0xd, 0x3, [{}]}, @int={0x0, 0x0, 0x0, 0x1, 0x5, 0x20}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x2, 0x2}}]}}, 0x0, 0x56, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
fallocate(r3, 0x0, 0x0, 0x1000f8)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffded, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r4}, &(0x7f0000000040), &(0x7f0000000280)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00'}, 0x10)
sendfile(r3, r3, 0x0, 0x100000008)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r6}, 0x10)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r8}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
socket$can_bcm(0x1d, 0x2, 0x2)

1.756030346s ago: executing program 1 (id=719):
socket$inet(0x2, 0x4000000000000001, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
socket$kcm(0xa, 0x0, 0x87)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000340)={<r1=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r0, 0xc0182101, &(0x7f0000000180)={r1})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000b80)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b40)={&(0x7f0000000600)='kfree\x00', r2}, 0x10)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000b40)={0x2, 0x3, 0x0, 0x3, 0xc, 0x0, 0x0, 0x0, [@sadb_key={0x2, 0x9, 0x8, 0x0, "e9"}, @sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x0, @private}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0xfb, 0xfc}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @local={0xac, 0x14, 0xb}}}]}, 0x60}, 0x1, 0x7}, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000002780))
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffe}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r5}, 0x10)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$tmpfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='gid='])
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='devpts\x00', 0x0, &(0x7f0000000100))
r6 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00', <r7=>0x0})
r8 = socket$nl_route(0x10, 0x3, 0x0)
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="b400000010000904000000000000000000002200", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32=r7, @ANYBLOB='\b\x00\n\x00', @ANYRESOCT], 0xb4}}, 0x0)

1.703984302s ago: executing program 3 (id=720):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000001940)=ANY=[@ANYBLOB=' \x00\x00', @ANYRES16=r1, @ANYBLOB="01dfffffff0000000000210000000c000180080001"], 0x20}}, 0x0)

1.702701862s ago: executing program 3 (id=722):
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x12, 0x8, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000100)={r1, 0x0}, 0x20)

1.63451795s ago: executing program 3 (id=723):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b708000000f1ff007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
syz_emit_ethernet(0x7e, &(0x7f0000000040)={@link_local, @broadcast, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "ecff80", 0x48, 0x11, 0x0, @remote, @mcast2, {[], {0x0, 0x4e22, 0x48, 0x0, @wg=@cookie={0x4, 0x0, "7d91b3ccaf4c63521df8f969a9a3ef8377d86e2c440fb055", "8fc99fa615e832d5f00ce4a5807ebb53fbfc8fbe4761a7cfe44dcf957dbdc946"}}}}}}}, 0x0) (fail_nth: 3)

1.63402183s ago: executing program 3 (id=724):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20, @multicast2}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0xfff0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="020000000400000008000100010000000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000001000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008180000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETRULE(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000700)=ANY=[@ANYBLOB="10010000070a0102"], 0x110}}, 0x0)
connect$inet(r0, &(0x7f0000000140)={0x2, 0x4e20, @loopback}, 0x10)
sendmmsg$inet(r0, &(0x7f0000005400)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f00000037c0)='-', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000003ac0)="bb", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000004200)=[{&(0x7f0000000740)="5a83a4c59bb793380a60dab39923ed3ecfc69bd093f9b52514dfd57b9766d5d811f999ff7d691b704bc936b9bcfb86f1d29caeebee6506d7cb8057dde837055ad66b87c1b1e52545e550ae4860a0ea5b6aefd8c51376cae4a6171a03b739e788e5064a9d7c35807d3932", 0x6a}], 0x1}}, {{0x0, 0x0, &(0x7f0000005380)=[{&(0x7f0000004280)="a1", 0x1}], 0x1}}], 0x4, 0x60cd894)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bind$netlink(r3, &(0x7f00000006c0)={0x10, 0x0, 0x25dfdbfb, 0x4000000}, 0xc)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000140), 0xfc, 0x560, &(0x7f00000008c0)="$eJzs3d9rW1UcAPDvTdut+6HtYAz1QQp7cDKXrq0/JvgwH0WHA33XkGRlNF1Gk461Dtwe3IsvMgQRB6Lvvvs4/Af8KwY6GDKKPuwlctObLluTNu3StVs+H7jtOffe9Jxv7v2enpubkAAG1kT6IxfxakR8l0SMtW0bjmzjxOp+Kw+uFdMliUbjs3+SSLJ1rf2T7PehrPJKRPzxTcTJ3Pp2a0vLc4VKpbyQ1Sfr85cna0vLpy7OF2bLs+VL0zMzZ96ZmX7/vXf7Fuub5//78dM7H5359vjKD7/dO3IribNxONvWHsdTuN5emYiJ7DkZibNP7DjVh8b2kmS3O8C2DGV5PhLpGDAWQ1nWd9QYe5ZdA3bY12laAwMqkf8woFrzgNa1fZ+ug58b9z9cvQBaH//w6msjMdq8Njq4kjx2ZZRe7473of20jd//vn0rXaJ/r0MAbOr6jYg4PTy8fvxLsvFv+073sM+TbRj/4Nm5k85/3uo0/8mtzX+iw/znUIfc3Y7N8z93rw/NdJXO/z7oOP9du2k1PpTVXmrO+UaSCxcr5XRsezkiTsTI/rS+wf2cL3MrdxvdNrbP/9Ilbb81F8z6cW94/+OPKRXqhacKus39GxGvdZz/JmvHP+lw/NPn43yPbRwr336927bN499ZjV8i3uh4/B/d0Uo2vj852TwfJltnxXr/3jz2Z7f2dzv+9Pgf3Dj+8aT9fm1t6238PPqw3G3bds//fcnnzfK+bN3VQr2+MBWxL/lk/frpR49t1Vv7p/GfOL7x+Nfp/D+QJnaP8d88erN919Gtxb+z0vhLWzr+Wy/c/firn7q139vxf7tZOpGt6WX867WDT/PcAQAAAAAAwF6Ti4jDkeTya+VcLp9ffX/H0TiYq1Rr9ZMXqouXStH8rOx4jORad7rH2t4PMZW9H7ZVn36iPhMRRyLi+6EDzXq+WK2Udjt4AAAAAAAAAAAAAAAAAAAA2CMORYx2+vx/6q+h3e4dsOM2+Mpv4AXXPf+zLf34pidgT/L/HwaX/IfBJf9hcMl/GFzyHwaX/IfBJf9hcG0l/389t4MdAQAAAAAAAAAAAAAAAAAAAAAAAAAAgBfD+XPn0qWx8uBaMa2XriwtzlWvnCqVa3P5+cVivlhduJyfrVZnK+V8sTq/2d+rVKuXp6Zj8epkvVyrT9aWlr+Yry5eethYVR55JlEBAAAAAAAAAAAAAAAAAADA86W2tDxXqFTKCwoK2yoM741uKPS5sNsjEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA88n8AAAD//75iP7A=")
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='pids.events\x00', 0x275a, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70200001400ffd9b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={0xffffffffffffffff, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000080)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x4, &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0], 0x0, 0x6d, &(0x7f0000000340)=[{}, {}, {}, {}, {}, {}], 0x30, 0x10, &(0x7f0000000380), &(0x7f0000000400), 0x8, 0xc2, 0x8, 0x8, &(0x7f0000000440)}}, 0x10)
write$cgroup_int(r4, &(0x7f0000000000), 0xffffff6a)

1.305012069s ago: executing program 0 (id=725):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="050000000400000099000b000f00f9000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r3}, 0x0, &(0x7f00000002c0)}, 0x20)
chroot(0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="4000000010001fff000000000000000000060000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769"], 0x40}}, 0x0)
getsockopt$inet6_mreq(r1, 0x29, 0x15, &(0x7f0000000440)={@mcast2, <r5=>0x0}, &(0x7f0000000480)=0x14)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x141842, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
ftruncate(r7, 0x2007ff3)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r8 = getpid()
sched_setscheduler(r8, 0x2, &(0x7f0000000200)=0x6)
poll(0x0, 0x0, 0xe7f1)
r9 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCMIWAIT(r9, 0x545c, 0x0)
ioctl$TIOCVHANGUP(r9, 0x5437, 0x0)
copy_file_range(r7, 0x0, r6, 0x0, 0xffffffffa003e459, 0x700000000000000)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0300000004000000040000000a00f9ff00000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=r5, @ANYRES32=r6, @ANYBLOB="02000000050000000300"/28], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r10 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000200)={'netdevsim0\x00', <r11=>0x0})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r12=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f00000001c0)={'bridge_slave_0\x00', <r13=>0x0})
r14 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r14, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000340)=ANY=[@ANYBLOB="3800000010000800"/20, @ANYRES32=0x0, @ANYBLOB="7d0302000000000008002e000200000008000500", @ANYRES32=r11, @ANYBLOB="08000a00b3cd9bef6fcce7a0aebf", @ANYRES32=r13, @ANYBLOB], 0x38}}, 0x0)

805.011486ms ago: executing program 1 (id=727):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = syz_open_dev$usbfs(&(0x7f0000000700), 0x2000000000000, 0x141002)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r1, 0xc0185500, &(0x7f0000000040)={0x82, 0x0, "aa2fe1a243fcd9abf29cc3391c06b86f68e7f73d4f0bef9669a8e82040ccb44d75131fb06cade553a6bdc314438ce0af11c38cd724980b087a7a16f9295be0a69db51576e7a06ef6bcabc67b52ba82f73504fa4c53c2f0c06bf006f3e5bcdd5057997bf171c60d96a538b001fab97576512ee9f4b573457498ca09cb417b1fbe6dc3b0c27ab0693ac57aff136748f7740dfc33f3a902b670f8933aec28869e637c18379d6d0b4d844b732cb1932733df02c2f69f8b6df76ba84e1f001ad29105230471f466b6f9d7d2b05a57fe16e7363e5ecebc2c74539ca55c7ce3a1754f1adedd20532a9de97379f4dd5baeeae835946311e6e4e2361355c54b3bd500"})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x69, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1e0000000000000005000000ff00000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="080000000000000000000000000000000000000000000000000000000e5e9858802d914f94f43c51ae7b769f45cb93d593c84fe5c2a17477481317b704d0b97376541f8616fe09970900e1ee98c5159c5b0124d2a070ca49a81e2309b5f29eac4c22839a60273853649a3a9b3da5fd02ea75e64e8d"], 0x48)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000200)={r2, r4}, 0xc)

766.067361ms ago: executing program 4 (id=729):
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000002c0)={0x6, 0x0, 0x0, &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0, 0x10, 0x0, @void, @value}, 0x94)

751.937342ms ago: executing program 1 (id=730):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xe, 0x4, 0x8, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c250000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

735.495074ms ago: executing program 4 (id=731):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
eventfd2(0x7, 0x80001)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$USBDEVFS_FREE_STREAMS(r2, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="02002303100007006000000002000020d3"])
ioctl$USBDEVFS_CONTROL(r2, 0xc0185500, &(0x7f0000000240)={0x80, 0x0, 0x73, 0x0, 0x0, 0x0, 0x0})
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x64}, 0x1, 0x0, 0x0, 0x20048800}, 0x0)
syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0)

734.498164ms ago: executing program 1 (id=732):
syz_usb_connect(0x0, 0x0, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0x403}}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00'}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x4, 0x0, 0x7ffc0001}]})
r0 = fsopen(&(0x7f0000000040)='ramfs\x00', 0x0)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuset.effective_mems\x00', 0x275a, 0x0)
write$cgroup_int(r2, &(0x7f0000000380), 0x101bf)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000000)={0x0, r2})
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0x8, &(0x7f0000000740)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x20000020, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="021800000a000000000000000000000005000600000000000a004e2400000005fc000000000000000000000000000001327f0000000000000300050000000000020000007f0000010000000000000000"], 0x50}}, 0x0)
mknodat$loop(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r5, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r5, &(0x7f0000000080), 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r5, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
r6 = fcntl$dupfd(r5, 0x0, r5)
perf_event_open(&(0x7f0000000440)={0x3, 0x80, 0x7, 0x6, 0x0, 0xc5, 0x0, 0x6, 0x200, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x3, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x7, 0x6, @perf_bp={&(0x7f0000000300), 0x6}, 0x14861, 0x8, 0xb4f5, 0x0, 0xffff, 0x9, 0x3, 0x0, 0x5, 0x0, 0x7fffffffffffffff}, 0x0, 0x9, r2, 0xb)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r5, 0x6, 0x14, &(0x7f0000000000)=0x1, 0x4)
sendmsg$IPVS_CMD_GET_CONFIG(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[], 0x14}}, 0x0)
sendmsg$WG_CMD_GET_DEVICE(r6, &(0x7f0000002ec0)={0x0, 0x0, &(0x7f0000002e80)={&(0x7f0000002fc0)=ANY=[], 0x2b08}}, 0x0)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x34, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_config_ext={0x7, 0x7}, 0x0, 0x4, 0x4, 0x0, 0x0, 0x1, 0x0, 0x0, 0x7}, 0x0, 0x8, r1, 0x2)
setsockopt$inet6_tcp_TLS_TX(r5, 0x11a, 0x2, &(0x7f0000000380)=@gcm_256={{0x303}, "5ef40e7ab852acb6", "582f7cccfda6a677c372675d88becd932053048ac5a438b0e48fdb55bdc83053", "52c227d6", "c6425ec4f2e476d5"}, 0x38)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r6)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b708000000f1ff007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000000)='kmem_cache_free\x00', r8}, 0x10)

733.672974ms ago: executing program 3 (id=733):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000fb"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$kcm(0x29, 0x2, 0x0)
sendmmsg$inet(r2, &(0x7f0000000c00)=[{{0x0, 0x0, &(0x7f0000000b00)=[{&(0x7f00000002c0)="89", 0x1}], 0x1, &(0x7f0000000e40)=ANY=[], 0xd0}}], 0x1, 0x4008094)
close(r2)

385.449444ms ago: executing program 4 (id=734):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000001440), 0x0, 0x0)
ioctl$IMADDTIMER(r1, 0x80044940, &(0x7f00000004c0)=0xf4240)
ioctl$IMADDTIMER(r1, 0x80044940, &(0x7f00000000c0)=0x32)
close(r1)

356.835488ms ago: executing program 4 (id=735):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, 0x0, 0x0)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_ADD_NAN_FUNCTION(r0, &(0x7f0000000340)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000300)={&(0x7f0000001780)={0x8f4, r1, 0x100, 0x70bd2a, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_NAN_FUNC={0xc, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_TYPE={0x5}]}, @NL80211_ATTR_NAN_FUNC={0x1b4, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_PUBLISH_BCAST={0x4}, @NL80211_NAN_FUNC_INSTANCE_ID={0x5, 0xf, 0x4}, @NL80211_NAN_FUNC_SERVICE_INFO={0x9d, 0xb, "35602006ea16f4b8ebad6519c2a29f018d71ddc229bf1ae07ee2f9529e9b9017ea8e80390d911576ec69f326c69655a18def6b9495e49d6add717608b852ad6cc94bd495d7ecf761f220a708532bd2a4451da92bbd9b4410ef7a9fbf28f8d50e9aceba50c4ef63e51427b7ca0dbac3851ee6fe91133d4e904e63717be197a98b8ae2893ae5d50eccc8844725df1ba8de784d2e517d524c17af"}, @NL80211_NAN_FUNC_RX_MATCH_FILTER={0x100, 0xd, 0x0, 0x1, [{0xfc, 0x0, "bdd76f71e3acefb933ab5cded0699a9e2f2b2272da4ca28abf4dd11d2fd338bac4ba064cdcd185f382a0d61d53dd44f1156da25dc7e87c1a697d70bce98e8c92e47ddfac1f28bf83e642534137ee72b61cc3009f60425066c65dec609b4b1c8268c8331713015c02c479fe377f9bc3d8fd327913696831218447ef1d807b637f637c8cd93461ddeeb3e385721213514379a2b4389ef7dcfcdab3517cc10cad2fa6c520f1abb704d172053c557a716f811036c487a783478698171b5779924bacb09a0c4ba0c581c53bac47daf553c7df10e702041ce45b4bd04128dfde7cc975d80f1f3454a1ac2ae1dd1279db95d2be9348a6e7cacdc239"}]}, @NL80211_NAN_FUNC_CLOSE_RANGE={0x4}]}, @NL80211_ATTR_NAN_FUNC={0x5bc, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_FOLLOW_UP_DEST={0xa, 0x8, @broadcast}, @NL80211_NAN_FUNC_SERVICE_ID={0xa, 0x2, "c3f0734647ce"}, @NL80211_NAN_FUNC_RX_MATCH_FILTER={0x570, 0xd, 0x0, 0x1, [{0x2d, 0x0, "59a4ff8ac7106a7a1cb066bc2f642f6d50dc884c9ca1dbb8b2c854fe6432b2010073dbed52a8dacbc2"}, {0x74, 0x0, "1d92f5c973800c9918d68d9371f0ad0dbf328d18e98c8b1118e9bfc09be465ac50c48d3928bc75c09ac775333988acf89430a44b2cbf013dc2176c0414b6f4905ba63a199421cb02ff32e72f7248f938a80747957b9cc6bf4046a1300759ecadfbe6755a9e5cad32f21c803fbfeea90b"}, {0xb3, 0x0, "9d9b3c3233fd30ddfa199cd91e8d5c350bbba500a835fee675856ab26d90210600000048b4c367ee75331e576543a3b418f10b899c57e5cbcc88019c0968dd7dd4c22fa55aa03fe51c7b5ce88a08afa4a055ebcea06999f3685fbf945e6cd9542c26d5876dff992a92cad2edcf27eab73dd8585ecdeb9892fd66bbee12f68bc25d5b686960ffd8ac70a643aa00b052f02e3969571841778a4a0f172df40266ac206fc6ccc3326b63da8a4b3deb5400"}, {0x184, 0x0, "65bbddf06f1d20700bcbda16fa4169423a9e928616cd9d0d01d20213143b1ba63f8728eea2428675d886e739bce04ee94185296660baaf546c08e6f6beec2c859e3301cb52766f16c3198c6da0b9b0f66b1ab7be5bb28108d85b44a517cfbdc17a231bb1595e98f855ab679196e9aa58e42da710f9c7c9e45421c8bf06722e35fb063f28fa2363c41c85344f6b1cc27e8ed8ad603d3c0a12d2cdef85011c48c8cc75f8b97868280c8297545069221b277be8438e46303ecf7c6070f6388772a5c895df77a75c3faafcee5b3f59e90239dfdef960076e14d3d7d1d10a727cc4ac738c41c56fcc8d94dda51cbc9eb421010d70af3c661c38db18b9c3b40acd428a45a277681ef6d97934151eb915ab3ba2378c04f60aa1958e99b5e78edad1a218278ccd94c19ba6c9ff2a378778eed65d92f78c1ba8a51a6f40d753c883c6d808f7c39e90b7ec9f2c95d25b9853cd820705b2020d4f1a8da5c6f60438e28bf9d76b5a24ec53f07777efe4e1b69a52f906181dcbbc83ed6930f5048d77cf6cb1cf"}, {0x2b, 0x0, "d0244f37b8de5590209561a0f2f181601214a22fe73462cc0d603331e2b1023b459fc9b6853f2a"}, {0x9e, 0x0, "df0a72b1a97375968f538aba469990ed15229a1fd34d8dc1e75327b29b1d22f503f291ea48809f0d74aeef65bc16e7681c75760e125f196aa1fa684655f82576d4f619146e7ae2e284f17281cf0416445fcee531fec633a4fd4149e36053786b9f53406a5346b1ad238704a75591d42e7f37d1a5e9b93f336f3f895c99e8dc40139fef093270d02bea9d6485c5b374d62c0d9915a81e49397723"}, {0xe3, 0x0, "fecd979c0948e1ec440f7d8c213e4f7cc5bd52f2d20c41469adecd600c0e22c35c79ceb914b0e3ab5f9d70062893d02769308455abc5b3a4eea0a2733064729f9120ab32fc296c2eb71536b217c0d5ef01dfd80efcbcdafd3590d96b51721b230d33099d3c8396439c8146906212a4677c86a81f00dbc25f844caab1821a057d22cdab63382df380cf5f65dc29ce142e28e0a7bf862540541cd14d1ad70c22bb57e138d1a460ac6536e27727a197a06ad2224f3e02516fd1ff7e133b8a4da38e17fe25690d08604884af369c40c2fb00"/223}, {0xde, 0x0, "132b5f92c51aa8fc69ab822a616a7a00aab987dcd811e05b51b14b52a8d7f85f0f84bfe262c6e4c44bad947bf9b68cf34e8a51b94788b5945bdeffc99fe0aeac516b0597f1026f6449b66707f00489c880dd9438cd285c767856c8cc2da8587f780e8ad02a23ef0e90f3e301773f81e86e063b3ffca69b37ce6088a164fa99507625c97d36ff2ff4f7d3df57e9e15a1c4b9fca565ea58612f3c317e4b9ecabb0f97b2e9331f7c09f7a654cdf47e1facff0252afa1862a13ad1177ba570144e0b764cd0226704c232ea89024611dae2e20525eff7d95bfceaae8d"}]}, @NL80211_NAN_FUNC_FOLLOW_UP_DEST={0xa, 0x8, @device_b}, @NL80211_NAN_FUNC_TYPE={0x5}, @NL80211_NAN_FUNC_TTL={0x8, 0xa, 0x6}, @NL80211_NAN_FUNC_CLOSE_RANGE={0x4}, @NL80211_NAN_FUNC_SERVICE_ID={0xa, 0x2, "b28da86ebd33"}, @NL80211_NAN_FUNC_PUBLISH_BCAST={0x4}]}, @NL80211_ATTR_NAN_FUNC={0x14, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_TERM_REASON={0x5, 0x10, 0x3}, @NL80211_NAN_FUNC_FOLLOW_UP_ID={0x5, 0x6, 0x9}]}, @NL80211_ATTR_NAN_FUNC={0x10, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_SERVICE_ID={0xa, 0x2, "5ed6b863dfa4"}]}, @NL80211_ATTR_NAN_FUNC={0x130, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_PUBLISH_BCAST={0x4}, @NL80211_NAN_FUNC_SERVICE_ID={0xa, 0x2, "7ff35268c14f"}, @NL80211_NAN_FUNC_FOLLOW_UP_DEST={0xa, 0x8, @device_b}, @NL80211_NAN_FUNC_SRF={0x108, 0xc, 0x0, 0x1, [@NL80211_NAN_SRF_BF={0x103, 0x2, "1a90f493fbf0aec0226a8de23c2ccb9ff83b426e279758c3474eb5ecac9fd2e2cf0fdb8a304ff27f4e7932bd751ddc4e9eb7ec6b5db86c645b045f3c021a963cd0b79b6fcc2e4b29f3ceacaea5c3ea80143d425676ad201c33d46bf104ec04de00f213f7f85d53e1104e15b9faa7067d8548224bc870ec7a01f2da7aeac68aa011e7f544dddf232487b3c64d5cc9b127f1a500906d115b71c43a1acf4512a2a4142813bd4ad4af637d630328dfdc2592653d6dc83ea50d78ce220fc86b6d85d244949153a12dc8619b81da5afb741e28da372a28f01b89d14cd9f125faccc09ab200b5c07bcea7b8e2f2e09a14c82d3dfe40b70300a7ddc1ad146bce1fe5bd"}]}, @NL80211_NAN_FUNC_PUBLISH_TYPE={0x5, 0x3, 0xf}]}, @NL80211_ATTR_NAN_FUNC={0x10, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_FOLLOW_UP_DEST={0xa, 0x8, @broadcast}]}]}, 0x8f4}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x40, &(0x7f00000008c0)={[{@nobh}, {@noauto_da_alloc}, {@jqfmt_vfsold}, {@data_err_ignore}, {@resuid}, {@dioread_nolock}, {@usrjquota}, {@discard}, {@jqfmt_vfsv1}]}, 0xfc, 0x564, &(0x7f0000002bc0)="$eJzs3c9rHFUcAPDvbLL9rU2hFPUggR6s1G6axB8VPNSjaLGg97ok01Cy6ZbspjSxYHuwFy9SBBEL4h/gyYvH4j/gX1HQQpES9OAlMpvZdNPdTbbJtkm7nw9M8t7M7L757sz38WbfLhvAwBrN/hQiXo2Ib5OIwy3bhiPfOLq63/LD61PZksTKymd/J5Hk65r7J/n/g3nllYj4/euIk4X2dmuLS7PlSiWdz+tj9bkrY7XFpVOX5soz6Ux6eWJy8sw7kxPvv/du32J98/y/P3x696Mz3xxf/v6X+0duJ3E2DuXbWuPYhhutldEYzV+TYpx9bMfxPjS2myQ7fQBsyVCe58XI+oDDMZRnPfDi+yoiVoABlch/GFDNcUDz3r5P98HPjQcfrt4Atcc/vPreSOxr3BsdWE7W3Rll97sjfWg/a+O3v+7czpbo3/sQAJu6cTMiTg8Pt/d/Sd7/bd3pHvZ5vA39Hzw7d7Pxz1udxj+FtfFPdBj/HOyQu1uxef4X7vehma6y8d8HHce/a5NWI0N57aXGmK+YXLxUSbO+7eWIOBHFvVl9o/mcM8v3Vtav+XWt1Dr+y5as/eZYMD+O+8N71z96ulwvbzfupgc3I17rOP5N1s5/0uH8Z6/H+R7bOJbeeb3bts3jf7pWfo54o+P5fzSjlWw8PznWuB7GmldFu39uHfujW/s9xF/sY7htsvN/YOP4R5LW+dpat2fqPm/0077/0m7btnr970k+b5T35Ouulev1+fGIPckn7esnHj22WW/un8V/4vjG/V+n639/RHzRNeL1bh291XXXnb7+s/inn+j8P3nh3sdf/tit/d7O/9uN0ol8TS/9X68HuJ3XDgAAAAAAAHabQkQciqRQWisXCqXS6uc7jsaBQqVaq5+8WF24PB2N78qORLHQnOk+3PJ5iPH887DN+sRj9cmIOBIR3w3tb9RLU9XK9E4HDwAAAAAAAAAAAAAAAAAAALvEwYh9nb7/n/lzaKePDnjq2n66QeLDwOj+0y35ln780hOwK3XPf+BFJ/9hcMl/GFzyHwaX/IfBJf9hcMl/GFzyHwAAAAAAAAAAAAAAAAAAAAAAAAAAAPrq/Llz2bKy/PD6VFafvrq4MFu9emo6rc2W5hamSlPV+SulmWp1ppKWpqpzmz1fpVq9Mj4RC9fG6mmtPlZbXLowV124XL9waa48k15Ii88kKgAAAAAAAAAAAAAAAAAAAHi+1BaXZsuVSjqvoLClwvDuOAyFPhd2umcCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEf+DwAA//9MBzmC")
r2 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r2, &(0x7f0000001740)={0x0, 0x0, 0x0}, 0x0)
setsockopt$sock_attach_bpf(r2, 0x110, 0x2, 0x0, 0x0)
ioprio_set$pid(0x1, 0x0, 0x0)
r3 = open(&(0x7f0000000200)='./bus\x00', 0x14507e, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x3c, 0x3c, 0x2, [@func_proto={0x0, 0x1, 0x0, 0xd, 0x3, [{}]}, @int={0x0, 0x0, 0x0, 0x1, 0x5, 0x20}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x2, 0x2}}]}}, 0x0, 0x56, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
fallocate(r3, 0x0, 0x0, 0x1000f8)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffded, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r4}, &(0x7f0000000040), &(0x7f0000000280)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00'}, 0x10)
sendfile(r3, r3, 0x0, 0x100000008)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r6}, 0x10)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r8}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
socket$can_bcm(0x1d, 0x2, 0x2)

355.930978ms ago: executing program 3 (id=736):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f0000000800)={'filter\x00', 0xb001, 0x4, 0x3d0, 0x110, 0x0, 0x1f8, 0x2e8, 0x2e8, 0x2e8, 0x7fffffe, 0x0, {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @loopback, @multicast2, 0x7, 0xffffffff}}}, {{@uncond, 0xc0, 0xe8, 0x0, {0x0, 0x1e03}}, @unspec=@NFQUEUE3={0x28, 'NFQUEUE\x00', 0x3, {0x46e, 0xfffc}}}, {{@uncond, 0xc0, 0xf0}, @unspec=@CONNMARK={0x30, 'CONNMARK\x00', 0x1, {0x0, 0x10b, 0x0, 0x2}}}], {{'\x00', 0xc0, 0xe8}, {0x28, '\x00', 0x0, 0xfffffffb}}}}, 0x420)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="0a000004555eb5cc3d0d1f440000000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28, @ANYRES32=r0], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r1}, &(0x7f00000001c0), &(0x7f00000002c0)}, 0x20)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000640)='./file1\x00', 0x3014850, &(0x7f00000001c0)={[{@quota}, {@barrier_val={'barrier', 0x3d, 0x1000}}, {@grpjquota}, {@norecovery}, {@dioread_lock}]}, 0x3, 0x4c1, &(0x7f0000000680)="$eJzs3d9rW9cdAPDvle3ESZzZ2faQBZaFLcMJWyQ7XhKzh8yDsT0FlmXvnmfLxli2jCUnsQnDYX9AofQX7VOf+lLocymU/AmlEGjfSyktoU3Shz60VZF81SSubMvEshLr84Hje8+9V/5+j4SOdO656AbQsU5FxFhEdEXE2YjoT7dn0hJr66V63IP7tyarJYlK5dqXSSTptvr/StLlkfRhvRHxr39E/Df5adzSyurcRKGQX0rrufL8Yq60snpudn5iJj+TXxgbGb44emn0wujQrrX18t8+e+WFt/5++f0/3vhk/Isz/6um1Zfue7wdzVhr8rj1pvfUnou67ohY2kmwZ1hX2p6edicCAEBTqt/xfx4Rv42Ih6+3OxsAAACgFSp/6Ytvk4gKAAAAsG9latfAJplsei1AX2Qy2ez6Nby/jMOZQrFU/sN0cXlhav1a2YHoyUzPFvJD6bXCA9GTVOvDtfVH9fMb6iMRcSwiXuo/VKtnJ4uFqXaf/AAAAIAOcWTD+P/r/vXxPwAAALDPDLQ7AQAAAKDljP8BAABg/9t0/J90720iAAAAQCv888qVaqnU7389dX1lea54/dxUvjSXnV+ezE4WlxazM8XiTO03++a3+3+FYnHxT7GwfDNXzpfKudLK6vh8cXmhPF67r/d43n2iAQAAYO8d+82dj5OIWPvzoVqpOpDua2KsPtba7IBWyuzs8KRVeQB7r6vdCQBt4wJf6Fzm44FtBvYvb6jv8LQBAADwLBj81VPN/5sPhOeYgTx0LvP/0LnM/0PnMv8PHe7g9of0brbjg13OBQAAaJm+Wkky2XQusC8ymWw24mjttgA9yfRsIT8UET+LiI/6ew5W68PtThoAAAAAAAAAAAAAAAAAAAAAAAAAnjOVShIVAAAAYF+LyHyepDfyH+w/3bfx/MCB5Jv+2jIibrxx7dWbE+Xy0nB1+1c/bi+/lm4/344zGAAAAMBG9XF6fRwPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALvpwf1bk/Wyl3Hv/TUiBhrF747e2rL33f6IOPwwie7HHpdERNcuxF+7HRHHG8VPqmnFQJrFxviZiDjU5vhHdiE+dLI71f5nrNH7LxOnasvG77/utDyte6c26/8y9f6v1s816v+ONhnjxN13cpvGvx1xortx/1OPnzxl//uff6+ubrav8mbEYMPPn+SJWLny/GKutLJ6bnZ+YiY/k18YGRm+OHpp9MLoUG56tpBP/zaM8eKv3/t+q/Yf3iT+wDbtP91k+7+7e/P+L7aIf+Z3jV//41vErz73v08/B6r7B+vra+vrjzv59ocnt2r/1Cbt3+71P9Nk+89e/f+nTR4KAOyB0srq3EShkF+yYsXK/lu5mr7Rd/zwNndMAADArnv0pb/dmQAAAAAAAAAAAAAAAAAAAEDnavmPkB188pcFetvXVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACALf0QAAD//9sy0wA=")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
linkat(r2, &(0x7f0000000180)='./file1\x00', r2, &(0x7f0000000640)='./bus\x00', 0x0)
socket$packet(0x11, 0x3, 0x300)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080), 0x8000, 0x0)
fcntl$lock(r3, 0x24, &(0x7f0000000140)={0x300, 0x1, 0xffffffffffffff7f, 0xfffffffffffffffc, 0xffffffffffffffff})
getsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000340), 0x10)
r4 = socket$kcm(0xa, 0x3, 0x3a)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r5}, 0x10)
r6 = socket$inet6(0xa, 0x3, 0x8000000003c)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c10, &(0x7f0000000400)={[{@prjquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x1000000}}], [{@appraise}, {@context={'context', 0x3d, 'root'}}]}, 0xff, 0x23f, &(0x7f0000000540)="$eJzs3T1oLFUYBuB3Zne95t5FrtoI4g+IiAbCtRNsYqMQkBBEBBUiIjZKIsQEu8TKxkJrlVQ2QeyMlpIm2CiCVdQUsRE0WBgstFiZnURisuLPxh1xngdmZ2b3nPnOMPOe3WbYAK11Nclskk6S6SS9JMXpBnfWy9Xj3c2p3cVkMHjsh2LYrt6vnfS7kmQjyQNJdsoiL3STte2nDn7ae+Se11d7d7+7/eTURE/y2OHB/qNH78y/9sHc/WufffHdfJHZ9H93XhevGPFet0hu+jeK/UcU3aZHwF+x8Mr7X1a5vznJXcP891KmvnhvrFy308t9b/9R3ze///zWSY4VuHiDQa/6DtwYAK1TJumnKGeS1NtlOTNT/4b/qnO5fHF55eXp55dXl55reqYCLko/2X/4o0sfXjmT/287df6B/68q/48vbH1dbR91mh4NMBG31asq/9PPrN8b+YfWkX9oL/mH9pJ/aC/5h/aSf2gv+Yf2kn9oL/mH9pJ/aK/T+QcA2mVwqeknkIGmND3/AAAAAAAAAAAAAAAAAAAA521O7S6eLJOq+clbyeFDSbqj6neG/0ecXD98vfxjUTX7TVF3G8vTd4x5gDG91/DT1zd802z9T29vtv76UrLxapJr3e75+684vv/+uRv/5PPes2MW+JuKM/sPPjHZ+mf9stVs/bm95ONq/rk2av4pc8twPXr+6VfXb8z6L/085gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYmF8DAAD//xFQbUc=")
setsockopt$IP6T_SO_SET_REPLACE(r6, 0x29, 0x40, &(0x7f00000014c0)=@raw={'raw\x00', 0x8, 0x3, 0x528, 0x0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x458, 0xffffffff, 0xffffffff, 0x458, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00', {}, {}, 0x62}, 0x0, 0x358, 0x388, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'veth0_to_hsr\x00', {0x4, 0x8, 0x20, 0x5e1b2d47, 0xf91, 0x5, 0x4, 0x9f7, 0x18}, {0x8}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x588)
r7 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r7, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
sendmsg$kcm(r4, &(0x7f0000000080)={&(0x7f0000000000)=@l2tp6={0xa, 0x0, 0x0, @loopback={0x0, 0xac14140c}}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000140)="8bcd", 0xffe3}], 0x1, 0x0, 0x0, 0x900}, 0x60)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r8}, 0x10)
lsetxattr$security_capability(&(0x7f0000000180)='./file0\x00', &(0x7f0000000200), &(0x7f0000000280)=@v1={0x1000000, [{0x3143909c, 0x2}]}, 0xc, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="afeb010018000000000000000c0000000c00000002000000000000000000000435ee00000000"], 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)

316.830413ms ago: executing program 0 (id=737):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
ioctl$KDFONTOP_SET(0xffffffffffffffff, 0x4b72, &(0x7f00000000c0)={0x0, 0x0, 0x4, 0x4, 0x9e, &(0x7f0000000600)="2bdcdde9cf3ad22a1bea7e0097ec66018ea8389dc7cfdab716329cadf49bf2bfaca03eb8c299b0be3abc12cabeb9f11c5bf857a1ee9cc143ba7045f064a755f6992cbd25f319594301e970641e92bf7358b6a3dec56de6fdda622ed88dc7116df5a148d9b45d713423c73519c454942b21386dfe9d31c4ab11f9f6c27d66e106cab64280531f81de1b6a1d602ba4ef2de1dbdffca32ed5304f0e24d8d02f799a63f5b2b247383dcf3017e902ac90908f7160ad1bdc8c448c85b6bf40c1a83caacfb0a9c6eee98e72ab8418e213ef7012287a5356b7a5fd458e0f4fd47f8d1089ec9cc746396f6b4f3920a6963c9463c5bfb2ef62b350e160a61c7456b645e352ca3fe5130f04453c475925fa91e21955e2460d5b574e14fa05053be1b93c7ef166e1b28114547da34a0648dd52f78a2345806070d87bdd7f7d4d8241a180474eb6c4d63a41cf66623e123b0bf6586cd4c9941cd9e93820b647e508c9e017ce730096a212af5b88bea3bb2d5f0a1424507138c11b322ed6becb2a91b85e34547a7da044586213a3c776cda23a3023de1679d73ee86e217753bf5bed9501fa6c290cf71133a6ae9549e8f20246ad80d09d7f77904aa77befb87c24616dc340a3c9530c834789c096539b22da8f2c5b97715c94466d7ec8ed2cf0432048f2ad9ca02764ea17a8c2193e7f884e6380893f99959f402b4b1cde0e75f9136475924e4dc11f5f0b6e3b800dcb32f5f8a1918821581c8d551d107ad281cfb1667afe4128959aa6d38bc43649c77251290b3883a4dbf2f0e060d330b2816543e28d2e6a9778255706cb069510758a4f4fddb913cca3ad5d38a497cc32647816802b1f0597b1a77eeb13bb623ca1c6e69fb647195c1b393369e289129ef0406822fafdd4d0f0aff084b4e2ed117bdef54f725051af72d44232f423575e37bcbe07e1861a774336fc3201c764793c2fc00b27c16ec4dfb0d6d7a18dac70ab16ca900ebfedc63fc75145a718af127fb13d26c1586cc502c00b21794e6ca84c92e558f60d6161279e15998d00a608960da34bece2da7d7c07608e467ef3684ca3611f92f924a38e4751886388ec0e255efbc0f50521bfad6e3b3c97b2c805c38a72b7a0de3b58d201e27b3fab8225569ab1c556ea1069a3e9f15d78880ac4581746d1b61cc26f41a3392a4fcc236ad227fc8077f0f32a4968880b56ac673c2de9e10595c10bdd0b89c16d3de9d4138b8972a7624475e8debf03d53a28b66841dda89fdc3439803dceba48bd5f2d5da5391dbb1984211a515120c90092626a5ffe2096d0ba9e0774490f83015b85957172c7b4604e5be30c5f0fe66a227eab5e45f9a023f6356e5b82c38532294c4f2cd975d5a5320f5efe00e383737ed77b3d106a9c5b16d2e96546196d351c15e375efcc167cd424da38668783ba0453666483a2a546580be7"})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='netlink_extack\x00', r1}, 0x10)
socket(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='netlink_extack\x00'}, 0x10)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b7040000000000008500000057000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10)
fchmodat(0xffffffffffffffff, &(0x7f0000000000)='.\x00', 0xffffff19)
syz_emit_ethernet(0x1e, &(0x7f0000000040)={@broadcast, @remote, @void, {@can={0xc, {{0x3, 0x1, 0x0, 0x1}, 0x1, 0x1, 0x0, 0x0, "0bb2a46304e26fa2"}}}}, &(0x7f0000000080)={0x0, 0x2, [0x771, 0xd27, 0x635, 0xddc]})
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000380)={@fallback, 0x37, 0x1, 0xfffffffb, 0x0, 0x0, 0x0, &(0x7f0000000180), &(0x7f00000001c0), 0x0}, 0x40)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r5}, 0x10)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/bus/input/devices\x00', 0x0, 0x0)
read$char_usb(r6, &(0x7f00000030c0)=""/4110, 0x100e)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'bond0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0xfffffffc, 0x0, {0x0, 0x0, 0x74, r7, {0x0, 0xfff1}, {}, {0x4, 0x9}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)

316.109643ms ago: executing program 2 (id=738):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000fb"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000180)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$kcm(0x29, 0x2, 0x0)
sendmmsg$inet(r3, &(0x7f0000000c00)=[{{0x0, 0x0, &(0x7f0000000b00)=[{&(0x7f00000002c0)="89", 0x1}], 0x1, &(0x7f0000000e40)=ANY=[], 0xd0}}], 0x1, 0x4008094)
close(r3)

315.583953ms ago: executing program 2 (id=739):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = syz_io_uring_setup(0x110, &(0x7f0000000680)={0x0, 0x2a11, 0x100, 0xfffc, 0xfffffffd}, &(0x7f00000004c0)=<r2=>0x0, &(0x7f0000000040)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000180)=@IORING_OP_STATX={0x15, 0x4c, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x7ff, 0x1000})
io_uring_enter(r1, 0x47f6, 0x10000000, 0x0, 0x0, 0x0)

270.895328ms ago: executing program 2 (id=740):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x1000009, 0x8000, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x5, @perf_bp={0x0, 0xa}, 0x0, 0x3, 0x5, 0x0, 0x7, 0x71a, 0x8, 0x0, 0x0, 0x0, 0x401}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x3)
syz_clone(0x100, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)={0x1b, 0x0, 0x0, 0x100000, 0x0, 0xffffffffffffffff, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x3, 0x1, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYRES32=0x1, @ANYBLOB='\x00'/15, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/21], 0x50)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xc, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'\x00', 0x202})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair(0x10, 0x0, 0x15, &(0x7f0000000040))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, &(0x7f0000000040)=""/247, 0x26, 0xf7, 0x1, 0x0, 0x0, @void, @value}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000280)='GPL\x00', 0x5, 0xe2, &(0x7f00000002c0)=""/226, 0x0, 0x0, '\x00', 0x0, 0x25, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0), 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e00000002000000ffffff7fffffffff00400100", @ANYRES32=0x1, @ANYBLOB="0600"/20, @ANYRES32=0x0, @ANYRES32=r0, @ANYBLOB="0400000000ffffff01000000090000000063b52fb758c9b6d338c700000000000000", @ANYRES32, @ANYBLOB], 0x50)
perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x0, 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)

118.916586ms ago: executing program 4 (id=741):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x12, 0x8, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000100)={r2, 0x0}, 0x20)

116.881775ms ago: executing program 2 (id=742):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xe, 0x4, 0x8, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c250000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

73.63703ms ago: executing program 0 (id=743):
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000002c0)={0x6, 0x0, 0x0, &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0, 0x10, 0x0, @void, @value}, 0x94)

30.210295ms ago: executing program 0 (id=744):
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x12, 0x8, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000100)={r1, 0x0}, 0x20)

29.754296ms ago: executing program 4 (id=745):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
eventfd2(0x7, 0x80001)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$USBDEVFS_FREE_STREAMS(r2, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="02002303100007006000000002000020d3"])
ioctl$USBDEVFS_CONTROL(r2, 0xc0185500, &(0x7f0000000240)={0x80, 0x0, 0x73, 0x0, 0x0, 0x0, 0x0})
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x64}, 0x1, 0x0, 0x0, 0x20048800}, 0x0)
syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0)

29.362076ms ago: executing program 2 (id=746):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000fb"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$kcm(0x29, 0x2, 0x0)
sendmmsg$inet(r2, &(0x7f0000000c00)=[{{0x0, 0x0, &(0x7f0000000b00)=[{&(0x7f00000002c0)="89", 0x1}], 0x1, &(0x7f0000000e40)=ANY=[], 0xd0}}], 0x1, 0x4008094)
close(r2)

15.481067ms ago: executing program 0 (id=747):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000240)={0x2, 0x4e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000ccb000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x23}}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000001a00)=ANY=[@ANYBLOB="18000000030000000000000026d0000095002b000000000093adff012255f674412d02000000880b5f04596a5e99fce658be2f200c699223886d8be4b50000005ab527ee3697f98125f30e6326996a3cfee33025a30b45bdcf2c69d105e5e55a1d273683623f1a5dc6e3c7e20eb7a98ecf3bd2cf898e924abe26ac296f660e69ba982fd76e00dcff7f0000ca6b78ad833488cfe4109eaf009eddcf21f5c63cde2f00150200000001000000520a0000151d010000000100bf00000000cc587424363da52001a3cdf2000000db74596fd72c002a60c1bc7dc8c38b7d2e13c50424b9dd1145d03ff45f70685c6bd9ff41c69b7de406e89dcbb7677e65a88a8407a9e7f9c0e91028b0856eb1ed9474480737a55ebb0bd701f7fb21135c6172eba7eb8a341f07e5a2d1e88b3cfc22df01e4bac9d97328fa2a82b5e8741e02056d93a433f50479387467824262852c7939db5672d07cdbe8e14abf56497e5d56dbe37551b870b2851c3f0a1a9ebfcba105a6ccdd01b0f04edb256c0200000073f6db43661bd7f0e2536ffbfe5ca31b4083145531458b7d1e341c6b351ebc5223f54d6bec93f4ef088e5d1be2515226988d664709ff03f1aa3dc7f1580ace9bf2afd28d0700000000000000d6eb372713255012e028cb2654d493a0b43bf21375709f348f5eda2967199cc936859a538100070000000000dc10e13ef227f627a40000ad1fa253d33fa74f172d3407ae4e1e347c0c6ef9dd2b6bb700000000000000000c586272c3f4d79bc36315745cb149f3cb385e6add14652003c7cdd3324f07d134d3a6c718bbd1aafe1140cff0be4c6f8df084c5e9734ae30aa9af030025f01ab03a9b1074407136bc506031f0916a39d3057d55183612b39e73ae8e6dc30356886a831836469e2051d937eb85f3f2d5ae2c1dca476b97419a3b76ed62409d004d7fbe362145d19605d760df4c5124ca325d374b371867a79b35c6617fc3327191fbf514573f0e30d1d60be2168fffc2f3dccd599a2cb77f124e22f87673675805494db821f39b50d938d5fd8c6b2a3a324c257bc9110971b749ccd74089ed6b86f81ca3ba47d8f71d290ed1b1a11f7a67125170c88c3b6a50692cc0064fc6bbd312536ac15016c85c6332226401b110da9c786eeca22debc99335587b54c13c3107008fa069af8223b38ced735c2d906551004d8dc10d88738488da01ffa4add56474573c964a270000f2f16625c0c10200000000c7a5ca60fdad159f2e44171f39638410020000004825d081f2d987f05c534187738655d7dc958f2046fa0c1619a6554b82d9c162eb61ca74f1ffdaccf0ea5f06e0fca8b27ff3983ab74fd3d560700a1fab44e77e312b3b129e000302d613916c9bcf9f0000fac73a5b6bfb27f88dba816020be760f7b45e001efada8000000000000fdaf4660402f7b3b79a433e08074ea2462974a00040000eb01352638f56dae0249d15ba8767259658878b7492cfbacde9b57cf4de00788adce638190f3570e0b4c80ef682df22201270955afb6008846557ee3bc09fda6dbb6550d597300eb82a184c96ffde5a30e5433e866665b98ca2002c804c22ff2634b7bfbf5c0d586cda5b45fd00dede1e88a4d41dee7cc76d7a23d06acb1d2d4c58faea84158bb440df2a694f4cdcaa4f65c22efffffffffffdd00000000d503d79986958115ae07b70f991430b7fb475d77b869ee02000000000000000000001ffff0ef89b2a68d2b05c995445d8a7700bcdfbec74fb2dd163e863315e84498dfb52bb93f6c9084659ce777ddac563c8596c2b1d8180289a61faa95a82bf1cfb7f2fd7252e9322abe282c33445d443a67467893b9bf0d1c8130ae6b226900000635376413c29f7c6f7b7e29b9a0c64e68328661f0c06e21f7d7dc22174ea4447a6f60edef3a4168d40200fbc71104512efe8e5d7d934aa289b4bd2b870000000000000000000007000000002000000000009b777883a02f0593dfc4cb4114b9f9cf4ad155110cc6ace2b322ac31bfa27847c799c8009a1ea5b98e525e6383ad7fd9795170e7b11e247603c2ff49a11459c7f606d729d3979676bffb3049166bb84a0f061991bd57c2566c10c282352aba05b6164ef876915a3f2491e4793e590dcc71de10da96366c1e992c0068c940dd4422c9882d3aa0f8a797b8fea6efcfb5276b7679f15559edaa977504cc0b2f777acb907ebf5fc14add71d0bca37405ded69b77ab4a3d7487fd04000000de17e1e13b93669b79556abb722d9c085b189b5fd1f30e8dc813f608830b110001732135e8e7262f290000923bfb6b41ff3792cee2fc37eee739c3e36a4bc80112968ec0d8902eced1fe552018014a463abbbf7ccd6a92a5734e3ebfca9b6e88e031f31de2183652e77c164c646a1cfd3710aa4205d8d4d4f974133ccb1e49feb42664eccd809c0ba8917eda87489e8946d5c8156197bcb66fd5606c63e3389ee9e8552381646365066ef9a36a449c96485c22ad1aa423b7b89efbc6cd54000bb0ea5f4f1e8773144fb6ac9a44d43593d77e66aa7ed7f3d4e7b211590c738888d02b2dbb0b2ba73ec72e1d8d7360a128499dd19e1e7b9b0671f4f58515b45ecb9964f3c4ddb8234391d514f8d996d8d6dd7f8fadfee2d7a0035638ce27c2936cb04b30a0eb0cde0000000000000040000000ec3c12ecee8fc3a40000000000000000e215b00ce2570b930723cbadb4033d1b8aaa2cfb3fb89e4a6e89737fd6232218a9e0c099d1eb59d60b3cca089785642f327139bc4394fb6d547a9b3c22599e780c1da7433fb47615d372e3fffe9703e37d5c87d513165278650738efcc04d27b766cf7f60066edd292f6c8a2174f391ed164bb1816819ceb3e378e776d422bc946cd9501accebeac3a5b31d8abc68ae537cd44a04e6bc21c35a7beab2610c51e593676bf635a20f597f4631b91454d182f826071f5210bd6d93173589929b23801e63c2266fde13b5a04b8d48be057c752bc415a756ea9b4d34156c4f73dd5e5924ef101a5fcdaf37c7ba2c4a9de9b000000000000000000000000000000a73b862e4b63c245616b522345587d0ee65a6902bdd0abd941e8aba37510b222ae544f395edd1b92ad53fc68f08ea00edc5e10d768836169dd296d56b306e8b75778c37571792a6c3d8b02ef378ebd59422cdd008bef6f80a80a68641ea5ed4f1126bb676098c10bf663eb3fb8c839364d28fd046dc64b35f9c3397ce6f4ad357b0000000000090000000088c7a8e2638f650a6f04a6f33a090f59414d6ebcbc687e66d600000000bd0a58ea6d36fc2cf9b9a71c137a2a22adb1006f371d4faf47285fd66fe0389afb96854bb360edcdf11b4ff6dd578bba93e949d240cde9b5836cb46032484dc19c93db7b6e5afa10547c78e76a3111557346e52566df196fd630561bb908fff4d2e19562aabd43742a26a43799f8636fa04ceb40c9e4ca1cfbbc7b949cd245a3ee118fd0d4f639444539af8766028d4ac4d4c548e290199e0dacbb4f6796b39bf32934d941ba2f88e3ebd0cf8e24f99eca86e4ca9b2cd2b54044a7fc4631572a6378a32df288785f146275c1f548e2a0c1016744e05f9de5044373d7650125027547eefe7b2d8c8871bb65395fae99d8456883705bfdfb00001854b2e5efa8aaf25827d659f592b1575281ec125de7fb91cd81d91dcb19f5cdf1e1e2b4a8a1389753a09110538689e38e07fb2dc72bd4fd11d7bc16aac5d85c6101bb722895248e463a5fb45ce0e564e90cb19d5993b471687ae4165e29cf2f58082115f5f8569896eedfd798733223e6d6584997510c374912ab798bd4af4654c01bb2c411bc36468ddd62b4eba5cfc8953526e0e5b1359797956152d0098ce47c62c3fe5a23219389622b7f65bf03527d25c3941b9cf1ffeedf6d99082bb57ea871c12213cc40900f83033bc18c529171fae324c315bc6ce358831d0230412212acfd5fc8d5cb0d028cf568e8bb40e27befe2ff01f7c6674a4d86d900633ea36641e0a781ea0ea7f2d928b8b22e2f97dd13348927375baea6863bef4acf4299096ada5cdd2a0eaafaa760a79d102d1e0c0000000000000000007926653b8d79ce16a432f124786a0bc3c5b7d196822492ae1ccf91aeac16406ad6f9cd3d96d57fceba8360ae49f73351814c9c2972f11064aaf3739d9100f9c0e4d0cb17d50c82e305ba7d62cf1cc6da26e34982a8c74dd8122cf5b5e7c34fd2712a0cef05e4d8ec7dd363219676bd9b19943185b132eb35a695e208dfa5cecdb1d6425c8879063c0f11bd64291a4209ee6dc1d9e9010013f6148c603e6a335e298efd6ab5cccc47a2c568c6afec54f8251bd840752addf200371361c9eedf05ed98585cf6d99e9e56055064bda2d373369761238c278147cd0eb7799f6b9c9fcaa3fd282154994f5b25420c86db9b6401e885de1c615a719a1c83e8fbbb181282dbaf3313a4e4a4877e9f37607e2cd6da0cf6371ec06a75f5a4206b2418ad8897ae149085d63f01f22eca44033234b3930b4d5da756669a1d59d69e7de54abf439988ed7ec33c2d0a901bb0985a24878984d8a4340fa9a356d100926fb5f2ef9976366a61b8cc2bcb1c072b0e9c564852388e1edff10d75b3832792e471cc15b40380f94d834243080158603fbc9134d6983c540525447478984611c0d9666941bfc0a30db47a8828b6e5c51aee2094599b4ce52795750e1764f1657ca8c5633c71287239dddf5c651496f7bbd148c937f083d2e4e0197dbc6ff0649c749707b17399b1d7efad23abb8b40b38704737e15662ae4913a4a001cd3b71c7af75b5ffad9780650c800a40ca80ddc41987919142fd28dbf22db5f4c435415a03455e1d55d1783ccef97d7e4655cf839d06f06e137bbe462a03b3100231914b19739dd57b4f12d026ad0c7fd3"], &(0x7f00002bf000)='GPL\x00', 0x4, 0x436, &(0x7f0000000040)=""/183, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffc95, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r2 = socket$kcm(0x29, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000180)={r0, r1})
ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x89e2, &(0x7f0000001380)={<r3=>0xffffffffffffffff})
syz_genetlink_get_family_id$ethtool(&(0x7f0000000280), r3)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000580)={0x0, 0x0})
close_range(r4, 0xffffffffffffffff, 0x0)

0s ago: executing program 2 (id=748):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a300000000048000000030a05020000000000000000010000000900030073797a320000000014000480080002400000000008000140000000000900010073797a3000000000080007006e6174003c000000060a01040000000000000000010000001400048010000180090001006d6173710000000008000b40000000000900010073797a300000000014000000110001"], 0xcc}}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'macvtap0\x00'})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r2, 0x8933, &(0x7f0000000240)={'wg2\x00'})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000008c0)={0x18, 0x5, &(0x7f00000001c0)=ANY=[@ANYBLOB="180100000000db83d565b33556edfb8f3db1e7e1de460000000000004b84ffec850000ee2d000000850000002a80000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000700)='kfree\x00', r0, 0x0, 0x3}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./bus\x00', 0x20081e, &(0x7f0000000040)={[{@nodelalloc}, {@grpid}, {@auto_da_alloc}]}, 0x1, 0x4ef, &(0x7f00000003c0)="$eJzs3U1vW1kZAODXzpeTyUwywywAAVOGgYKqOonbRlUXUFYIoUqILkFqQ+JGUew4ip3ShC7S/4BEJVaw5Aew7oo9GwQ7NmWBxEcEaiqxMLrXN6mb2k1oEjuKn0e6uvfcY/s9J849x36d+AQwsC5FxE5EjEbE/YiYys7nsi1ut7bkdi92Hy/u7T5ezEWzefefubQ+ORdt90m8lz1mISJ+9L2In+bejFvf2l5dqFTKG63i+Eyjuj5T39q+ulJdWC4vl9dKpfm5+dmb126UTq2vn1RHs6MvP//Dzrd+njRrMjvT3o/T1Or6yEGcxHBE/OAsgvXBUNaf0X43hHeSj4iPIuLT9PqfiqH02QQALrJmcyqaU+1lAOCiy6c5sFy+mOUCJiOfLxZbObyPYyJfqdUbVx7UNteWWrmy6RjJP1iplGezXOF0jOSS8lx6/KpcOlS+FhEfRsQvxsbTcnGxVlnq5wsfABhg7x2a//8z1pr/AYALrtDvBgAAPWf+B4DBY/4HgMFj/geAwWP+B4DBY/4HgMFj/geAgfLDO3eSrbmXff/10sOtzdXaw6tL5fpqsbq5WFysbawXl2u15fQ7e6pHPV6lVlufux6bj6a/vV5vzNS3tu9Va5trjXvp93rfK4/0pFcAwNt8+MmzP+ciYufWeLpF21oO5mq42PL9bgDQN0P9bgDQN1b7gsF1gvf40gNwQXRYovc1hYgYP3yy2Ww2z65JwBm7/AX5fxhUbfl/fwUMA0b+HwaX/D8MrmYzd9w1/+O4NwQAzjc5fqDL5/8fZfvfZh8O/GTp8C2enmWrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4HzbX/+3mK0FPhn5fLEY8X5ETMdI7sFKpTwbER9ExJ/GRsaS8lyf2wwAnFT+b7ls/a/LU59NHq4dzb0cS/cR8bNf3f3lo4VGY+OPyfl/HZxvPM3Ol/rRfgDgKPvzdLpveyP/Yvfx4v7Wy/b8/bsRUWjF39sdjb2D+MMxnO4LMRIRE//OZeWWXFvu4iR2nkTE5zv1PxeTaQ6ktfLp4fhJ7Pd7Gj//Wvx8WtfaJz+Lz51CW2DQPEvGn9udrr98XEr3na//QjpCnVw2/iUPtbiXjoGv4u+Pf0Ndxr9Lx41x/fffbx2Nv1n3JOKLwxH7sffaxp/9+Lku8T87Zvy/fOkrn3ara/464nJ0jt8ea6ZRXZ+pb21fXakuLJeXy2ul0vzc/OzNazdKM2mOeqb7bPCPW1c+6FaX9H+iS/zCEf3/+jH7/5v/3v/xV98S/5tf6xQ/Hx+/JX4yJ37jmPEXJn5X6FaXxF/q0v+jnv8rx4z//K/bbywbDgD0T31re3WhUilv9PJg/4VET4M6uAAHyW/NOWhGx4Pv9CrWaPxf92o23ylWtxHjNLJuwHlwcNFHxMt+NwYAAAAAAAAAAAAAAOioF/+x1O8+AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcHH9LwAA//89fM7W")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0xffffffffffffff96, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000c40)={&(0x7f0000000c80)='thermal_zone_trip\x00', r3}, 0x10)
r5 = gettid()
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000380)={r5, r4, 0x0, 0xfffffffffffffedf, 0xfffffffffffffffe}, 0x30)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
fallocate(r6, 0x0, 0x0, 0x20000)
rename(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00')
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
write$cgroup_int(r7, &(0x7f0000000380), 0x101bf)
r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r8, &(0x7f0000000180)=ANY=[], 0xff2e)
ioctl$TCSETS(r8, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"})
r9 = syz_open_pts(r8, 0x0)
r10 = dup3(r9, r8, 0x0)
ioctl$TCXONC(r8, 0x540a, 0x0)
ioctl$TIOCSTI(r10, 0x5412, &(0x7f0000000000)=0x11)

kernel console output (not intermixed with test programs):

adv0
[   98.337186][ T3814] 8021q: adding VLAN 0 to HW filter on device batadv0
[   98.368970][ T3823] 8021q: adding VLAN 0 to HW filter on device batadv0
[   98.455524][ T3819] 8021q: adding VLAN 0 to HW filter on device batadv0
[   98.500377][ T3814] veth0_vlan: entered promiscuous mode
[   98.513777][ T3778] veth0_vlan: entered promiscuous mode
[   98.531778][ T3778] veth1_vlan: entered promiscuous mode
[   98.563550][ T3814] veth1_vlan: entered promiscuous mode
[   98.586217][ T3819] veth0_vlan: entered promiscuous mode
[   98.598024][ T3819] veth1_vlan: entered promiscuous mode
[   98.606504][ T3778] veth0_macvtap: entered promiscuous mode
[   98.621457][ T3778] veth1_macvtap: entered promiscuous mode
[   98.633996][ T3814] veth0_macvtap: entered promiscuous mode
[   98.647986][ T3814] veth1_macvtap: entered promiscuous mode
[   98.658318][ T3778] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   98.668824][ T3778] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   98.678697][ T3778] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   98.689133][ T3778] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   98.700897][ T3778] batman_adv: batadv0: Interface activated: batadv_slave_0
[   98.715949][ T3778] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   98.726552][ T3778] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   98.736528][ T3778] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   98.746969][ T3778] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   98.757581][ T3778] batman_adv: batadv0: Interface activated: batadv_slave_1
[   98.767792][ T3778] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   98.776658][ T3778] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   98.785467][ T3778] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   98.794195][ T3778] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   98.804657][ T3823] veth0_vlan: entered promiscuous mode
[   98.816972][ T3819] veth0_macvtap: entered promiscuous mode
[   98.823602][ T3814] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   98.834099][ T3814] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   98.844289][ T3814] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   98.854739][ T3814] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   98.864537][ T3814] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   98.874996][ T3814] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   98.887282][ T3814] batman_adv: batadv0: Interface activated: batadv_slave_0
[   98.900637][ T3823] veth1_vlan: entered promiscuous mode
[   98.909456][ T3819] veth1_macvtap: entered promiscuous mode
[   98.917765][ T3814] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   98.928244][ T3814] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   98.938207][ T3814] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   98.948787][ T3814] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   98.958622][ T3814] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   98.969092][ T3814] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   98.980177][ T3814] batman_adv: batadv0: Interface activated: batadv_slave_1
[   98.991559][ T3814] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   99.000476][ T3814] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   99.009221][ T3814] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   99.017948][ T3814] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   99.038560][ T3819] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   99.049060][ T3819] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   99.058896][ T3819] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   99.069328][ T3819] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   99.079217][ T3819] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   99.089648][ T3819] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   99.099463][ T3819] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   99.109910][ T3819] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   99.120739][ T3819] batman_adv: batadv0: Interface activated: batadv_slave_0
[   99.135910][ T3823] veth0_macvtap: entered promiscuous mode
[   99.143410][ T3823] veth1_macvtap: entered promiscuous mode
[   99.152774][ T3819] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   99.163334][ T3819] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   99.173235][ T3819] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   99.183666][ T3819] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   99.193523][ T3819] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   99.203979][ T3819] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   99.213839][ T3819] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   99.224379][ T3819] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   99.236345][ T3819] batman_adv: batadv0: Interface activated: batadv_slave_1
[   99.246675][   T29] kauditd_printk_skb: 4 callbacks suppressed
[   99.246727][   T29] audit: type=1326 audit(1729704496.000:898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4238 comm="syz.1.114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e1a0bdff9 code=0x7ffc0000
[   99.263825][ T3819] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   99.284893][ T3819] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   99.293675][ T3819] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   99.302500][ T3819] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   99.318761][   T29] audit: type=1326 audit(1729704496.030:899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4238 comm="syz.1.114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e1a0bdff9 code=0x7ffc0000
[   99.336769][ T3823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   99.342113][   T29] audit: type=1326 audit(1729704496.030:900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4238 comm="syz.1.114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1e1a0bdff9 code=0x7ffc0000
[   99.352549][ T3823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   99.352566][ T3823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   99.352582][ T3823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   99.352591][ T3823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   99.375715][   T29] audit: type=1326 audit(1729704496.030:901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4238 comm="syz.1.114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e1a0bdff9 code=0x7ffc0000
[   99.385526][ T3823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   99.385536][ T3823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   99.385549][ T3823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   99.385575][ T3823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   99.385589][ T3823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   99.398436][ T4241] loop0: detected capacity change from 0 to 1024
[   99.406195][   T29] audit: type=1326 audit(1729704496.030:902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4238 comm="syz.1.114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e1a0bdff9 code=0x7ffc0000
[   99.421574][ T4241] EXT4-fs: Ignoring removed nobh option
[   99.439719][   T29] audit: type=1326 audit(1729704496.030:903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4238 comm="syz.1.114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1e1a0bdff9 code=0x7ffc0000
[   99.439748][   T29] audit: type=1326 audit(1729704496.030:904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4238 comm="syz.1.114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e1a0bdff9 code=0x7ffc0000
[   99.439773][   T29] audit: type=1326 audit(1729704496.030:905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4238 comm="syz.1.114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e1a0bdff9 code=0x7ffc0000
[   99.439805][   T29] audit: type=1326 audit(1729704496.030:906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4238 comm="syz.1.114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1e1a0bdff9 code=0x7ffc0000
[   99.439859][   T29] audit: type=1326 audit(1729704496.030:907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4238 comm="syz.1.114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e1a0bdff9 code=0x7ffc0000
[   99.442177][ T3823] batman_adv: batadv0: Interface activated: batadv_slave_0
[   99.649893][ T4241] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   99.670195][ T3823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   99.680797][ T3823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   99.690818][ T3823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   99.701474][ T3823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   99.711374][ T3823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   99.721832][ T3823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   99.731686][ T3823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   99.742130][ T3823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   99.752089][ T3823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   99.762587][ T3823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   99.773541][ T3823] batman_adv: batadv0: Interface activated: batadv_slave_1
[   99.781677][ T4247] loop1: detected capacity change from 0 to 1024
[   99.789482][ T4247] EXT4-fs: Ignoring removed nobh option
[   99.802577][ T3823] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   99.811374][ T3823] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   99.820188][ T3823] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   99.829037][ T3823] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   99.859637][ T4247] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   99.929867][ T4258] netlink: 16 bytes leftover after parsing attributes in process `syz.2.121'.
[   99.993796][ T4261] netlink: 'syz.4.133': attribute type 10 has an invalid length.
[  100.003011][ T4261] veth0_macvtap: left promiscuous mode
[  100.012528][ T4261] veth0_macvtap: entered promiscuous mode
[  100.038008][ T4261] team0: Device macvtap0 failed to register rx_handler
[  100.045217][ T4261] veth0_macvtap: left promiscuous mode
[  100.058506][ T3808] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.074326][ T3778] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.123451][ T4272] loop1: detected capacity change from 0 to 512
[  100.138543][ T4273] netlink: 14 bytes leftover after parsing attributes in process `syz.0.136'.
[  100.160709][ T4272] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  100.224732][ T4272] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.230587][ T4284] netlink: 36 bytes leftover after parsing attributes in process `syz.0.136'.
[  100.243245][ T4272] ext4 filesystem being mounted at /2/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  100.246473][ T4284] netlink: 36 bytes leftover after parsing attributes in process `syz.0.136'.
[  100.265721][ T4284] netlink: 36 bytes leftover after parsing attributes in process `syz.0.136'.
[  100.314105][ T4272] xt_hashlimit: size too large, truncated to 1048576
[  100.582489][ T4304] loop3: detected capacity change from 0 to 1024
[  100.589485][ T4304] EXT4-fs: Ignoring removed nobh option
[  100.617644][ T4307] loop2: detected capacity change from 0 to 1024
[  100.624450][ T4307] EXT4-fs: Ignoring removed nobh option
[  100.638235][ T4304] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  100.659138][ T4307] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  100.781036][ T3819] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.810546][ T3814] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.821001][ T3778] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.912969][ T4329] netlink: 12 bytes leftover after parsing attributes in process `syz.3.160'.
[  101.009152][ T4340] syz.4.166[4340] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  101.009298][ T4340] syz.4.166[4340] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  101.028590][ T4340] syz.4.166[4340] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  101.063069][ T4340] loop4: detected capacity change from 0 to 512
[  101.092999][ T4340] EXT4-fs (loop4): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  101.094341][ T4347] loop2: detected capacity change from 0 to 1024
[  101.120260][ T4347] EXT4-fs: Ignoring removed nobh option
[  101.181184][ T4340] EXT4-fs warning (device loop4): ext4_enable_quotas:7097: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  101.187380][ T4347] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  101.233156][ T3823] EXT4-fs (loop4): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[  101.234787][ T4366] netlink: 12 bytes leftover after parsing attributes in process `syz.0.174'.
[  101.319474][ T3814] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.340026][ T4376] netlink: 12 bytes leftover after parsing attributes in process `syz.1.172'.
[  101.388084][ T4378] loop4: detected capacity change from 0 to 4096
[  101.398037][ T4378] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  101.450598][ T3823] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.502330][ T4397] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  101.674890][ T4397] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[  101.745421][ T4422] loop4: detected capacity change from 0 to 164
[  101.761780][ T4422] Unable to read rock-ridge attributes
[  101.772187][ T4422] Unable to read rock-ridge attributes
[  101.781872][ T4422] Unable to read rock-ridge attributes
[  101.787778][ T4422] iso9660: Corrupted directory entry in block 4 of inode 1792
[  101.797694][ T4422] netlink: 40 bytes leftover after parsing attributes in process `syz.4.195'.
[  101.808343][ T4432] FAULT_INJECTION: forcing a failure.
[  101.808343][ T4432] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  101.821526][ T4432] CPU: 1 UID: 0 PID: 4432 Comm: syz.0.200 Tainted: G        W          6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  101.833592][ T4432] Tainted: [W]=WARN
[  101.837384][ T4432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  101.847454][ T4432] Call Trace:
[  101.850727][ T4432]  <TASK>
[  101.853652][ T4432]  dump_stack_lvl+0xf2/0x150
[  101.858242][ T4432]  dump_stack+0x15/0x20
[  101.862402][ T4432]  should_fail_ex+0x223/0x230
[  101.867085][ T4432]  should_fail+0xb/0x10
[  101.871268][ T4432]  should_fail_usercopy+0x1a/0x20
[  101.876326][ T4432]  _copy_from_user+0x1e/0xd0
[  101.880969][ T4432]  copy_msghdr_from_user+0x54/0x2a0
[  101.886278][ T4432]  __sys_sendmsg+0x171/0x270
[  101.890880][ T4432]  __x64_sys_sendmsg+0x46/0x50
[  101.895647][ T4432]  x64_sys_call+0x2689/0x2d60
[  101.900323][ T4432]  do_syscall_64+0xc9/0x1c0
[  101.904824][ T4432]  ? clear_bhb_loop+0x55/0xb0
[  101.909574][ T4432]  ? clear_bhb_loop+0x55/0xb0
[  101.914279][ T4432]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.920179][ T4432] RIP: 0033:0x7f569883dff9
[  101.924634][ T4432] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  101.944251][ T4432] RSP: 002b:00007f56974b1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  101.952655][ T4432] RAX: ffffffffffffffda RBX: 00007f56989f5f80 RCX: 00007f569883dff9
[  101.960617][ T4432] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000004
[  101.968581][ T4432] RBP: 00007f56974b1090 R08: 0000000000000000 R09: 0000000000000000
[  101.976556][ T4432] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  101.984552][ T4432] R13: 0000000000000000 R14: 00007f56989f5f80 R15: 00007ffc20d44358
[  101.992536][ T4432]  </TASK>
[  102.047208][ T4438] loop1: detected capacity change from 0 to 1024
[  102.054140][ T4438] EXT4-fs: Ignoring removed nobh option
[  102.073152][ T4440] syz.0.204[4440] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  102.073217][ T4440] syz.0.204[4440] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  102.084928][ T4440] syz.0.204[4440] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  102.098049][ T4444] ebt_among: dst integrity fail: 101
[  102.116196][ T4440] loop0: detected capacity change from 0 to 512
[  102.123185][ T4438] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.143036][ T4448] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  102.171298][ T4448] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  102.189165][ T4440] EXT4-fs (loop0): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  102.199989][ T4452] loop3: detected capacity change from 0 to 1024
[  102.208464][ T4452] EXT4-fs: Ignoring removed nobh option
[  102.217554][ T4448] bond0 (unregistering): Released all slaves
[  102.249380][ T4440] EXT4-fs warning (device loop0): ext4_enable_quotas:7097: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  102.254138][ T4452] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.296425][ T3808] EXT4-fs (loop0): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[  102.318466][ T3778] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.531701][ T3819] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.694408][ T4487] syz.1.223[4487] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  102.694480][ T4487] syz.1.223[4487] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  102.708503][ T4487] syz.1.223[4487] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  102.723885][ T4487] loop1: detected capacity change from 0 to 512
[  102.746423][ T4487] EXT4-fs (loop1): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  102.844998][ T4487] EXT4-fs warning (device loop1): ext4_enable_quotas:7097: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  102.881187][ T4504] loop4: detected capacity change from 0 to 512
[  102.888273][ T4504] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  102.893529][ T3778] EXT4-fs (loop1): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[  102.905072][ T4506] loop3: detected capacity change from 0 to 1024
[  102.914057][ T4504] EXT4-fs (loop4): 1 truncate cleaned up
[  102.932514][ T4504] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  102.953119][ T4506] EXT4-fs: Ignoring removed nobh option
[  102.977558][ T4506] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  103.059689][ T4524] loop0: detected capacity change from 0 to 1024
[  103.078869][ T4523] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  103.079461][ T4524] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  103.105558][ T3819] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.125123][ T4523] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  103.143835][ T4528] loop3: detected capacity change from 0 to 512
[  103.147877][ T4523] bond0 (unregistering): Released all slaves
[  103.157290][ T4528] EXT4-fs: Ignoring removed orlov option
[  103.171680][ T4528] EXT4-fs (loop3): orphan cleanup on readonly fs
[  103.178909][ T4528] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.234: bg 0: block 248: padding at end of block bitmap is not set
[  103.193970][ T4528] EXT4-fs error (device loop3): ext4_acquire_dquot:6879: comm syz.3.234: Failed to acquire dquot type 1
[  103.209188][ T4530] EXT4-fs (loop0): shut down requested (0)
[  103.223923][ T4528] EXT4-fs (loop3): 1 truncate cleaned up
[  103.265398][ T4528] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  103.267447][  T741] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  103.294486][  T741] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  103.307117][  T741] EXT4-fs (loop0): This should not happen!! Data will be lost
[  103.307117][  T741] 
[  103.316797][  T741] EXT4-fs (loop0): Total free blocks count 0
[  103.320201][ T4528] syz.3.234 (4528) used greatest stack depth: 9368 bytes left
[  103.322771][  T741] EXT4-fs (loop0): Free/Dirty block details
[  103.322785][  T741] EXT4-fs (loop0): free_blocks=68451041280
[  103.322797][  T741] EXT4-fs (loop0): dirty_blocks=6224
[  103.347550][  T741] EXT4-fs (loop0): Block reservation details
[  103.351671][ T3819] EXT4-fs error (device loop3): ext4_lookup:1817: inode #2: comm syz-executor: deleted inode referenced: 12
[  103.353526][  T741] EXT4-fs (loop0): i_reserved_data_blocks=389
[  103.459325][ T3819] EXT4-fs error (device loop3): ext4_lookup:1817: inode #2: comm syz-executor: deleted inode referenced: 12
[  103.655213][ T4536] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.700907][ T3375] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  103.727312][ T4547] loop2: detected capacity change from 0 to 1024
[  103.745324][ T4547] EXT4-fs: Ignoring removed i_version option
[  103.753703][ T3823] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.778707][ T3375] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  103.792631][ T4547] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  103.818831][ T3814] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.895901][ T3375] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  103.981048][ T3375] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.006573][ T4560] netlink: 252 bytes leftover after parsing attributes in process `syz.1.249'.
[  104.030014][ T4567] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  104.043084][ T4560] loop1: detected capacity change from 0 to 1024
[  104.062979][ T4560] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  104.137449][ T4577] EXT4-fs (loop1): shut down requested (0)
[  104.176447][ T3375] bridge_slave_1: left allmulticast mode
[  104.182147][ T3375] bridge_slave_1: left promiscuous mode
[  104.187948][ T3375] bridge0: port 2(bridge_slave_1) entered disabled state
[  104.201279][ T4582] syz.0.253[4582] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  104.204872][ T4567] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[  104.224554][ T4582] loop0: detected capacity change from 0 to 512
[  104.233568][   T50] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  104.251721][ T3375] bridge_slave_0: left allmulticast mode
[  104.257617][ T3375] bridge_slave_0: left promiscuous mode
[  104.262913][   T50] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  104.263363][ T3375] bridge0: port 1(bridge_slave_0) entered disabled state
[  104.275696][   T50] EXT4-fs (loop1): This should not happen!! Data will be lost
[  104.275696][   T50] 
[  104.283997][ T4582] EXT4-fs (loop0): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  104.292413][   T50] EXT4-fs (loop1): Total free blocks count 0
[  104.310745][   T50] EXT4-fs (loop1): Free/Dirty block details
[  104.317178][   T50] EXT4-fs (loop1): free_blocks=68451041280
[  104.322998][   T50] EXT4-fs (loop1): dirty_blocks=2544
[  104.328684][   T50] EXT4-fs (loop1): Block reservation details
[  104.334712][   T50] EXT4-fs (loop1): i_reserved_data_blocks=159
[  104.347276][ T4582] __quota_error: 772 callbacks suppressed
[  104.347290][ T4582] Quota error (device loop0): v2_read_file_info: Free block number 58381 out of range (1, 6).
[  104.363500][ T4582] EXT4-fs warning (device loop0): ext4_enable_quotas:7097: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  104.487777][ T3375] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  104.498778][ T3375] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  104.509746][ T3375] bond0 (unregistering): Released all slaves
[  104.538340][ T3808] EXT4-fs (loop0): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[  104.597361][ T3375] hsr_slave_0: left promiscuous mode
[  104.609511][ T3375] hsr_slave_1: left promiscuous mode
[  104.614928][   T29] audit: type=1326 audit(1729704501.370:1675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4614 comm="syz.2.256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80a1bbdff9 code=0x7ffc0000
[  104.639294][ T3375] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  104.640608][   T29] audit: type=1326 audit(1729704501.370:1676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4614 comm="syz.2.256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80a1bbdff9 code=0x7ffc0000
[  104.647137][ T3375] batman_adv: batadv0: Removing interface: batadv_slave_0
[  104.670078][   T29] audit: type=1326 audit(1729704501.370:1677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4614 comm="syz.2.256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f80a1bbdff9 code=0x7ffc0000
[  104.680349][ T4615] loop2: detected capacity change from 0 to 1024
[  104.700409][   T29] audit: type=1326 audit(1729704501.370:1678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4614 comm="syz.2.256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80a1bbdff9 code=0x7ffc0000
[  104.714896][ T4615] EXT4-fs: Ignoring removed nobh option
[  104.730217][   T29] audit: type=1326 audit(1729704501.370:1679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4614 comm="syz.2.256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f80a1bbff17 code=0x7ffc0000
[  104.759133][   T29] audit: type=1326 audit(1729704501.370:1680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4614 comm="syz.2.256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f80a1bbfe8c code=0x7ffc0000
[  104.782358][   T29] audit: type=1326 audit(1729704501.370:1681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4614 comm="syz.2.256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f80a1bbfdc4 code=0x7ffc0000
[  104.805823][   T29] audit: type=1326 audit(1729704501.370:1682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4614 comm="syz.2.256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f80a1bbfdc4 code=0x7ffc0000
[  104.829192][   T29] audit: type=1326 audit(1729704501.370:1683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4614 comm="syz.2.256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f80a1bbcc8a code=0x7ffc0000
[  104.837942][ T4615] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  104.854497][ T3375] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  104.872433][ T3375] batman_adv: batadv0: Removing interface: batadv_slave_1
[  104.882074][ T3375] veth1_macvtap: left promiscuous mode
[  104.887715][ T3375] veth0_macvtap: left promiscuous mode
[  104.893233][ T3375] veth1_vlan: left promiscuous mode
[  104.898642][ T3375] veth0_vlan: left promiscuous mode
[  104.961313][ T3814] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.056336][ T3375] team0 (unregistering): Port device team_slave_1 removed
[  105.068473][ T3375] team0 (unregistering): Port device team_slave_0 removed
[  105.440060][ T4561] chnl_net:caif_netlink_parms(): no params data found
[  105.521407][ T4561] bridge0: port 1(bridge_slave_0) entered blocking state
[  105.528741][ T4561] bridge0: port 1(bridge_slave_0) entered disabled state
[  105.541706][ T4561] bridge_slave_0: entered allmulticast mode
[  105.556859][ T4561] bridge_slave_0: entered promiscuous mode
[  105.588966][ T4561] bridge0: port 2(bridge_slave_1) entered blocking state
[  105.596130][ T4561] bridge0: port 2(bridge_slave_1) entered disabled state
[  105.613716][ T4561] bridge_slave_1: entered allmulticast mode
[  105.632016][ T4687] loop1: detected capacity change from 0 to 512
[  105.652144][ T4561] bridge_slave_1: entered promiscuous mode
[  105.673958][ T4687] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  105.700638][ T4561] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  105.725778][ T4561] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  105.737996][ T4687] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  105.756704][ T4666] loop4: detected capacity change from 0 to 512
[  105.778419][ T4687] ext4 filesystem being mounted at /27/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  105.806100][ T4687] xt_hashlimit: size too large, truncated to 1048576
[  105.806230][ T4561] team0: Port device team_slave_0 added
[  105.893491][ T4561] team0: Port device team_slave_1 added
[  105.901861][ T4666] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  105.925290][ T4666] ext4 filesystem being mounted at /22/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  105.951751][ T4561] batman_adv: batadv0: Adding interface: batadv_slave_0
[  105.958771][ T4561] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  105.984720][ T4561] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  106.017033][ T4561] batman_adv: batadv0: Adding interface: batadv_slave_1
[  106.024208][ T4561] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  106.050260][ T4561] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  106.186595][ T4561] hsr_slave_0: entered promiscuous mode
[  106.192977][ T4561] hsr_slave_1: entered promiscuous mode
[  106.211772][ T3823] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  106.221204][ T4561] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  106.255790][ T4561] Cannot create hsr debugfs directory
[  106.424118][ T3778] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.784436][ T4561] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  106.796630][ T4561] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  106.805693][ T4561] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  106.816065][ T4561] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  106.860614][ T4561] 8021q: adding VLAN 0 to HW filter on device bond0
[  106.877119][ T4561] 8021q: adding VLAN 0 to HW filter on device team0
[  106.887121][   T40] bridge0: port 1(bridge_slave_0) entered blocking state
[  106.894265][   T40] bridge0: port 1(bridge_slave_0) entered forwarding state
[  106.921069][   T40] bridge0: port 2(bridge_slave_1) entered blocking state
[  106.928228][   T40] bridge0: port 2(bridge_slave_1) entered forwarding state
[  107.000017][ T4561] 8021q: adding VLAN 0 to HW filter on device batadv0
[  107.084465][ T4561] veth0_vlan: entered promiscuous mode
[  107.096521][ T4561] veth1_vlan: entered promiscuous mode
[  107.119897][ T4561] veth0_macvtap: entered promiscuous mode
[  107.128512][ T4561] veth1_macvtap: entered promiscuous mode
[  107.141172][ T4561] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  107.151712][ T4561] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  107.161700][ T4561] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  107.172415][ T4561] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  107.182346][ T4561] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  107.193022][ T4561] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  107.202967][ T4561] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  107.213418][ T4561] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  107.223282][ T4561] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  107.233736][ T4561] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  107.248061][ T4561] batman_adv: batadv0: Interface activated: batadv_slave_0
[  107.259715][ T4561] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  107.270268][ T4561] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  107.280125][ T4561] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  107.290657][ T4561] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  107.300504][ T4561] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  107.310950][ T4561] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  107.320817][ T4561] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  107.331299][ T4561] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  107.341142][ T4561] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  107.351658][ T4561] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  107.371380][ T4561] batman_adv: batadv0: Interface activated: batadv_slave_1
[  107.381460][ T4561] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  107.390435][ T4561] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  107.399216][ T4561] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  107.407952][ T4561] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  107.517064][ T4879] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  107.536558][ T4879] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  107.558395][ T4879] bond0 (unregistering): Released all slaves
[  107.565169][ T4889] loop2: detected capacity change from 0 to 1024
[  107.573016][ T4889] EXT4-fs: Ignoring removed nobh option
[  107.591955][ T4889] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  107.672035][ T4900] bpf_get_probe_write_proto: 2 callbacks suppressed
[  107.672052][ T4900] syz.1.296[4900] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  107.681024][ T4902] netlink: 252 bytes leftover after parsing attributes in process `syz.4.297'.
[  107.683867][ T4900] syz.1.296[4900] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  107.701858][ T4900] syz.1.296[4900] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  107.707138][ T4902] loop4: detected capacity change from 0 to 1024
[  107.744834][ T3814] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.778640][ T4907] loop2: detected capacity change from 0 to 512
[  107.779663][ T4902] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  107.786537][ T4908] netlink: 12 bytes leftover after parsing attributes in process `syz.1.299'.
[  107.810895][ T4907] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  107.837411][ T4907] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  107.858496][ T4907] ext4 filesystem being mounted at /46/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  107.884727][ T4907] xt_hashlimit: size too large, truncated to 1048576
[  107.891990][ T4915] EXT4-fs (loop4): shut down requested (0)
[  107.976037][ T4914] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  107.996170][  T741] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  108.011638][  T741] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  108.024158][  T741] EXT4-fs (loop4): This should not happen!! Data will be lost
[  108.024158][  T741] 
[  108.033878][  T741] EXT4-fs (loop4): Total free blocks count 0
[  108.039931][  T741] EXT4-fs (loop4): Free/Dirty block details
[  108.045866][  T741] EXT4-fs (loop4): free_blocks=68451041280
[  108.051673][  T741] EXT4-fs (loop4): dirty_blocks=6624
[  108.057017][  T741] EXT4-fs (loop4): Block reservation details
[  108.063019][  T741] EXT4-fs (loop4): i_reserved_data_blocks=414
[  108.184782][ T4914] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[  108.202604][ T3814] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.287390][ T4934] loop2: detected capacity change from 0 to 1024
[  108.294432][ T4934] EXT4-fs: Ignoring removed nobh option
[  108.310388][ T4934] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  108.367042][ T4944] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  108.388486][ T3814] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.540157][ T4950] netlink: 252 bytes leftover after parsing attributes in process `syz.1.313'.
[  108.555644][ T4952] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  108.559821][ T4950] loop1: detected capacity change from 0 to 1024
[  108.586780][ T4950] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  108.714764][ T4952] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[  108.841560][ T4962] loop2: detected capacity change from 0 to 512
[  108.850950][ T4962] EXT4-fs: Ignoring removed bh option
[  108.862763][  T741] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  108.862811][ T4962] ext4: Unknown parameter 'subj_role'
[  108.878562][  T741] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  108.895621][  T741] EXT4-fs (loop1): This should not happen!! Data will be lost
[  108.895621][  T741] 
[  108.905510][  T741] EXT4-fs (loop1): Total free blocks count 0
[  108.911526][  T741] EXT4-fs (loop1): Free/Dirty block details
[  108.917462][  T741] EXT4-fs (loop1): free_blocks=68451041280
[  108.923313][  T741] EXT4-fs (loop1): dirty_blocks=16384
[  108.928710][  T741] EXT4-fs (loop1): Block reservation details
[  108.934726][  T741] EXT4-fs (loop1): i_reserved_data_blocks=1024
[  108.949568][ T3375] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  109.046078][ T4974] FAULT_INJECTION: forcing a failure.
[  109.046078][ T4974] name failslab, interval 1, probability 0, space 0, times 0
[  109.058937][ T4974] CPU: 0 UID: 0 PID: 4974 Comm: syz.1.318 Tainted: G        W          6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  109.071050][ T4974] Tainted: [W]=WARN
[  109.074857][ T4974] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  109.084919][ T4974] Call Trace:
[  109.088211][ T4974]  <TASK>
[  109.091151][ T4974]  dump_stack_lvl+0xf2/0x150
[  109.095757][ T4974]  dump_stack+0x15/0x20
[  109.099938][ T4974]  should_fail_ex+0x223/0x230
[  109.104631][ T4974]  ? getname_flags+0x81/0x3b0
[  109.109351][ T4974]  should_failslab+0x8f/0xb0
[  109.113947][ T4974]  kmem_cache_alloc_noprof+0x4c/0x290
[  109.119388][ T4974]  getname_flags+0x81/0x3b0
[  109.123893][ T4974]  user_path_at+0x26/0x110
[  109.128342][ T4974]  __x64_sys_fchmodat+0x75/0x120
[  109.133293][ T4974]  x64_sys_call+0x2a3f/0x2d60
[  109.138001][ T4974]  do_syscall_64+0xc9/0x1c0
[  109.142517][ T4974]  ? clear_bhb_loop+0x55/0xb0
[  109.147268][ T4974]  ? clear_bhb_loop+0x55/0xb0
[  109.152060][ T4974]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.158071][ T4974] RIP: 0033:0x7f1e1a0bdff9
[  109.162487][ T4974] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  109.182142][ T4974] RSP: 002b:00007f1e18d31038 EFLAGS: 00000246 ORIG_RAX: 000000000000010c
[  109.190565][ T4974] RAX: ffffffffffffffda RBX: 00007f1e1a275f80 RCX: 00007f1e1a0bdff9
[  109.198550][ T4974] RDX: 00000000ffffff19 RSI: 0000000020000000 RDI: ffffffffffffffff
[  109.206530][ T4974] RBP: 00007f1e18d31090 R08: 0000000000000000 R09: 0000000000000000
[  109.214583][ T4974] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  109.222575][ T4974] R13: 0000000000000000 R14: 00007f1e1a275f80 R15: 00007fff7ad12a28
[  109.230553][ T4974]  </TASK>
[  109.334630][ T4992] loop5: detected capacity change from 0 to 7
[  109.341038][ T4992] Buffer I/O error on dev loop5, logical block 0, async page read
[  109.352541][ T4992] Buffer I/O error on dev loop5, logical block 0, async page read
[  109.360399][ T4992]  loop5: unable to read partition table
[  109.367753][ T4992] loop_reread_partitions: partition scan of loop5 (þ被xüŸÑø éÚ¬§½dƤ´à–ƒÝ¡¯¨�â·û
[  109.367753][ T4992] 
) failed (rc=-5)
[  109.370637][   T29] kauditd_printk_skb: 346 callbacks suppressed
[  109.370651][   T29] audit: type=1326 audit(1729704506.120:2030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4994 comm="syz.4.328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3045d0dff9 code=0x7ffc0000
[  109.410865][ T4997] loop4: detected capacity change from 0 to 1024
[  109.420495][   T29] audit: type=1326 audit(1729704506.140:2031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4994 comm="syz.4.328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3045d0dff9 code=0x7ffc0000
[  109.431995][ T4997] EXT4-fs: Ignoring removed nobh option
[  109.443855][   T29] audit: type=1326 audit(1729704506.140:2032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4994 comm="syz.4.328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3045d0dff9 code=0x7ffc0000
[  109.472717][   T29] audit: type=1326 audit(1729704506.140:2033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4994 comm="syz.4.328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3045d0dff9 code=0x7ffc0000
[  109.483167][ T4999] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  109.496039][   T29] audit: type=1326 audit(1729704506.140:2034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4994 comm="syz.4.328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3045d0ff17 code=0x7ffc0000
[  109.496099][   T29] audit: type=1326 audit(1729704506.140:2035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4994 comm="syz.4.328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f3045d0fe8c code=0x7ffc0000
[  109.503267][ T4999] IPv6: NLM_F_CREATE should be set when creating new route
[  109.503279][ T4999] IPv6: NLM_F_CREATE should be set when creating new route
[  109.526496][   T29] audit: type=1326 audit(1729704506.140:2036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4994 comm="syz.4.328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f3045d0fdc4 code=0x7ffc0000
[  109.549600][ T4999] IPv6: NLM_F_CREATE should be set when creating new route
[  109.594662][   T29] audit: type=1326 audit(1729704506.140:2037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4994 comm="syz.4.328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f3045d0fdc4 code=0x7ffc0000
[  109.617928][   T29] audit: type=1326 audit(1729704506.140:2038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4994 comm="syz.4.328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f3045d0cc8a code=0x7ffc0000
[  109.641330][   T29] audit: type=1326 audit(1729704506.140:2039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4994 comm="syz.4.328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3045d0dff9 code=0x7ffc0000
[  109.678174][ T4997] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  109.704077][ T5000] loop1: detected capacity change from 0 to 164
[  109.781857][ T5012] loop1: detected capacity change from 0 to 512
[  109.792374][ T5012] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  109.824099][ T5012] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  109.845462][ T3823] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.855940][ T5012] ext4 filesystem being mounted at /47/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  109.882266][ T5012] xt_hashlimit: size too large, truncated to 1048576
[  109.973764][ T5020] loop4: detected capacity change from 0 to 256
[  110.236002][ T5026] FAULT_INJECTION: forcing a failure.
[  110.236002][ T5026] name failslab, interval 1, probability 0, space 0, times 0
[  110.248778][ T5026] CPU: 1 UID: 0 PID: 5026 Comm: syz.2.336 Tainted: G        W          6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  110.260881][ T5026] Tainted: [W]=WARN
[  110.264691][ T5026] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  110.274832][ T5026] Call Trace:
[  110.278127][ T5026]  <TASK>
[  110.281166][ T5026]  dump_stack_lvl+0xf2/0x150
[  110.285784][ T5026]  dump_stack+0x15/0x20
[  110.290042][ T5026]  should_fail_ex+0x223/0x230
[  110.294771][ T5026]  ? io_alloc_async_data+0x4a/0xb0
[  110.299946][ T5026]  should_failslab+0x8f/0xb0
[  110.304595][ T5026]  __kmalloc_noprof+0xa5/0x370
[  110.309378][ T5026]  io_alloc_async_data+0x4a/0xb0
[  110.314318][ T5026]  io_connect_prep+0x1f6/0x290
[  110.319117][ T5026]  ? io_submit_sqes+0x627/0x1090
[  110.324080][ T5026]  io_submit_sqes+0x64c/0x1090
[  110.328855][ T5026]  ? __rcu_read_unlock+0x4e/0x70
[  110.333868][ T5026]  ? xa_load+0xb9/0xe0
[  110.337991][ T5026]  __se_sys_io_uring_enter+0x1ce/0x17b0
[  110.343609][ T5026]  ? get_pid_task+0x8e/0xc0
[  110.348129][ T5026]  ? proc_fail_nth_write+0x12a/0x150
[  110.353449][ T5026]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  110.359091][ T5026]  ? vfs_write+0x580/0x910
[  110.363526][ T5026]  ? __fget_files+0x1d4/0x210
[  110.368228][ T5026]  ? fput+0x14e/0x190
[  110.372220][ T5026]  ? ksys_write+0x17a/0x1b0
[  110.376768][ T5026]  __x64_sys_io_uring_enter+0x78/0x90
[  110.382207][ T5026]  x64_sys_call+0x2567/0x2d60
[  110.386933][ T5026]  do_syscall_64+0xc9/0x1c0
[  110.391477][ T5026]  ? clear_bhb_loop+0x55/0xb0
[  110.396289][ T5026]  ? clear_bhb_loop+0x55/0xb0
[  110.401047][ T5026]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  110.406974][ T5026] RIP: 0033:0x7f80a1bbdff9
[  110.411395][ T5026] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  110.431030][ T5026] RSP: 002b:00007f80a0831038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  110.439475][ T5026] RAX: ffffffffffffffda RBX: 00007f80a1d75f80 RCX: 00007f80a1bbdff9
[  110.447445][ T5026] RDX: 0000000000000000 RSI: 0000000000005b43 RDI: 0000000000000003
[  110.455417][ T5026] RBP: 00007f80a0831090 R08: 0000000000000000 R09: 0000000000000000
[  110.463400][ T5026] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  110.471379][ T5026] R13: 0000000000000000 R14: 00007f80a1d75f80 R15: 00007ffe1b523a68
[  110.479360][ T5026]  </TASK>
[  110.519019][ T5028] loop2: detected capacity change from 0 to 1024
[  110.526359][ T5028] EXT4-fs: Ignoring removed nobh option
[  110.543467][ T3778] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.553250][ T5028] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  110.625234][ T5035] loop1: detected capacity change from 0 to 1024
[  110.633543][ T5035] EXT4-fs: Ignoring removed nobh option
[  110.667369][ T3814] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.669015][ T5035] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  110.737747][ T5050] loop3: detected capacity change from 0 to 1024
[  110.744949][ T5050] EXT4-fs: Ignoring removed nobh option
[  110.804241][ T5050] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  110.836979][ T5051] netlink: 4 bytes leftover after parsing attributes in process `syz.2.344'.
[  110.852642][ T3778] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.875383][ T5051] team0 (unregistering): Port device team_slave_0 removed
[  110.894098][ T5051] team0 (unregistering): Port device team_slave_1 removed
[  110.939860][ T4561] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.099543][ T5065] syz.1.351 uses obsolete (PF_INET,SOCK_PACKET)
[  111.106221][ T5065] syzkaller1: entered promiscuous mode
[  111.108199][ T5073] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  111.111708][ T5065] syzkaller1: entered allmulticast mode
[  111.324669][ T5088] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  111.589743][ T5094] netlink: 12 bytes leftover after parsing attributes in process `syz.1.360'.
[  111.598972][ T5094] netlink: 8 bytes leftover after parsing attributes in process `syz.1.360'.
[  111.608790][ T5088] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[  111.955895][ T5106] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  111.966938][ T5106] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  111.977849][ T5106] bond0 (unregistering): Released all slaves
[  112.041333][ T5115] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  112.257844][ T5129] loop1: detected capacity change from 0 to 2048
[  112.274475][ T5115] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[  112.297072][ T5129] netlink: 87 bytes leftover after parsing attributes in process `syz.1.374'.
[  112.308215][ T5129] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  112.322933][ T5129] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28
[  112.335273][ T5129] EXT4-fs (loop1): This should not happen!! Data will be lost
[  112.335273][ T5129] 
[  112.344925][ T5129] EXT4-fs (loop1): Total free blocks count 0
[  112.350921][ T5129] EXT4-fs (loop1): Free/Dirty block details
[  112.356941][ T5129] EXT4-fs (loop1): free_blocks=2415919504
[  112.362662][ T5129] EXT4-fs (loop1): dirty_blocks=32
[  112.367927][ T5129] EXT4-fs (loop1): Block reservation details
[  112.373921][ T5129] EXT4-fs (loop1): i_reserved_data_blocks=2
[  112.489353][ T5139] netlink: 'syz.4.377': attribute type 10 has an invalid length.
[  112.499182][ T5139] veth0_macvtap: entered promiscuous mode
[  112.506935][ T5139] team0: Device macvtap0 failed to register rx_handler
[  112.514483][ T5139] veth0_macvtap: left promiscuous mode
[  112.576721][ T5146] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=3088 sclass=netlink_route_socket pid=5146 comm=syz.1.379
[  112.691412][ T5150] loop1: detected capacity change from 0 to 1024
[  112.713547][ T5150] EXT4-fs: Ignoring removed nobh option
[  112.789861][ T5163] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  112.798324][ T5163] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  112.805817][ T5163] batman_adv: batadv0: Removing interface: batadv_slave_0
[  112.813401][ T5163] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  112.820985][ T5163] batman_adv: batadv0: Removing interface: batadv_slave_1
[  112.861170][ T5165] loop1: detected capacity change from 0 to 512
[  112.878225][ T5165] ext4 filesystem being mounted at /62/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  113.027440][ T5181] SELinux:  policydb magic number 0xc50009 does not match expected magic number 0xf97cff8c
[  113.037648][ T5181] SELinux: failed to load policy
[  113.059202][ T5183] loop1: detected capacity change from 0 to 1024
[  113.065824][ T5183] EXT4-fs: dax option not supported
[  113.429781][ T5199] SELinux:  policydb version 1562113618 does not match my version range 15-33
[  113.438778][ T5199] SELinux: failed to load policy
[  113.610124][ T5204] loop1: detected capacity change from 0 to 512
[  113.627392][ T5204] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  113.658395][ T5204] ext4 filesystem being mounted at /66/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  113.673500][ T5204] xt_hashlimit: size too large, truncated to 1048576
[  113.805386][ T5224] netlink: 'syz.3.405': attribute type 10 has an invalid length.
[  113.813491][ T5224] veth0_macvtap: left promiscuous mode
[  113.822781][ T5224] veth0_macvtap: entered promiscuous mode
[  113.829730][ T5224] team0: Device macvtap0 failed to register rx_handler
[  113.838195][ T5224] veth0_macvtap: left promiscuous mode
[  113.902521][ T5229] netlink: 'syz.2.407': attribute type 10 has an invalid length.
[  113.968381][ T5232] loop2: detected capacity change from 0 to 128
[  113.999461][ T5232] ext4 filesystem being mounted at /79/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  114.067167][ T5237] loop2: detected capacity change from 0 to 2048
[  114.121699][ T5241] netlink: 24 bytes leftover after parsing attributes in process `syz.2.410'.
[  114.146978][ T5243] netlink: 4 bytes leftover after parsing attributes in process `syz.1.411'.
[  114.156217][ T5243] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  114.163922][ T5243] batman_adv: batadv0: Removing interface: batadv_slave_0
[  114.172254][ T5243] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  114.179848][ T5243] batman_adv: batadv0: Removing interface: batadv_slave_1
[  114.181760][ T5245] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  114.276006][ T5253] 9pnet_fd: Insufficient options for proto=fd
[  114.297227][ T5255] FAULT_INJECTION: forcing a failure.
[  114.297227][ T5255] name failslab, interval 1, probability 0, space 0, times 0
[  114.309955][ T5255] CPU: 0 UID: 0 PID: 5255 Comm: syz.2.416 Tainted: G        W          6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  114.322233][ T5255] Tainted: [W]=WARN
[  114.326104][ T5255] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  114.336190][ T5255] Call Trace:
[  114.339568][ T5255]  <TASK>
[  114.342507][ T5255]  dump_stack_lvl+0xf2/0x150
[  114.347121][ T5255]  dump_stack+0x15/0x20
[  114.351267][ T5255]  should_fail_ex+0x223/0x230
[  114.355945][ T5255]  ? skb_clone+0x154/0x1f0
[  114.360366][ T5255]  should_failslab+0x8f/0xb0
[  114.365032][ T5255]  kmem_cache_alloc_noprof+0x4c/0x290
[  114.370417][ T5255]  skb_clone+0x154/0x1f0
[  114.374663][ T5255]  __netlink_deliver_tap+0x2bd/0x4c0
[  114.379962][ T5255]  netlink_unicast+0x64a/0x670
[  114.384729][ T5255]  netlink_sendmsg+0x5cc/0x6e0
[  114.389550][ T5255]  ? __pfx_netlink_sendmsg+0x10/0x10
[  114.394852][ T5255]  __sock_sendmsg+0x140/0x180
[  114.399550][ T5255]  ____sys_sendmsg+0x312/0x410
[  114.404478][ T5255]  __sys_sendmsg+0x1d9/0x270
[  114.409084][ T5255]  __x64_sys_sendmsg+0x46/0x50
[  114.413869][ T5255]  x64_sys_call+0x2689/0x2d60
[  114.418568][ T5255]  do_syscall_64+0xc9/0x1c0
[  114.423152][ T5255]  ? clear_bhb_loop+0x55/0xb0
[  114.427836][ T5255]  ? clear_bhb_loop+0x55/0xb0
[  114.432590][ T5255]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  114.438541][ T5255] RIP: 0033:0x7f80a1bbdff9
[  114.442946][ T5255] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  114.462616][ T5255] RSP: 002b:00007f80a0831038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  114.471078][ T5255] RAX: ffffffffffffffda RBX: 00007f80a1d75f80 RCX: 00007f80a1bbdff9
[  114.479164][ T5255] RDX: 0000000000000000 RSI: 0000000020000540 RDI: 0000000000000005
[  114.487136][ T5255] RBP: 00007f80a0831090 R08: 0000000000000000 R09: 0000000000000000
[  114.495126][ T5255] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  114.503093][ T5255] R13: 0000000000000000 R14: 00007f80a1d75f80 R15: 00007ffe1b523a68
[  114.511066][ T5255]  </TASK>
[  114.519434][ T5255] netlink: 12 bytes leftover after parsing attributes in process `syz.2.416'.
[  114.534360][ T5260] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  114.644903][ T5272] loop2: detected capacity change from 0 to 1024
[  114.655864][ T5272] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  114.669339][   T29] kauditd_printk_skb: 689 callbacks suppressed
[  114.669353][   T29] audit: type=1326 audit(1729704511.420:2729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5273 comm="syz.3.422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d5ed4dff9 code=0x7ffc0000
[  114.699054][   T29] audit: type=1326 audit(1729704511.420:2730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5273 comm="syz.3.422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f7d5ed4dff9 code=0x7ffc0000
[  114.722394][   T29] audit: type=1326 audit(1729704511.420:2731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5273 comm="syz.3.422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d5ed4dff9 code=0x7ffc0000
[  114.745738][   T29] audit: type=1326 audit(1729704511.420:2732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5273 comm="syz.3.422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7d5ed4dff9 code=0x7ffc0000
[  114.769135][   T29] audit: type=1326 audit(1729704511.420:2733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5273 comm="syz.3.422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d5ed4dff9 code=0x7ffc0000
[  114.792696][   T29] audit: type=1326 audit(1729704511.420:2734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5273 comm="syz.3.422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7d5ed4dff9 code=0x7ffc0000
[  114.816064][   T29] audit: type=1326 audit(1729704511.420:2735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5273 comm="syz.3.422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d5ed4dff9 code=0x7ffc0000
[  114.839524][   T29] audit: type=1326 audit(1729704511.420:2736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5273 comm="syz.3.422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7d5ed4dff9 code=0x7ffc0000
[  114.862812][   T29] audit: type=1326 audit(1729704511.420:2737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5273 comm="syz.3.422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d5ed4dff9 code=0x7ffc0000
[  114.886235][   T29] audit: type=1326 audit(1729704511.420:2738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5273 comm="syz.3.422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f7d5ed4dff9 code=0x7ffc0000
[  114.938449][ T5282] EXT4-fs warning (device sda1): ext4_resize_fs:2019: can't read last block, resize aborted
[  115.053151][ T5264] chnl_net:caif_netlink_parms(): no params data found
[  115.057141][ T5288] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  115.127768][ T5264] bridge0: port 1(bridge_slave_0) entered blocking state
[  115.135019][ T5264] bridge0: port 1(bridge_slave_0) entered disabled state
[  115.143381][ T5264] bridge_slave_0: entered allmulticast mode
[  115.150791][ T5264] bridge_slave_0: entered promiscuous mode
[  115.181704][ T5264] bridge0: port 2(bridge_slave_1) entered blocking state
[  115.189003][ T5264] bridge0: port 2(bridge_slave_1) entered disabled state
[  115.200978][ T5264] bridge_slave_1: entered allmulticast mode
[  115.207825][ T5264] bridge_slave_1: entered promiscuous mode
[  115.235524][ T5264] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  115.236253][ T5310] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  115.252027][ T5288] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[  115.253678][ T5264] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  115.292336][ T5264] team0: Port device team_slave_0 added
[  115.304378][ T5264] team0: Port device team_slave_1 added
[  115.346758][ T5264] batman_adv: batadv0: Adding interface: batadv_slave_0
[  115.353739][ T5264] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  115.379715][ T5264] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  115.422955][ T5264] batman_adv: batadv0: Adding interface: batadv_slave_1
[  115.429973][ T5264] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  115.452076][ T5310] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[  115.455918][ T5264] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  115.477469][ T5318] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  115.515515][ T5321] loop2: detected capacity change from 0 to 1024
[  115.522281][ T5321] EXT4-fs: Ignoring removed nobh option
[  115.536042][ T5264] hsr_slave_0: entered promiscuous mode
[  115.545420][ T5264] hsr_slave_1: entered promiscuous mode
[  115.551699][ T5264] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  115.560606][ T5264] Cannot create hsr debugfs directory
[  115.641876][ T5331] 9pnet_fd: Insufficient options for proto=fd
[  115.704438][ T5340] loop1: detected capacity change from 0 to 512
[  115.715143][ T5336] netlink: 4 bytes leftover after parsing attributes in process `syz.3.438'.
[  115.724175][ T5340] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  115.747685][ T5340] ext4 filesystem being mounted at /74/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  115.753851][ T5346] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  115.762201][ T5264] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  115.782836][ T5340] xt_hashlimit: size too large, truncated to 1048576
[  115.853927][ T5353] netlink: 76 bytes leftover after parsing attributes in process `syz.2.443'.
[  115.890810][ T5264] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  115.925069][ T5346] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[  115.953215][ T5356] process 'syz.2.446' launched '/dev/fd/4' with NULL argv: empty string added
[  115.986545][ T5264] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  116.047871][ T5361] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  116.075093][ T5264] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  116.167383][ T5264] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  116.186823][ T5367] tipc: Started in network mode
[  116.191771][ T5367] tipc: Node identity ac14140f, cluster identity 4711
[  116.214753][ T5367] tipc: New replicast peer: 255.255.255.255
[  116.220866][ T5367] tipc: Enabled bearer <udp:s>, priority 10
[  116.238629][ T5264] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  116.265279][ T5264] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  116.292262][ T5264] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  116.395288][ T5264] 8021q: adding VLAN 0 to HW filter on device bond0
[  116.414421][ T5376] loop4: detected capacity change from 0 to 1024
[  116.429561][ T5376] EXT4-fs: Ignoring removed nobh option
[  116.449739][ T5373] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  116.464149][ T5264] 8021q: adding VLAN 0 to HW filter on device team0
[  116.488522][   T50] bridge0: port 1(bridge_slave_0) entered blocking state
[  116.495642][   T50] bridge0: port 1(bridge_slave_0) entered forwarding state
[  116.512396][   T50] bridge0: port 2(bridge_slave_1) entered blocking state
[  116.519479][   T50] bridge0: port 2(bridge_slave_1) entered forwarding state
[  116.590723][ T5382] loop2: detected capacity change from 0 to 1024
[  116.625033][ T5382] EXT4-fs: Ignoring removed nobh option
[  116.708307][ T5264] 8021q: adding VLAN 0 to HW filter on device batadv0
[  116.757553][ T5398] loop4: detected capacity change from 0 to 512
[  116.764883][ T5398] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  116.836804][ T5398] ext4 filesystem being mounted at /63/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  116.866050][ T5398] xt_hashlimit: size too large, truncated to 1048576
[  116.872613][ T5264] veth0_vlan: entered promiscuous mode
[  116.883758][ T5264] veth1_vlan: entered promiscuous mode
[  116.896817][ T5264] veth0_macvtap: entered promiscuous mode
[  116.903844][ T5264] veth1_macvtap: entered promiscuous mode
[  116.914204][ T5264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  116.924760][ T5264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  116.934626][ T5264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  116.945114][ T5264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  116.954946][ T5264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  116.965424][ T5264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  116.975313][ T5264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  116.985782][ T5264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  116.996535][ T5264] batman_adv: batadv0: Interface activated: batadv_slave_0
[  117.022515][ T5264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  117.033082][ T5264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  117.042978][ T5264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  117.053443][ T5264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  117.063290][ T5264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  117.073856][ T5264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  117.083749][ T5264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  117.094292][ T5264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  117.108287][ T5264] batman_adv: batadv0: Interface activated: batadv_slave_1
[  117.116787][ T5264] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  117.125550][ T5264] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  117.134260][ T5264] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  117.142972][ T5264] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  117.331008][ T5427] loop0: detected capacity change from 0 to 1024
[  117.338630][ T5427] EXT4-fs: Ignoring removed orlov option
[  117.344402][ T5427] EXT4-fs: Ignoring removed nomblk_io_submit option
[  117.345092][ T2932] tipc: Node number set to 2886997007
[  117.359049][ T5425] FAULT_INJECTION: forcing a failure.
[  117.359049][ T5425] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  117.372347][ T5425] CPU: 1 UID: 0 PID: 5425 Comm: syz.2.464 Tainted: G        W          6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  117.384427][ T5425] Tainted: [W]=WARN
[  117.388240][ T5425] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  117.398325][ T5425] Call Trace:
[  117.401613][ T5425]  <TASK>
[  117.404550][ T5425]  dump_stack_lvl+0xf2/0x150
[  117.409238][ T5425]  dump_stack+0x15/0x20
[  117.413477][ T5425]  should_fail_ex+0x223/0x230
[  117.418214][ T5425]  should_fail_alloc_page+0xfd/0x110
[  117.423522][ T5425]  __alloc_pages_noprof+0x109/0x340
[  117.428776][ T5425]  alloc_pages_mpol_noprof+0xb1/0x1e0
[  117.434212][ T5425]  vma_alloc_folio_noprof+0x1a0/0x2f0
[  117.439612][ T5425]  handle_mm_fault+0xb88/0x2a80
[  117.444482][ T5425]  ? __rcu_read_lock+0x36/0x50
[  117.449377][ T5425]  __get_user_pages+0xf2c/0x2670
[  117.454445][ T5425]  get_user_pages_remote+0x1df/0x790
[  117.459762][ T5425]  __update_ref_ctr+0x7d/0x310
[  117.464580][ T5425]  uprobe_mmap+0x2c9/0xbc0
[  117.469011][ T5425]  mmap_region+0xab3/0x1710
[  117.473578][ T5425]  do_mmap+0x718/0xb60
[  117.477692][ T5425]  vm_mmap_pgoff+0x133/0x290
[  117.482343][ T5425]  ksys_mmap_pgoff+0x286/0x330
[  117.487141][ T5425]  x64_sys_call+0x1884/0x2d60
[  117.491837][ T5425]  do_syscall_64+0xc9/0x1c0
[  117.496358][ T5425]  ? clear_bhb_loop+0x55/0xb0
[  117.501219][ T5425]  ? clear_bhb_loop+0x55/0xb0
[  117.506012][ T5425]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.509952][ T5431] loop4: detected capacity change from 0 to 164
[  117.511925][ T5425] RIP: 0033:0x7f80a1bbdff9
[  117.511946][ T5425] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  117.542317][ T5425] RSP: 002b:00007f80a0831038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  117.550730][ T5425] RAX: ffffffffffffffda RBX: 00007f80a1d75f80 RCX: 00007f80a1bbdff9
[  117.558763][ T5425] RDX: 000000000000007b RSI: 0000000000003000 RDI: 0000000020000000
[  117.566741][ T5425] RBP: 00007f80a0831090 R08: 0000000000000005 R09: 0000000000000000
[  117.574728][ T5425] R10: 0000000000000012 R11: 0000000000000246 R12: 0000000000000001
[  117.582702][ T5425] R13: 0000000000000000 R14: 00007f80a1d75f80 R15: 00007ffe1b523a68
[  117.590681][ T5425]  </TASK>
[  117.593977][ T5425] ref_ctr increment failed for inode: 0x214 offset: 0x0 ref_ctr_offset: 0x82 of mm: 0xffff888114e49500
[  117.619643][ T5431] rock: directory entry would overflow storage
[  117.625859][ T5431] rock: sig=0x4f50, size=4, remaining=3
[  117.631444][ T5431] iso9660: Corrupted directory entry in block 4 of inode 1792
[  117.732721][ T5427] tipc: Started in network mode
[  117.737668][ T5427] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[  117.757196][ T5427] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb
[  117.765583][ T5427] tipc: Enabled bearer <udp:syz1>, priority 10
[  117.803597][ T5427] netlink: 12 bytes leftover after parsing attributes in process `syz.0.419'.
[  117.993846][ T5475] FAULT_INJECTION: forcing a failure.
[  117.993846][ T5475] name failslab, interval 1, probability 0, space 0, times 0
[  118.006589][ T5475] CPU: 1 UID: 0 PID: 5475 Comm: syz.2.482 Tainted: G        W          6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  118.018696][ T5475] Tainted: [W]=WARN
[  118.022512][ T5475] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  118.031745][ T5480] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=33 sclass=netlink_tcpdiag_socket pid=5480 comm=syz.2.482
[  118.032592][ T5475] Call Trace:
[  118.032600][ T5475]  <TASK>
[  118.051415][ T5475]  dump_stack_lvl+0xf2/0x150
[  118.056027][ T5475]  dump_stack+0x15/0x20
[  118.060208][ T5475]  should_fail_ex+0x223/0x230
[  118.064913][ T5475]  ? __request_module+0x1d5/0x3e0
[  118.070043][ T5475]  should_failslab+0x8f/0xb0
[  118.074804][ T5475]  __kmalloc_node_track_caller_noprof+0xa6/0x380
[  118.081166][ T5475]  ? should_failslab+0x8f/0xb0
[  118.085955][ T5475]  kstrdup+0x3a/0x80
[  118.089919][ T5475]  __request_module+0x1d5/0x3e0
[  118.094884][ T5475]  ? strcmp+0x21/0x50
[  118.099013][ T5475]  ? crypto_alg_mod_lookup+0xb9/0x530
[  118.104473][ T5475]  crypto_alg_mod_lookup+0xe8/0x530
[  118.109767][ T5475]  crypto_alloc_tfm_node+0xaa/0x250
[  118.114994][ T5475]  crypto_alloc_aead+0x2f/0x40
[  118.119773][ T5475]  tls_set_sw_offload+0x57f/0x810
[  118.124895][ T5475]  tls_setsockopt+0x8b3/0xcb0
[  118.129636][ T5475]  sock_common_setsockopt+0x64/0x80
[  118.134859][ T5475]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  118.140825][ T5475]  __sys_setsockopt+0x1cc/0x240
[  118.145827][ T5475]  __x64_sys_setsockopt+0x66/0x80
[  118.150878][ T5475]  x64_sys_call+0x278d/0x2d60
[  118.155574][ T5475]  do_syscall_64+0xc9/0x1c0
[  118.160181][ T5475]  ? clear_bhb_loop+0x55/0xb0
[  118.164887][ T5475]  ? clear_bhb_loop+0x55/0xb0
[  118.169607][ T5475]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.175660][ T5475] RIP: 0033:0x7f80a1bbdff9
[  118.180219][ T5475] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  118.199867][ T5475] RSP: 002b:00007f80a0831038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  118.208305][ T5475] RAX: ffffffffffffffda RBX: 00007f80a1d75f80 RCX: 00007f80a1bbdff9
[  118.216328][ T5475] RDX: 0000000000000001 RSI: 000000000000011a RDI: 0000000000000003
[  118.224339][ T5475] RBP: 00007f80a0831090 R08: 0000000000000028 R09: 0000000000000000
[  118.232355][ T5475] R10: 00000000200000c0 R11: 0000000000000246 R12: 0000000000000001
[  118.240340][ T5475] R13: 0000000000000000 R14: 00007f80a1d75f80 R15: 00007ffe1b523a68
[  118.248444][ T5475]  </TASK>
[  118.308450][ T5462] mmap: syz.3.477 (5462) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  118.366687][ T5497] loop0: detected capacity change from 0 to 2048
[  118.373688][ T5490] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  118.419154][ T5505] loop3: detected capacity change from 0 to 512
[  118.423407][ T5503] loop4: detected capacity change from 0 to 1024
[  118.431951][ T5505] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  118.432279][ T5503] EXT4-fs: Ignoring removed nobh option
[  118.447183][ T5509] netlink: 252 bytes leftover after parsing attributes in process `syz.1.490'.
[  118.448469][ T5497] sch_tbf: peakrate 8 is lower than or equals to rate 12 !
[  118.469452][ T5509] loop1: detected capacity change from 0 to 1024
[  118.489590][ T5505] ext4 filesystem being mounted at /40/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  118.521714][ T5505] xt_hashlimit: size too large, truncated to 1048576
[  118.742702][ T5536] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=33 sclass=netlink_tcpdiag_socket pid=5536 comm=syz.2.492
[  118.824689][ T3341] tipc: Node number set to 1
[  118.831996][ T5546] loop4: detected capacity change from 0 to 512
[  118.858294][ T5546] ext4 filesystem being mounted at /72/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  119.060035][ T1618] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  119.103554][ T1618] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  119.116092][ T1618] EXT4-fs (loop1): This should not happen!! Data will be lost
[  119.116092][ T1618] 
[  119.125788][ T1618] EXT4-fs (loop1): Total free blocks count 0
[  119.131772][ T1618] EXT4-fs (loop1): Free/Dirty block details
[  119.137709][ T1618] EXT4-fs (loop1): free_blocks=68451041280
[  119.143533][ T1618] EXT4-fs (loop1): dirty_blocks=16384
[  119.148942][ T1618] EXT4-fs (loop1): Block reservation details
[  119.155030][ T1618] EXT4-fs (loop1): i_reserved_data_blocks=1024
[  119.211223][ T1618] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  119.224047][ T1618] EXT4-fs (loop1): This should not happen!! Data will be lost
[  119.224047][ T1618] 
[  119.224535][ T5557] syz.4.500[5557] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  119.245724][ T5557] syz.4.500[5557] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  119.272008][ T5557] syz.4.500[5557] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  119.432546][ T5562] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  119.452212][ T5562] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  119.459734][ T5562] batman_adv: batadv0: Removing interface: batadv_slave_0
[  119.485197][ T5562] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  119.492664][ T5562] batman_adv: batadv0: Removing interface: batadv_slave_1
[  119.563774][ T5569] loop3: detected capacity change from 0 to 1024
[  119.577417][ T5571] 9pnet: Could not find request transport: t
[  119.579131][ T5569] EXT4-fs: Ignoring removed orlov option
[  119.589259][ T5569] EXT4-fs: Ignoring removed nomblk_io_submit option
[  119.684464][   T29] kauditd_printk_skb: 527 callbacks suppressed
[  119.684481][   T29] audit: type=1326 audit(1729704516.430:3266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5580 comm="syz.2.508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80a1bbdff9 code=0x7ffc0000
[  119.724275][   T29] audit: type=1326 audit(1729704516.470:3267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5580 comm="syz.2.508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f80a1bbdff9 code=0x7ffc0000
[  119.746774][ T5590] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  119.747610][   T29] audit: type=1400 audit(1729704516.470:3268): avc:  denied  { create } for  pid=5580 comm="syz.2.508" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  119.760161][ T5569] tipc: Started in network mode
[  119.774225][   T29] audit: type=1326 audit(1729704516.470:3269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5580 comm="syz.2.508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80a1bbdff9 code=0x7ffc0000
[  119.774276][   T29] audit: type=1326 audit(1729704516.470:3270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5580 comm="syz.2.508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80a1bbdff9 code=0x7ffc0000
[  119.779265][ T5569] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[  119.780648][ T5569] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb
[  119.802637][   T29] audit: type=1326 audit(1729704516.470:3271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5580 comm="syz.2.508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f80a1bbdff9 code=0x7ffc0000
[  119.826107][ T5569] tipc: Enabled bearer <udp:syz1>, priority 10
[  119.866938][ T5593] netlink: 12 bytes leftover after parsing attributes in process `syz.3.503'.
[  119.872575][   T29] audit: type=1326 audit(1729704516.470:3272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5580 comm="syz.2.508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80a1bbdff9 code=0x7ffc0000
[  119.905252][   T29] audit: type=1326 audit(1729704516.470:3273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5580 comm="syz.2.508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f80a1bbdff9 code=0x7ffc0000
[  119.929838][   T29] audit: type=1400 audit(1729704516.470:3274): avc:  denied  { write } for  pid=5587 comm="syz.4.510" name="001" dev="devtmpfs" ino=147 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  119.952593][   T29] audit: type=1400 audit(1729704516.510:3275): avc:  denied  { name_bind } for  pid=5568 comm="syz.3.503" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  119.988919][ T5589] syz.1.511[5589] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  119.988981][ T5589] syz.1.511[5589] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  120.003676][ T5589] syz.1.511[5589] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  120.049007][ T5597] loop2: detected capacity change from 0 to 2048
[  120.066839][ T5590] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[  120.074436][ T5603] loop0: detected capacity change from 0 to 512
[  120.107484][ T5603] ext4 filesystem being mounted at /6/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  120.199276][ T5621] netlink: 252 bytes leftover after parsing attributes in process `syz.2.520'.
[  120.201509][ T5619] loop0: detected capacity change from 0 to 2048
[  120.217950][ T5621] loop2: detected capacity change from 0 to 1024
[  120.238495][ T5622] loop4: detected capacity change from 0 to 4096
[  120.245259][ T5622] EXT4-fs: Ignoring removed nomblk_io_submit option
[  120.249084][ T5619] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  120.266811][ T5619] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28
[  120.279188][ T5619] EXT4-fs (loop0): This should not happen!! Data will be lost
[  120.279188][ T5619] 
[  120.288992][ T5619] EXT4-fs (loop0): Total free blocks count 0
[  120.295045][ T5619] EXT4-fs (loop0): Free/Dirty block details
[  120.301014][ T5619] EXT4-fs (loop0): free_blocks=2415919504
[  120.306891][ T5619] EXT4-fs (loop0): dirty_blocks=32
[  120.312067][ T5619] EXT4-fs (loop0): Block reservation details
[  120.318168][ T5619] EXT4-fs (loop0): i_reserved_data_blocks=2
[  120.342598][ T5622] EXT4-fs error (device loop4): ext4_do_update_inode:5121: inode #15: comm syz.4.522: corrupted inode contents
[  120.356550][ T5622] EXT4-fs error (device loop4): ext4_dirty_inode:5984: inode #15: comm syz.4.522: mark_inode_dirty error
[  120.397308][ T5622] EXT4-fs error (device loop4): ext4_do_update_inode:5121: inode #15: comm syz.4.522: corrupted inode contents
[  120.412630][ T5622] EXT4-fs error (device loop4): __ext4_ext_dirty:207: inode #15: comm syz.4.522: mark_inode_dirty error
[  120.464273][ T5634] netlink: 12 bytes leftover after parsing attributes in process `syz.4.522'.
[  120.556722][ T5622] EXT4-fs error (device loop4): ext4_do_update_inode:5121: inode #15: comm syz.4.522: corrupted inode contents
[  120.614145][ T5622] EXT4-fs error (device loop4): __ext4_ext_dirty:207: inode #15: comm syz.4.522: mark_inode_dirty error
[  120.626387][ T5622] EXT4-fs error (device loop4): ext4_do_update_inode:5121: inode #15: comm syz.4.522: corrupted inode contents
[  120.638851][ T5622] EXT4-fs error (device loop4): ext4_truncate:4208: inode #15: comm syz.4.522: mark_inode_dirty error
[  120.651145][ T5622] EXT4-fs error (device loop4) in ext4_setattr:5523: Corrupt filesystem
[  120.659886][ T5634] EXT4-fs error (device loop4): ext4_do_update_inode:5121: inode #15: comm syz.4.522: corrupted inode contents
[  120.697456][ T3823] EXT4-fs warning (device loop4): ext4_evict_inode:259: couldn't mark inode dirty (err -117)
[  120.717016][ T5648] loop0: detected capacity change from 0 to 512
[  120.753989][ T5654] netlink: 8 bytes leftover after parsing attributes in process `+}[@'.
[  120.763335][ T5657] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  120.771058][ T5651] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  120.775851][ T5648] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  120.807543][ T5659] FAULT_INJECTION: forcing a failure.
[  120.807543][ T5659] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  120.820659][ T5659] CPU: 0 UID: 0 PID: 5659 Comm: syz.1.535 Tainted: G        W          6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  120.832864][ T5659] Tainted: [W]=WARN
[  120.836676][ T5659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  120.846728][ T5659] Call Trace:
[  120.850097][ T5659]  <TASK>
[  120.853046][ T5659]  dump_stack_lvl+0xf2/0x150
[  120.857649][ T5659]  dump_stack+0x15/0x20
[  120.861850][ T5659]  should_fail_ex+0x223/0x230
[  120.866546][ T5659]  should_fail+0xb/0x10
[  120.870761][ T5659]  should_fail_usercopy+0x1a/0x20
[  120.875798][ T5659]  fpu__restore_sig+0x11a/0xaf0
[  120.880677][ T5659]  restore_sigcontext+0x1b5/0x220
[  120.885717][ T5659]  __do_sys_rt_sigreturn+0xe5/0x150
[  120.891007][ T5659]  x64_sys_call+0x28e1/0x2d60
[  120.895692][ T5659]  do_syscall_64+0xc9/0x1c0
[  120.900194][ T5659]  ? clear_bhb_loop+0x55/0xb0
[  120.904898][ T5659]  ? clear_bhb_loop+0x55/0xb0
[  120.909593][ T5659]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  120.915541][ T5659] RIP: 0033:0x7f1e1a0bdff7
[  120.920010][ T5659] Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89
[  120.939700][ T5659] RSP: 002b:00007f1e18d31038 EFLAGS: 00000246
[  120.945783][ T5659] RAX: 0000000000000000 RBX: 00007f1e1a275f80 RCX: 00007f1e1a0bdff9
[  120.953801][ T5659] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[  120.961772][ T5659] RBP: 00007f1e18d31090 R08: 0000000000000000 R09: 0000000000000000
[  120.969780][ T5659] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  120.977810][ T5659] R13: 0000000000000000 R14: 00007f1e1a275f80 R15: 00007fff7ad12a28
[  120.985805][ T5659]  </TASK>
[  120.997694][   T35] tipc: Node number set to 1
[  121.027826][ T5648] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  121.035916][ T5648] EXT4-fs (loop0): orphan cleanup on readonly fs
[  121.046130][ T5648] EXT4-fs (loop0): 1 truncate cleaned up
[  121.093554][   T50] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  121.109818][   T50] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  121.122314][   T50] EXT4-fs (loop2): This should not happen!! Data will be lost
[  121.122314][   T50] 
[  121.132021][   T50] EXT4-fs (loop2): Total free blocks count 0
[  121.138478][   T50] EXT4-fs (loop2): Free/Dirty block details
[  121.144508][   T50] EXT4-fs (loop2): free_blocks=68451041280
[  121.150389][   T50] EXT4-fs (loop2): dirty_blocks=14672
[  121.155798][   T50] EXT4-fs (loop2): Block reservation details
[  121.161939][   T50] EXT4-fs (loop2): i_reserved_data_blocks=917
[  121.168456][ T5671] netlink: 'syz.0.539': attribute type 10 has an invalid length.
[  121.177055][   T50] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  121.190362][   T50] EXT4-fs (loop2): This should not happen!! Data will be lost
[  121.190362][   T50] 
[  121.200239][ T5671] veth0_macvtap: left promiscuous mode
[  121.217653][ T5671] veth0_macvtap: entered promiscuous mode
[  121.232843][ T5671] team0: Device macvtap0 failed to register rx_handler
[  121.244800][ T5657] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[  121.268398][ T5671] veth0_macvtap: left promiscuous mode
[  121.284271][ T5686] loop1: detected capacity change from 0 to 2048
[  121.310696][ T5688] loop3: detected capacity change from 0 to 1024
[  121.318934][ T5688] EXT4-fs: Ignoring removed nobh option
[  121.447630][ T5701] FAULT_INJECTION: forcing a failure.
[  121.447630][ T5701] name failslab, interval 1, probability 0, space 0, times 0
[  121.460294][ T5701] CPU: 0 UID: 0 PID: 5701 Comm: syz.2.548 Tainted: G        W          6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  121.472433][ T5701] Tainted: [W]=WARN
[  121.476301][ T5701] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  121.486370][ T5701] Call Trace:
[  121.489646][ T5701]  <TASK>
[  121.492573][ T5701]  dump_stack_lvl+0xf2/0x150
[  121.497183][ T5701]  dump_stack+0x15/0x20
[  121.501344][ T5701]  should_fail_ex+0x223/0x230
[  121.506031][ T5701]  ? sctp_add_bind_addr+0x6f/0x1e0
[  121.511144][ T5701]  should_failslab+0x8f/0xb0
[  121.515751][ T5701]  __kmalloc_cache_noprof+0x4b/0x2a0
[  121.521048][ T5701]  sctp_add_bind_addr+0x6f/0x1e0
[  121.526111][ T5701]  sctp_do_bind+0x434/0x4c0
[  121.530627][ T5701]  sctp_connect_new_asoc+0x15b/0x3b0
[  121.535929][ T5701]  sctp_sendmsg+0xf05/0x1920
[  121.540591][ T5701]  ? __pfx_sctp_sendmsg+0x10/0x10
[  121.545688][ T5701]  inet_sendmsg+0xc5/0xd0
[  121.550071][ T5701]  __sock_sendmsg+0x102/0x180
[  121.554755][ T5701]  __sys_sendto+0x1d6/0x260
[  121.559274][ T5701]  __x64_sys_sendto+0x78/0x90
[  121.564034][ T5701]  x64_sys_call+0x2959/0x2d60
[  121.568723][ T5701]  do_syscall_64+0xc9/0x1c0
[  121.573239][ T5701]  ? clear_bhb_loop+0x55/0xb0
[  121.578011][ T5701]  ? clear_bhb_loop+0x55/0xb0
[  121.582707][ T5701]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  121.588654][ T5701] RIP: 0033:0x7f80a1bbdff9
[  121.593064][ T5701] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  121.612729][ T5701] RSP: 002b:00007f80a0831038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  121.621215][ T5701] RAX: ffffffffffffffda RBX: 00007f80a1d75f80 RCX: 00007f80a1bbdff9
[  121.629185][ T5701] RDX: 0000000000000001 RSI: 0000000020847fff RDI: 0000000000000003
[  121.637151][ T5701] RBP: 00007f80a0831090 R08: 000000002005ffe4 R09: 000000000000001c
[  121.645246][ T5701] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  121.653243][ T5701] R13: 0000000000000000 R14: 00007f80a1d75f80 R15: 00007ffe1b523a68
[  121.661218][ T5701]  </TASK>
[  121.733359][ T5705] netlink: 252 bytes leftover after parsing attributes in process `syz.2.551'.
[  121.766778][ T5705] loop2: detected capacity change from 0 to 1024
[  121.847823][ T5711] loop3: detected capacity change from 0 to 2048
[  121.918351][ T5711] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  121.944834][ T5711] batadv_slave_0: entered promiscuous mode
[  122.099906][ T5719] hub 2-0:1.0: USB hub found
[  122.104665][ T5719] hub 2-0:1.0: 8 ports detected
[  122.117325][ T5721] batman_adv: batadv0: Removing interface: batadv_slave_0
[  122.136933][ T3778] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  122.137241][ T5719] loop0: detected capacity change from 0 to 128
[  122.153377][ T5721] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  122.165483][ T5721] batman_adv: batadv0: Removing interface: batadv_slave_1
[  122.187912][ T3778] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #12: comm syz-executor: corrupted in-inode xattr: bad e_name length
[  122.243790][ T3778] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #12: comm syz-executor: corrupted in-inode xattr: bad e_name length
[  122.273318][   T50] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  122.297998][   T50] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  122.310563][   T50] EXT4-fs (loop2): This should not happen!! Data will be lost
[  122.310563][   T50] 
[  122.320451][   T50] EXT4-fs (loop2): Total free blocks count 0
[  122.326574][   T50] EXT4-fs (loop2): Free/Dirty block details
[  122.332581][   T50] EXT4-fs (loop2): free_blocks=68451041280
[  122.338483][   T50] EXT4-fs (loop2): dirty_blocks=16384
[  122.343927][   T50] EXT4-fs (loop2): Block reservation details
[  122.349966][   T50] EXT4-fs (loop2): i_reserved_data_blocks=1024
[  122.366757][ T3375] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  122.379545][ T3375] EXT4-fs (loop2): This should not happen!! Data will be lost
[  122.379545][ T3375] 
[  122.485996][   T40] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  122.588452][   T40] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  122.706254][   T40] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  122.788480][   T40] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  122.927634][   T40] bridge_slave_1: left allmulticast mode
[  122.933349][   T40] bridge_slave_1: left promiscuous mode
[  122.939124][   T40] bridge0: port 2(bridge_slave_1) entered disabled state
[  123.006443][   T40] bridge_slave_0: left allmulticast mode
[  123.012138][   T40] bridge_slave_0: left promiscuous mode
[  123.017910][   T40] bridge0: port 1(bridge_slave_0) entered disabled state
[  123.515979][   T40] hsr_slave_0: left promiscuous mode
[  123.545238][   T40] hsr_slave_1: left promiscuous mode
[  123.557131][   T40] veth1_macvtap: left promiscuous mode
[  123.562642][   T40] veth0_macvtap: left promiscuous mode
[  123.568382][   T40] veth1_vlan: left promiscuous mode
[  123.573785][   T40] veth0_vlan: left promiscuous mode
[  123.617947][ T5762] FAULT_INJECTION: forcing a failure.
[  123.617947][ T5762] name failslab, interval 1, probability 0, space 0, times 0
[  123.630686][ T5762] CPU: 0 UID: 0 PID: 5762 Comm: syz.4.573 Tainted: G        W          6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  123.642813][ T5762] Tainted: [W]=WARN
[  123.646657][ T5762] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  123.656707][ T5762] Call Trace:
[  123.660041][ T5762]  <TASK>
[  123.662978][ T5762]  dump_stack_lvl+0xf2/0x150
[  123.667776][ T5762]  dump_stack+0x15/0x20
[  123.671934][ T5762]  should_fail_ex+0x223/0x230
[  123.676678][ T5762]  ? dst_alloc+0xc0/0x100
[  123.681013][ T5762]  should_failslab+0x8f/0xb0
[  123.685700][ T5762]  kmem_cache_alloc_noprof+0x4c/0x290
[  123.691074][ T5762]  dst_alloc+0xc0/0x100
[  123.695262][ T5762]  ip_route_output_key_hash_rcu+0xb90/0x12d0
[  123.701249][ T5762]  ip_route_output_flow+0x76/0x120
[  123.706376][ T5762]  udp_sendmsg+0xe5d/0x12f0
[  123.710921][ T5762]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  123.716506][ T5762]  ? avc_has_perm+0xd4/0x160
[  123.721110][ T5762]  ? __pfx_udp_sendmsg+0x10/0x10
[  123.726105][ T5762]  inet_sendmsg+0xaf/0xd0
[  123.730505][ T5762]  __sock_sendmsg+0x102/0x180
[  123.735178][ T5762]  ____sys_sendmsg+0x312/0x410
[  123.739969][ T5762]  __sys_sendmmsg+0x259/0x500
[  123.744662][ T5762]  __x64_sys_sendmmsg+0x57/0x70
[  123.749657][ T5762]  x64_sys_call+0xa49/0x2d60
[  123.754245][ T5762]  do_syscall_64+0xc9/0x1c0
[  123.758784][ T5762]  ? clear_bhb_loop+0x55/0xb0
[  123.763482][ T5762]  ? clear_bhb_loop+0x55/0xb0
[  123.768200][ T5762]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.774101][ T5762] RIP: 0033:0x7f3045d0dff9
[  123.778553][ T5762] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  123.798203][ T5762] RSP: 002b:00007f3044981038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  123.806615][ T5762] RAX: ffffffffffffffda RBX: 00007f3045ec5f80 RCX: 00007f3045d0dff9
[  123.814663][ T5762] RDX: 000000000800001d RSI: 0000000020007fc0 RDI: 0000000000000004
[  123.822671][ T5762] RBP: 00007f3044981090 R08: 0000000000000000 R09: 0000000000000000
[  123.830683][ T5762] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  123.838653][ T5762] R13: 0000000000000000 R14: 00007f3045ec5f80 R15: 00007ffc3b5a10e8
[  123.846655][ T5762]  </TASK>
[  123.921849][   T40] team0 (unregistering): Port device team_slave_1 removed
[  123.935657][   T40] team0 (unregistering): Port device team_slave_0 removed
[  123.984719][ T5752] lo: entered allmulticast mode
[  123.992666][ T5761] lo: entered promiscuous mode
[  123.997527][ T5761] lo: left allmulticast mode
[  124.233156][ T5731] chnl_net:caif_netlink_parms(): no params data found
[  124.252007][ T5796] tun0: tun_chr_ioctl cmd 2147767506
[  124.328325][ T5731] bridge0: port 1(bridge_slave_0) entered blocking state
[  124.335502][ T5731] bridge0: port 1(bridge_slave_0) entered disabled state
[  124.348025][ T5731] bridge_slave_0: entered allmulticast mode
[  124.354607][ T5731] bridge_slave_0: entered promiscuous mode
[  124.365477][ T5731] bridge0: port 2(bridge_slave_1) entered blocking state
[  124.372533][ T5731] bridge0: port 2(bridge_slave_1) entered disabled state
[  124.380607][ T5731] bridge_slave_1: entered allmulticast mode
[  124.401777][ T5731] bridge_slave_1: entered promiscuous mode
[  124.462971][ T5731] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  124.484663][ T5731] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  124.514478][ T5731] team0: Port device team_slave_0 added
[  124.522342][ T5731] team0: Port device team_slave_1 added
[  124.541332][ T5731] batman_adv: batadv0: Adding interface: batadv_slave_0
[  124.548396][ T5731] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  124.574328][ T5731] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  124.610480][ T5731] batman_adv: batadv0: Adding interface: batadv_slave_1
[  124.617496][ T5731] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  124.643649][ T5731] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  124.737333][ T5731] hsr_slave_0: entered promiscuous mode
[  124.756375][ T5731] hsr_slave_1: entered promiscuous mode
[  124.762509][ T5731] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  124.774634][ T5731] Cannot create hsr debugfs directory
[  125.202607][ T5731] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  125.229208][ T5731] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  125.278702][ T5731] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  125.324863][ T5731] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  125.413425][ T5731] 8021q: adding VLAN 0 to HW filter on device bond0
[  125.435791][ T5731] 8021q: adding VLAN 0 to HW filter on device team0
[  125.532829][  T741] bridge0: port 1(bridge_slave_0) entered blocking state
[  125.540008][  T741] bridge0: port 1(bridge_slave_0) entered forwarding state
[  125.550313][  T741] bridge0: port 2(bridge_slave_1) entered blocking state
[  125.557387][  T741] bridge0: port 2(bridge_slave_1) entered forwarding state
[  125.844317][ T5731] 8021q: adding VLAN 0 to HW filter on device batadv0
[  126.001462][ T5884] Driver unsupported XDP return value 0 on prog  (id 376) dev N/A, expect packet loss!
[  126.018501][ T5731] veth0_vlan: entered promiscuous mode
[  126.039235][ T5731] veth1_vlan: entered promiscuous mode
[  126.086348][ T5731] veth0_macvtap: entered promiscuous mode
[  126.101418][ T5731] veth1_macvtap: entered promiscuous mode
[  126.135221][ T5731] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  126.145816][ T5731] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  126.155635][ T5731] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  126.166065][ T5731] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  126.175904][ T5731] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  126.186347][ T5731] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  126.197504][ T5731] batman_adv: batadv0: Interface activated: batadv_slave_0
[  126.205661][ T5731] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  126.216232][ T5731] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  126.226088][ T5731] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  126.236578][ T5731] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  126.246519][ T5731] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  126.256949][ T5731] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  126.267835][ T5731] batman_adv: batadv0: Interface activated: batadv_slave_1
[  126.285932][ T5731] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  126.294702][ T5731] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  126.303456][ T5731] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  126.312472][ T5731] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  126.350217][   T29] kauditd_printk_skb: 408 callbacks suppressed
[  126.350230][   T29] audit: type=1400 audit(1729704523.100:3684): avc:  denied  { mounton } for  pid=5731 comm="syz-executor" path="/root/syzkaller.sgmset/syz-tmp" dev="sda1" ino=1964 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[  126.391133][   T29] audit: type=1400 audit(1729704523.140:3685): avc:  denied  { mount } for  pid=5731 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  126.413301][   T29] audit: type=1400 audit(1729704523.140:3686): avc:  denied  { mount } for  pid=5731 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  126.435360][   T29] audit: type=1400 audit(1729704523.140:3687): avc:  denied  { mounton } for  pid=5731 comm="syz-executor" path="/root/syzkaller.sgmset/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  126.441008][ T5911] syzkaller0: entered promiscuous mode
[  126.462117][   T29] audit: type=1400 audit(1729704523.140:3688): avc:  denied  { mounton } for  pid=5731 comm="syz-executor" path="/root/syzkaller.sgmset/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=14479 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  126.467641][ T5911] syzkaller0: entered allmulticast mode
[  126.495168][   T29] audit: type=1400 audit(1729704523.140:3689): avc:  denied  { mounton } for  pid=5731 comm="syz-executor" path="/dev/binderfs" dev="devtmpfs" ino=454 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  126.614640][   T29] audit: type=1400 audit(1729704523.360:3690): avc:  denied  { tracepoint } for  pid=5925 comm="syz.3.629" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  126.714515][ T5941] 8ûÅ: renamed from syzkaller0
[  127.180728][   T29] audit: type=1400 audit(1729704523.930:3691): avc:  denied  { create } for  pid=5974 comm="syz.0.652" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  127.287131][   T29] audit: type=1400 audit(1729704524.040:3692): avc:  denied  { create } for  pid=5987 comm="syz.3.658" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=atmpvc_socket permissive=1
[  127.354197][ T5993] tap0: tun_chr_ioctl cmd 1074025677
[  127.367391][ T5993] tap0: linktype set to 100
[  128.346659][   T29] audit: type=1400 audit(1729704525.100:3693): avc:  denied  { create } for  pid=6013 comm="syz.0.669" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  128.507143][ T6037] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  128.674740][ T6037] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[  128.688538][ T6052] loop1: detected capacity change from 0 to 4096
[  128.703882][ T6052] EXT4-fs: Ignoring removed nomblk_io_submit option
[  128.741102][ T6052] EXT4-fs error (device loop1): ext4_do_update_inode:5121: inode #15: comm syz.1.684: corrupted inode contents
[  128.768460][ T6052] EXT4-fs error (device loop1): ext4_dirty_inode:5984: inode #15: comm syz.1.684: mark_inode_dirty error
[  128.793369][ T6052] EXT4-fs error (device loop1): ext4_do_update_inode:5121: inode #15: comm syz.1.684: corrupted inode contents
[  128.830847][ T6052] EXT4-fs error (device loop1): __ext4_ext_dirty:207: inode #15: comm syz.1.684: mark_inode_dirty error
[  128.878061][ T6052] EXT4-fs error (device loop1): ext4_do_update_inode:5121: inode #15: comm syz.1.684: corrupted inode contents
[  128.879324][ T6067] SELinux: ebitmap: map size 0 does not match my size 64 (high bit was 0)
[  128.913699][ T6052] EXT4-fs error (device loop1): __ext4_ext_dirty:207: inode #15: comm syz.1.684: mark_inode_dirty error
[  128.928980][ T6067] SELinux: failed to load policy
[  128.936810][ T6066] __nla_validate_parse: 2 callbacks suppressed
[  128.936860][ T6066] netlink: 12 bytes leftover after parsing attributes in process `syz.1.684'.
[  128.952151][ T6052] EXT4-fs error (device loop1): ext4_do_update_inode:5121: inode #15: comm syz.1.684: corrupted inode contents
[  129.004040][ T6052] EXT4-fs error (device loop1): ext4_truncate:4208: inode #15: comm syz.1.684: mark_inode_dirty error
[  129.048234][ T6052] EXT4-fs error (device loop1) in ext4_setattr:5523: Corrupt filesystem
[  129.068949][ T6069] EXT4-fs error (device loop1): ext4_do_update_inode:5121: inode #15: comm syz.1.684: corrupted inode contents
[  129.325085][ T5731] EXT4-fs warning (device loop1): ext4_evict_inode:259: couldn't mark inode dirty (err -117)
[  129.436987][ T6091] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  129.685527][ T6091] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[  129.874258][ T6109] netlink: 12 bytes leftover after parsing attributes in process `syz.2.701'.
[  130.070130][ T6111] bridge_slave_0: left allmulticast mode
[  130.075868][ T6111] bridge_slave_0: left promiscuous mode
[  130.081562][ T6111] bridge0: port 1(bridge_slave_0) entered disabled state
[  130.091404][ T6111] bridge_slave_1: left allmulticast mode
[  130.097104][ T6111] bridge_slave_1: left promiscuous mode
[  130.102971][ T6111] bridge0: port 2(bridge_slave_1) entered disabled state
[  130.114952][ T6111] bond0: (slave bond_slave_0): Releasing backup interface
[  130.127270][ T6111] bond0: (slave bond_slave_1): Releasing backup interface
[  130.142292][ T6111] team0: Port device team_slave_0 removed
[  130.161596][ T6111] team0: Port device team_slave_1 removed
[  130.169995][ T6111] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  130.177614][ T6111] batman_adv: batadv0: Removing interface: batadv_slave_0
[  130.187687][ T6111] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  130.195152][ T6111] batman_adv: batadv0: Removing interface: batadv_slave_1
[  130.229501][ T6113] team0: Mode changed to "loadbalance"
[  130.263924][ T6118] loop4: detected capacity change from 0 to 1024
[  130.274178][ T6123] netlink: 252 bytes leftover after parsing attributes in process `syz.2.706'.
[  130.291031][ T6123] loop2: detected capacity change from 0 to 1024
[  130.295648][ T6121] loop1: detected capacity change from 0 to 2048
[  130.305911][ T6125] netlink: 252 bytes leftover after parsing attributes in process `syz.0.705'.
[  130.316442][ T6123] EXT4-fs mount: 56 callbacks suppressed
[  130.316457][ T6123] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  130.322958][ T6125] loop0: detected capacity change from 0 to 1024
[  130.337546][ T6121] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  130.356370][ T6118] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  130.360889][ T6111] EXT4-fs error (device loop1): __ext4_new_inode:1070: comm syz.1.702: reserved inode found cleared - inode=1
[  130.369461][ T6118] ext4 filesystem being mounted at /125/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  130.403135][ T5731] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.410890][ T6125] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  130.465382][ T6142] loop3: detected capacity change from 0 to 512
[  130.707549][ T6148] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  130.720228][ T6142] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  130.732963][ T6142] ext4 filesystem being mounted at /73/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  130.759871][   T40] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  130.777378][  T741] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  130.777750][   T40] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  130.794197][  T741] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  130.805250][   T40] EXT4-fs (loop2): This should not happen!! Data will be lost
[  130.805250][   T40] 
[  130.817541][  T741] EXT4-fs (loop0): This should not happen!! Data will be lost
[  130.817541][  T741] 
[  130.827177][   T40] EXT4-fs (loop2): Total free blocks count 0
[  130.836833][  T741] EXT4-fs (loop0): Total free blocks count 0
[  130.842815][   T40] EXT4-fs (loop2): Free/Dirty block details
[  130.848769][  T741] EXT4-fs (loop0): Free/Dirty block details
[  130.854672][   T40] EXT4-fs (loop2): free_blocks=68451041280
[  130.854685][   T40] EXT4-fs (loop2): dirty_blocks=16384
[  130.854697][   T40] EXT4-fs (loop2): Block reservation details
[  130.860559][  T741] EXT4-fs (loop0): free_blocks=68451041280
[  130.866470][   T40] EXT4-fs (loop2): i_reserved_data_blocks=1024
[  130.871761][  T741] EXT4-fs (loop0): dirty_blocks=16384
[  130.888110][ T6118] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.889792][  T741] EXT4-fs (loop0): Block reservation details
[  130.910315][  T741] EXT4-fs (loop0): i_reserved_data_blocks=1024
[  130.924075][   T40] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  130.949914][   T50] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  130.964076][ T4561] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.974971][ T6148] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[  131.139663][ T6173] loop0: detected capacity change from 0 to 1024
[  131.140221][ T6173] EXT4-fs: Ignoring removed nobh option
[  131.148880][ T6175] netlink: 252 bytes leftover after parsing attributes in process `syz.3.724'.
[  131.182184][ T6173] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  131.189966][ T6175] loop3: detected capacity change from 0 to 1024
[  131.204996][   T35] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  131.216237][   T35] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  131.216263][   T35] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  131.231097][   T35] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  131.231121][   T35] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  131.231143][   T35] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  131.231181][   T35] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  131.231234][   T35] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  131.231300][   T35] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  131.231325][   T35] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  131.231357][   T35] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  131.231381][   T35] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  131.231406][   T35] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  131.231430][   T35] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  131.231461][   T35] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  131.231487][   T35] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  131.231563][   T35] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  131.231585][   T35] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  131.231607][   T35] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  131.231629][   T35] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  131.231651][   T35] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  131.231673][   T35] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  131.231747][   T35] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  131.231777][   T35] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  131.231865][   T35] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  131.231887][   T35] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  131.231916][   T35] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  131.231938][   T35] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  131.231979][   T35] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  131.232004][   T35] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  131.232046][   T35] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  131.232071][   T35] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  131.232096][   T35] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  131.232120][   T35] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  131.232145][   T35] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  131.232170][   T35] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  131.232273][   T35] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  131.232297][   T35] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  131.232365][   T35] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  131.242422][   T35] hid-generic 0000:0003:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  131.248574][ T6183] devpts: called with bogus options
[  131.297957][ T6175] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  131.388064][ T6188] loop2: detected capacity change from 0 to 1024
[  131.388624][ T6188] EXT4-fs (loop2): unable to read superblock
[  131.408791][ T6183] vlan2: entered allmulticast mode
[  131.551581][ T6183] bridge_slave_0: entered allmulticast mode
[  131.561084][ T6183] bridge_slave_0: left allmulticast mode
[  131.571040][ T5264] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.596325][ T6201] netlink: 8 bytes leftover after parsing attributes in process `syz.0.725'.
[  131.605208][ T6201] netlink: 4 bytes leftover after parsing attributes in process `syz.0.725'.
[  131.653715][ T6205] loop4: detected capacity change from 0 to 2048
[  131.678894][ T6205] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  131.798034][   T29] kauditd_printk_skb: 187 callbacks suppressed
[  131.798052][   T29] audit: type=1400 audit(1729704528.550:3881): avc:  denied  { ioctl } for  pid=6200 comm="syz.0.725" path="socket:[15471]" dev="sockfs" ino=15471 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  131.885166][ T6211] netlink: 20 bytes leftover after parsing attributes in process `syz.4.726'.
[  131.891634][   T29] audit: type=1400 audit(1729704528.640:3882): avc:  denied  { read } for  pid=6203 comm="syz.4.726" name="loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  131.891699][   T29] audit: type=1400 audit(1729704528.640:3883): avc:  denied  { open } for  pid=6203 comm="syz.4.726" path="/dev/loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  131.891730][   T29] audit: type=1400 audit(1729704528.640:3884): avc:  denied  { ioctl } for  pid=6203 comm="syz.4.726" path="/dev/loop-control" dev="devtmpfs" ino=99 ioctlcmd=0x4c80 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  131.955341][ T3823] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.062615][   T50] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  132.068047][ T6221] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  132.082562][   T50] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  132.094158][   T29] audit: type=1326 audit(1729704528.840:3885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6222 comm="syz.1.732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f987f49dff9 code=0x7ffc0000
[  132.097610][   T50] EXT4-fs (loop3): This should not happen!! Data will be lost
[  132.097610][   T50] 
[  132.097626][   T50] EXT4-fs (loop3): Total free blocks count 0
[  132.120903][   T29] audit: type=1326 audit(1729704528.840:3886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6222 comm="syz.1.732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f987f49dff9 code=0x7ffc0000
[  132.130580][   T50] EXT4-fs (loop3): Free/Dirty block details
[  132.136551][   T29] audit: type=1326 audit(1729704528.840:3887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6222 comm="syz.1.732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f987f49dff9 code=0x7ffc0000
[  132.136583][   T29] audit: type=1326 audit(1729704528.840:3888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6222 comm="syz.1.732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f987f49dff9 code=0x7ffc0000
[  132.136612][   T29] audit: type=1326 audit(1729704528.840:3889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6222 comm="syz.1.732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f987f49dff9 code=0x7ffc0000
[  132.159899][   T50] EXT4-fs (loop3): free_blocks=68451041280
[  132.159946][   T50] EXT4-fs (loop3): dirty_blocks=16384
[  132.159959][   T50] EXT4-fs (loop3): Block reservation details
[  132.165875][   T29] audit: type=1326 audit(1729704528.840:3890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6222 comm="syz.1.732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f987f49dff9 code=0x7ffc0000
[  132.189177][   T50] EXT4-fs (loop3): i_reserved_data_blocks=1024
[  132.268958][   T40] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  132.395888][ T6221] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[  132.466685][ T6241] loop3: detected capacity change from 0 to 512
[  132.479527][ T6241] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  132.516476][ T6239] loop4: detected capacity change from 0 to 1024
[  132.523244][ T6239] EXT4-fs: Ignoring removed nobh option
[  132.531449][ T6247] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  132.543447][ T6247] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  132.553130][ T6241] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.566169][ T6241] ext4 filesystem being mounted at /80/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  132.568038][ T6247] bond0 (unregistering): Released all slaves
[  132.583632][ T6239] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  132.587053][ T6241] xt_hashlimit: size too large, truncated to 1048576
[  132.697042][ T3823] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.771466][ T6266] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  132.805908][ T6273] loop2: detected capacity change from 0 to 512
[  132.826144][ T6273] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.838795][ T6273] ext4 filesystem being mounted at /164/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  132.927494][ T4207] ==================================================================
[  132.935633][ T4207] BUG: KCSAN: data-race in __stop_tty / pty_write
[  132.942083][ T4207] 
[  132.944404][ T4207] write to 0xffff888111b705bc of 1 bytes by task 6279 on cpu 1:
[  132.952037][ T4207]  __stop_tty+0x42/0x90
[  132.956204][ T4207]  n_tty_ioctl_helper+0x223/0x240
[  132.961241][ T4207]  n_tty_ioctl+0xfd/0x200
[  132.965599][ T4207]  tty_ioctl+0x87a/0xbe0
[  132.969874][ T4207]  __se_sys_ioctl+0xcd/0x140
[  132.974495][ T4207]  __x64_sys_ioctl+0x43/0x50
[  132.979095][ T4207]  x64_sys_call+0x15cc/0x2d60
[  132.983779][ T4207]  do_syscall_64+0xc9/0x1c0
[  132.988292][ T4207]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.990940][ T6266] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[  132.994206][ T4207] 
[  132.994215][ T4207] read to 0xffff888111b705bc of 1 bytes by task 4207 on cpu 0:
[  133.011095][ T4207]  pty_write+0x26/0xa0
[  133.015177][ T4207]  tty_put_char+0x8d/0xc0
[  133.019519][ T4207]  __process_echoes+0x3a3/0x6b0
[  133.024399][ T4207]  n_tty_receive_buf_common+0x8f9/0xbe0
[  133.029982][ T4207]  n_tty_receive_buf2+0x33/0x40
[  133.034853][ T4207]  tty_ldisc_receive_buf+0x63/0x100
[  133.040053][ T4207]  tty_port_default_receive_buf+0x59/0x90
[  133.045789][ T4207]  flush_to_ldisc+0x1ce/0x410
[  133.050472][ T4207]  process_scheduled_works+0x483/0x9a0
[  133.055938][ T4207]  worker_thread+0x51d/0x6f0
[  133.060532][ T4207]  kthread+0x1d1/0x210
[  133.064618][ T4207]  ret_from_fork+0x4b/0x60
[  133.069045][ T4207]  ret_from_fork_asm+0x1a/0x30
[  133.073820][ T4207] 
[  133.076144][ T4207] value changed: 0x00 -> 0x01
[  133.080812][ T4207] 
[  133.083140][ T4207] Reported by Kernel Concurrency Sanitizer on:
[  133.089288][ T4207] CPU: 0 UID: 0 PID: 4207 Comm: kworker/u8:8 Tainted: G        W          6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  133.101637][ T4207] Tainted: [W]=WARN
[  133.105450][ T4207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  133.115531][ T4207] Workqueue: events_unbound flush_to_ldisc
[  133.121344][ T4207] ==================================================================
[  133.263316][ T4561] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.321196][ T3814] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.