last executing test programs:

8.747906555s ago: executing program 1 (id=3045):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="02000000040000000800"], 0x48)
r1 = shmget$private(0x0, 0x2000, 0x10, &(0x7f0000ff6000/0x2000)=nil)
r2 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r2, &(0x7f0000000040)={0x2, 0x4e22, @loopback}, 0x10)
sendmsg$rds(r2, 0x0, 0x0)
r3 = shmat(r1, &(0x7f0000ffb000/0x2000)=nil, 0x2000)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000fff000/0x1000)=nil)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='rss_stat\x00', r6}, 0x10)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000200)={0x9effffff, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x20000}}, {{0xa, 0x0, 0x40000, @dev={0xfe, 0x80, '\x00', 0x26}}}}, 0x108)
socket(0x2, 0x4, 0x0)
syz_clone(0x42000000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x9, &(0x7f00000002c0), 0x4, 0x50e, &(0x7f0000000e40)="$eJzs3c1vVF8ZAOD33nZoKYUBZaFGBRFFQ5h+AA1hI2w0hpCYEOPCBdR2aJrOME2nRFpJbJfuSSRxpX+COxcmrFy4c6c7N7gwQSUSauJizL0zbQf6Kf2YXzvPk9zee84Z5j1nhnPO3APTE0DXuhgRSxFxIiIeRUSxlZ+0jrjTPLLHvX/7fGLl7fOJJBqNB/9M8vIsL9r+TOZU6zn7fx4R34v4SbIxbn1hcWa8UinPtdJD89XZofrC4rXptJUzOjYyNnzr+s3RfWvrhepv33x3+t4Pf/+7r7z+09K3f5ZVa/AXp/Oy9nbsp2bTCzHYltcbEfcOIliH9Lb+/nD0ZL3tcxFxKe//xejJ300A4DhrNIrRKLanAYDjLrv/H4wkLbXWAgYjTUul5hre+RhIK7X6/NVi7emTycjXsM5GIX08XSkPt9YKz0YhydIj+fV6evSD9Ivy9Yg4FxEv+k7m5aWJWmWykx98AKCLnfpo/n/X15z/t/fucCoHAByc/k5XAAA4dOZ/AOg+5n8A6D7/x/zv24EAcEy4/weA7mP+B4Dus+P8v3w49QAADsUP7t/PjsZK8/dfr/6m7muT5fpMqfp0ojRRm5stTdVqU5VyaaLR2On5KrXa7MiNtWR9YfFhtfb0yfzD6er4VPlhuXCQjQEAduXchVd/ySb9pdsn8yPa9nIwV8Pxlna6AkDH9HS6AkDH+D4PdK9d3ONbBoBjbpMtej+w5X8RemnzVziqrnzR+j90q72s/1s7gKPt09b/v7Pv9QAOnzkculejkdjzHwC6jDV+YE///g8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABdajA/krSU7wW+lP1MS6WI0xFxNgrJ4+lKeTgizkTEn/sKfVl6pNOVBgD2KP170tr/60rx8mB7STEiTiT/6cuuT0TET3/14JfPxufn50ay/H+t5c+/bOUnjU41AgBYdWdjVj5Pj7bObTfy798+n1g9DrOKb+42NxfN4q60jmZJb/Tm5/4oRMTAv5NWuin7vNKzD/GXliPiC+vtf9YWYTBfA2nufPpx/Cz26QOIv/76fxw//SB+mpdl50L+Wnx+H+oC3ebV3eY42ep7WRdr9b80Lubnzft/fz5C7V02/mVjycqG8S9dG/96NsRP8j5/cS29fU3e3PjD9zdkNorNsuWIL/VuFj9Zi59sPv4WLu8ufPz1y1+9tFVZ49cRVzZt/+qO1NV8mB2ar84O1RcWr01Xx6fKU+Uno6NjI2PDt67fHB3K16ibP/+4WYx/3L56ZsvXZjliYIv4/du3P76xfbPX/Oa/j378tW3if+vrm7//57eJn82J39xl/PGBO1tu353Fn1xtf6G9ZMf3P67uFDhtnl7/bXFyl1UFAA5BfWFxZrxSKc/tcJF91tzpMS6O5kUsRezXE+aLEhHxWWhXl1ykse1jfvSJPbfTIxNw0NY7fadrAgAAAAAAAAAAAAAAbKW+sDjTd8Df1up0GwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADi+/hcAAP//G4rEcQ==")
lsm_get_self_attr(0xd, 0x0, &(0x7f0000000000), 0x3800)
set_mempolicy(0x3, &(0x7f0000000000)=0x4000000ffb, 0x8)
socket(0xa, 0x80805, 0x0)
fcntl$dupfd(r5, 0x0, r0)
openat$tun(0xffffffffffffff9c, 0x0, 0x40241, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$xdp(0xffffffffffffffff, &(0x7f0000000100)={0x2c, 0x2, 0x0, 0xa}, 0x10)
sendmsg$NFT_BATCH(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c0003800800014000000000080002400000000010000380140001007465616d3000000000000000000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c00038014"], 0xfc}}, 0x0)
shmdt(r3)

6.896003026s ago: executing program 1 (id=3055):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, &(0x7f0000001c00)=0x8000000, &(0x7f0000000200)=r1}, 0x20)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r2 = syz_open_dev$evdev(&(0x7f00000000c0), 0x3, 0x40)
syz_usb_disconnect(r2)

6.012764082s ago: executing program 1 (id=3061):
syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x3000010, &(0x7f0000000340)={[{@errors_remount}, {@nodioread_nolock}]}, 0x1, 0x512, &(0x7f0000000380)="$eJzs3d9rY1kdAPDvvW1mOzNdk1WRdcF1cVc6i07Sbt3dIqLriz4tqOv7WNu0lCZNadJ1Whbt4H8ggoJPPvki+AcIwzz4B8jAgL6ID6KiiM7og6DOlSQ3TidN2rrTNp3m84HTnHPvzf2ec0NO7o/TewMYWy9FxFsRMRERr0ZEMZ+e5in2uqm93IP77y21UxJZ9s5fk0jyab11tdcxGRFX87dNRcTXvhzxzeRg3ObO7vpirVbdysuVVn2z0tzZvb5WX1ytrlY35ufn3lh4c+H1hdks90TtLPUyP/nS529/+lu/u/Hna99uV+tzH4lC9LXjJHWbXuhsi572Nto6jWAj0PvMC6OuCAAAx9Lex/9gRHyis/9fjInO3lyfiVHUDAAAADgp2Rem499JRAYAAABcWGlETEeSlvOxANORppfycwMfjitprdFsfWqlsb2x3J4XUYpCurJWq87mY4VLUUja5bl8jG2v/FpfeT4inouI7xcvd8rlpUZtecTnPgAAAGBcXO07/v9HMe3kjzbg/wQAAACA86s0tAAAAABcFA75AQAA4OLrP/6/PaJ6AAAAAKfiK2+/3U5Z7/nXy+/ubK833r2+XG2ul+vbS+WlxtZmebXRWO3cs69+1PpqjcbmZ2Jj+2alVW22Ks2d3Rv1xvZG68baY4/ABgAAAM7Qcx+/8+skIvY+e7mTIr8PIMBj/jDqCgAnaWLUFQBGxl28YXwVRl0BYOSSI+YbvAMAAE+/mY8evP7fe/6/cwNwsRnrAwDjx/V/GF8FIwBhrKUR8YFu9plhywy9/v/L40bJsoi7xf1TnF8EAICzNd1JSVrOjwOmI03L5YhnI9JSFJKVtVp1Nj8++FWx8Ey7PNd5Z3LkmGEAAAAAAAAAAAAAAAAAAAAAAAAAoCvLksgAAACACy0i/VPSuZt/xEzxlen+8wOXkn8W44954Ufv/ODmYqu1Ndee/rfOs7wuRUTrh/n014Y+PgwAAAA4acne0Fnd4/T8de5MawUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAGHhw/72lXjrLuH/5YkSUBsWfjKnO61QUIuLK35OY3Pe+JCImTiD+3q2IeH5Q/CQeZllWymvRHz+NiMunHL/U2TTD4189gfgwzu60+5+3Bn3/0nip8zr4+zeZpyc1vP9L88jPd/q5Qf3fswfWVh8Y44V7P6sMjX8r4oXJwf1Pr/9NhsR/+cDa/pVl2cEY3/j67u6w+NmPI2YG/v4kj8WqtOqblebO7vW1+uJqdbW6MT8/98bCmwuvL8xWVtZq1fzvwBjf+9jPHx7W/isD4v/2N93+97D2vzJspX3+c+/m/Q91s4VB8a+9PPD3dyqGxE/z375P5vn2/Jlefq+b3+/Fn9598bD2Lw/Z/kd9/teO2f5Xv/rd3x9zUQDgDDR3dtcXa7Xq1iGZqWMs8zRmfjF1Lqrxf2ay73Q/ufNSn/ebae+tPprSa9U5qNi+THZmsSbinDT5f5mRdksAAMApeLTTP+qaAAAAAAAAAAAAAAAAAAAAwPg6i9uJ9cfcG01TAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO9d8AAAD//yLg4A8=")
r2 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
write$binfmt_aout(r2, &(0x7f0000000280)=ANY=[], 0x20)
r3 = perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x0, 0x4, 0x0, 0x6, 0x2, 0x800000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x7}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000bc0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000fdffffff18110000751e56149e48fa74de093318bb3e59729a337e6b7f2cf8016de5473a66d05f7c8d6886bdbb6cddddbd438ffaeb239ca9b7611945155fd8e272a8da0fe05cf5f8beb2885292f431a923cb82003ebbbf2181f815f9d015da2402567eaba173d5bce1663171ef06e6682a7e64c69e60049e2602db7b5a9f4877930a6626c6e395fbde55afaea02e096c01065024fbf87772b004231be5682bfc2f46918b2a007810e2db54eda7033f012e3b94a97d47607082d9b23a40a29f7fcac43f6a02c45542aa49781eea1bc29e4e9e431800bced9f8eed6392c7d134f80f1c4d6c8c516437b8fb768cc3386cf0d4852041aa666917196fea276125eba05b1a7558da47628d459e6d93677579b002632c3e1928f5fb366310886893d966423ec2c00fe5e9d77b450c40e5dd4a9c7b07303e18a525346f28f490ab7a6b2caf6fc129f0af2798fe7085463d06fa1f614d37097b5d34421c2d8de3c95ad111221194e85621a0051bf8b9f5bed02c", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00"/20, @ANYRES32=0x0, @ANYBLOB="0100"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xf, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000300000000000000010000001811", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b70300008500000083000000bf090000000000005509010000f697e300000095000000f7738edc068f8200000000bf91000000000000b7020000010000008500000076000000b70000000000"], &(0x7f0000000280)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r7}, 0x10)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
fcntl$notify(r8, 0x402, 0x4)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
r9 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r9, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f00000008c0)=ANY=[@ANYBLOB="0207000902", @ANYRES32=r4, @ANYBLOB="a29b978cf97a1c01ab2006e1df0cd28e9fe3e40d7c59c87f6ae573256232c10b691d72422ea71601f01e0b1c4f9338af8b96185b864210fd6c7a0f375f7e99b449e0652801c2d38eeacc616b0782899f0b8547f0ba63a31767bbbe5692deb9114902d71413568adf42f1e6f4178a1c26d8598022020e12cc6776748ad4730c9f", @ANYRES32=r3], 0x10}}, 0x0)
r10 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r10, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
r11 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r12 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', <r13=>0x0})
sendmsg$nl_route_sched(r12, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r13, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r12, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001300)=@newtfilter={0x5c, 0x2c, 0xf25, 0x70bd28, 0x2, {0x0, 0x0, 0x0, r13, {0xd, 0x4}, {}, {0x8, 0x4}}, [@filter_kind_options=@f_flow={{0x9}, {0x2c, 0x2, [@TCA_FLOW_EMATCHES={0x28, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x100}}, @TCA_EMATCH_TREE_LIST={0x1c, 0x2, 0x0, 0x1, [@TCF_EM_CMP={0x18, 0x1, 0x0, 0x0, {{0x7, 0x1, 0xbc}, {0x5, 0x100000, 0xffff, 0x4, 0x0, 0x1, 0x1}}}]}]}]}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)

5.630467414s ago: executing program 1 (id=3065):
r0 = syz_open_dev$loop(&(0x7f0000000240), 0x40, 0x1c0862)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_freeze_timeout', 0x82802, 0xf)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000000280)={r1, 0x1000, {0x0, 0x0, 0x0, 0x4, 0x4000000000001001, 0x0, 0x0, 0x1c, 0xc, "faf98317e5a1149989fc8dbe53ea6acc96e3a2503dc3bd3fe37d58128bbad0099cebdc25f5ab60c9e6d680f985881a8a0f3500000000000000000e00", "32d8cc26f7061a74df2cfc06c89f3d9e234b30c50997d3bef409ff2176ff7bfe55cd4a5d83cd4a524bd3ffe70c7f3f800b2f7b6aa54cc50a1fcaed1e831fa79a", "675237601a8ca5b07dcc141802c4dae4162e43ac61b7ad3300", [0xfffffffffffffce8, 0x6]}})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3, 0x0, 0x622}, 0x18)
r4 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$USBDEVFS_CONTROL(r4, 0xc0105500, &(0x7f0000000000)={0xa0, 0x6, 0x321, 0x3, 0x0, 0x101, 0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="070000000400000080000000040000", @ANYRES32=r1, @ANYRESOCT=r0, @ANYBLOB="49b3062d4f93eae393cfd47115e244"], 0x50)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000280), 0xffffffffffffffff)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x14, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x42, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r8}, 0x10)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0xb, 0xd, 0x200cc, 0x6, 0x5}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000200), &(0x7f0000000000), 0x8004b2, r9}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000640), &(0x7f0000001740), 0x2, r9}, 0x38)
add_key(&(0x7f00000001c0)='ceph\x00', 0x0, &(0x7f0000000840)='\x00\x00\x00\x00\x00\x00\x00\x00\x00*\x00\x00', 0xc, 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000340)=ANY=[@ANYBLOB="a4000000", @ANYRES16=r6, @ANYBLOB="000425bd7000fcdbdf25020000000500050005000000050005000100000008000300050000006000018014000400fc010000000000000000000000000000d70003008100000005000200ff00000008000600070000001400040000000000000000000000ffffffffffff14000400ff0200000000000000000000000000010500020009000000080004004000000008000300010000000800020004000000"], 0xa4}, 0x1, 0x0, 0x0, 0x24004890}, 0x40)
sendto$inet6(r5, 0x0, 0x0, 0x20004041, 0x0, 0x0)
connect$inet6(r5, &(0x7f0000000180)={0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, '\x00', 0x54}, 0x7}, 0x1c)
r10 = socket$unix(0x1, 0x5, 0x0)
connect$unix(r10, &(0x7f00000005c0)=@abs={0x1, 0x0, 0x4e22}, 0x6e)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000700), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)

4.75913832s ago: executing program 1 (id=3073):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000001c0), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x14a)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000000001000001"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0x8, &(0x7f0000000080)=ANY=[@ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000001b000000b700000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0xffffffff}, 0x18)
kexec_load(0x4, 0xa, 0x0, 0x0)
r3 = creat(0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xb, &(0x7f0000000a00)=ANY=[@ANYRESHEX=r0, @ANYRES8=r1, @ANYRES32, @ANYBLOB="628e5432ee", @ANYRESHEX=r4, @ANYRESHEX=r1, @ANYRES16=0x0, @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1e, 0x4, &(0x7f0000000000)=ANY=[@ANYRES8=r4], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @sk_lookup=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000400)='kfree\x00', r5}, 0x18)
r6 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
ioctl$PPPIOCNEWUNIT(r6, 0xc004743e, &(0x7f0000000000)=0x4)
ioctl$PPPIOCSACTIVE(r6, 0x40047459, &(0x7f0000000080)={0xfffffffffffffe43, 0x0})
read(r6, 0x0, 0xff40)
write$ppp(r6, &(0x7f0000000200)="bc72", 0x2)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c3"], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x64, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000180)={'syztnl1\x00', &(0x7f0000000a80)={'ip6gre0\x00', 0x0, 0x2b, 0x4f, 0xff, 0x4, 0x16, @ipv4={'\x00', '\xff\xff', @multicast1}, @local, 0x10, 0x7, 0x100, 0x9}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r8}, 0x18)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
syz_usb_connect(0x0, 0x2a9, &(0x7f00000006c0)={{0x12, 0x1, 0x210, 0x52, 0x7d, 0xab, 0x40, 0x93a, 0x2603, 0x8440, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x297, 0x1, 0xe, 0x5, 0xa0, 0xc, [{{0x9, 0x4, 0x91, 0x1a, 0xd, 0x68, 0xd9, 0xf9, 0xff, [@cdc_ecm={{0x6, 0x24, 0x6, 0x0, 0x0, '$'}, {0x5, 0x24, 0x0, 0x30}, {0xd, 0x24, 0xf, 0x1, 0x100, 0x0, 0xff, 0x9}, [@country_functional={0xc, 0x24, 0x7, 0xa2, 0x9, [0x1, 0x400, 0x9]}, @mbim_extended={0x8, 0x24, 0x1c, 0x9, 0xe, 0x100}]}], [{{0x9, 0x5, 0x4, 0x2, 0x5bf, 0x7, 0xd, 0x10, [@generic={0x1e, 0x8, "eb233d4d92160656d4fdd8f66668a83fcf6d5649761cf9d22a99bbcc"}, @uac_iso={0x7, 0x25, 0x1, 0x2, 0x7f, 0x7ff}]}}, {{0x9, 0x5, 0xf, 0x10, 0x20, 0xb, 0x4f, 0x0, [@generic={0x22, 0x22, "1b7140692f5bd717630950eca52e9a0a9931de3d6c898a34f2835daebc47b6a2"}, @generic={0x7, 0x9, "c99a845364"}]}}, {{0x9, 0x5, 0x2, 0x2, 0x3ff, 0x7, 0x8, 0x10}}, {{0x9, 0x5, 0xa, 0x10, 0x10, 0xa, 0xaa, 0x7, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0x3, 0x7}, @uac_iso={0x7, 0x25, 0x1, 0x0, 0x6, 0x207}]}}, {{0x9, 0x5, 0x8a, 0x10, 0x20, 0xf, 0x0, 0x4, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x82, 0x6}]}}, {{0x9, 0x5, 0x0, 0x3, 0x400, 0x0, 0x43, 0x0, [@uac_iso={0x7, 0x25, 0x1, 0x82, 0x6, 0x3}, @uac_iso={0x7, 0x25, 0x1, 0x2, 0x9d}]}}, {{0x9, 0x5, 0x7, 0xc, 0x200, 0x7f, 0xc, 0xe7, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x7, 0x9}]}}, {{0x9, 0x5, 0xc, 0xc, 0x40, 0x9, 0x6, 0x8}}, {{0x9, 0x5, 0x7, 0x1f5cb390bd622936, 0x400, 0x2, 0x7, 0x7, [@generic={0x6f, 0x7, "e83fffb2f66f89240987dda9cf1d9e2d76fffd15ebf165c2cc0f9ff4c68bdc1195060692877652e589ed2de26b468e38b776a7bb95d35c43794ac228614c4394abe4154617d95ce70d15710aa52eba1fa172cfcef15f2971951830d841169aabf4fb17c0e845e942814d29a0c2"}, @generic={0x6, 0x10, "76a3289e"}]}}, {{0x9, 0x5, 0x3, 0x8, 0x3ff, 0x7, 0x7, 0xe}}, {{0x9, 0x5, 0xe, 0x10, 0x20, 0x7, 0x7, 0xd}}, {{0x9, 0x5, 0x4, 0x3, 0x3ff, 0xa, 0x3a, 0x68, [@generic={0x98, 0x1, "e4887dca70831e83920c7b619fdc685403efa458556c9045486b39ad2c4cab71d5193eb206fa1baa8aab8129bf20ae8e117fa8cc5f1108234cea5731de0fe4f86b6c02a8045e7b0d65e8e6882fe3724473b8763bc03ed61195ba860ca02b436a7fdcedb66d9fdcf98a9d7cebe43deca0cd8b67b1de53bd2a5818cb1357c31aa29e5f805b737207b778b522871b29203f039419033ebc"}]}}, {{0x9, 0x5, 0x80, 0x3, 0x200, 0x5, 0x5, 0x2, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0x81, 0x8}, @generic={0x58, 0x6, "81d8136a86fe088103cb332def5b4d433f5831fe50eff0ab897e607566c65865d1e906977af57fe7a9546fa92086d464236ba7551a2e595d7bd9c641c136b63be9422ea8124f5e1576f3bb87857136d20a6d7b6ab840"}]}}]}}]}}]}}, &(0x7f0000000480)={0xa, &(0x7f0000000340)={0xa, 0x6, 0x310, 0xf, 0x7, 0xe, 0xff, 0xe0}, 0x5, &(0x7f0000000380)=ANY=[@ANYBLOB], 0x2, [{0x7e, &(0x7f0000000b00)=@string={0x7e, 0x3, "fbb14e3a3503e06b4f5f099ff6196144ab6079f7d4a7fbf6ec25e1cfc466c2f3fc9aff2fb89317982e8a1055328db313184e9141113cfabf5e4829252bc4e5db6b26d0c6ecfc9fd7921d179266d28186469ce3605bed92d97c20c9649e00bcf7a131b8c4f795286d74f01c57084d6304a312f3b80687f961212ad7e6"}}, {0x4, &(0x7f0000000440)=@lang_id={0x4, 0x3, 0x42d}}]})
sendmmsg$unix(r9, &(0x7f00000bd000), 0x318, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r9, &(0x7f0000000100)={0x20000014})
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000600)={0xa0000013})
close_range(0xffffffffffffffff, r9, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x2e, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="14000000100004001ea1c003d37ceefc0300000a20000000000a05000000000000000000070000000900010073797a300000000044000000090a010400000000000000000700ffff08000a40000000030900020073797a31000000000900010073797a3000000000080005400000002105000d40930000005c0000000c0a01020000000000000000070000000900020073797a31000000000900010073797a3000000000300003802c0000800400018024000b80100001800c000100636f756e7465720010000180090001006c617374"], 0xe8}, 0x1, 0x0, 0x0, 0x20008050}, 0x24040050)
close(r3)
ioctl$PTP_PIN_GETFUNC2(r3, 0xc0603d0f, &(0x7f0000000000)={'\x00', 0x80000000, 0x3, 0xfffffffd})
fallocate(r0, 0x20, 0x0, 0x8000)

3.378962638s ago: executing program 2 (id=3092):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000040)={'veth0_to_bond\x00', 0x400})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', 0xffffffffffffffff, 0x0, 0x5}, 0x18)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000)=0x2000000, 0x300)

3.299042249s ago: executing program 0 (id=3093):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x5, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0xd, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000180)='mm_vmscan_throttled\x00', r1, 0x0, 0xffffffffffffeffd}, 0x18)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
keyctl$restrict_keyring(0x5, 0xfffffffffffffffe, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
r4 = add_key(&(0x7f0000000080)='keyring\x00', &(0x7f00000000c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$link(0x8, r3, r4)
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0xf)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000340))
getpid()
tgkill(0x0, 0x0, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00', r5}, 0x18)
sendmsg$nl_generic(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="1c0000002000090002000000ffdbdf250200000008000800", @ANYRES32=r0], 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000)

3.267810919s ago: executing program 0 (id=3094):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
r1 = fcntl$dupfd(r0, 0x406, r0)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfd, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4f23, @local}, 0x2f)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr', 0x3)
pipe2$watch_queue(&(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x80)
sendmsg$IPSET_CMD_LIST(r2, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x2c, 0x7, 0x6, 0x201, 0x0, 0x0, {0x2, 0x0, 0x5}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x810}, 0x4008005)
write$binfmt_misc(r1, &(0x7f00000012c0)="baa540d608bc217f4339ed531a6fff1177e8fd278329817806875fb7e465a8b781c4e223838af4c07e28565c42c304edb567bb315876e154b17c784e98c2b2eb9a6782c9964268561c0cfebf45826734964b8122db377a4d0fc5d2e55a07bcf801556778a5a52bfa2af58457a17eb23f54871aa5a54b62e0d2ff8a2d58780bdf096af19e8cd0c80d12aa5f4415d74c8050af30a24b189d32e1ec237a4d64eaf7b8aba3d3883174c30821e22a95a2b15872ff569e33442cf0e1a8e69e22c5ec1393619094a3dfb1d881c9ec396475dbe8d782bfdf074fa06b980d262f113283fa7f0a36db48f42feb56a7637de9cedf7292d422898b6e6fe16b75c4a6430091aed70dde9acc0c7157f117cca238411f385a9d0bcfe92b6adef374cc4f060a149cb3cb00a2867d3f9e36d59c07581a60259499044890ee013584a1634ea572849114136c57503c24cbee0cce4695119ba66775decc855e29c4e2e3d74b8bce038baee16832ac50004052cbaba3a46c0cfad739c3c637f7f108bdfe591cdd75fa483d87d08897b561d6a85fa647556a6be8582a5853a15d22e72425476175e5721acbe5d2d691037482790ddae5415a5af7d60dae02d54509401ac2ffa8a10e1b3ef30cb616f9ad2fd4e47c76804548f7f9aceef5519d6974206f9a4d0809de3e8c45a8442fce5c763bd174ab5108fc865c2a81acfa03698f73ee338f3fbedf3292739673f13c160cad4e1aa66cebc539bd76e67662f461f47f5ca50259c072dc58c54bea7a558559a465b2632e157175b8642540eb178c82c1c8f35f1aaa3c662e23d72dd2b47d11db8c9ae1e596aeae916b1a1f4649cfb04bd2ce9853cacb07554ca74ce789a7de6dfdcf37f1ba8bdf7b73ab08ec5b2ec806c7b28290094d248dbeba5d46502cb76f30145b9cdfe263b0b0f8b929fe780a125320ae3e0a0755064fdbf3ee9509b43ff423e58de3dc1909664c07ad0d0b5184484bf334ecfe525c4d3d8553a8003f33369e1aa027534d6fc60db15c615b8d01d46ea9cef8512800639d8d8221657787cacfde63e0555e8e3c764a8f486c8e5728f4eff9b6f2f33f07ce55342b772c9794d15d24e26f37a491c934a6356907ee5534b9c832d7d9cc1e077b1a41a63a754848de66ce9b5ab3db842af1caf5f1f1b28be17561996bf5c29b0188e04678d9692b7048e989aef9024561b941245e7d50514125e5275d859e49b5eb53ba27a2639f70d095e90462f257773612f386d2e1ca1f3dfccf279346744e8e699bcdffdc64b9daaa6972b827c302ed3451613c119462010f637377c31d5009652343f81f21674450a5adbd7c2ea7794dbfce9622cb6e715be767c8eacf7eb4fd0e4ba34ff3ef98a0f8f92a961004bd4b9908fd328fbbf816229c8bf697964911c33236617ab6fe396439802bbcf02ee0444d9cad12305448527029740e4cdb93bcef076503da315311eaca4cb5d12a7a34b8475a9379fe32fdae2bb048e02e54653deb6accb4ff112ad086ba13581883b6c6a9109651e7450d289f5b1fb4f94d4031c2665edce971e7f596776f9504f270b9660cf86b2e281b1b228f75379ecf4ed1ac98f7bd2ceb1ee4d36c15aba94c4839834766f831437142c9aeddd2ccbb6c98eb8445f835af71878bb88760651bec5c95f23b7f63171097968f5496b76a462deed7f379f9b0bef5de92e36499d8156f16c6b875311058fbfa64c81631202b2ccb665abd29fc3b62db74f2bbdae3c6151255d183f8e5c486b8e4f35754e9020939128e2c9bda7ad24c84afc095c11cd685570fb8c0068f6b895b1faa8638948342bf939f1330625bd7757bbb5ae6e44137525937c630a66d3808d1097a2aba68eee57534a052806c753962a4428ae2661259149bad50392b342347967a7efb3d9178eef9313da39c6415a6aefc66dc985ab7555793dc6526fd64cca3c07c1f084e37691c4e9e60c0acecc41c6d07d73c27e151c0ef04c4eb03dae72fed5086bd82cc26cdc6cd9d241d4ed9cf9cc2ac5d4a7665ba59ce1a664a26b91040ac93c5c5c1638468ecc50999dbf10dd8dcc9c47d4018195f210d43932848ceb75400b8d3b537890a1b14bbed51dcff2925a6fd0e968598b9f823cfa94fc3812475b0c5f1770fab2e61587dad7ce7e08ca64b3f1bcd758f3cfe4df29669d4b926b80514f5a6be540966b44ce7b80398f845062ba60d2e04fbfa982a45a6f330b9683188902b41f1d8bf29d003490c8f541433b89b7ea16e4bc2ee0b620dcfacb605bc18c88c1013d4128aba56f0147676becc97eba4a8434184aecc1073628141b955e3fe5d9186aaa4c72f72b336f61df5346663e1b0684f4b4d8b70f4ccf370d245c2a7f39650d21ad54aa5163300b3a31730cd181e0d12d4f63d803c02d31cddf36ec4a8534f2c41c4b1ddb9bbbe02b165fad1bd2d92ac8308e8990f138fdd26ae765c75fd45047e05e1afa9d3f11bff8d83ff39ad69cc7b5dde69ca24a8ba95bd9281548eba472b7faf8730af299d11d146b82df673c23ef8ee0c02129f4bd2d33a160e476e40faf42c8579cd6e913c271bdbae1cf0646161aeb1b0ce34b92472d29100ca5701365d739f3861ce13807e44de62af3ad69d45e2b5f6a06179571d6cca29ab3c48c6953a9012cd646dd2db4170d745d019637d1315769b9bae0b420e577e43bc73a4df85428c2fbd6826fa8d36579457b65012ff3744bcb020d85d234cd91651bacfb7c3c4d3990e7d5339571cbc8f44a10b450a6eedadad7eaee1a8a8bc124f4bb5705b5226eafe39f9764d2519ffe62c9167c116aa5d7c3a22b9b3313bda7b300c44b4d45e2b8096b562d558ad36ed4ac96908bb97d8c042a2bd0f502506743669a07a2c4299c06a67f20708e70fe8896292cad64140f0d530d696081bb15e60884892cafe0feb7b1496517a2e27a78f4d3d8854cd4885c292f4fad11337260b791c4f008daff7596021816916998450240506c362ba8643c4466fbbed0ddd9b2f1af25e9cd72d07c496383a3fb9e73a95b82ba464cbf41d73e7d1e82e2b4e37cdb064cb190e94e1b536e81c85823fb70ccf252b35bce8269aae8ab978496d16e021154944d411c45490f8a2ed476213a8db1ad0947f4f14396c01e32ccf63562bc69bfa8363236c4b46cc4c510054d3f98280ceb5a82cb88fdc74abb7a0aa8bf3c0da744ca07b716f891c95e2a329c67e98b5a9a0519c53dc780ac9eefe08071f140f1fef978b6459d28b286e3319492ca621b62f16b69e5ed5b6b05b373b2a4d137083910043a13b2aa85435ad5ee26870e1a1dd8ded11298bf2c778732c26952eed3127bf64854f16f3347f7c03a16857861a24356a8c16f2a3d6f7", 0x949)
syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0), r1)
r3 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r3, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r5 = syz_open_dev$usbmon(&(0x7f0000000000), 0x2, 0x40800)
read$usbmon(r5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r4, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x101401, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa802, 0x0)
close(r7)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast})
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
r10 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0xfffffffd, {0x0, 0x0, 0x0, r9, {0xb, 0xd}, {}, {0x8, 0xfff1}}}, 0x24}}, 0x40004)
recvmmsg(r10, &(0x7f0000001480)=[{{0x0, 0x0, &(0x7f0000000bc0)=[{&(0x7f0000000040)=""/55, 0x37}, {&(0x7f0000001ac0)=""/4096, 0x1000}], 0x2}, 0x5d}], 0x1, 0x10022, 0x0)

3.13962306s ago: executing program 0 (id=3097):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x23, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
creat(&(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1a2)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c0002800500010000000000080007"], 0x64}}, 0x20040000)

3.13895096s ago: executing program 0 (id=3098):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f00000000c0)})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0xe7fd}, 0x100002, 0x3, 0xfffffffc, 0x0, 0x5c, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000012c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x94)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x23}, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698d0a881c51852e4451b57d037ad3c045942824251d7d17b5191584bcd4fbe40a23424d", "bcfd56f1375461caaa2f19935e6996c7096ffeeb0300000000000064", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x41000}, 0x94)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
recvmmsg(r2, &(0x7f0000000f00)=[{{0x0, 0x0, &(0x7f0000000ec0)=[{0x0}, {0x0}, {&(0x7f0000000e00)=""/172, 0xac}], 0x3}, 0x8000}], 0x1, 0x40000000, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r6=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r4, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)={0x24, r5, 0x1, 0x70bd28, 0x1, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r6}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x1}]}, 0x24}}, 0x80)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x51, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000040)=0xffffffffffffffff, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r7}, 0x10)
perf_event_open(&(0x7f0000000800)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_clone(0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)

3.01242309s ago: executing program 4 (id=3099):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0, 0x0, 0x7}, 0x18)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000001cc0)=ANY=[@ANYRES32=0x0, @ANYRESDEC, @ANYRES64, @ANYBLOB="b022fd84099290ab8ebe39cfc17f80bc2926131e9437a1dea9ca1756900531c14b67f7a9edd0d80c7c73649053153a8d8db6d3c0d3b3fa951f57d14071b61a27d968a0ae7bd580d2d9fd9034451c3ecffae80b234e72fb11e3a60c1208bd5262c5009e3e45582ed4203850292ed682fc5e26f5c2af47718ee5b4f2ed68f0b21b813ec22c4c61d3f22f5a01ebea6c484d8ef4ca90180b4587e0bee2f782fef574aa1e0ebc5d9e42452910d03c12feff7848f72ac5430476b9dc2457a09efdc6f181c408abe7b30cccd2c8fb85389e1cacd4f4b29a3d4a55941bf1bb416203732d6712d5a89470876ae6daec66f3fe1b39982c2781b115e20af7ce0a0c7c77db1073adc6e11597bd9f540f90f60b92dc84a5c764379c0b9426ff4f547182502633aa754dcfc63e46c7cef8e3a0c29bf5184ac150e90d884c59cba3dae7c531fb114534292629d8532c0f67ee37f2c349ea8f28199aff2aa335df5db411287a73adfbfff212cf7b6d277a361c55af160d98b5c3db84da37d80e07269c33f60f111ec3c09d8843e1f5499e71de9b48882b9415d45b20393888ec49f307d535580947b5a5b40b465382aa4a579f317d91792f8ed70e9401863bc0a21d7e15f828ae8f13c673a30cba6f10f89c8a018cc8bbe7072ffe1c5d4ef11f0f82cf967faef8608f8b289245f87607917b0c2578dbbe5186ac78b8cd9a5aff567aebe8a73dd547fdc503885a2df4953f3497688b7b1ede6a2e529b25ecc246a7bcb00077059d7e0100aa20cb4d1dbac6eec0a9f803601c799eddb9b271f0530842291167abffb982fe47a496e884ee3c17850f970cb3ac3342b832b8b984e2eb4836afb7727f7310a347add2a1094cfff7b44516593bbf15f3a9e0e2a788e99bdec6706ae9a39b4f8983ae38d4cdf866d9670de91036ea86646f195ec4b4ce462ea624b8875825262a301f9235496b935506109287bbcf4754e3fa637428a2e39a80cd07ffafd756839abddc721421754fcae705ab432fcdd6f3c004dfad9e6bfa87746dd41649dcd2bf1728a3d6d2ddf27a52957422a27f9e478530873d9f1861b71f2378540648b171bcbd44533723ae1a89e56e2f570c0571eb3c66fac65e3abad003a828f2d21cc990e57b80dd3762fe1204eb320591d6a93f9052b80494b2f52ad89d6374cf33040e2484c3384946450bb65835d65bebb4a91c0f82e598e5aa7ff9ba79f27bbd46240287721d2759fa24cec97658d8f17b3f424293f7253b74dae4b966c8089c546936953d8ce63463c26f1e296f56e17e7f890b6001ed5d9f739036842e989b40c02d3fe5227b1fb08a98f1b1f0c336346698e70171e74e40c5304a356b29c947672f8a0535b7ce3a66b276d09ca3d9fff030e41598649a310875f5b5801c471182c1f617c907f06b5f36a1f9294b0f4a95d0fc98682b1e38f2f94fb08f20c5e5c7afaa9fbbd84734a98dd9b33188f6b79334b09ca8e2de56457242f904b114a2c313b193fe421d7fa97da5ab77f363e83b4698bf903022d13826ded79a905f07f97dc0fc4cc290b969ee37075a4a80a0d86d0696eeea2048ebd1a97f8319b3342e515ae5c9e25ee933d926ae0f31af55aeb07da6508756ac9549ba8bbc0095a17cb647df12f926e595a531d7208ef75cfd6239f65a0584121c75e00f7c77990b90e6350b1a84eba4430979bb726ab02050573af29156bed8e243527593dc0c6de41d0b6775818a96ee97d153826a217e8d7e88c6c44baa781a495afeba3882a06f5b1a87b1e8ee1edf404ac3ade6f5af1f6cd22c01506b5f84befb55c86f79b56e4d5754be8f564f57852f991c2275cbf55937666e022c2b2f0d020156152377859b345f74fe66791421e5571a7900df89c9bef5c3cb19113fae5d524ae2edea5ca91baf096c02e1e860c9b5a97882da598ef1e39fcb61d83f997675a772ac37c0fbe65a9d379b9204a915fdb6a7c7cdbd14c0893cd5e8cfd56f4021756d6c6a25b258a69922a41f3c7bc43b69f46293b381a27ae5a3cfcf2526f8eadcb540ec87d6009d6a2939882140f9a447c5be4328a0681aa3002f6a9dfd836b362fb1d423d7c9571aeb50e2a6acb9ab4e85574baf27b1028db0f6647aa7fe995c1fbf8ab422bb15acf9ae6de73972c9549cb601297bbb1c740e8761af16c4785c4827b5dc5e52f4a82000f6f87670ec19fea4e04e564fc83c0ccf1b7fa2bb9ac3e56addfa7f5f6d1d3d3c92dea5de9fa42f1414a769b0cdc40e306fee0ad66573628b83a07fe087fcb3377848e1a7869e592c83bb594284da28a4f5db381059d56e5d4989042dadbbe6000b66184ca8fe9d293f6c70988f3d7b8ee00546a21aaeca498ae06fa7becc5a55914c7a1ab714d955a8b0bd72e8d6bbf4dd451b525fcbc9fb5c10747dee3c755d39be5c2d52345c56185a8d6cee878b72255acabf7dbefafaed94838532fd01ea6244c4ac929de6846084a07d19de7098e62b613775abe326d402f707c4fbb3968b0aac7f1f27537cbdecee19151b310bcbe2c848ef41eea747e85f87d5a160b2cb6b28d137e30c69770c1651e44a66f8e3394bec03c8256b89fd59bec449c6a2bdb351f53d05e463f75b834624b8c7b557dc38a398d726d0846fc2f062b5b32d10af38ce844c6811aaef73ace1d86813bc37433670f6180f9bd112ae00133077fc7a0bd12d7b4b3a53a3c16a9cb0e8112f18691aa3bd2215afdaa1d00c8ea4f4a302ea9ebc94afaad2549f646a8ae66b953fa9cd649a02c4b152cc6c7b55d99ddc3d0fd1fcd84da355eb02581dba9e4d9dd235d2d4c4e094161440e70926221d76ce70c8762485c8b801550cc208e5d1bfd184e622ff0950a912dd47163c838fd562f09ca1690e76da55a471ec67cb83bbb103975bd4683f0393ec8b843f55ba2c0bdc6c90b50031cfe751792bd5d0cb50c8ee93086794e18c4ed66d6bd09b499f8ff2f63a8920701ab0af5b4b75402b1d65b1eb515dc46e181a1699f21e67349c904f02f8358e28faff2ade65703d14dc2774b02acc731eee0941675502d95e0c32a7304f6e9af85ef220daea0de24cf79e35a59412e62835d3032f88d9ed7befd4f708bfd2d236bd188b6f951bbe13e3add84f111e20324a523426611ec15fb376e7306cbec6867f0b945047a4facf78154e68a66a36972d5a18af1403baa9b4b51fddd072ee1f0087add02485b40323bd708b76406e10a927a913d91c5d771d3aeb3cfafb54b1016785c61ed13060d5f1b550676a656b874fd392ae61c5044218df55cbb72b819990ffdb130fb17a14f7cb5a2a8aafedc6526d83762dbf320f15758030eeecf5652dccf04cdc68827400c768a21daff47212b87357ff0bcb36cae4d113a5d9815b07332cb42329321664d93e43e6dcd6115987007fc623088004f8ac943736eb2a045a25b1bbfbbc97571eabf875d924f6b7b0e524b1afa0ff499473aa7976de83b91928e84f8e445728778fe0e5a356a57f09ed254848cec31b7c5c9c7a2fca21befe15ffc9317e96f7ad582684ce625791b99563781bf64983e77be4f1a5893beec4b560fc15e9c21dd0c29bf2879dfaa257ba5ec97957050d5b2c1f25eb4064488c139dbf88f3b7c70850d6fdbf0603cdd4011bf76e0d9ee5c2b128b50dba5689a8f04d4caf62d777eab31aab4b4195da780901352d284885bf417eb05367ee1b5f2f8c5cfe7f0394fb977f3a3f96084375e22ccf6c3ee4659d68d2b1948a4a1783a4db2282c67d39613fa67be4dd144793b76c09dd563ef3d169f34318acbd62d3b2d64f9173d16e9801132918c3390172c6f64d049b4c894d593419e5f4d5a513fc5a64ddcd05b034e6d16fe88ff89a520c464f842ad5a62a6fc46f0e9d56d05d6f5e625d25f537cca62910981dd463255318d8273db13d27fdc6c17c2c54776ba3a246c413957f297b8ecb1adb5c3f1d4d8e4d7705bdb9268f956d2845b68511edd51cdc5d05de5d6d4b3f573592986fed325f1f3c6a9ef7740f9d843e11981d1ca515c7e722ec4d691c5e4d3a146e39bcf407f66418f754bb2508cb4cc843aa9d8eb63850e5b9103682ecc1fc8f972f394be9d31cb9efd0f693d4ec41fe8d0993b45d2f422f9ab604d3371c1bda1daa3206a027c4de5c8f2cf6d1fc7e6d1423a6c71e84f24e0a4dfbf4a331deff2ae649df9681a08846efc9f0001e7ef106f1bfa25ee2799b13f1f076e30e58078d186afb65301497e982478babf143972cc7072f70829b8faee46e56a1451ff7ddd0dd35816bfa29eee361de60fbc3222e89d70f1495be94d0e82072a0e572e3055c905552e6c45d2af3d4f505a99d947667059c1c92ce2d3549077539c4cec4c07337361eeb9f78813bf9e77b0a79f391ae6eb663deb53317f61ef8ddffdbd0ca2d8095c10c106b0968325bc1e88829d92399b809f1b881e9b9f0aeada5c5ee20fd0866070e3d5d41e62f5b6d2d25441babcdf9d3dc8ae3c140a6f352daf00ed38e248b236acd27f24bdebae0f272a5820ef77fb603fe3cc910a9d842129259e61d25dcf546cd770e4cccab470b20fa5f5972a6dd15853483de6e032f9726c166e81e8e0f9db4df397cc4a10b6e58708a31f48d7d2bae4ef92828c37088068b2ae433110dc7c08e6017d8b26e4e0382ca8fa62dc6f53c4cc2f0f78af72335c494f57f2414afe247e2291c395895bb18f701b6f4331feb759110c543dd94a238e782ad552047677558a50e7683d71a9e222fd19a9343e1d64528640a8099dedd19e4c747dda18ff25b15bddf750a54533b6ecfc75ad4a2909485f7fd759d45c74727b2e7300eae71a8784f5dd7f25b4b000ed3254264131cbbae316fb3a3bfbeb309dd2d18104629db354f447791eb882bf0333a520b8dba745b673d071b07e1de3e02fe751a1cf5908435b1a38edbd60483abdb15452c868844ceb96c449ab72999a55c79f9ce7405797142ef7095b4caf99d7bbe51cd4e963e4ffbbd2648761abd3894b5420a0add261ff9c0eff61aafd1ac5195ff15cadb5b0c7ce34d4d2d68146f3dae677e833b8be0f8a876153bb65398def38e4bf539d3a00047b19c483062fc1c2547b7d4f7d99b7035212ccfffeeb21ed7bbd6165ac7fbafbca3cef86fff655305706dd0baa607c50543bb0d66f0f4dbdd9c365fdb7b875dc5e7ee59afccc321ad1e31cc84687afda71231bb2e4dc3ce79ff3ce4bbafed8821a5b71bbf3844f110e2dd9557b596ac792d97506d22c0410bce435e20fa2e2d435361b5b6ac85f44763769723a7b629258f45e10578f70bef2e9c05af8032e357697dfcd30de9b3e953a36d6cb7a03ce69288b663f692793904dd8fb4ab6dc31ddf7f6942ef84c1e68c78bf9974f830ee2fccca84113cee98b47ed41a87fe610c5348dc38d4ada19862772317a70754870347ad87dbbb4c52349b0261aa8e108fcf387b24d4e2a77ba76e8472fd74ab6fa021277a24ef7a48d395b0fd1f9c0cf83bac56b433ffbfe5984a362e337969febf259988162c2b4842bd2fc0b230fee93a085003e615088abfe41889f7b5e0f380ffe55b66c1f7419993c3dd4aac5891494a183ddca2e415e1749489c925715f3c44d94b90d2d735f2b923bdbbbf1646580ab135356a9ee29bc19e73ded9a33798a69d248574e0c9e9f40a1c1ba52bc66a578d08b75f271a9e9f447efede09d6b3b57e0aa6322c18fd6f5e1c9d2753e0a6513cc04124ab89802eb9c504f0e5550868ab597629d7cc7447ed1b01b2ff4cf511aa098710b208b5aa0f595039a2f0e7294c5fe3b0c3e6c40000000000000000000000000000000002588beb10115f4b22f4ac997c86c49201ee9dceb2142ae61555bbbc4ef8cdd468a8ffbe6cbfc8877dd87292c70e10669bc99d8d5710f7719cc2cffc86cd529b6da2511d07aef4a1d9533ab58a76f80ad7fe91a17397d3c83481", @ANYBLOB="fe2ecf20a9a17bd2ed7e803f830375c150a1f848f604c2c1f932d2b7163be4b2b9a5bd521d185cfbee555b27608594beba6325923aaf5db74cff01000053db92c6c5fcbba0abd975fc76bea4bd00513afc856ed89d3fadeda307ca587354322803b0983cc65725ae7f45fb95e7cdb28c7c73f6008cf6eed7861f24b7423704b95f3d05b92d3d7ff9d392833ecd02443320b60131a350360fcc1d659e2a03cb469caf0498bacae0735a161345b3d71a55f14ef636b6f832c7a6071fce83904dfd871b6d8e03648dbaa3a039eb5673792cae80335732030f9aeabaf3bb3cc4ca5fe75271d69b2e78beb2b81fc3cf3a18a7ae93a3cdbe6599b99408275e2b4b4477c6fcf4806134e839e13533ec000000000000006a1c000000000000000000000000000000000000000000000000000069c3288311b7414705e975eb3f1b77a120558a69c70854bdc5b5a2a2d4218766045c753e3b29fb43510615fb279287eb83255f8b8b4c1273d50ba7f1f5c043579e49b2e4aa9c3e7f10a6d306a58f70dbce08b052da65cffc3325024802a85e0ef8c25d605349288bba816c4ef46824d88ecb3d40d0b270a1835b32c38c3fff18f0c86419d797b0af14bde3af90ae391b62fca804375b84429ac81cbe78703e28217c0efde62048622f268cb07f69af623fa28eb0fc284c1015b846dcdb7af09a07020a8a337e97f64cc3c2ad6924583540a4034140e1bff1effc898006b1c6cb259b28cc38b0788c4358686e65f3bb254a847c3f58a3e85fee43d5c6fe0c6581f220a2cb7123a73594a375de5293cd6e0000000000000000", @ANYRES64], 0x4b, 0x2eb, &(0x7f00000004c0)="$eJzs3E1PE10UwPHTF0pbAmXx5DGaGG50o5sJVNdKYyAxNpEgNb4kJgNMtenYkpkGU2NEV26NH8IFYcmORPkCbNzpxo07NiYuZGEc0+kMhTKAlNIi/H8JmcPce6b3zgzk3AnD+r23T4t5W8vrFQnHlYRERDZEBiUsvpC3DbtxTLZ6JZf7fnw+f+f+g1uZbHZsUqnxzNSVtFJqYOjDsxcJr9tKr6wNPlr/nv629v/a2fXfU08KtirYqlSuKF1Nl79W9GnTULMFu6gpNWEaum2oQsk2rHp7ud6eN8tzc1Wll2b7k3OWYdtKL1VV0aiqSllVrKqKPNYLJaVpmupPCvaTW5yc1DMtJs+0eTA4IpaV0SMiktjRklvsyoAAAEBXNdf/YVHtrP+XLqxW+u4uD3j1/0osqP6/+qV+rG31f1xEAut///MD63/9YPX/zorodDlU/Y/jYSi2Y1eoEdYarYye9H5+Xa8fLg27AfU/AAAAAAAAAAAAAAAAAAAAAAD/gg3HSTmOk/K3/leviMRFxP8+IDUiIte7MGS00SGuP06Axot70QER8818bj5X33odVkXEFEOGJSW/3PvBU4v9N49UzaB8NBe8/IX5XMRtyeSl4OaPSKpHmvMdZ/xmdmxE1W3P75Hk1vy0pOS/4Px0YH5MLl3ckq9JSj7NSFlMmXXH0ch/OaLUjdvZpvyE2w8AAAAAgJNAU5sC1++atlt7PX9zfd38fCDSWF8PB67Po3Iu2t25AwAAAABwWtjV50XdNA1rjyAh+/dpPYge0ZH9Gf5tlv+3DEc30z0C/8O3NcW9nW0/LaEDnJZdgrC0kjVUm4067Cz8x0a79ZGJ0c5fQTc48+79z/Yd8NpyfJ+Zth5E9r4Bejr2CwgAAABAxzSKfn/PaHcHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAKdSJ/47W7TkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAx8WfAAAA//+SWQVN")
r1 = openat(0xffffffffffffff9c, &(0x7f00000005c0)='./bus\x00', 0x101042, 0x0)
iopl(0x3)
r2 = gettid()
timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r3 = timerfd_create(0x0, 0x0)
readv(r3, &(0x7f00000009c0)=[{&(0x7f0000000200)=""/33, 0x21}], 0x1)
pwrite64(r1, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
fallocate(r1, 0x0, 0x11, 0x801afd)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x7, &(0x7f0000000880)=ANY=[@ANYBLOB="1800000001000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000380)='kmem_cache_free\x00', r5}, 0x18)
lsm_set_self_attr(0x69, 0x0, 0x20, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="440000001000090600"/20, @ANYRES32=0x0, @ANYBLOB="adffa888000000001c00128009000100626f6e64000000000c000280050001000600000008000a"], 0x44}}, 0x0)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x10, 0xffffffffffffffff, 0x4ec000)
r6 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0xe7fd}, 0x100002, 0x3, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000012c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{}, &(0x7f0000000180), &(0x7f00000001c0)=r6}, 0x20)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x51, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r7}, 0x10)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000d40)=ANY=[@ANYBLOB="580000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000087fd00140015007665746830000000000000000000000024000e00020000001a210000ae0000000000000002000000000000000700c3060000"], 0x58}}, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000a80)={{r9}, &(0x7f0000000a00), &(0x7f0000000a40)=r8}, 0x20)

2.946190801s ago: executing program 0 (id=3100):
r0 = socket$inet(0x2, 0x1, 0x9)
r1 = io_uring_setup(0x3c92, &(0x7f0000000100)={0x0, 0x9bd6, 0x0, 0xffffffff, 0x2f3})
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r2, &(0x7f0000000040), 0x10)
io_setup(0x9, &(0x7f0000000000)=<r3=>0x0)
io_getevents(r3, 0x0, 0x3c, 0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x3938700})
listen(r2, 0x0)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r4, &(0x7f0000000640)={0x28, 0x0, 0x2710}, 0x10)
r5 = accept(r0, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="120000000400000004000000a4"], 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r6, &(0x7f0000000080), &(0x7f00000002c0)=@udp=r5}, 0x20)
r7 = socket$tipc(0x1e, 0x2, 0x0)
perf_event_open(&(0x7f00000002c0)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x4, 0x40002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_bp={0x0, 0x1}, 0x10c005, 0x10000, 0x0, 0x7, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000020000006}, 0x0, 0x1, 0xffffffffffffffff, 0xb)
sendmsg$tipc(r7, &(0x7f0000002300)={&(0x7f0000000040)=@id={0x1e, 0x3, 0x3, {0x4e20, 0x3}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x44}, 0x4)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYRES8=r7, @ANYRESDEC=r0], 0x50)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffd3a, 0x0, 0x0, 0x0, 0x100}, 0x94)
r10 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000280)='kfree\x00', r9}, 0x18)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$FITRIM(r10, 0xc0185879, &(0x7f0000000080)={0x5, 0x3ff, 0x6})
syz_genetlink_get_family_id$tipc(&(0x7f0000000000), 0xffffffffffffffff)
r12 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
fchdir(r12)
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/pid\x00')
ioctl$sock_SIOCGIFBR(r2, 0x8940, &(0x7f0000000240)=@add_del={0x2, &(0x7f00000001c0)='vlan1\x00'})
mount(&(0x7f0000000380)=@filename='./cgroup\x00', &(0x7f0000000040)='./cgroup\x00', 0x0, 0x1001, 0x0)
sendmsg$TIPC_CMD_GET_NODES(r11, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4a6ff}, 0x0)
recvmsg$can_bcm(r5, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x10042)
syz_genetlink_get_family_id$devlink(&(0x7f0000000180), r5)
close_range(r1, 0xffffffffffffffff, 0x0)

2.683912393s ago: executing program 0 (id=3103):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x5, &(0x7f0000000280)=0x73, 0x4)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xd, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006100000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000009800000095"], &(0x7f0000000680)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r2, 0x18000000000002a0, 0x14, 0x0, &(0x7f0000000080)="d2df03c4ff4f84e5fbd9cb4608008cdd8af46937", 0x0, 0x95b4, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
setsockopt$inet6_int(r0, 0x29, 0x35, &(0x7f0000000000)=0x8000, 0x4)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_int(r0, 0x29, 0xb, &(0x7f0000000040)=0x8, 0x4)
recvmmsg(r0, &(0x7f0000000ac0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=""/53, 0x35}}], 0x1, 0x0, 0x0)
r3 = socket$nl_rdma(0x10, 0x3, 0x14)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000fcffffffffffffff00000000000000"], 0x48)
ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f0000000000)={'veth1_to_bond\x00', &(0x7f00000000c0)=@ethtool_gstrings={0x1b, 0x1}})
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0xc0100, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000080)=0xf)
syz_usb_connect_ath9k(0x3, 0x0, 0x0, 0x0)
ioctl$TCFLSH(r4, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r4, 0x5437, 0x2000000)

2.474122894s ago: executing program 2 (id=3105):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x3}, 0x18)
r1 = openat$sysfs(0xffffff9c, &(0x7f00000037c0)='/sys/kernel/notes', 0x0, 0x0)
r2 = syz_io_uring_setup(0xbdc, &(0x7f0000000080)={0x0, 0xec21, 0x80, 0x1, 0x40000333}, &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000040)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r1, 0x0, &(0x7f0000000600)=[{&(0x7f0000001800)=""/201, 0xc9}], 0x1, 0x0, 0x1})
io_uring_enter(r2, 0x847ba, 0x2000, 0xe, 0x0, 0x0)

2.425811524s ago: executing program 2 (id=3106):
r0 = syz_open_dev$loop(&(0x7f0000000240), 0x40, 0x1c0862)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_freeze_timeout', 0x82802, 0xf)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000000280)={r1, 0x1000, {0x0, 0x0, 0x0, 0x4, 0x4000000000001001, 0x0, 0x0, 0x1c, 0xc, "faf98317e5a1149989fc8dbe53ea6acc96e3a2503dc3bd3fe37d58128bbad0099cebdc25f5ab60c9e6d680f985881a8a0f3500000000000000000e00", "32d8cc26f7061a74df2cfc06c89f3d9e234b30c50997d3bef409ff2176ff7bfe55cd4a5d83cd4a524bd3ffe70c7f3f800b2f7b6aa54cc50a1fcaed1e831fa79a", "675237601a8ca5b07dcc141802c4dae4162e43ac61b7ad3300", [0xfffffffffffffce8, 0x6]}})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3, 0x0, 0x622}, 0x18)
r4 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$USBDEVFS_CONTROL(r4, 0xc0105500, &(0x7f0000000000)={0xa0, 0x6, 0x321, 0x3, 0x0, 0x101, 0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="07000000040000008000000004000000", @ANYRES32=r1, @ANYRESOCT=r0, @ANYBLOB="49b3062d4f93eae393cfd47115e244"], 0x50)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000280), 0xffffffffffffffff)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x14, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x42, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r8}, 0x10)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0xb, 0xd, 0x200cc, 0x6, 0x5}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000200), &(0x7f0000000000), 0x8004b2, r9}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000640), &(0x7f0000001740), 0x2, r9}, 0x38)
add_key(&(0x7f00000001c0)='ceph\x00', 0x0, &(0x7f0000000840)='\x00\x00\x00\x00\x00\x00\x00\x00\x00*\x00\x00', 0xc, 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000340)=ANY=[@ANYBLOB="a4000000", @ANYRES16=r6, @ANYBLOB="000425bd7000fcdbdf25020000000500050005000000050005000100000008000300050000006000018014000400fc010000000000000000000000000000d70003008100000005000200ff00000008000600070000001400040000000000000000000000ffffffffffff14000400ff0200000000000000000000000000010500020009000000080004004000000008000300010000000800020004000000"], 0xa4}, 0x1, 0x0, 0x0, 0x24004890}, 0x40)
sendto$inet6(r5, 0x0, 0x0, 0x20004041, 0x0, 0x0)
connect$inet6(r5, &(0x7f0000000180)={0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, '\x00', 0x54}, 0x7}, 0x1c)
r10 = socket$unix(0x1, 0x5, 0x0)
connect$unix(r10, &(0x7f00000005c0)=@abs={0x1, 0x0, 0x4e22}, 0x6e)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000700), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)

2.163185516s ago: executing program 4 (id=3107):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000200), &(0x7f0000000240)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
msgctl$IPC_RMID(0x0, 0x0)
renameat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

2.145834696s ago: executing program 4 (id=3108):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r1}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, &(0x7f0000001c00)=0x8000000, &(0x7f0000000200)=r1}, 0x20)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r2 = syz_open_dev$evdev(&(0x7f00000000c0), 0x3, 0x40)
syz_usb_disconnect(r2)

1.676104599s ago: executing program 1 (id=3110):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x5, &(0x7f0000000280)=0x73, 0x4)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xd, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006100000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000009800000095"], &(0x7f0000000680)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r2, 0x18000000000002a0, 0x14, 0x0, &(0x7f0000000080)="d2df03c4ff4f84e5fbd9cb4608008cdd8af46937", 0x0, 0x95b4, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
setsockopt$inet6_int(r0, 0x29, 0x35, &(0x7f0000000000)=0x8000, 0x4)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_int(r0, 0x29, 0xb, &(0x7f0000000040)=0x8, 0x4)
recvmmsg(r0, &(0x7f0000000ac0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=""/53, 0x35}}], 0x1, 0x0, 0x0)
r3 = socket$nl_rdma(0x10, 0x3, 0x14)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000fcffffffffffffff00000000000000"], 0x48)
ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f0000000000)={'veth1_to_bond\x00', &(0x7f00000000c0)=@ethtool_gstrings={0x1b, 0x1}})
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0xc0100, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000080)=0xf)
syz_usb_connect_ath9k(0x3, 0x0, 0x0, 0x0)
ioctl$TCFLSH(r4, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r4, 0x5437, 0x2000000)

1.622227889s ago: executing program 3 (id=3111):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f00000000c0)})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0xe7fd}, 0x100002, 0x3, 0xfffffffc, 0x0, 0x5c, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000012c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x94)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x23}, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698d0a881c51852e4451b57d037ad3c045942824251d7d17b5191584bcd4fbe40a23424d", "bcfd56f1375461caaa2f19935e6996c7096ffeeb0300000000000064", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x41000}, 0x94)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
recvmmsg(r2, &(0x7f0000000f00)=[{{0x0, 0x0, &(0x7f0000000ec0)=[{0x0}, {0x0}, {&(0x7f0000000e00)=""/172, 0xac}], 0x3}, 0x8000}], 0x1, 0x40000000, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r6=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r4, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)={0x24, r5, 0x1, 0x70bd28, 0x1, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r6}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x1}]}, 0x24}}, 0x80)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x51, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000040)=0xffffffffffffffff, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r7}, 0x10)
perf_event_open(&(0x7f0000000800)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_clone(0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)

1.57250024s ago: executing program 2 (id=3112):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="02000000040000000800"], 0x48)
r1 = shmget$private(0x0, 0x2000, 0x10, &(0x7f0000ff6000/0x2000)=nil)
r2 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r2, &(0x7f0000000040)={0x2, 0x4e22, @loopback}, 0x10)
sendmsg$rds(r2, &(0x7f0000001600)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000780)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f00000006c0)=[{0x0}], 0x1}}], 0x48}, 0x0)
r3 = shmat(r1, &(0x7f0000ffb000/0x2000)=nil, 0x2000)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000fff000/0x1000)=nil)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='rss_stat\x00', r6}, 0x10)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000200)={0x9effffff, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x20000}}, {{0xa, 0x0, 0x40000, @dev={0xfe, 0x80, '\x00', 0x26}}}}, 0x108)
socket(0x2, 0x4, 0x0)
syz_clone(0x42000000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x9, &(0x7f00000002c0), 0x4, 0x50e, &(0x7f0000000e40)="$eJzs3c1vVF8ZAOD33nZoKYUBZaFGBRFFQ5h+AA1hI2w0hpCYEOPCBdR2aJrOME2nRFpJbJfuSSRxpX+COxcmrFy4c6c7N7gwQSUSauJizL0zbQf6Kf2YXzvPk9zee84Z5j1nhnPO3APTE0DXuhgRSxFxIiIeRUSxlZ+0jrjTPLLHvX/7fGLl7fOJJBqNB/9M8vIsL9r+TOZU6zn7fx4R34v4SbIxbn1hcWa8UinPtdJD89XZofrC4rXptJUzOjYyNnzr+s3RfWvrhepv33x3+t4Pf/+7r7z+09K3f5ZVa/AXp/Oy9nbsp2bTCzHYltcbEfcOIliH9Lb+/nD0ZL3tcxFxKe//xejJ300A4DhrNIrRKLanAYDjLrv/H4wkLbXWAgYjTUul5hre+RhIK7X6/NVi7emTycjXsM5GIX08XSkPt9YKz0YhydIj+fV6evSD9Ivy9Yg4FxEv+k7m5aWJWmWykx98AKCLnfpo/n/X15z/t/fucCoHAByc/k5XAAA4dOZ/AOg+5n8A6D7/x/zv24EAcEy4/weA7mP+B4Dus+P8v3w49QAADsUP7t/PjsZK8/dfr/6m7muT5fpMqfp0ojRRm5stTdVqU5VyaaLR2On5KrXa7MiNtWR9YfFhtfb0yfzD6er4VPlhuXCQjQEAduXchVd/ySb9pdsn8yPa9nIwV8Pxlna6AkDH9HS6AkDH+D4PdK9d3ONbBoBjbpMtej+w5X8RemnzVziqrnzR+j90q72s/1s7gKPt09b/v7Pv9QAOnzkculejkdjzHwC6jDV+YE///g8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABdajA/krSU7wW+lP1MS6WI0xFxNgrJ4+lKeTgizkTEn/sKfVl6pNOVBgD2KP170tr/60rx8mB7STEiTiT/6cuuT0TET3/14JfPxufn50ay/H+t5c+/bOUnjU41AgBYdWdjVj5Pj7bObTfy798+n1g9DrOKb+42NxfN4q60jmZJb/Tm5/4oRMTAv5NWuin7vNKzD/GXliPiC+vtf9YWYTBfA2nufPpx/Cz26QOIv/76fxw//SB+mpdl50L+Wnx+H+oC3ebV3eY42ep7WRdr9b80Lubnzft/fz5C7V02/mVjycqG8S9dG/96NsRP8j5/cS29fU3e3PjD9zdkNorNsuWIL/VuFj9Zi59sPv4WLu8ufPz1y1+9tFVZ49cRVzZt/+qO1NV8mB2ar84O1RcWr01Xx6fKU+Uno6NjI2PDt67fHB3K16ibP/+4WYx/3L56ZsvXZjliYIv4/du3P76xfbPX/Oa/j378tW3if+vrm7//57eJn82J39xl/PGBO1tu353Fn1xtf6G9ZMf3P67uFDhtnl7/bXFyl1UFAA5BfWFxZrxSKc/tcJF91tzpMS6O5kUsRezXE+aLEhHxWWhXl1ykse1jfvSJPbfTIxNw0NY7fadrAgAAAAAAAAAAAAAAbKW+sDjTd8Df1up0GwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADi+/hcAAP//G4rEcQ==")
lsm_get_self_attr(0xd, 0x0, &(0x7f0000000000), 0x3800)
set_mempolicy(0x3, &(0x7f0000000000)=0x4000000ffb, 0x8)
socket(0xa, 0x80805, 0x0)
fcntl$dupfd(r5, 0x0, r0)
openat$tun(0xffffffffffffff9c, 0x0, 0x40241, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$xdp(0xffffffffffffffff, &(0x7f0000000100)={0x2c, 0x2, 0x0, 0xa}, 0x10)
sendmsg$NFT_BATCH(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c0003800800014000000000080002400000000010000380140001007465616d3000000000000000000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c00038014"], 0xfc}}, 0x0)
shmdt(r3)

1.392093801s ago: executing program 3 (id=3113):
openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x42, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x840, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000008600850000001b000000b70000000000000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
socket$nl_route(0x10, 0x3, 0x0)
mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, 0xffffffffffffffff, 0x604ab000)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYRESHEX, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000180)='kfree\x00', 0xffffffffffffffff, 0x0, 0x6}, 0x18)
writev(0xffffffffffffffff, &(0x7f00000025c0)=[{&(0x7f0000000240)='4', 0x1}, {0x0, 0x900}], 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000480)='kmem_cache_free\x00'}, 0x18)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r2}, &(0x7f0000000200), &(0x7f0000000240)=r3}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10)
msgctl$IPC_RMID(0x0, 0x0)

1.390264801s ago: executing program 4 (id=3114):
symlink(0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
lstat(&(0x7f0000000140)='./cgroup/../file0\x00', &(0x7f0000000180))
mount$9p_unix(&(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000140), 0x1000000, 0x0)
r0 = open$dir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x80, 0x40)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f00000005c0)=@mangle={'mangle\x00', 0x64, 0x6, 0x4f0, 0x0, 0x270, 0x270, 0x340, 0x0, 0x420, 0x420, 0x420, 0x420, 0x420, 0x6, 0x0, {[{{@ipv6={@remote, @private1, [], [], 'veth1\x00', 'veth1_vlan\x00'}, 0x0, 0xa8, 0xd0, 0x0, {0x0, 0x3a010000}}, @HL={0x28, 'HL\x00', 0x0, {0xff}}}, {{@ipv6={@private1, @loopback, [0x0, 0x0, 0xff000000], [], 'tunl0\x00', 'bridge_slave_1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0x270}}, {{@ipv6={@private0, @remote, [], [], 'veth0_to_team\x00', 'tunl0\x00', {}, {}, 0x11, 0x0, 0x3, 0x44}, 0x0, 0xa8, 0xd0}, @unspec=@CHECKSUM={0x28}}, {{@ipv6={@remote, @private0, [0xff000000, 0xffffff00, 0xffffffff], [0xffffff00, 0xffffffff, 0xffffffff, 0xff000000], 'pimreg1\x00', 'pim6reg1\x00', {}, {}, 0x0, 0x4, 0x0, 0x10}, 0x0, 0xa8, 0xd0}, @common=@inet=@SYNPROXY={0x28}}, {{@ipv6={@loopback, @private2, [0xff000000, 0xff], [0x0, 0x0, 0xff000000], 'syzkaller1\x00', 'veth0_to_batadv\x00', {}, {}, 0x0, 0x0, 0x3}, 0x0, 0xa8, 0xe0}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0x1, 0x6, 0x6}, {0x2, 0x3, 0x6}, {0xffffffffffffffff, 0x5, 0x1}, 0x7c, 0xcbad}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x550)
faccessat2(r0, 0x0, 0x1, 0x100)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000800000000101"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r2}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000001880)=[{{0x0, 0x0, &(0x7f00000010c0)=[{&(0x7f00000000c0)="c8", 0x1}], 0x1, 0x0, 0x0, 0x60ff}}, {{0x0, 0x0, &(0x7f0000001800)}}], 0x2, 0x24000001)
mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x2000001, 0x30, 0xffffffffffffffff, 0x3e994000)
io_uring_enter(0xffffffffffffffff, 0x2d3e, 0x0, 0x0, 0x0, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff})
read(r4, &(0x7f0000032440)=""/102364, 0x18fdc)

1.354202441s ago: executing program 3 (id=3115):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x82e, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="02000000040000000600000005"], 0x48)
openat$tun(0xffffffffffffff9c, &(0x7f0000000740), 0x10080, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b0001006272696467650000140002800500190000000000050018"], 0x44}}, 0x80)
r2 = socket$inet6(0x10, 0x3, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRES16=r0, @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000003bc0)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000}, 0x94)
write$P9_RVERSION(r6, &(0x7f0000000c40)=ANY=[], 0x13)
r8 = getpid()
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000003c0)={r7, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)=[0x5], 0x0, 0x0, 0x1, 0x0, r8}}, 0x40)
close_range(r5, 0xffffffffffffffff, 0x0)
sendto$inet6(r2, &(0x7f0000000000)='s', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000000001000001"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000002c0)='rpcgss_svc_authenticate\x00', 0xffffffffffffffff, 0x0, 0x7}, 0x18)
r9 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r9, 0x11b, 0x4, &(0x7f0000000100)={0x0, 0x204000, 0x1000}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000980)='mm_page_free\x00'}, 0x18)
r10 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000300)={{0x1, 0x1, 0x18, <r11=>r9, {0x9}}, './file0\x00'})
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x6, 0x2000000a, &(0x7f0000000700)=ANY=[@ANYRES8=0x0], &(0x7f0000000140)='syzkaller\x00', 0x400, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, @xdp=0x25, r10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r12, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x20048a, &(0x7f00000001c0)={[{@grpjquota}, {@noinit_itable}, {@abort}, {@bsdgroups}]}, 0x12, 0x51a, &(0x7f0000001200)="$eJzs3U9sI1cZAPBvJsnam6ZNCj0AKnQphQWt1k68bVT1QjlVCFVC9MhhGxInimLHUeyUJuwhe+SORCVOcOLMAYkDUk/ckTjAjUs5IBVYgRokJFx5bGedP06sbGJv499PGvnNvLG/93Y071mfN/MCGFu3ImI/Im5ExLsRMds5nnS2eLO9tc775NGD5YNHD5aTaDbf+WeS1beORc97Wp7pfGY+In7wVsSPkmNB/xRR393bWKpUytudQ8VGdatY3927u15dWiuvlTdLpcWFxfnX771WurS+vlT9zcc3I+L3v/vyR3/c/9ZPWs2a6dT19uMytbs+dRinZTIivncVwUZgotOfGxd584XexGVKI+JzEfFydv/PxkR2NY86epm+PcTWAQBXodmcjeZs7z4AcN2lWQ4sSQudXMBMpGmh0M7hvRDTaaVWb9xZre1srrRzZXMxla6uV8rznVzhXEwlq+uT5YWs3N2vlEvH9u9FxPMR8bPczWy/sFyrrIzyiw8AjLFnjs3//8m1538A4JrLPy7mRtkOAGB48qNuAAAwdOZ/ABg/5n8AGD/mfwAYP+Z/ABg/5n8AGCvff/vt1tY86Dz/euW93Z2N2nt3V8r1jUJ1Z7mwXNveKqzVamvZM3uq531epVbbWng1dt4vNsr1RrG+u3e/WtvZbNzPnut9vzw1lF4BAGd5/qUP/5JExP4bN7Mtep73f+5c/eJVtw64SumoGwCMzMSoGwCMzMnVvoBxIR8P4+v/zWYzetbujYiHh6Weh4H2/S9CHwwUJrVuKDx9bn/xCfL/wGea/D+Mr4vl/32Xh+tA/h/GV7OZWPMfAMaMHD+QnFPf+/v/fLNnZ7Df/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBamsm2JC101gKfiTQtFCKejYi5mEpW1yvl+Yh4LiL+nJvKtfYXIsK6QQDwWZb+Pems/3V79pWZ47U3cv/NZa8R8eNfvPPz95caje2FiBvJvw6PNz7oHC+Nov0AwHm683R3Hu/65NGD5e42zPZ8/J324qKtuAedrV0zGZPZaz7LNUz/O+nst7W+r0xcQvz9hxHxhdP6n2S5kbnOyqfH47diPzvU+OmR+GlW135t/Vt8/hLaAuPmw9b48+Zp918at7LX0+//fDZCPbnu+HdwYvxLD8e/iT7j361BY7z6h++eONicbdc9jPjSZMRB98N7xp9u/KRP/FcGjP/XF7/ycr+65i8jbsdp/U+OxCo2qlvF+u7e3fXq0lp5rbxZKi0uLM6/fu+1UjHLURe7meqT/vHGnef6xW/1f7pP/Pw5/f/6gP3/1f/e/eFXz4j/za+dfv1fOCN+a078xoDxl6Z/m+9X14q/0qf/513/OwPG/+hveysDngoADEF9d29jqVIpbz95IX/mOellhBigkETsX3GIx4Xcr3/61vkn54bWngsWol/VxNPSwmtTyD0dzRigMOqRCbhqj2/6UbcEAAAAAAAAAAAAAADoZxh/TjTqPgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB9fRoAAP//j4/W2A==")
sendmsg$kcm(r11, &(0x7f0000000680)={&(0x7f0000000340)=@caif=@dbg={0x25, 0x4, 0x6}, 0x80, &(0x7f00000005c0)=[{&(0x7f00000004c0)="b17ab609cbd16a5de5f6b37d962d7efb2a0f263e42aa86a2e5cdcb80430f65550cd4c0af5cbe7741ecca53b1ccd82287e68d6e80c3e2d6591f18a2aac3e4949346f8c4bf97314dfd8c3c3629061b293a5650b2923245116adf713323bc85ee000000", 0x62}, {&(0x7f0000000400)="5963d70a3a132c8bf2b15d5d9a9b873582d1bc4e03176538e8567e6f2f8759acaaecd77b68867b553b28da45b2f6334c734b8b722dd99a57", 0x38}, {&(0x7f0000000580)="16a4bbec1d89756b0b7d724c4570157dcea2dac3a87e30c944592e1cf2a06cc446489f94fb", 0x25}], 0x3}, 0x10)
removexattr(&(0x7f0000000180)='./file0\x00', &(0x7f0000000280)=@known='system.posix_acl_default\x00')
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x58, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, 0x0, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x2c, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x4, 0x2, 0x0, 0x0, 0x7, 0x8}, {0x12, 0x3, 0x0, 0x1, 0x1, 0x400}, 0xa5, 0x4, 0x10000000}}]}}]}, 0x58}}, 0x44080)

1.238553491s ago: executing program 3 (id=3116):
syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00"/14], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000000000000000000000000001811"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x3000010, &(0x7f0000000340)={[{@errors_remount}, {@nodioread_nolock}]}, 0x1, 0x512, &(0x7f0000000380)="$eJzs3d9rY1kdAPDvvW1mOzNdk1WRdcF1cVc6i07Sbt3dIqLriz4tqOv7WNu0lCZNadJ1Whbt4H8ggoJPPvki+AcIwzz4B8jAgL6ID6KiiM7og6DOlSQ3TidN2rrTNp3m84HTnHPvzf2ec0NO7o/TewMYWy9FxFsRMRERr0ZEMZ+e5in2uqm93IP77y21UxJZ9s5fk0jyab11tdcxGRFX87dNRcTXvhzxzeRg3ObO7vpirVbdysuVVn2z0tzZvb5WX1ytrlY35ufn3lh4c+H1hdks90TtLPUyP/nS529/+lu/u/Hna99uV+tzH4lC9LXjJHWbXuhsi572Nto6jWAj0PvMC6OuCAAAx9Lex/9gRHyis/9fjInO3lyfiVHUDAAAADgp2Rem499JRAYAAABcWGlETEeSlvOxANORppfycwMfjitprdFsfWqlsb2x3J4XUYpCurJWq87mY4VLUUja5bl8jG2v/FpfeT4inouI7xcvd8rlpUZtecTnPgAAAGBcXO07/v9HMe3kjzbg/wQAAACA86s0tAAAAABcFA75AQAA4OLrP/6/PaJ6AAAAAKfiK2+/3U5Z7/nXy+/ubK833r2+XG2ul+vbS+WlxtZmebXRWO3cs69+1PpqjcbmZ2Jj+2alVW22Ks2d3Rv1xvZG68baY4/ABgAAAM7Qcx+/8+skIvY+e7mTIr8PIMBj/jDqCgAnaWLUFQBGxl28YXwVRl0BYOSSI+YbvAMAAE+/mY8evP7fe/6/cwNwsRnrAwDjx/V/GF8FIwBhrKUR8YFu9plhywy9/v/L40bJsoi7xf1TnF8EAICzNd1JSVrOjwOmI03L5YhnI9JSFJKVtVp1Nj8++FWx8Ey7PNd5Z3LkmGEAAAAAAAAAAAAAAAAAAAAAAAAAoCvLksgAAACACy0i/VPSuZt/xEzxlen+8wOXkn8W44954Ufv/ODmYqu1Ndee/rfOs7wuRUTrh/n014Y+PgwAAAA4acne0Fnd4/T8de5MawUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAGHhw/72lXjrLuH/5YkSUBsWfjKnO61QUIuLK35OY3Pe+JCImTiD+3q2IeH5Q/CQeZllWymvRHz+NiMunHL/U2TTD4189gfgwzu60+5+3Bn3/0nip8zr4+zeZpyc1vP9L88jPd/q5Qf3fswfWVh8Y44V7P6sMjX8r4oXJwf1Pr/9NhsR/+cDa/pVl2cEY3/j67u6w+NmPI2YG/v4kj8WqtOqblebO7vW1+uJqdbW6MT8/98bCmwuvL8xWVtZq1fzvwBjf+9jPHx7W/isD4v/2N93+97D2vzJspX3+c+/m/Q91s4VB8a+9PPD3dyqGxE/z375P5vn2/Jlefq+b3+/Fn9598bD2Lw/Z/kd9/teO2f5Xv/rd3x9zUQDgDDR3dtcXa7Xq1iGZqWMs8zRmfjF1Lqrxf2ay73Q/ufNSn/ebae+tPprSa9U5qNi+THZmsSbinDT5f5mRdksAAMApeLTTP+qaAAAAAAAAAAAAAAAAAAAAwPg6i9uJ9cfcG01TAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO9d8AAAD//yLg4A8=")
write$binfmt_aout(0xffffffffffffffff, 0x0, 0x20)
r0 = perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x0, 0x4, 0x0, 0x6, 0x2, 0x800000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x7}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000bc0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000fdffffff18110000751e56149e48fa74de093318bb3e59729a337e6b7f2cf8016de5473a66d05f7c8d6886bdbb6cddddbd438ffaeb239ca9b7611945155fd8e272a8da0fe05cf5f8beb2885292f431a923cb82003ebbbf2181f815f9d015da2402567eaba173d5bce1663171ef06e6682a7e64c69e60049e2602db7b5a9f4877930a6626c6e395fbde55afaea02e096c01065024fbf87772b004231be5682bfc2f46918b2a007810e2db54eda7033f012e3b94a97d47607082d9b23a40a29f7fcac43f6a02c45542aa49781eea1bc29e4e9e431800bced9f8eed6392c7d134f80f1c4d6c8c516437b8fb768cc3386cf0d4852041aa666917196fea276125eba05b1a7558da47628d459e6d93677579b002632c3e1928f5fb366310886893d966423ec2c00fe5e9d77b450c40e5dd4a9c7b07303e18a525346f28f490ab7a6b2caf6fc129f0af2798fe7085463d06fa1f614d37097b5d34421c2d8de3c95ad111221194e85621a0051bf8b9f5bed02c55eef71651508a8c466b3636", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00"/20, @ANYRES32=0x0, @ANYBLOB="0100"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xf, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000003000000000000000100000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b70300008500000083000000bf090000000000005509010000f697e300000095000000f7738edc068f8200000000bf91000000000000b7020000010000008500000076000000b70000000000"], &(0x7f0000000280)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r4}, 0x10)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
fcntl$notify(r5, 0x402, 0x4)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
r6 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r6, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f00000008c0)=ANY=[@ANYBLOB="0207000902", @ANYRES32=r1, @ANYBLOB="a29b978cf97a1c01ab2006e1df0cd28e9fe3e40d7c59c87f6ae573256232c10b691d72422ea71601f01e0b1c4f9338af8b96185b864210fd6c7a0f375f7e99b449e0652801c2d38eeacc616b0782899f0b8547f0ba63a31767bbbe5692deb9114902d71413568adf42f1e6f4178a1c26d8598022020e12cc6776748ad4730c9f", @ANYRES32=r0], 0x10}}, 0x0)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r7, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r9 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001300)=@newtfilter={0x5c, 0x2c, 0xf25, 0x70bd28, 0x2, {0x0, 0x0, 0x0, r10, {0xd, 0x4}, {}, {0x8, 0x4}}, [@filter_kind_options=@f_flow={{0x9}, {0x2c, 0x2, [@TCA_FLOW_EMATCHES={0x28, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x100}}, @TCA_EMATCH_TREE_LIST={0x1c, 0x2, 0x0, 0x1, [@TCF_EM_CMP={0x18, 0x1, 0x0, 0x0, {{0x7, 0x1, 0xbc}, {0x5, 0x100000, 0xffff, 0x4, 0x0, 0x1, 0x1}}}]}]}]}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)

1.033766383s ago: executing program 3 (id=3117):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
close(r0)
socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
add_key(&(0x7f0000000280)='rxrpc\x00', 0x0, &(0x7f0000000100)="01000000020000000000006bb55a2a630bf7c045f94cd977", 0x18, 0xffffffffffffffff)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000e00), 0xffffffffffffffff)
sendmsg$NL802154_CMD_NEW_SEC_KEY(r3, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000001080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2c010000", @ANYRES16=r4, @ANYBLOB="01000000000000000000170000000c00060001000000010000000c01308014000400976f1044852bca665354bd217b6b9037200001800c0005000400000200000200080001000300000005000200030000000500020008000000240003"], 0x12c}, 0x1, 0x0, 0x0, 0x24004821}, 0x0)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xc8, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x1)
syz_clone(0x40000000, &(0x7f0000000280)="2a30053e1c3176348270ca8b9180188fc835645c38b5c342fa86e88edfa65351a46a96741fb8b27eb7a0bbf51c48d5e453c0f1988ab9e8ce16", 0x39, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r8}, 0x10)
close(r7)
recvmsg$unix(r6, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r9=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[@ANYBLOB="8fedcb7907001175f37538e486dd630080fc00082c00db5b6861589bcfe8875a060300000023000000000000000000000000ac1414aa"], 0xfdef)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000800007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x26, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r11}, 0x10)
syz_read_part_table(0x60e, &(0x7f00000007c0)="$eJzs3D9olGccB/DvJbk7o9A4OLnUOHQSiuLoDVWSq2IhnJZCcLD/EGmmCIGTHqbo0GaImEE6dpHCdYhxUjM4KQqdizi0CBlcCnaR2iFX7u4luUAplkZK8fMZ7ve8Lz+e7/uDZ30u/K8NpVysOtVeefeTv+3vjG2u5/Nhe2LyeKfT6ZxOSjmTcsbLb60kGcnWXbM/SWVgnxvf7Vz95rf3y+0np168c/b+wtDGntXsTrJrsDmjf/Up1X82Ka/Dcu3BWC3JYveh3lpb/yi5+XyicefkwtLKifKxz7rvLyUPi/7+wRjNhTRzMV/k45FXjvpqc1nakj9/Zba+2Kydf1xvrX3bfnpwfW99+Pa5Iy/3rV69dyiZ60ZMpXfYN1X+5eAD+ZcH8ufGr00vtY4euLXn+uHm3UeNZ8O/d/qKyPL25AIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Hosd3+uzNYXm7Xzj+utta9/+vGDm88nGndOLiytnKgc+7noe1jUkaJeSDMXU04yk5l8ntlXj5wuDebXHoxd3sj/Y2fy9OD63nr79rkjLydXr9471OsqZapbhrZj4q2WR9LLz+7+89z4teml1tEDt/ZcP9y8+6jxbLj/fqaaT3vjJqlu/2cAAAAAAAAAAAAAAAAAAADwhpuYPL5v6r3G6aSUMzuS/Ppl75Z9pzr6Q3o37/v2F7VS1Bs7+v8F0H5y6kXl7P2FX4pL8fOpZj7Jru+7nW9v5FzaGlve3Jn/0p8BAAD//83YiVM=")
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x1c, &(0x7f0000000100)=[@in6={0xa, 0x4e24, 0xd3eb, @remote, 0x1}]}, &(0x7f0000000080)=0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f0000000140)={0x1, [<r12=>0x0]}, &(0x7f0000000240)=0x8)
sendmsg$inet_sctp(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000440)="be6f88e90400", 0x6}], 0x1, &(0x7f00000000c0)=ANY=[@ANYBLOB="2000000000000000840000000200000006000400280100000b008002", @ANYRES32=r12], 0x20, 0x6044}, 0x6)

502.171957ms ago: executing program 4 (id=3118):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000200), &(0x7f0000000240)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
msgctl$IPC_RMID(0x0, 0x0)
renameat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

469.366316ms ago: executing program 4 (id=3119):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000015000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, &(0x7f0000001c00)=0x8000000, &(0x7f0000000200)=r1}, 0x20)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r2 = syz_open_dev$evdev(&(0x7f00000000c0), 0x3, 0x40)
syz_usb_disconnect(r2)

124.846779ms ago: executing program 3 (id=3120):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = shmget$private(0x0, 0x2000, 0x10, &(0x7f0000ff6000/0x2000)=nil)
r2 = socket$rds(0x15, 0x5, 0x0)
sendmsg$rds(r2, &(0x7f0000001600)={&(0x7f0000000180)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000780)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f00000006c0)=[{0x0}], 0x1}}], 0x48}, 0x0)
r3 = shmat(r1, &(0x7f0000ffb000/0x2000)=nil, 0x2000)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000fff000/0x1000)=nil)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x441e, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x8, 0x1, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r6, 0x29, 0x2e, &(0x7f0000000200)={0x9effffff, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x20000}}, {{0xa, 0x0, 0x40000, @dev={0xfe, 0x80, '\x00', 0x26}}}}, 0x108)
socket(0x2, 0x4, 0x0)
syz_clone(0x42000000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x9, &(0x7f00000002c0), 0x4, 0x50e, &(0x7f0000000e40)="$eJzs3c1vVF8ZAOD33nZoKYUBZaFGBRFFQ5h+AA1hI2w0hpCYEOPCBdR2aJrOME2nRFpJbJfuSSRxpX+COxcmrFy4c6c7N7gwQSUSauJizL0zbQf6Kf2YXzvPk9zee84Z5j1nhnPO3APTE0DXuhgRSxFxIiIeRUSxlZ+0jrjTPLLHvX/7fGLl7fOJJBqNB/9M8vIsL9r+TOZU6zn7fx4R34v4SbIxbn1hcWa8UinPtdJD89XZofrC4rXptJUzOjYyNnzr+s3RfWvrhepv33x3+t4Pf/+7r7z+09K3f5ZVa/AXp/Oy9nbsp2bTCzHYltcbEfcOIliH9Lb+/nD0ZL3tcxFxKe//xejJ300A4DhrNIrRKLanAYDjLrv/H4wkLbXWAgYjTUul5hre+RhIK7X6/NVi7emTycjXsM5GIX08XSkPt9YKz0YhydIj+fV6evSD9Ivy9Yg4FxEv+k7m5aWJWmWykx98AKCLnfpo/n/X15z/t/fucCoHAByc/k5XAAA4dOZ/AOg+5n8A6D7/x/zv24EAcEy4/weA7mP+B4Dus+P8v3w49QAADsUP7t/PjsZK8/dfr/6m7muT5fpMqfp0ojRRm5stTdVqU5VyaaLR2On5KrXa7MiNtWR9YfFhtfb0yfzD6er4VPlhuXCQjQEAduXchVd/ySb9pdsn8yPa9nIwV8Pxlna6AkDH9HS6AkDH+D4PdK9d3ONbBoBjbpMtej+w5X8RemnzVziqrnzR+j90q72s/1s7gKPt09b/v7Pv9QAOnzkculejkdjzHwC6jDV+YE///g8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABdajA/krSU7wW+lP1MS6WI0xFxNgrJ4+lKeTgizkTEn/sKfVl6pNOVBgD2KP170tr/60rx8mB7STEiTiT/6cuuT0TET3/14JfPxufn50ay/H+t5c+/bOUnjU41AgBYdWdjVj5Pj7bObTfy798+n1g9DrOKb+42NxfN4q60jmZJb/Tm5/4oRMTAv5NWuin7vNKzD/GXliPiC+vtf9YWYTBfA2nufPpx/Cz26QOIv/76fxw//SB+mpdl50L+Wnx+H+oC3ebV3eY42ep7WRdr9b80Lubnzft/fz5C7V02/mVjycqG8S9dG/96NsRP8j5/cS29fU3e3PjD9zdkNorNsuWIL/VuFj9Zi59sPv4WLu8ufPz1y1+9tFVZ49cRVzZt/+qO1NV8mB2ar84O1RcWr01Xx6fKU+Uno6NjI2PDt67fHB3K16ibP/+4WYx/3L56ZsvXZjliYIv4/du3P76xfbPX/Oa/j378tW3if+vrm7//57eJn82J39xl/PGBO1tu353Fn1xtf6G9ZMf3P67uFDhtnl7/bXFyl1UFAA5BfWFxZrxSKc/tcJF91tzpMS6O5kUsRezXE+aLEhHxWWhXl1ykse1jfvSJPbfTIxNw0NY7fadrAgAAAAAAAAAAAAAAbKW+sDjTd8Df1up0GwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADi+/hcAAP//G4rEcQ==")
lsm_get_self_attr(0xd, 0x0, &(0x7f0000000000), 0x3800)
set_mempolicy(0x3, &(0x7f0000000000)=0x4000000ffb, 0x8)
socket(0xa, 0x80805, 0x0)
fcntl$dupfd(r5, 0x0, r0)
openat$tun(0xffffffffffffff9c, 0x0, 0x40241, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$xdp(0xffffffffffffffff, &(0x7f0000000100)={0x2c, 0x2, 0x0, 0xa}, 0x10)
sendmsg$NFT_BATCH(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c0003800800014000000000080002400000000010000380140001007465616d3000000000000000000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c00038014"], 0xfc}}, 0x0)
shmdt(r3)

69.717179ms ago: executing program 2 (id=3121):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="5000000010004b040000966ce0b200007a000000", @ANYRES32=0x0, @ANYBLOB="00000000181002001c0012800b00010067656e65766500000c00028008000200ac1414341400030067656e65766530"], 0x50}}, 0x80)

0s ago: executing program 2 (id=3122):
r0 = syz_open_dev$loop(&(0x7f0000000240), 0x40, 0x1c0862)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_freeze_timeout', 0x82802, 0xf)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000000280)={r1, 0x1000, {0x0, 0x0, 0x0, 0x4, 0x4000000000001001, 0x0, 0x0, 0x1c, 0xc, "faf98317e5a1149989fc8dbe53ea6acc96e3a2503dc3bd3fe37d58128bbad0099cebdc25f5ab60c9e6d680f985881a8a0f3500000000000000000e00", "32d8cc26f7061a74df2cfc06c89f3d9e234b30c50997d3bef409ff2176ff7bfe55cd4a5d83cd4a524bd3ffe70c7f3f800b2f7b6aa54cc50a1fcaed1e831fa79a", "675237601a8ca5b07dcc141802c4dae4162e43ac61b7ad3300", [0xfffffffffffffce8, 0x6]}})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3, 0x0, 0x622}, 0x18)
r4 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$USBDEVFS_CONTROL(r4, 0xc0105500, &(0x7f0000000000)={0xa0, 0x6, 0x321, 0x3, 0x0, 0x101, 0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="07000000040000008000000004000000", @ANYRES32=r1, @ANYRESOCT=r0, @ANYBLOB="49b3062d4f93eae393cfd47115e244"], 0x50)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000280), 0xffffffffffffffff)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x14, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x42, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r8}, 0x10)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0xb, 0xd, 0x200cc, 0x6, 0x5}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000200), &(0x7f0000000000), 0x8004b2, r9}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000640), &(0x7f0000001740), 0x2, r9}, 0x38)
add_key(&(0x7f00000001c0)='ceph\x00', 0x0, &(0x7f0000000840)='\x00\x00\x00\x00\x00\x00\x00\x00\x00*\x00\x00', 0xc, 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000340)=ANY=[@ANYBLOB="a4000000", @ANYRES16=r6, @ANYBLOB="000425bd7000fcdbdf25020000000500050005000000050005000100000008000300050000006000018014000400fc010000000000000000000000000000d70003008100000005000200ff00000008000600070000001400040000000000000000000000ffffffffffff14000400ff0200000000000000000000000000010500020009000000080004004000000008000300010000000800020004000000"], 0xa4}, 0x1, 0x0, 0x0, 0x24004890}, 0x40)
sendto$inet6(r5, 0x0, 0x0, 0x20004041, 0x0, 0x0)
connect$inet6(r5, &(0x7f0000000180)={0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, '\x00', 0x54}, 0x7}, 0x1c)
r10 = socket$unix(0x1, 0x5, 0x0)
connect$unix(r10, &(0x7f00000005c0)=@abs={0x1, 0x0, 0x4e22}, 0x6e)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000700), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)

kernel console output (not intermixed with test programs):

000000 R11: 0000000000000246 R12: 0000000000000000
[  260.245336][T12570] R13: 00007fa611266038 R14: 00007fa611265fa0 R15: 00007ffdd16eefc8
[  260.245424][T12570]  </TASK>
[  260.245450][T12570] memory: usage 307200kB, limit 307200kB, failcnt 6769
[  260.260652][T12596] EXT4-fs (loop0): 1 truncate cleaned up
[  260.264345][T12570] memory+swap: usage 311580kB, limit 9007199254740988kB, failcnt 0
[  260.274581][ T8924] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  260.277790][T12570] kmem: usage 307084kB, limit 9007199254740988kB, failcnt 0
[  260.280716][ T8924] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  260.285021][T12570] Memory cgroup stats for /syz3:
[  260.642818][ T8924] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[  260.656652][T12570] cache 4096
[  260.661204][T12570] rss 0
[  260.663957][T12570] shmem 0
[  260.666926][T12570] mapped_file 0
[  260.670365][T12570] dirty 0
[  260.673351][T12570] writeback 8192
[  260.676915][T12570] workingset_refault_anon 1674
[  260.681742][T12570] workingset_refault_file 7622
[  260.683931][T12599] EXT4-fs (loop1): 1 orphan inode deleted
[  260.686519][T12570] swap 4476928
[  260.686528][T12570] swapcached 16384
[  260.686536][T12570] pgpgin 152062
[  260.686543][T12570] pgpgout 152032
[  260.686550][T12570] pgfault 147239
[  260.686557][T12570] pgmajfault 1250
[  260.686564][T12570] inactive_anon 12288
[  260.686572][T12570] active_anon 0
[  260.686580][T12570] inactive_file 106496
[  260.692849][T12599] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  260.695685][T12570] active_file 0
[  260.741165][T12570] unevictable 0
[  260.744616][T12570] hierarchical_memory_limit 314572800
[  260.750030][T12570] hierarchical_memsw_limit 9223372036854771712
[  260.756214][T12570] total_cache 4096
[  260.759972][T12570] total_rss 0
[  260.763303][T12570] total_shmem 0
[  260.766808][T12570] total_mapped_file 0
[  260.770794][T12570] total_dirty 0
[  260.774236][T12570] total_writeback 8192
[  260.778341][T12570] total_workingset_refault_anon 1674
[  260.783615][T12570] total_workingset_refault_file 7622
[  260.788999][T12570] total_swap 4476928
[  260.792878][T12570] total_swapcached 16384
[  260.795831][T12596] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  260.797269][T12570] total_pgpgin 152062
[  260.813719][T12570] total_pgpgout 152032
[  260.818088][T12570] total_pgfault 147239
[  260.822238][T12570] total_pgmajfault 1250
[  260.826424][T12570] total_inactive_anon 12288
[  260.830920][T12570] total_active_anon 0
[  260.834893][T12570] total_inactive_file 106496
[  260.839579][T12570] total_active_file 0
[  260.843548][T12570] total_unevictable 0
[  260.847649][T12570] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.2852,pid=12567,uid=0
[  260.862453][T12570] Memory cgroup out of memory: Killed process 12567 (syz.3.2852) total-vm:96132kB, anon-rss:1136kB, file-rss:22456kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[  260.900652][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  260.927361][T12611] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2864'.
[  260.960959][T12611] loop1: detected capacity change from 0 to 512
[  260.972059][T12325] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  260.986694][T12615] netlink: 108 bytes leftover after parsing attributes in process `syz.1.2866'.
[  261.017238][T12615] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2866'.
[  261.076468][T12613] netlink: 'syz.2.2863': attribute type 16 has an invalid length.
[  261.084354][T12613] netlink: 'syz.2.2863': attribute type 17 has an invalid length.
[  261.124578][T12613] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  261.184865][T12632] FAULT_INJECTION: forcing a failure.
[  261.184865][T12632] name failslab, interval 1, probability 0, space 0, times 0
[  261.197625][T12632] CPU: 0 UID: 0 PID: 12632 Comm: syz.1.2871 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  261.197655][T12632] Tainted: [W]=WARN
[  261.197661][T12632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  261.197673][T12632] Call Trace:
[  261.197681][T12632]  <TASK>
[  261.197690][T12632]  __dump_stack+0x1d/0x30
[  261.197768][T12632]  dump_stack_lvl+0xe8/0x140
[  261.197787][T12632]  dump_stack+0x15/0x1b
[  261.197805][T12632]  should_fail_ex+0x265/0x280
[  261.197824][T12632]  should_failslab+0x8c/0xb0
[  261.197965][T12632]  __kmalloc_noprof+0xa5/0x570
[  261.198003][T12632]  ? bpf_test_init+0x86/0x140
[  261.198034][T12632]  bpf_test_init+0x86/0x140
[  261.198121][T12632]  bpf_prog_test_run_xdp+0x305/0x970
[  261.198168][T12632]  ? kstrtouint+0x71/0xc0
[  261.198200][T12632]  ? __rcu_read_unlock+0x4f/0x70
[  261.198228][T12632]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  261.198357][T12632]  bpf_prog_test_run+0x22a/0x390
[  261.198378][T12632]  __sys_bpf+0x4c0/0x7c0
[  261.198404][T12632]  __x64_sys_bpf+0x41/0x50
[  261.198437][T12632]  x64_sys_call+0x2aee/0x3000
[  261.198477][T12632]  do_syscall_64+0xd2/0x200
[  261.198570][T12632]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  261.198598][T12632]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  261.198691][T12632]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  261.198712][T12632] RIP: 0033:0x7f440b47f6c9
[  261.198729][T12632] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  261.198815][T12632] RSP: 002b:00007f4409edf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  261.198845][T12632] RAX: ffffffffffffffda RBX: 00007f440b6d5fa0 RCX: 00007f440b47f6c9
[  261.198857][T12632] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[  261.198870][T12632] RBP: 00007f4409edf090 R08: 0000000000000000 R09: 0000000000000000
[  261.198881][T12632] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  261.198934][T12632] R13: 00007f440b6d6038 R14: 00007f440b6d5fa0 R15: 00007ffd78123988
[  261.198953][T12632]  </TASK>
[  261.433873][T12634] loop3: detected capacity change from 0 to 512
[  261.485802][T12634] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  261.498524][T12634] ext4 filesystem being mounted at /597/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  261.522914][T12634] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #2: comm syz.3.2872: corrupted inode contents
[  261.535869][T12634] EXT4-fs error (device loop3): ext4_dirty_inode:6517: inode #2: comm syz.3.2872: mark_inode_dirty error
[  261.547652][T12634] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #2: comm syz.3.2872: corrupted inode contents
[  261.547695][T12644] loop1: detected capacity change from 0 to 512
[  261.570360][T12644] EXT4-fs error (device loop1): ext4_xattr_inode_iget:446: comm syz.1.2874: error while reading EA inode 32 err=-116
[  261.583046][T12644] EXT4-fs error (device loop1): ext4_xattr_inode_iget:446: comm syz.1.2874: error while reading EA inode 32 err=-116
[  261.596436][T12644] EXT4-fs (loop1): 1 orphan inode deleted
[  261.603177][T12644] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  261.628224][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  261.645375][T12650] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2877'.
[  261.658886][T12650] team0: Port device team_slave_1 removed
[  261.686668][T12654] netlink: 108 bytes leftover after parsing attributes in process `syz.3.2878'.
[  261.713046][T12654] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2878'.
[  261.774980][T12659] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2879'.
[  261.837675][T12669] loop4: detected capacity change from 0 to 512
[  261.906968][T12669] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  261.932169][T12669] ext4 filesystem being mounted at /563/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  262.013951][T12669] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #2: comm syz.4.2882: corrupted inode contents
[  262.047659][   T29] kauditd_printk_skb: 584 callbacks suppressed
[  262.047676][   T29] audit: type=1326 audit(1762711744.088:24533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12639 comm="syz.1.2874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f440b476567 code=0x7ffc0000
[  262.064307][T12681] loop2: detected capacity change from 0 to 512
[  262.077468][   T29] audit: type=1326 audit(1762711744.088:24534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12639 comm="syz.1.2874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f440b41b779 code=0x7ffc0000
[  262.107240][   T29] audit: type=1326 audit(1762711744.088:24535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12639 comm="syz.1.2874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f440b47f6c9 code=0x7ffc0000
[  262.130958][T12669] EXT4-fs error (device loop4): ext4_dirty_inode:6517: inode #2: comm syz.4.2882: mark_inode_dirty error
[  262.151560][T12669] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #2: comm syz.4.2882: corrupted inode contents
[  262.193942][   T29] audit: type=1326 audit(1762711744.168:24536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12639 comm="syz.1.2874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f440b476567 code=0x7ffc0000
[  262.217469][   T29] audit: type=1326 audit(1762711744.168:24537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12639 comm="syz.1.2874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f440b41b779 code=0x7ffc0000
[  262.240974][   T29] audit: type=1326 audit(1762711744.168:24538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12639 comm="syz.1.2874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f440b47f6c9 code=0x7ffc0000
[  262.264666][   T29] audit: type=1326 audit(1762711744.188:24539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12639 comm="syz.1.2874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f440b476567 code=0x7ffc0000
[  262.288317][   T29] audit: type=1326 audit(1762711744.188:24540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12639 comm="syz.1.2874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f440b41b779 code=0x7ffc0000
[  262.311941][   T29] audit: type=1326 audit(1762711744.188:24541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12639 comm="syz.1.2874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f440b47f6c9 code=0x7ffc0000
[  262.335487][   T29] audit: type=1326 audit(1762711744.218:24542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12639 comm="syz.1.2874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f440b476567 code=0x7ffc0000
[  262.378691][T12681] EXT4-fs error (device loop2): ext4_init_orphan_info:581: comm syz.2.2881: inode #0: comm syz.2.2881: iget: illegal inode #
[  262.395065][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  262.425847][T12681] EXT4-fs (loop2): get orphan inode failed
[  262.431801][T12681] EXT4-fs (loop2): mount failed
[  262.479110][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  262.496507][T12665] chnl_net:caif_netlink_parms(): no params data found
[  262.510412][T12692] loop0: detected capacity change from 0 to 512
[  262.532166][ T8896] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  262.584091][T12692] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  262.600013][T12700] FAULT_INJECTION: forcing a failure.
[  262.600013][T12700] name failslab, interval 1, probability 0, space 0, times 0
[  262.612677][T12700] CPU: 0 UID: 0 PID: 12700 Comm: syz.4.2885 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  262.612742][T12700] Tainted: [W]=WARN
[  262.612749][T12700] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  262.612812][T12700] Call Trace:
[  262.612821][T12700]  <TASK>
[  262.612831][T12700]  __dump_stack+0x1d/0x30
[  262.612864][T12700]  dump_stack_lvl+0xe8/0x140
[  262.612927][T12700]  dump_stack+0x15/0x1b
[  262.612945][T12700]  should_fail_ex+0x265/0x280
[  262.612968][T12700]  should_failslab+0x8c/0xb0
[  262.612999][T12700]  kmem_cache_alloc_lru_noprof+0x55/0x490
[  262.613114][T12700]  ? __d_alloc+0x3d/0x340
[  262.613154][T12700]  __d_alloc+0x3d/0x340
[  262.613212][T12700]  d_alloc+0x2e/0x100
[  262.613247][T12700]  lookup_one_qstr_excl+0x99/0x250
[  262.613289][T12700]  filename_create+0x149/0x230
[  262.613365][T12700]  do_symlinkat+0x65/0x3c0
[  262.613416][T12700]  __x64_sys_symlinkat+0x5a/0x70
[  262.613449][T12700]  x64_sys_call+0x2941/0x3000
[  262.613502][T12700]  do_syscall_64+0xd2/0x200
[  262.613523][T12700]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  262.613554][T12700]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  262.613636][T12700]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  262.613663][T12700] RIP: 0033:0x7f29cde9f6c9
[  262.613680][T12700] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  262.613700][T12700] RSP: 002b:00007f29cc8ff038 EFLAGS: 00000246 ORIG_RAX: 000000000000010a
[  262.613720][T12700] RAX: ffffffffffffffda RBX: 00007f29ce0f5fa0 RCX: 00007f29cde9f6c9
[  262.613795][T12700] RDX: 0000200000000080 RSI: 0000000000000006 RDI: 0000200000000400
[  262.613814][T12700] RBP: 00007f29cc8ff090 R08: 0000000000000000 R09: 0000000000000000
[  262.613830][T12700] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  262.613848][T12700] R13: 00007f29ce0f6038 R14: 00007f29ce0f5fa0 R15: 00007ffe53446e98
[  262.613869][T12700]  </TASK>
[  262.645944][T12663] syz.2.2881 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  262.647965][T12692] EXT4-fs (loop0): orphan cleanup on readonly fs
[  262.650891][T12663] CPU: 1 UID: 0 PID: 12663 Comm: syz.2.2881 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  262.650959][T12663] Tainted: [W]=WARN
[  262.650968][T12663] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  262.650983][T12663] Call Trace:
[  262.650992][T12663]  <TASK>
[  262.651001][T12663]  __dump_stack+0x1d/0x30
[  262.651026][T12663]  dump_stack_lvl+0xe8/0x140
[  262.651050][T12663]  dump_stack+0x15/0x1b
[  262.651071][T12663]  dump_header+0x81/0x220
[  262.651162][T12663]  oom_kill_process+0x342/0x400
[  262.651199][T12663]  out_of_memory+0x979/0xb80
[  262.651236][T12663]  try_charge_memcg+0x610/0xa10
[  262.651333][T12663]  obj_cgroup_charge_pages+0xa6/0x150
[  262.651359][T12663]  __memcg_kmem_charge_page+0x9f/0x170
[  262.651384][T12663]  __alloc_frozen_pages_noprof+0x188/0x360
[  262.651410][T12663]  alloc_pages_mpol+0xb3/0x260
[  262.651485][T12663]  alloc_pages_noprof+0x90/0x130
[  262.651510][T12663]  __vmalloc_node_range_noprof+0x7a5/0xed0
[  262.651604][T12663]  __kvmalloc_node_noprof+0x483/0x670
[  262.651688][T12663]  ? ip_set_alloc+0x24/0x30
[  262.651724][T12663]  ? ip_set_alloc+0x24/0x30
[  262.651758][T12663]  ? __kmalloc_cache_noprof+0x249/0x4a0
[  262.651808][T12663]  ip_set_alloc+0x24/0x30
[  262.651843][T12663]  hash_netiface_create+0x282/0x740
[  262.652006][T12663]  ? __pfx_hash_netiface_create+0x10/0x10
[  262.652088][T12663]  ip_set_create+0x3cc/0x970
[  262.652119][T12663]  ? __nla_parse+0x40/0x60
[  262.652145][T12663]  nfnetlink_rcv_msg+0x4c6/0x590
[  262.652195][T12663]  netlink_rcv_skb+0x123/0x220
[  262.652322][T12663]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  262.652375][T12663]  nfnetlink_rcv+0x167/0x16c0
[  262.652457][T12663]  ? kmem_cache_free+0xe4/0x3d0
[  262.652504][T12663]  ? __kfree_skb+0x109/0x150
[  262.652538][T12663]  ? nlmon_xmit+0x4f/0x60
[  262.652566][T12663]  ? consume_skb+0x49/0x150
[  262.652621][T12663]  ? nlmon_xmit+0x4f/0x60
[  262.652648][T12663]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  262.652734][T12663]  ? __dev_queue_xmit+0x1200/0x2000
[  262.652758][T12663]  ? __dev_queue_xmit+0x182/0x2000
[  262.652808][T12663]  ? ref_tracker_free+0x37d/0x3e0
[  262.652852][T12663]  ? __netlink_deliver_tap+0x4dc/0x500
[  262.652896][T12663]  netlink_unicast+0x5c0/0x690
[  262.652932][T12663]  netlink_sendmsg+0x58b/0x6b0
[  262.652956][T12663]  ? __pfx_netlink_sendmsg+0x10/0x10
[  262.653019][T12663]  __sock_sendmsg+0x145/0x180
[  262.653048][T12663]  ____sys_sendmsg+0x31e/0x4e0
[  262.653185][T12663]  ___sys_sendmsg+0x17b/0x1d0
[  262.653218][T12663]  __x64_sys_sendmsg+0xd4/0x160
[  262.653268][T12663]  x64_sys_call+0x191e/0x3000
[  262.653295][T12663]  do_syscall_64+0xd2/0x200
[  262.653319][T12663]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  262.653353][T12663]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  262.653493][T12663]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  262.653530][T12663] RIP: 0033:0x7fe8d752f6c9
[  262.653548][T12663] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  262.653569][T12663] RSP: 002b:00007fe8d5f8f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  262.653594][T12663] RAX: ffffffffffffffda RBX: 00007fe8d7785fa0 RCX: 00007fe8d752f6c9
[  262.653607][T12663] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000004
[  262.653620][T12663] RBP: 00007fe8d75b1f91 R08: 0000000000000000 R09: 0000000000000000
[  262.653667][T12663] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  262.653682][T12663] R13: 00007fe8d7786038 R14: 00007fe8d7785fa0 R15: 00007ffda46fc248
[  262.653703][T12663]  </TASK>
[  262.653727][T12663] memory: usage 307200kB, limit 307200kB, failcnt 4422
[  262.696616][T12692] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #16: comm syz.0.2887: corrupted inode contents
[  262.697043][T12663] memory+swap: usage 376240kB, limit 9007199254740988kB, failcnt 0
[  262.701556][T12692] EXT4-fs (loop0): Remounting filesystem read-only
[  262.706362][T12663] kmem: usage 307104kB, limit 9007199254740988kB, failcnt 0
[  262.706379][T12663] Memory cgroup stats for /syz2:
[  262.777904][T12663] cache 0
[  262.784409][T12692] EXT4-fs (loop0): 1 truncate cleaned up
[  262.790240][T12663] rss 0
[  262.790249][T12663] shmem 0
[  262.790256][T12663] mapped_file 0
[  262.790263][T12663] dirty 0
[  262.790270][T12663] writeback 0
[  262.790277][T12663] workingset_refault_anon 1381
[  262.790286][T12663] workingset_refault_file 4953
[  262.790294][T12663] swap 70696960
[  262.790301][T12663] swapcached 0
[  262.790308][T12663] pgpgin 171393
[  262.790315][T12663] pgpgout 171369
[  262.835907][ T8873] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  262.841185][T12663] pgfault 131625
[  262.844973][ T8873] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  262.845027][ T8873] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[  262.845748][T12692] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  262.855097][T12663] pgmajfault 891
[  263.317379][T12663] inactive_anon 0
[  263.321041][T12663] active_anon 0
[  263.324472][T12663] inactive_file 0
[  263.328112][T12663] active_file 98304
[  263.331891][T12663] unevictable 0
[  263.335386][T12663] hierarchical_memory_limit 314572800
[  263.340729][T12663] hierarchical_memsw_limit 9223372036854771712
[  263.346868][T12663] total_cache 0
[  263.350367][T12663] total_rss 0
[  263.353624][T12663] total_shmem 0
[  263.357155][T12663] total_mapped_file 0
[  263.361106][T12663] total_dirty 0
[  263.364557][T12663] total_writeback 0
[  263.368353][T12663] total_workingset_refault_anon 1381
[  263.373610][T12663] total_workingset_refault_file 4953
[  263.378888][T12663] total_swap 70696960
[  263.382901][T12663] total_swapcached 0
[  263.386781][T12663] total_pgpgin 171393
[  263.390740][T12663] total_pgpgout 171369
[  263.394790][T12663] total_pgfault 131625
[  263.398848][T12663] total_pgmajfault 891
[  263.402889][T12663] total_inactive_anon 0
[  263.407028][T12663] total_active_anon 0
[  263.411044][T12663] total_inactive_file 0
[  263.415241][T12663] total_active_file 98304
[  263.419555][T12663] total_unevictable 0
[  263.423558][T12663] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.2881,pid=12662,uid=0
[  263.438290][T12663] Memory cgroup out of memory: Killed process 12662 (syz.2.2881) total-vm:94084kB, anon-rss:1264kB, file-rss:22440kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[  263.476150][ T8896] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  263.528041][T12325] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  263.538614][T12708] netlink: 'syz.4.2889': attribute type 5 has an invalid length.
[  263.538649][T12665] bridge0: port 1(bridge_slave_0) entered blocking state
[  263.553656][T12665] bridge0: port 1(bridge_slave_0) entered disabled state
[  263.573146][T12665] bridge_slave_0: entered allmulticast mode
[  263.583456][T12665] bridge_slave_0: entered promiscuous mode
[  263.605717][ T8896] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  263.671449][T12665] bridge0: port 2(bridge_slave_1) entered blocking state
[  263.678624][T12665] bridge0: port 2(bridge_slave_1) entered disabled state
[  263.685907][T12665] bridge_slave_1: entered allmulticast mode
[  263.692379][T12665] bridge_slave_1: entered promiscuous mode
[  263.721968][T12665] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  263.732702][T12665] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  263.744917][ T8896] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  263.776259][T12665] team0: Port device team_slave_0 added
[  263.783028][T12665] team0: Port device team_slave_1 added
[  263.801301][T12665] batman_adv: batadv0: Adding interface: batadv_slave_0
[  263.808339][T12665] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  263.834357][T12665] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  263.846743][T12665] batman_adv: batadv0: Adding interface: batadv_slave_1
[  263.853773][T12665] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  263.868115][T12725] loop4: detected capacity change from 0 to 512
[  263.879738][T12665] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  263.889599][T12725] EXT4-fs error (device loop4): ext4_xattr_inode_iget:446: comm syz.4.2895: error while reading EA inode 32 err=-116
[  263.909466][T12725] EXT4-fs error (device loop4): ext4_xattr_inode_iget:446: comm syz.4.2895: error while reading EA inode 32 err=-116
[  263.922121][T12725] EXT4-fs (loop4): 1 orphan inode deleted
[  263.928913][T12725] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  263.948058][T12665] hsr_slave_0: entered promiscuous mode
[  263.954676][T12665] hsr_slave_1: entered promiscuous mode
[  263.969402][T12665] debugfs: 'hsr0' already exists in 'hsr'
[  263.975155][T12665] Cannot create hsr debugfs directory
[  263.990917][ T8896] bridge_slave_1: left allmulticast mode
[  263.996664][ T8896] bridge_slave_1: left promiscuous mode
[  264.002399][ T8896] bridge0: port 2(bridge_slave_1) entered disabled state
[  264.011586][ T8896] bridge_slave_0: left allmulticast mode
[  264.017364][ T8896] bridge_slave_0: left promiscuous mode
[  264.023021][ T8896] bridge0: port 1(bridge_slave_0) entered disabled state
[  264.227948][ T8896] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  264.237819][ T8896] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  264.247211][ T8896] bond0 (unregistering): Released all slaves
[  264.255074][ T8896] bond1 (unregistering): Released all slaves
[  264.331790][ T8896] hsr_slave_0: left promiscuous mode
[  264.338036][ T8896] hsr_slave_1: left promiscuous mode
[  264.346208][ T8896] veth1_macvtap: left promiscuous mode
[  264.351738][ T8896] veth0_macvtap: left promiscuous mode
[  264.378578][ T8896] pimreg (unregistering): left allmulticast mode
[  264.519416][T12742] loop0: detected capacity change from 0 to 512
[  264.527392][T12743] loop1: detected capacity change from 0 to 2048
[  264.536603][T12742] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  264.544604][T12742] EXT4-fs (loop0): orphan cleanup on readonly fs
[  264.552327][T12742] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #16: comm syz.0.2900: corrupted inode contents
[  264.568519][T12743] Alternate GPT is invalid, using primary GPT.
[  264.569835][T12742] EXT4-fs (loop0): Remounting filesystem read-only
[  264.574842][T12743]  loop1: p2 p3 p7
[  264.581762][T12742] EXT4-fs (loop0): 1 truncate cleaned up
[  264.590894][ T8873] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  264.601562][ T8873] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  264.631764][ T8873] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[  264.642644][T12742] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  264.642874][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  264.710971][T12325] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  264.732854][T12665] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  264.748154][T12665] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  264.765785][T12752] netlink: 168 bytes leftover after parsing attributes in process `syz.4.2902'.
[  264.789984][T12665] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  264.807747][T12665] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  264.853610][T12665] 8021q: adding VLAN 0 to HW filter on device bond0
[  264.865072][T12665] 8021q: adding VLAN 0 to HW filter on device team0
[  264.877684][T12769] FAULT_INJECTION: forcing a failure.
[  264.877684][T12769] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  264.879410][ T8907] bridge0: port 1(bridge_slave_0) entered blocking state
[  264.890795][T12769] CPU: 0 UID: 0 PID: 12769 Comm: syz.2.2906 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  264.890876][T12769] Tainted: [W]=WARN
[  264.890884][T12769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  264.890898][T12769] Call Trace:
[  264.890905][T12769]  <TASK>
[  264.890914][T12769]  __dump_stack+0x1d/0x30
[  264.890939][T12769]  dump_stack_lvl+0xe8/0x140
[  264.890963][T12769]  dump_stack+0x15/0x1b
[  264.891019][T12769]  should_fail_ex+0x265/0x280
[  264.891042][T12769]  should_fail+0xb/0x20
[  264.891060][T12769]  should_fail_usercopy+0x1a/0x20
[  264.891094][T12769]  _copy_from_user+0x1c/0xb0
[  264.891124][T12769]  __sys_bpf+0x183/0x7c0
[  264.891154][T12769]  __x64_sys_bpf+0x41/0x50
[  264.891189][T12769]  x64_sys_call+0x2aee/0x3000
[  264.891247][T12769]  do_syscall_64+0xd2/0x200
[  264.891308][T12769]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  264.891341][T12769]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  264.891385][T12769]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  264.891410][T12769] RIP: 0033:0x7fe8d752f6c9
[  264.891501][T12769] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  264.891522][T12769] RSP: 002b:00007fe8d5f8f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  264.891544][T12769] RAX: ffffffffffffffda RBX: 00007fe8d7785fa0 RCX: 00007fe8d752f6c9
[  264.891559][T12769] RDX: 0000000000000020 RSI: 0000200000000040 RDI: 000000000000000a
[  264.891573][T12769] RBP: 00007fe8d5f8f090 R08: 0000000000000000 R09: 0000000000000000
[  264.891653][T12769] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  264.891667][T12769] R13: 00007fe8d7786038 R14: 00007fe8d7785fa0 R15: 00007ffda46fc248
[  264.891688][T12769]  </TASK>
[  264.978968][T12766] loop4: detected capacity change from 0 to 2048
[  264.984747][ T8907] bridge0: port 1(bridge_slave_0) entered forwarding state
[  265.043078][T12768] loop0: detected capacity change from 0 to 512
[  265.094232][ T8907] bridge0: port 2(bridge_slave_1) entered blocking state
[  265.101357][ T8907] bridge0: port 2(bridge_slave_1) entered forwarding state
[  265.114091][T12768] EXT4-fs error (device loop0): ext4_init_orphan_info:581: comm syz.0.2905: inode #0: comm syz.0.2905: iget: illegal inode #
[  265.144838][T12665] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  265.155259][T12665] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  265.187087][T12766]  loop4: p1 < > p4
[  265.192772][T12766] loop4: p4 size 8388608 extends beyond EOD, truncated
[  265.209878][T12768] EXT4-fs (loop0): get orphan inode failed
[  265.218073][T12768] EXT4-fs (loop0): mount failed
[  265.312024][T12768] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2905'.
[  265.342174][T12665] 8021q: adding VLAN 0 to HW filter on device batadv0
[  265.466128][T12665] veth0_vlan: entered promiscuous mode
[  265.507987][T12665] veth1_vlan: entered promiscuous mode
[  265.531818][T12665] veth0_macvtap: entered promiscuous mode
[  265.544585][T12790] loop1: detected capacity change from 0 to 512
[  265.561738][T12665] veth1_macvtap: entered promiscuous mode
[  265.562408][T12790] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  265.584376][T12665] batman_adv: batadv0: Interface activated: batadv_slave_0
[  265.596848][T12665] batman_adv: batadv0: Interface activated: batadv_slave_1
[  265.609662][T12790] ext4 filesystem being mounted at /583/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  265.631654][ T8924] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  265.653964][ T8924] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  265.676822][ T8896] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  265.696235][ T8896] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  265.696496][T12790] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #2: comm syz.1.2908: corrupted inode contents
[  265.717163][T12790] EXT4-fs error (device loop1): ext4_dirty_inode:6517: inode #2: comm syz.1.2908: mark_inode_dirty error
[  265.728829][T12790] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #2: comm syz.1.2908: corrupted inode contents
[  265.814396][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.848807][T12801] loop3: detected capacity change from 0 to 1024
[  265.935998][T12801] EXT4-fs: Ignoring removed orlov option
[  265.946303][T12801] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  266.180243][T12813] loop2: detected capacity change from 0 to 512
[  266.201135][T12813] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  266.209361][T12813] EXT4-fs (loop2): orphan cleanup on readonly fs
[  266.219618][T12813] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #16: comm syz.2.2916: corrupted inode contents
[  266.330924][T12813] EXT4-fs (loop2): Remounting filesystem read-only
[  266.347925][T12813] EXT4-fs (loop2): 1 truncate cleaned up
[  266.353754][ T8907] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  266.364426][ T8907] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  266.450083][ T8907] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  266.506004][T12813] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  266.655903][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  266.801837][T12826] netlink: 168 bytes leftover after parsing attributes in process `syz.2.2918'.
[  267.074934][T12665] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  267.107712][T12834] netlink: 108 bytes leftover after parsing attributes in process `syz.1.2920'.
[  267.152651][T12827] loop4: detected capacity change from 0 to 512
[  267.161527][   T29] kauditd_printk_skb: 437 callbacks suppressed
[  267.161540][   T29] audit: type=1326 audit(1762711749.198:24962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12835 comm="syz.3.2921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8cefff6c9 code=0x7ffc0000
[  267.191376][   T29] audit: type=1326 audit(1762711749.198:24963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12835 comm="syz.3.2921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8cefff6c9 code=0x7ffc0000
[  267.224400][T12834] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2920'.
[  267.273621][T12826] loop2: detected capacity change from 0 to 2048
[  267.370649][T12826]  loop2: p1 < > p4
[  267.381556][T12842] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12842 comm=syz.3.2924
[  267.404562][   T29] audit: type=1326 audit(1762711749.268:24964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12835 comm="syz.3.2921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa8cefff6c9 code=0x7ffc0000
[  267.428351][   T29] audit: type=1326 audit(1762711749.268:24965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12835 comm="syz.3.2921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8cefff6c9 code=0x7ffc0000
[  267.451934][   T29] audit: type=1326 audit(1762711749.268:24966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12835 comm="syz.3.2921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8cefff6c9 code=0x7ffc0000
[  267.475617][   T29] audit: type=1326 audit(1762711749.268:24967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12835 comm="syz.3.2921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa8cefff6c9 code=0x7ffc0000
[  267.499213][   T29] audit: type=1326 audit(1762711749.268:24968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12835 comm="syz.3.2921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8cefff6c9 code=0x7ffc0000
[  267.522894][   T29] audit: type=1326 audit(1762711749.268:24969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12835 comm="syz.3.2921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa8cefff6c9 code=0x7ffc0000
[  267.546647][   T29] audit: type=1326 audit(1762711749.268:24970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12835 comm="syz.3.2921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8cefff6c9 code=0x7ffc0000
[  267.570301][   T29] audit: type=1326 audit(1762711749.268:24971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12835 comm="syz.3.2921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa8cefff6c9 code=0x7ffc0000
[  267.609471][T12826] loop2: p4 size 8388608 extends beyond EOD, truncated
[  267.657545][T12827] EXT4-fs error (device loop4): ext4_init_orphan_info:581: comm syz.4.2919: inode #0: comm syz.4.2919: iget: illegal inode #
[  267.727720][T12840] loop1: detected capacity change from 0 to 8192
[  267.828449][T12827] EXT4-fs (loop4): get orphan inode failed
[  267.835305][T12840]  loop1: p2 p3 p4
[  267.844671][T12840] loop1: p2 start 164919041 is beyond EOD, truncated
[  267.851564][T12840] loop1: p3 size 66846464 extends beyond EOD, truncated
[  267.892451][T12827] EXT4-fs (loop4): mount failed
[  268.002776][T12857] loop0: detected capacity change from 0 to 512
[  268.009300][T12840] loop1: p4 size 37048832 extends beyond EOD, truncated
[  268.026196][T12827] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2919'.
[  268.047973][T12857] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  268.058106][T12857] EXT4-fs (loop0): orphan cleanup on readonly fs
[  268.066620][T12857] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #16: comm syz.0.2928: corrupted inode contents
[  268.078742][T12857] EXT4-fs (loop0): Remounting filesystem read-only
[  268.087469][T12862] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2929'.
[  268.099091][T12857] EXT4-fs (loop0): 1 truncate cleaned up
[  268.107167][ T8896] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  268.117763][ T8896] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  268.187097][ T8896] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[  268.220036][T12864] loop1: detected capacity change from 0 to 512
[  268.231952][T12857] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  268.337652][T12325] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  268.348998][T12868] bridge0: port 3(gretap0) entered blocking state
[  268.355484][T12868] bridge0: port 3(gretap0) entered disabled state
[  268.364250][T12870] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2931'.
[  268.373356][T12870] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2931'.
[  268.375299][T12868] gretap0: entered allmulticast mode
[  268.405772][T12868] gretap0: entered promiscuous mode
[  268.406016][T12868] bridge0: port 3(gretap0) entered blocking state
[  268.417618][T12868] bridge0: port 3(gretap0) entered forwarding state
[  268.426722][T12872] FAULT_INJECTION: forcing a failure.
[  268.426722][T12872] name failslab, interval 1, probability 0, space 0, times 0
[  268.439454][T12872] CPU: 0 UID: 0 PID: 12872 Comm: syz.0.2932 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  268.439493][T12872] Tainted: [W]=WARN
[  268.439500][T12872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  268.439513][T12872] Call Trace:
[  268.439530][T12872]  <TASK>
[  268.439538][T12872]  __dump_stack+0x1d/0x30
[  268.439563][T12872]  dump_stack_lvl+0xe8/0x140
[  268.439584][T12872]  dump_stack+0x15/0x1b
[  268.439604][T12872]  should_fail_ex+0x265/0x280
[  268.439657][T12872]  should_failslab+0x8c/0xb0
[  268.439689][T12872]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[  268.439744][T12872]  ? __alloc_skb+0x101/0x320
[  268.439850][T12872]  __alloc_skb+0x101/0x320
[  268.439880][T12872]  netlink_alloc_large_skb+0xbf/0xf0
[  268.439966][T12872]  netlink_sendmsg+0x3cf/0x6b0
[  268.440126][T12872]  ? __pfx_netlink_sendmsg+0x10/0x10
[  268.440149][T12872]  __sock_sendmsg+0x145/0x180
[  268.440176][T12872]  ____sys_sendmsg+0x31e/0x4e0
[  268.440213][T12872]  ___sys_sendmsg+0x17b/0x1d0
[  268.440290][T12872]  __x64_sys_sendmsg+0xd4/0x160
[  268.440322][T12872]  x64_sys_call+0x191e/0x3000
[  268.440362][T12872]  do_syscall_64+0xd2/0x200
[  268.440405][T12872]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  268.440438][T12872]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  268.440516][T12872]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  268.440540][T12872] RIP: 0033:0x7f0b46dff6c9
[  268.440555][T12872] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  268.440575][T12872] RSP: 002b:00007f0b4585f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  268.440594][T12872] RAX: ffffffffffffffda RBX: 00007f0b47055fa0 RCX: 00007f0b46dff6c9
[  268.440625][T12872] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000008
[  268.440638][T12872] RBP: 00007f0b4585f090 R08: 0000000000000000 R09: 0000000000000000
[  268.440675][T12872] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  268.440688][T12872] R13: 00007f0b47056038 R14: 00007f0b47055fa0 R15: 00007ffde03afef8
[  268.440707][T12872]  </TASK>
[  268.441227][T12873] gretap0: left allmulticast mode
[  268.482283][T12872] loop0: detected capacity change from 0 to 256
[  268.487054][T12873] gretap0: left promiscuous mode
[  268.505700][T12872] vfat: Unknown parameter '\A���Mb���/�Hd�_�TU:�'
[  268.506469][T12873] bridge0: port 3(gretap0) entered disabled state
[  268.757482][T12882] netlink: 168 bytes leftover after parsing attributes in process `syz.3.2936'.
[  268.826619][T12899] netlink: 'syz.1.2942': attribute type 10 has an invalid length.
[  268.878607][T12882] loop3: detected capacity change from 0 to 2048
[  268.912911][T12904] loop1: detected capacity change from 0 to 2048
[  268.915809][T12882]  loop3: p1 < > p4
[  268.926310][T12904] EXT4-fs: Ignoring removed mblk_io_submit option
[  268.930111][T12882] loop3: p4 size 8388608 extends beyond EOD, truncated
[  268.932807][T12904] EXT4-fs: Ignoring removed i_version option
[  268.979317][T12904] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  268.997034][T12901] netlink: 'syz.0.2940': attribute type 16 has an invalid length.
[  269.004876][T12901] netlink: 'syz.0.2940': attribute type 17 has an invalid length.
[  269.075080][T12901] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  269.117560][T12913] loop3: detected capacity change from 0 to 512
[  269.129044][T12913] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  269.143243][T12913] EXT4-fs (loop3): orphan cleanup on readonly fs
[  269.151861][T12913] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #16: comm syz.3.2944: corrupted inode contents
[  269.164263][T12913] EXT4-fs (loop3): Remounting filesystem read-only
[  269.172563][T12913] EXT4-fs (loop3): 1 truncate cleaned up
[  269.179497][ T8889] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  269.190057][ T8889] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  269.202837][ T8889] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  269.213893][T12913] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  269.328080][T12665] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  269.415593][T12919] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  269.433223][T12921] loop4: detected capacity change from 0 to 2048
[  269.441238][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  269.470772][T12923] bridge0: port 3(gretap0) entered blocking state
[  269.477171][T12921] Alternate GPT is invalid, using primary GPT.
[  269.477549][T12923] bridge0: port 3(gretap0) entered disabled state
[  269.483612][T12921]  loop4: p2 p3 p7
[  269.558616][T12923] gretap0: entered allmulticast mode
[  269.564628][T12923] gretap0: entered promiscuous mode
[  269.570655][T12923] bridge0: port 3(gretap0) entered blocking state
[  269.577140][T12923] bridge0: port 3(gretap0) entered forwarding state
[  269.585533][T12924] gretap0: left allmulticast mode
[  269.590603][T12924] gretap0: left promiscuous mode
[  269.595658][T12924] bridge0: port 3(gretap0) entered disabled state
[  269.689932][T12931] loop2: detected capacity change from 0 to 1024
[  269.697062][T12931] EXT4-fs: Ignoring removed orlov option
[  269.705038][T12931] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  269.843953][T12941] __nla_validate_parse: 1 callbacks suppressed
[  269.843972][T12941] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2953'.
[  269.923468][T12944] loop1: detected capacity change from 0 to 512
[  270.012258][T12944] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.2953: bg 0: block 288: padding at end of block bitmap is not set
[  270.031657][T12944] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  270.041368][T12944] EXT4-fs error (device loop1): ext4_clear_blocks:876: inode #13: comm syz.1.2953: attempt to clear invalid blocks 1024 len 1
[  270.065325][T12944] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.2953: invalid indirect mapped block 1819239214 (level 0)
[  270.080027][T12944] EXT4-fs (loop1): 1 truncate cleaned up
[  270.086397][T12944] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  270.107912][T12949] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2954'.
[  270.141217][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  270.305416][T12959] ip6gretap0: entered promiscuous mode
[  270.314354][T12959] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2958'.
[  270.440735][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  270.836926][T12976] netlink: 'syz.2.2959': attribute type 16 has an invalid length.
[  270.844786][T12976] netlink: 'syz.2.2959': attribute type 17 has an invalid length.
[  271.008194][T12978] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2962'.
[  271.080585][T12976] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  271.384261][T12982] loop1: detected capacity change from 0 to 2048
[  271.456267][T12982] Alternate GPT is invalid, using primary GPT.
[  271.462663][T12982]  loop1: p2 p3 p7
[  271.482965][T12986] loop2: detected capacity change from 0 to 1024
[  271.512218][T12986] EXT4-fs: Ignoring removed orlov option
[  271.543149][T12986] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  271.580595][T12991] loop0: detected capacity change from 0 to 512
[  271.617170][T12995] loop1: detected capacity change from 0 to 512
[  271.634201][T12995] EXT4-fs: Ignoring removed orlov option
[  271.641344][T12991] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  271.662170][T12995] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a843c198, mo2=0002]
[  271.677764][T12991] ext4 filesystem being mounted at /31/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  271.688560][T12995] System zones: 1-12
[  271.697134][T12995] EXT4-fs error (device loop1): ext4_iget_extra_inode:5075: inode #15: comm syz.1.2969: corrupted in-inode xattr: e_value size too large
[  271.714271][T12995] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.2969: couldn't read orphan inode 15 (err -117)
[  271.774317][T13000] bridge0: port 3(gretap0) entered blocking state
[  271.780974][T13000] bridge0: port 3(gretap0) entered disabled state
[  271.792650][T13000] gretap0: entered allmulticast mode
[  271.818930][T13000] gretap0: entered promiscuous mode
[  271.834938][T13000] bridge0: port 3(gretap0) entered blocking state
[  271.841537][T13000] bridge0: port 3(gretap0) entered forwarding state
[  271.880096][T13005] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #2: comm syz.0.2967: corrupted inode contents
[  271.892173][T13005] EXT4-fs error (device loop0): ext4_dirty_inode:6517: inode #2: comm syz.0.2967: mark_inode_dirty error
[  271.922153][T13005] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #2: comm syz.0.2967: corrupted inode contents
[  271.934347][T13006] gretap0: left allmulticast mode
[  271.939488][T13006] gretap0: left promiscuous mode
[  271.944593][T13006] bridge0: port 3(gretap0) entered disabled state
[  272.172132][T13020] netlink: 48 bytes leftover after parsing attributes in process `syz.4.2974'.
[  272.250203][T13022] loop4: detected capacity change from 0 to 512
[  272.275957][T13022] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  272.284097][T13022] EXT4-fs (loop4): orphan cleanup on readonly fs
[  272.302869][T13022] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #16: comm syz.4.2975: corrupted inode contents
[  272.329115][   T29] kauditd_printk_skb: 172 callbacks suppressed
[  272.329131][   T29] audit: type=1326 audit(1762711754.368:25132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13025 comm="syz.3.2976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8cefff6c9 code=0x7ffc0000
[  272.332875][T13022] EXT4-fs (loop4): Remounting filesystem read-only
[  272.335386][   T29] audit: type=1326 audit(1762711754.368:25133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13025 comm="syz.3.2976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8cefff6c9 code=0x7ffc0000
[  272.336842][   T29] audit: type=1326 audit(1762711754.378:25134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13025 comm="syz.3.2976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa8cefff6c9 code=0x7ffc0000
[  272.365030][T13022] EXT4-fs (loop4): 1 truncate cleaned up
[  272.391060][   T29] audit: type=1326 audit(1762711754.408:25135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13025 comm="syz.3.2976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8cefff6c9 code=0x7ffc0000
[  272.442059][   T29] audit: type=1326 audit(1762711754.408:25136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13025 comm="syz.3.2976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8cefff6c9 code=0x7ffc0000
[  272.465763][   T29] audit: type=1326 audit(1762711754.408:25137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13025 comm="syz.3.2976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa8cefff6c9 code=0x7ffc0000
[  272.489318][   T29] audit: type=1326 audit(1762711754.408:25138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13025 comm="syz.3.2976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8cefff6c9 code=0x7ffc0000
[  272.512956][   T29] audit: type=1326 audit(1762711754.408:25139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13025 comm="syz.3.2976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8cefff6c9 code=0x7ffc0000
[  272.536618][   T29] audit: type=1326 audit(1762711754.408:25140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13025 comm="syz.3.2976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa8cefff6c9 code=0x7ffc0000
[  272.560204][   T29] audit: type=1326 audit(1762711754.408:25141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13025 comm="syz.3.2976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8cefff6c9 code=0x7ffc0000
[  272.583979][ T8889] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  272.594534][ T8889] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  272.609269][ T8889] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[  272.638406][T13003] chnl_net:caif_netlink_parms(): no params data found
[  272.676423][T13031] loop2: detected capacity change from 0 to 8192
[  272.682997][T13033] loop3: detected capacity change from 0 to 512
[  272.693099][T13035] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2978'.
[  272.705767][T13033] EXT4-fs error (device loop3): ext4_xattr_inode_iget:446: comm syz.3.2976: error while reading EA inode 32 err=-116
[  272.718964][T13033] EXT4-fs error (device loop3): ext4_xattr_inode_iget:446: comm syz.3.2976: error while reading EA inode 32 err=-116
[  272.731727][T13031]  loop2: p2 p3 p4
[  272.735623][T13031] loop2: p2 start 164919041 is beyond EOD, truncated
[  272.742384][T13031] loop2: p3 size 66846464 extends beyond EOD, truncated
[  272.742518][T13035] loop4: detected capacity change from 0 to 512
[  272.749881][T13031] loop2: p4 size 37048832 extends beyond EOD, truncated
[  272.762950][T13033] EXT4-fs (loop3): 1 orphan inode deleted
[  272.778214][T13003] bridge0: port 1(bridge_slave_0) entered blocking state
[  272.785402][T13003] bridge0: port 1(bridge_slave_0) entered disabled state
[  272.792953][T13003] bridge_slave_0: entered allmulticast mode
[  272.799798][T13003] bridge_slave_0: entered promiscuous mode
[  272.816890][ T8896] bridge_slave_1: left allmulticast mode
[  272.822546][ T8896] bridge_slave_1: left promiscuous mode
[  272.828212][ T8896] bridge0: port 2(bridge_slave_1) entered disabled state
[  272.840947][T13047] netlink: 'syz.4.2980': attribute type 13 has an invalid length.
[  272.861677][ T8896] bridge_slave_0: left allmulticast mode
[  272.867499][ T8896] bridge_slave_0: left promiscuous mode
[  272.873237][ T8896] bridge0: port 1(bridge_slave_0) entered disabled state
[  272.997093][ T8896] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  273.006376][ T8896] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  273.015390][ T8896] bond0 (unregistering): Released all slaves
[  273.023536][T13003] bridge0: port 2(bridge_slave_1) entered blocking state
[  273.030699][T13003] bridge0: port 2(bridge_slave_1) entered disabled state
[  273.037994][T13003] bridge_slave_1: entered allmulticast mode
[  273.044272][T13003] bridge_slave_1: entered promiscuous mode
[  273.081972][T13047] A link change request failed with some changes committed already. Interface 
60�X��� may have been left with an inconsistent configuration, please check.
[  273.117667][T13003] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  273.127673][T13051] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2981'.
[  273.151496][ T8896] hsr_slave_0: left promiscuous mode
[  273.159882][ T8896] batman_adv: batadv0: Removing interface: batadv_slave_0
[  273.175490][ T8896] batman_adv: batadv0: Removing interface: batadv_slave_1
[  273.185269][ T8896] batman_adv: batadv0: Removing interface: veth1_vlan
[  273.276522][ T8896] team0 (unregistering): Port device team_slave_1 removed
[  273.286995][ T8896] team0 (unregistering): Port device team_slave_0 removed
[  273.303448][ T8907] smc: removing ib device syz0
[  273.341245][T13003] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  273.356932][T13064] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2984'.
[  273.518008][T13003] team0: Port device team_slave_0 added
[  273.533111][T13003] team0: Port device team_slave_1 added
[  273.584392][T13003] batman_adv: batadv0: Adding interface: batadv_slave_0
[  273.591456][T13003] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  273.617590][T13003] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  273.639819][T13076] loop2: detected capacity change from 0 to 512
[  273.648641][T13078] loop0: detected capacity change from 0 to 512
[  273.658243][T13078] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.2986: bg 0: block 393: padding at end of block bitmap is not set
[  273.673565][T13076] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  273.681669][T13076] EXT4-fs (loop2): orphan cleanup on readonly fs
[  273.688654][T13078] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  273.698181][T13003] batman_adv: batadv0: Adding interface: batadv_slave_1
[  273.705242][T13003] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  273.731283][T13003] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  273.744619][T13078] EXT4-fs (loop0): 2 truncates cleaned up
[  273.750495][T13076] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #16: comm syz.2.2987: corrupted inode contents
[  273.770902][T13076] EXT4-fs (loop2): Remounting filesystem read-only
[  273.782840][T13076] EXT4-fs (loop2): 1 truncate cleaned up
[  273.788929][ T8880] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  273.799512][ T8880] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  273.813379][ T8880] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  273.856666][T13003] hsr_slave_0: entered promiscuous mode
[  273.864717][T13003] hsr_slave_1: entered promiscuous mode
[  273.871228][T13003] debugfs: 'hsr0' already exists in 'hsr'
[  273.877030][T13003] Cannot create hsr debugfs directory
[  274.038970][T13084] loop4: detected capacity change from 0 to 512
[  274.045921][T13084] ext4: Unknown parameter 'noquot'
[  274.078236][ T8896] ------------[ cut here ]------------
[  274.083719][ T8896] WARNING: CPU: 0 PID: 8896 at net/xfrm/xfrm_state.c:3306 xfrm_state_fini+0x179/0x1f0
[  274.093458][ T8896] Modules linked in:
[  274.097399][ T8896] CPU: 0 UID: 0 PID: 8896 Comm: kworker/u8:35 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  274.109012][ T8896] Tainted: [W]=WARN
[  274.112810][ T8896] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  274.122874][ T8896] Workqueue: netns cleanup_net
[  274.127682][ T8896] RIP: 0010:xfrm_state_fini+0x179/0x1f0
[  274.133256][ T8896] Code: 48 8d bb 70 0e 00 00 e8 65 41 b7 fc 48 8b bb 70 0e 00 00 e8 c9 ee c3 fc 5b 41 5e 41 5f 5d c3 cc cc cc cc cc e8 f8 e7 9b fc 90 <0f> 0b 90 e9 d9 fe ff ff e8 ea e7 9b fc 90 0f 0b 90 4c 89 f7 e8 2e
[  274.153205][ T8896] RSP: 0018:ffffc90002d47c60 EFLAGS: 00010293
[  274.159290][ T8896] RAX: ffffffff84bb62c8 RBX: ffff88810a058000 RCX: ffff88814e706300
[  274.167333][ T8896] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88810a058e40
[  274.175339][ T8896] RBP: ffffffff86c91080 R08: 0001ffff8684810f R09: 0000000000000000
[  274.183538][ T8896] R10: ffffc90002d47be8 R11: 0001c90002d47be8 R12: ffffffff86c910a0
[  274.191557][ T8896] R13: ffff88810a058028 R14: ffff88810a058e40 R15: ffff88810a058000
[  274.199760][ T8896] FS:  0000000000000000(0000) GS:ffff8882aee13000(0000) knlGS:0000000000000000
[  274.209274][ T8896] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  274.215898][ T8896] CR2: 00007f29cc8ff9c8 CR3: 0000000137d6e000 CR4: 00000000003506f0
[  274.223894][ T8896] DR0: 0000000000000002 DR1: 0000000000000000 DR2: 0000000000000000
[  274.231990][ T8896] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  274.239990][ T8896] Call Trace:
[  274.243315][ T8896]  <TASK>
[  274.246273][ T8896]  xfrm_net_exit+0x2d/0x60
[  274.250738][ T8896]  ops_undo_list+0x27b/0x410
[  274.255546][ T8896]  cleanup_net+0x2f4/0x4f0
[  274.259988][ T8896]  process_scheduled_works+0x4ce/0x9d0
[  274.265560][ T8896]  worker_thread+0x582/0x770
[  274.270149][ T8896]  kthread+0x489/0x510
[  274.274275][ T8896]  ? finish_task_switch+0xad/0x2b0
[  274.279453][ T8896]  ? __pfx_worker_thread+0x10/0x10
[  274.284577][ T8896]  ? __pfx_kthread+0x10/0x10
[  274.289265][ T8896]  ret_from_fork+0x122/0x1b0
[  274.293917][ T8896]  ? __pfx_kthread+0x10/0x10
[  274.298603][ T8896]  ret_from_fork_asm+0x1a/0x30
[  274.303380][ T8896]  </TASK>
[  274.306472][ T8896] ---[ end trace 0000000000000000 ]---
[  274.386127][T13090] loop0: detected capacity change from 0 to 512
[  274.400818][T13090] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  274.425336][T13003] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  274.448613][T13090] EXT4-fs (loop0): orphan cleanup on readonly fs
[  274.465954][T13090] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #16: comm syz.0.2988: corrupted inode contents
[  274.485674][T13090] EXT4-fs (loop0): Remounting filesystem read-only
[  274.495689][T13090] EXT4-fs (loop0): 1 truncate cleaned up
[  274.501521][ T8924] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  274.512203][ T8924] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  274.538556][ T8924] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[  274.564869][T13003] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  274.602453][T13003] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  274.614437][T13101] loop3: detected capacity change from 0 to 512
[  274.631253][T13003] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  274.638882][T13101] EXT4-fs: Ignoring removed orlov option
[  274.653944][T13103] loop2: detected capacity change from 0 to 1024
[  274.661316][T13103] EXT4-fs: Ignoring removed orlov option
[  274.668835][T13101] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a843c198, mo2=0002]
[  274.679208][T13101] System zones: 1-12
[  274.693351][T13101] EXT4-fs error (device loop3): ext4_iget_extra_inode:5075: inode #15: comm syz.3.2991: corrupted in-inode xattr: e_value size too large
[  274.711621][T13084] loop4: detected capacity change from 0 to 32768
[  274.722781][T13101] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.2991: couldn't read orphan inode 15 (err -117)
[  274.739927][T13003] 8021q: adding VLAN 0 to HW filter on device bond0
[  274.753179][T13003] 8021q: adding VLAN 0 to HW filter on device team0
[  274.760216][T13114] loop0: detected capacity change from 0 to 512
[  274.770097][T13084]  loop4: p2 p3
[  274.772893][T13003] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  274.783977][T13003] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  274.795900][T13084] loop4: p3 size 196608 extends beyond EOD, truncated
[  274.798340][ T8907] bridge0: port 1(bridge_slave_0) entered blocking state
[  274.809843][ T8907] bridge0: port 1(bridge_slave_0) entered forwarding state
[  274.818778][T13114] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  274.819271][ T8907] bridge0: port 2(bridge_slave_1) entered blocking state
[  274.833870][ T8907] bridge0: port 2(bridge_slave_1) entered forwarding state
[  274.835764][T13114] EXT4-fs (loop0): orphan cleanup on readonly fs
[  274.859144][T13114] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #16: comm syz.0.2993: corrupted inode contents
[  274.881088][T13114] EXT4-fs (loop0): Remounting filesystem read-only
[  274.918235][T13114] EXT4-fs (loop0): 1 truncate cleaned up
[  274.918587][T13003] 8021q: adding VLAN 0 to HW filter on device batadv0
[  274.930930][ T8896] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  274.941702][ T8896] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  274.952762][ T8896] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[  275.041431][T13003] veth0_vlan: entered promiscuous mode
[  275.050164][T13003] veth1_vlan: entered promiscuous mode
[  275.067967][T13003] veth0_macvtap: entered promiscuous mode
[  275.076421][T13003] veth1_macvtap: entered promiscuous mode
[  275.085047][T13135] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2998'.
[  275.116988][T13135] team0: Failed to send options change via netlink (err -105)
[  275.124555][T13135] team0: Failed to send port change of device team_slave_1 via netlink (err -105)
[  275.138522][T13143] loop0: detected capacity change from 0 to 512
[  275.148412][T13135] team0: Port device team_slave_1 removed
[  275.156295][T13143] EXT4-fs error (device loop0): ext4_init_orphan_info:581: comm syz.0.3000: inode #0: comm syz.0.3000: iget: illegal inode #
[  275.169737][T13143] EXT4-fs (loop0): get orphan inode failed
[  275.174326][T13003] batman_adv: batadv0: Interface activated: batadv_slave_0
[  275.178746][T13143] EXT4-fs (loop0): mount failed
[  275.190966][T13003] batman_adv: batadv0: Interface activated: batadv_slave_1
[  275.202316][ T8924] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  275.222797][ T8924] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  275.232981][ T8924] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  275.242996][ T8924] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  275.307222][T13153] loop3: detected capacity change from 0 to 512
[  275.331140][T13143] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3000'.
[  275.341270][T13153] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  275.350311][T13153] EXT4-fs (loop3): orphan cleanup on readonly fs
[  275.372865][T13153] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #16: comm syz.3.3002: corrupted inode contents
[  275.397984][T13153] EXT4-fs (loop3): Remounting filesystem read-only
[  275.473624][T13153] EXT4-fs (loop3): 1 truncate cleaned up
[  275.480541][ T8873] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  275.491271][ T8873] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  275.506230][ T8873] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  275.537370][T13160] loop2: detected capacity change from 0 to 512
[  275.544587][T13160] EXT4-fs: Ignoring removed orlov option
[  275.559883][T13160] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a843c198, mo2=0002]
[  275.580908][T13160] System zones: 1-12
[  275.592504][T13160] EXT4-fs error (device loop2): ext4_iget_extra_inode:5075: inode #15: comm syz.2.3003: corrupted in-inode xattr: e_value size too large
[  275.608751][T13163] 9pnet: Unknown protocol version 9p200
[  275.648998][T13160] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.3003: couldn't read orphan inode 15 (err -117)
[  275.665870][T13165] loop3: detected capacity change from 0 to 512
[  275.676720][T13167] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  275.706150][T13165] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.3006: bg 0: block 393: padding at end of block bitmap is not set
[  275.725831][T13165] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  275.745382][T13165] EXT4-fs (loop3): 2 truncates cleaned up
[  275.875283][T13184] loop4: detected capacity change from 0 to 512
[  275.883014][T13186] bridge0: port 3(gretap0) entered blocking state
[  275.889598][T13186] bridge0: port 3(gretap0) entered disabled state
[  275.905509][T13186] gretap0: entered allmulticast mode
[  275.911679][T13186] gretap0: entered promiscuous mode
[  275.911959][T13184] ext4 filesystem being mounted at /590/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  275.919417][T13186] bridge0: port 3(gretap0) entered blocking state
[  275.933836][T13186] bridge0: port 3(gretap0) entered forwarding state
[  275.944401][T13186] gretap0: left allmulticast mode
[  275.949503][T13186] gretap0: left promiscuous mode
[  275.954624][T13186] bridge0: port 3(gretap0) entered disabled state
[  275.963067][T12325] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  275.974050][T12325] CPU: 1 UID: 0 PID: 12325 Comm: syz-executor Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  275.974085][T12325] Tainted: [W]=WARN
[  275.974092][T12325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  275.974104][T12325] Call Trace:
[  275.974111][T12325]  <TASK>
[  275.974143][T12325]  __dump_stack+0x1d/0x30
[  275.974172][T12325]  dump_stack_lvl+0xe8/0x140
[  275.974197][T12325]  dump_stack+0x15/0x1b
[  275.974262][T12325]  dump_header+0x81/0x220
[  275.974281][T12325]  oom_kill_process+0x342/0x400
[  275.974369][T12325]  out_of_memory+0x979/0xb80
[  275.974402][T12325]  try_charge_memcg+0x610/0xa10
[  275.974513][T12325]  charge_memcg+0x51/0xc0
[  275.974593][T12325]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  275.974626][T12325]  __read_swap_cache_async+0x17b/0x2d0
[  275.974653][T12325]  swap_cluster_readahead+0x262/0x3c0
[  275.974680][T12325]  swapin_readahead+0xde/0x6f0
[  275.974762][T12325]  ? css_rstat_updated+0xb7/0x240
[  275.974782][T12325]  ? mod_memcg_lruvec_state+0x1fc/0x2c0
[  275.974820][T12325]  ? __rcu_read_unlock+0x4f/0x70
[  275.974846][T12325]  ? __rcu_read_unlock+0x4f/0x70
[  275.974894][T12325]  ? swap_cache_get_folio+0x277/0x280
[  275.974919][T12325]  do_swap_page+0x2ae/0x2370
[  275.974942][T12325]  ? _raw_spin_unlock+0x26/0x50
[  275.975041][T12325]  ? finish_task_switch+0xad/0x2b0
[  275.975070][T12325]  ? __pfx_default_wake_function+0x10/0x10
[  275.975103][T12325]  handle_mm_fault+0x9a5/0x2be0
[  275.975133][T12325]  ? vma_start_read+0x141/0x1f0
[  275.975252][T12325]  do_user_addr_fault+0x630/0x1080
[  275.975279][T12325]  ? fpregs_restore_userregs+0xe2/0x1d0
[  275.975365][T12325]  ? switch_fpu_return+0xe/0x20
[  275.975398][T12325]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  275.975496][T12325]  exc_page_fault+0x62/0xa0
[  275.975529][T12325]  asm_exc_page_fault+0x26/0x30
[  275.975551][T12325] RIP: 0033:0x7f0b46e31f45
[  275.975710][T12325] Code: 00 00 00 00 00 83 ff 03 74 7b 83 ff 02 b8 fa ff ff ff 49 89 ca 0f 44 f8 80 3d 1e 66 1f 00 00 74 14 b8 e6 00 00 00 0f 05 f7 d8 <c3> 66 2e 0f 1f 84 00 00 00 00 00 48 83 ec 28 48 89 54 24 10 89 74
[  275.975722][T12325] RSP: 002b:00007ffde03b0238 EFLAGS: 00010246
[  275.975732][T12325] RAX: 0000000000000000 RBX: 0000000000000062 RCX: 00007f0b46e31f43
[  275.975741][T12325] RDX: 00007ffde03b0250 RSI: 0000000000000000 RDI: 0000000000000000
[  275.975776][T12325] RBP: 00007ffde03b02bc R08: 000000002eb10dd6 R09: 0000000000000000
[  275.975783][T12325] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000001388
[  275.975791][T12325] R13: 00000000000927c0 R14: 0000000000043475 R15: 00007ffde03b0310
[  275.975802][T12325]  </TASK>
[  276.225840][T12325] memory: usage 307200kB, limit 307200kB, failcnt 3707
[  276.232713][T12325] memory+swap: usage 307564kB, limit 9007199254740988kB, failcnt 0
[  276.240847][T12325] kmem: usage 307072kB, limit 9007199254740988kB, failcnt 0
[  276.248330][T12325] Memory cgroup stats for /syz0:
[  276.249114][T12325] cache 0
[  276.256991][T13191] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #2: comm syz.4.3014: corrupted inode contents
[  276.257107][T12325] rss 32768
[  276.269109][T13185] netlink: 'syz.2.3010': attribute type 16 has an invalid length.
[  276.271988][T12325] shmem 0
[  276.271996][T12325] mapped_file 0
[  276.272003][T12325] dirty 0
[  276.280477][T13185] netlink: 'syz.2.3010': attribute type 17 has an invalid length.
[  276.283382][T12325] writeback 32768
[  276.283439][T12325] workingset_refault_anon 1156
[  276.298928][T13191] EXT4-fs error (device loop4): ext4_dirty_inode:6517: inode #2: comm syz.4.3014: mark_inode_dirty error
[  276.301214][T12325] workingset_refault_file 8025
[  276.301226][T12325] swap 372736
[  276.301234][T12325] swapcached 32768
[  276.306785][T13191] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #2: comm syz.4.3014: corrupted inode contents
[  276.317355][T12325] pgpgin 187603
[  276.317367][T12325] pgpgout 187575
[  276.317379][T12325] pgfault 159115
[  276.317386][T12325] pgmajfault 812
[  276.317394][T12325] inactive_anon 32768
[  276.317402][T12325] active_anon 0
[  276.317427][T12325] inactive_file 81920
[  276.317434][T12325] active_file 0
[  276.317441][T12325] unevictable 0
[  276.317448][T12325] hierarchical_memory_limit 314572800
[  276.317457][T12325] hierarchical_memsw_limit 9223372036854771712
[  276.317466][T12325] total_cache 0
[  276.317474][T12325] total_rss 32768
[  276.349033][T12325] total_shmem 0
[  276.397072][T12325] total_mapped_file 0
[  276.401081][T12325] total_dirty 0
[  276.404524][T12325] total_writeback 32768
[  276.408717][T12325] total_workingset_refault_anon 1156
[  276.413994][T12325] total_workingset_refault_file 8025
[  276.419301][T12325] total_swap 372736
[  276.423161][T12325] total_swapcached 32768
[  276.427441][T12325] total_pgpgin 187603
[  276.431413][T12325] total_pgpgout 187575
[  276.435498][T12325] total_pgfault 159115
[  276.439563][T12325] total_pgmajfault 812
[  276.443690][T12325] total_inactive_anon 32768
[  276.448212][T12325] total_active_anon 0
[  276.452201][T12325] total_inactive_file 81920
[  276.456720][T12325] total_active_file 0
[  276.460823][T12325] total_unevictable 0
[  276.464988][T12325] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.3000,pid=13139,uid=0
[  276.479843][T12325] Memory cgroup out of memory: Killed process 13139 (syz.0.3000) total-vm:96132kB, anon-rss:1136kB, file-rss:22596kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  276.497145][T13185] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  276.564957][T13197] loop4: detected capacity change from 0 to 1024
[  276.590869][T13197] EXT4-fs: Ignoring removed orlov option
[  276.882641][T13209] loop1: detected capacity change from 0 to 512
[  276.894826][T13209] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.3020: bg 0: block 393: padding at end of block bitmap is not set
[  276.909458][T13209] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  276.918994][T13209] EXT4-fs (loop1): 2 truncates cleaned up
[  277.025037][T13221] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3021'.
[  277.047415][T13223] FAULT_INJECTION: forcing a failure.
[  277.047415][T13223] name failslab, interval 1, probability 0, space 0, times 0
[  277.060257][T13223] CPU: 0 UID: 0 PID: 13223 Comm: syz.1.3024 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  277.060291][T13223] Tainted: [W]=WARN
[  277.060332][T13223] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  277.060347][T13223] Call Trace:
[  277.060353][T13223]  <TASK>
[  277.060362][T13223]  __dump_stack+0x1d/0x30
[  277.060385][T13223]  dump_stack_lvl+0xe8/0x140
[  277.060406][T13223]  dump_stack+0x15/0x1b
[  277.060424][T13223]  should_fail_ex+0x265/0x280
[  277.060446][T13223]  should_failslab+0x8c/0xb0
[  277.060533][T13223]  kmem_cache_alloc_noprof+0x50/0x480
[  277.060566][T13223]  ? alloc_empty_file+0x76/0x200
[  277.060618][T13223]  alloc_empty_file+0x76/0x200
[  277.060689][T13223]  path_openat+0x68/0x2170
[  277.060712][T13223]  ? mntput+0x4b/0x80
[  277.060729][T13223]  ? terminate_walk+0x27f/0x2a0
[  277.060762][T13223]  ? path_openat+0x1bf8/0x2170
[  277.060837][T13223]  ? _parse_integer_limit+0x170/0x190
[  277.060879][T13223]  do_filp_open+0x109/0x230
[  277.060910][T13223]  do_open_execat+0xd8/0x260
[  277.061017][T13223]  alloc_bprm+0x25/0x350
[  277.061042][T13223]  do_execveat_common+0x12e/0x750
[  277.061073][T13223]  __x64_sys_execve+0x5c/0x70
[  277.061099][T13223]  x64_sys_call+0x271a/0x3000
[  277.061193][T13223]  do_syscall_64+0xd2/0x200
[  277.061214][T13223]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  277.061257][T13223]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  277.061345][T13223]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  277.061367][T13223] RIP: 0033:0x7f97f608f6c9
[  277.061383][T13223] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  277.061401][T13223] RSP: 002b:00007f97f4aef038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
[  277.061443][T13223] RAX: ffffffffffffffda RBX: 00007f97f62e5fa0 RCX: 00007f97f608f6c9
[  277.061459][T13223] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000180
[  277.061473][T13223] RBP: 00007f97f4aef090 R08: 0000000000000000 R09: 0000000000000000
[  277.061488][T13223] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  277.061500][T13223] R13: 00007f97f62e6038 R14: 00007f97f62e5fa0 R15: 00007ffefcfa4958
[  277.061526][T13223]  </TASK>
[  277.373311][T13229] loop1: detected capacity change from 0 to 512
[  277.410691][T13229] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  277.435454][T13229] EXT4-fs (loop1): orphan cleanup on readonly fs
[  277.445925][T13229] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #16: comm syz.1.3025: corrupted inode contents
[  277.458660][T13229] EXT4-fs (loop1): Remounting filesystem read-only
[  277.474874][T13235] loop0: detected capacity change from 0 to 512
[  277.475371][T13229] EXT4-fs (loop1): 1 truncate cleaned up
[  277.496365][ T8924] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  277.506968][ T8924] __quota_error: 499 callbacks suppressed
[  277.506982][ T8924] Quota error (device loop1): write_blk: dquota write failed
[  277.520243][ T8924] Quota error (device loop1): remove_free_dqentry: Can't write block (5) with free entries
[  277.530398][ T8924] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  277.540914][ T8924] Quota error (device loop1): write_blk: dquota write failed
[  277.548303][ T8924] Quota error (device loop1): free_dqentry: Can't move quota data block (5) to free list
[  277.614881][T13240] FAULT_INJECTION: forcing a failure.
[  277.614881][T13240] name failslab, interval 1, probability 0, space 0, times 0
[  277.627731][T13240] CPU: 1 UID: 0 PID: 13240 Comm: syz.2.3030 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  277.627828][T13240] Tainted: [W]=WARN
[  277.627879][T13240] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  277.627890][T13240] Call Trace:
[  277.627908][T13240]  <TASK>
[  277.627916][T13240]  __dump_stack+0x1d/0x30
[  277.627940][T13240]  dump_stack_lvl+0xe8/0x140
[  277.627959][T13240]  dump_stack+0x15/0x1b
[  277.627976][T13240]  should_fail_ex+0x265/0x280
[  277.628004][T13240]  should_failslab+0x8c/0xb0
[  277.628032][T13240]  kmem_cache_alloc_noprof+0x50/0x480
[  277.628062][T13240]  ? audit_log_start+0x342/0x720
[  277.628083][T13240]  audit_log_start+0x342/0x720
[  277.628125][T13240]  ? kstrtouint+0x76/0xc0
[  277.628213][T13240]  audit_seccomp+0x48/0x100
[  277.628294][T13240]  ? __seccomp_filter+0x82d/0x1250
[  277.628320][T13240]  __seccomp_filter+0x83e/0x1250
[  277.628347][T13240]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  277.628378][T13240]  ? vfs_write+0x7e8/0x960
[  277.628482][T13240]  ? __rcu_read_unlock+0x4f/0x70
[  277.628586][T13240]  ? __fget_files+0x184/0x1c0
[  277.628629][T13240]  __secure_computing+0x82/0x150
[  277.628665][T13240]  syscall_trace_enter+0xcf/0x1e0
[  277.628693][T13240]  do_syscall_64+0xac/0x200
[  277.628714][T13240]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  277.628765][T13240]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  277.628796][T13240]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  277.628841][T13240] RIP: 0033:0x7fe8d752f6c9
[  277.628856][T13240] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  277.628873][T13240] RSP: 002b:00007fe8d5f8f038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9
[  277.628891][T13240] RAX: ffffffffffffffda RBX: 00007fe8d7785fa0 RCX: 00007fe8d752f6c9
[  277.628903][T13240] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 00000000000056ab
[  277.628914][T13240] RBP: 00007fe8d5f8f090 R08: 0000000000000000 R09: 0000000000000000
[  277.628945][T13240] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  277.629007][T13240] R13: 00007fe8d7786038 R14: 00007fe8d7785fa0 R15: 00007ffda46fc248
[  277.629023][T13240]  </TASK>
[  277.629031][T13240] audit: audit_lost=3 audit_rate_limit=0 audit_backlog_limit=64
[  277.725484][   T29] audit: type=1326 audit(1762711759.648:25611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13239 comm="syz.2.3030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8d752f6c9 code=0x7ffc0000
[  277.728094][T13240] audit: out of memory in audit_log_start
[  277.732990][   T29] audit: type=1326 audit(1762711759.648:25612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13239 comm="syz.2.3030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fe8d752f6c9 code=0x7ffc0000
[  277.740642][T13235] EXT4-fs error (device loop0): ext4_init_orphan_info:581: comm syz.0.3027: inode #0: comm syz.0.3027: iget: illegal inode #
[  277.742575][   T29] audit: type=1400 audit(1762711759.648:25613): avc:  denied  { bind } for  pid=13239 comm="syz.2.3030" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  277.758337][ T8924] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[  277.764225][   T29] audit: type=1326 audit(1762711759.648:25614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13239 comm="syz.2.3030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8d752f6c9 code=0x7ffc0000
[  277.773059][T13235] EXT4-fs (loop0): get orphan inode failed
[  277.980397][T13235] EXT4-fs (loop0): mount failed
[  278.036738][T13230] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3027'.
[  278.053174][T13249] bridge0: port 3(gretap0) entered blocking state
[  278.058610][T13250] loop1: detected capacity change from 0 to 512
[  278.059719][T13249] bridge0: port 3(gretap0) entered disabled state
[  278.072576][T13249] gretap0: entered allmulticast mode
[  278.081580][T13249] gretap0: entered promiscuous mode
[  278.088450][T13249] bridge0: port 3(gretap0) entered blocking state
[  278.095011][T13249] bridge0: port 3(gretap0) entered forwarding state
[  278.105058][T13250] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  278.113392][T13255] gretap0: left allmulticast mode
[  278.118452][T13255] gretap0: left promiscuous mode
[  278.123514][T13255] bridge0: port 3(gretap0) entered disabled state
[  278.143730][T13250] EXT4-fs (loop1): orphan cleanup on readonly fs
[  278.173371][T13250] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #16: comm syz.1.3032: corrupted inode contents
[  278.200314][T13250] EXT4-fs (loop1): Remounting filesystem read-only
[  278.282891][T13250] EXT4-fs (loop1): 1 truncate cleaned up
[  278.311787][ T8924] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  278.322391][ T8924] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  278.333056][ T8924] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[  278.348958][T13260] loop0: detected capacity change from 0 to 512
[  278.366814][T13263] loop4: detected capacity change from 0 to 512
[  278.373349][T13263] EXT4-fs: Ignoring removed mblk_io_submit option
[  278.380937][T13263] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -13
[  278.381245][T13260] ext4 filesystem being mounted at /40/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  278.390065][T13263] EXT4-fs error (device loop4): ext4_clear_blocks:876: inode #13: comm syz.4.3036: attempt to clear invalid blocks 2 len 1
[  278.412735][T13263] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  278.427292][T13263] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.3036: invalid indirect mapped block 1819239214 (level 0)
[  278.441406][T13263] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.3036: invalid indirect mapped block 1819239214 (level 1)
[  278.455901][T13263] EXT4-fs (loop4): 1 truncate cleaned up
[  278.486213][T13260] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #2: comm syz.0.3035: corrupted inode contents
[  278.499593][T13260] EXT4-fs error (device loop0): ext4_dirty_inode:6517: inode #2: comm syz.0.3035: mark_inode_dirty error
[  278.511395][T13260] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #2: comm syz.0.3035: corrupted inode contents
[  278.611570][T13275] loop1: detected capacity change from 0 to 512
[  278.714360][T13275] EXT4-fs error (device loop1): ext4_init_orphan_info:581: comm syz.1.3038: inode #0: comm syz.1.3038: iget: illegal inode #
[  278.754321][T13275] EXT4-fs (loop1): get orphan inode failed
[  278.795447][T13275] EXT4-fs (loop1): mount failed
[  278.817469][T13285] FAULT_INJECTION: forcing a failure.
[  278.817469][T13285] name failslab, interval 1, probability 0, space 0, times 0
[  278.830110][T13285] CPU: 0 UID: 0 PID: 13285 Comm: syz.4.3040 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  278.830163][T13285] Tainted: [W]=WARN
[  278.830170][T13285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  278.830184][T13285] Call Trace:
[  278.830191][T13285]  <TASK>
[  278.830201][T13285]  __dump_stack+0x1d/0x30
[  278.830236][T13285]  dump_stack_lvl+0xe8/0x140
[  278.830261][T13285]  dump_stack+0x15/0x1b
[  278.830284][T13285]  should_fail_ex+0x265/0x280
[  278.830374][T13285]  should_failslab+0x8c/0xb0
[  278.830404][T13285]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[  278.830441][T13285]  ? dup_task_struct+0x70/0x6b0
[  278.830529][T13285]  dup_task_struct+0x70/0x6b0
[  278.830638][T13285]  ? trace_event_buffer_commit+0x196/0x5c0
[  278.830675][T13285]  copy_process+0x399/0x2000
[  278.830787][T13285]  ? trace_event_raw_event_bpf_trace_printk+0xe6/0x160
[  278.830853][T13285]  ? bpf_bprintf_cleanup+0x50/0x80
[  278.830876][T13285]  kernel_clone+0x16c/0x5c0
[  278.830984][T13285]  __x64_sys_clone+0xe6/0x120
[  278.831022][T13285]  x64_sys_call+0x119c/0x3000
[  278.831114][T13285]  do_syscall_64+0xd2/0x200
[  278.831136][T13285]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  278.831165][T13285]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  278.831213][T13285]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  278.831269][T13285] RIP: 0033:0x7f29cde9f6c9
[  278.831293][T13285] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  278.831315][T13285] RSP: 002b:00007f29cc8bcfe8 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[  278.831381][T13285] RAX: ffffffffffffffda RBX: 00007f29ce0f6180 RCX: 00007f29cde9f6c9
[  278.831395][T13285] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000063081080
[  278.831407][T13285] RBP: 00007f29cc8bd090 R08: 0000000000000000 R09: 0000000000000000
[  278.831423][T13285] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000001
[  278.831436][T13285] R13: 00007f29ce0f6218 R14: 00007f29ce0f6180 R15: 00007ffe53446e98
[  278.831454][T13285]  </TASK>
[  279.101074][T13275] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3038'.
[  279.132514][T13289] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3042'.
[  279.163622][T13289] team0: Failed to send options change via netlink (err -105)
[  279.185333][T13289] team0: Failed to send port change of device team_slave_1 via netlink (err -105)
[  279.204953][T13289] team0: Port device team_slave_1 removed
[  279.300125][T13293] loop0: detected capacity change from 0 to 1024
[  279.306995][T13293] EXT4-fs: Ignoring removed orlov option
[  279.315874][T13293] EXT4-fs mount: 40 callbacks suppressed
[  279.315930][T13293] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  279.515961][T13301] FAULT_INJECTION: forcing a failure.
[  279.515961][T13301] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  279.529201][T13301] CPU: 0 UID: 0 PID: 13301 Comm: syz.4.3047 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  279.529312][T13301] Tainted: [W]=WARN
[  279.529318][T13301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  279.529329][T13301] Call Trace:
[  279.529335][T13301]  <TASK>
[  279.529342][T13301]  __dump_stack+0x1d/0x30
[  279.529365][T13301]  dump_stack_lvl+0xe8/0x140
[  279.529458][T13301]  dump_stack+0x15/0x1b
[  279.529476][T13301]  should_fail_ex+0x265/0x280
[  279.529495][T13301]  should_fail+0xb/0x20
[  279.529511][T13301]  should_fail_usercopy+0x1a/0x20
[  279.529579][T13301]  strncpy_from_user+0x25/0x230
[  279.529605][T13301]  ? kmem_cache_alloc_noprof+0x242/0x480
[  279.529634][T13301]  ? getname_flags+0x80/0x3b0
[  279.529664][T13301]  getname_flags+0xae/0x3b0
[  279.529773][T13301]  __se_sys_acct+0x6a/0x530
[  279.529858][T13301]  __x64_sys_acct+0x1f/0x30
[  279.529875][T13301]  x64_sys_call+0x2f3a/0x3000
[  279.529898][T13301]  do_syscall_64+0xd2/0x200
[  279.529957][T13301]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  279.529995][T13301]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  279.530028][T13301]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  279.530111][T13301] RIP: 0033:0x7f29cde9f6c9
[  279.530126][T13301] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  279.530143][T13301] RSP: 002b:00007f29cc8ff038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a3
[  279.530161][T13301] RAX: ffffffffffffffda RBX: 00007f29ce0f5fa0 RCX: 00007f29cde9f6c9
[  279.530172][T13301] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000040
[  279.530184][T13301] RBP: 00007f29cc8ff090 R08: 0000000000000000 R09: 0000000000000000
[  279.530230][T13301] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  279.530241][T13301] R13: 00007f29ce0f6038 R14: 00007f29ce0f5fa0 R15: 00007ffe53446e98
[  279.530257][T13301]  </TASK>
[  279.862281][T13308] loop1: detected capacity change from 0 to 512
[  279.916762][T13308] EXT4-fs error (device loop1): ext4_init_orphan_info:581: comm syz.1.3045: inode #0: comm syz.1.3045: iget: illegal inode #
[  279.955715][T13308] EXT4-fs (loop1): get orphan inode failed
[  279.983286][T13308] EXT4-fs (loop1): mount failed
[  280.002829][T13308] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3045'.
[  280.073703][ T8907] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.100384][T13306] chnl_net:caif_netlink_parms(): no params data found
[  280.124808][ T8907] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.145065][T12325] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  280.169017][T13322] loop0: detected capacity change from 0 to 1024
[  280.175687][T13322] EXT4-fs: Ignoring removed orlov option
[  280.188530][T13322] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  280.214148][ T8907] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.239587][T13306] bridge0: port 1(bridge_slave_0) entered blocking state
[  280.247010][T13306] bridge0: port 1(bridge_slave_0) entered disabled state
[  280.254435][T13306] bridge_slave_0: entered allmulticast mode
[  280.261185][T13306] bridge_slave_0: entered promiscuous mode
[  280.268555][T13306] bridge0: port 2(bridge_slave_1) entered blocking state
[  280.275637][T13306] bridge0: port 2(bridge_slave_1) entered disabled state
[  280.308277][T13297] syz.1.3045 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  280.313780][T13306] bridge_slave_1: entered allmulticast mode
[  280.322512][T13297] CPU: 0 UID: 0 PID: 13297 Comm: syz.1.3045 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  280.322549][T13297] Tainted: [W]=WARN
[  280.322562][T13297] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  280.322577][T13297] Call Trace:
[  280.322681][T13297]  <TASK>
[  280.322690][T13297]  __dump_stack+0x1d/0x30
[  280.322720][T13297]  dump_stack_lvl+0xe8/0x140
[  280.322811][T13297]  dump_stack+0x15/0x1b
[  280.322830][T13297]  dump_header+0x81/0x220
[  280.322849][T13297]  oom_kill_process+0x342/0x400
[  280.322968][T13297]  out_of_memory+0x979/0xb80
[  280.323004][T13297]  try_charge_memcg+0x610/0xa10
[  280.323100][T13297]  obj_cgroup_charge_pages+0xa6/0x150
[  280.323125][T13297]  __memcg_kmem_charge_page+0x9f/0x170
[  280.323156][T13297]  __alloc_frozen_pages_noprof+0x188/0x360
[  280.323182][T13297]  alloc_pages_mpol+0xb3/0x260
[  280.323230][T13297]  ? alloc_pages_noprof+0x61/0x130
[  280.323256][T13297]  alloc_pages_noprof+0x90/0x130
[  280.323338][T13297]  __vmalloc_node_range_noprof+0x7a5/0xed0
[  280.323390][T13297]  __kvmalloc_node_noprof+0x483/0x670
[  280.323491][T13297]  ? ip_set_alloc+0x24/0x30
[  280.323527][T13297]  ? ip_set_alloc+0x24/0x30
[  280.323578][T13297]  ? __kmalloc_cache_noprof+0x249/0x4a0
[  280.323615][T13297]  ip_set_alloc+0x24/0x30
[  280.323664][T13297]  hash_netiface_create+0x282/0x740
[  280.323717][T13297]  ? __pfx_hash_netiface_create+0x10/0x10
[  280.323755][T13297]  ip_set_create+0x3cc/0x970
[  280.323786][T13297]  ? __nla_parse+0x40/0x60
[  280.323813][T13297]  nfnetlink_rcv_msg+0x4c6/0x590
[  280.323937][T13297]  netlink_rcv_skb+0x123/0x220
[  280.323976][T13297]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  280.324038][T13297]  nfnetlink_rcv+0x167/0x16c0
[  280.324123][T13297]  ? kmem_cache_free+0xe4/0x3d0
[  280.324166][T13297]  ? __kfree_skb+0x109/0x150
[  280.324200][T13297]  ? nlmon_xmit+0x4f/0x60
[  280.324296][T13297]  ? consume_skb+0x49/0x150
[  280.324330][T13297]  ? nlmon_xmit+0x4f/0x60
[  280.324357][T13297]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  280.324417][T13297]  ? __dev_queue_xmit+0x1200/0x2000
[  280.324438][T13297]  ? __dev_queue_xmit+0x182/0x2000
[  280.324460][T13297]  ? ref_tracker_free+0x37d/0x3e0
[  280.324519][T13297]  ? __netlink_deliver_tap+0x4dc/0x500
[  280.324681][T13297]  netlink_unicast+0x5c0/0x690
[  280.324719][T13297]  netlink_sendmsg+0x58b/0x6b0
[  280.324814][T13297]  ? __pfx_netlink_sendmsg+0x10/0x10
[  280.324891][T13297]  __sock_sendmsg+0x145/0x180
[  280.324919][T13297]  ____sys_sendmsg+0x31e/0x4e0
[  280.324965][T13297]  ___sys_sendmsg+0x17b/0x1d0
[  280.324998][T13297]  __x64_sys_sendmsg+0xd4/0x160
[  280.325022][T13297]  x64_sys_call+0x191e/0x3000
[  280.325050][T13297]  do_syscall_64+0xd2/0x200
[  280.325140][T13297]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  280.325183][T13297]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  280.325223][T13297]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  280.325328][T13297] RIP: 0033:0x7f97f608f6c9
[  280.325346][T13297] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  280.325367][T13297] RSP: 002b:00007f97f4aef038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  280.325389][T13297] RAX: ffffffffffffffda RBX: 00007f97f62e5fa0 RCX: 00007f97f608f6c9
[  280.325466][T13297] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000004
[  280.325481][T13297] RBP: 00007f97f6111f91 R08: 0000000000000000 R09: 0000000000000000
[  280.325495][T13297] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  280.325509][T13297] R13: 00007f97f62e6038 R14: 00007f97f62e5fa0 R15: 00007ffefcfa4958
[  280.325530][T13297]  </TASK>
[  280.326065][T13297] memory: usage 307200kB, limit 307200kB, failcnt 3645
[  280.336863][T13306] bridge_slave_1: entered promiscuous mode
[  280.339820][T13297] memory+swap: usage 307408kB, limit 9007199254740988kB, failcnt 0
[  280.699279][T13297] kmem: usage 307132kB, limit 9007199254740988kB, failcnt 0
[  280.706598][T13297] Memory cgroup stats for /syz1:
[  280.707025][T13297] cache 0
[  280.714981][T13297] rss 0
[  280.717789][T13297] shmem 0
[  280.720747][T13297] mapped_file 0
[  280.724187][T13297] dirty 0
[  280.727155][T13297] writeback 0
[  280.730423][T13297] workingset_refault_anon 1188
[  280.735222][T13297] workingset_refault_file 5342
[  280.740000][T13297] swap 212992
[  280.743260][T13297] swapcached 0
[  280.746630][T13297] pgpgin 151451
[  280.750140][T13297] pgpgout 151434
[  280.753752][T13297] pgfault 169733
[  280.757319][T13297] pgmajfault 812
[  280.760871][T13297] inactive_anon 0
[  280.764494][T13297] active_anon 0
[  280.767988][T13297] inactive_file 0
[  280.771597][T13297] active_file 69632
[  280.775396][T13297] unevictable 0
[  280.778829][T13297] hierarchical_memory_limit 314572800
[  280.784183][T13297] hierarchical_memsw_limit 9223372036854771712
[  280.790374][T13297] total_cache 0
[  280.793807][T13297] total_rss 0
[  280.797080][T13297] total_shmem 0
[  280.800515][T13297] total_mapped_file 0
[  280.804470][T13297] total_dirty 0
[  280.807939][T13297] total_writeback 0
[  280.811721][T13297] total_workingset_refault_anon 1188
[  280.817005][T13297] total_workingset_refault_file 5342
[  280.822333][T13297] total_swap 212992
[  280.826179][T13297] total_swapcached 0
[  280.830048][T13297] total_pgpgin 151451
[  280.834000][T13297] total_pgpgout 151434
[  280.838053][T13297] total_pgfault 169733
[  280.842130][T13297] total_pgmajfault 812
[  280.846240][T13297] total_inactive_anon 0
[  280.850367][T13297] total_active_anon 0
[  280.854326][T13297] total_inactive_file 0
[  280.858565][T13297] total_active_file 69632
[  280.863012][T13297] total_unevictable 0
[  280.866988][T13297] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.3045,pid=13296,uid=0
[  280.881692][T13297] Memory cgroup out of memory: Killed process 13296 (syz.1.3045) total-vm:94084kB, anon-rss:1136kB, file-rss:22572kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[  280.900529][ T8907] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.937786][T13306] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  280.950641][T13330] batadv0: entered promiscuous mode
[  280.955982][T13330] batadv0: entered allmulticast mode
[  280.976808][T13306] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  281.012486][T13306] team0: Port device team_slave_0 added
[  281.022005][ T8907] bridge_slave_1: left allmulticast mode
[  281.027690][ T8907] bridge_slave_1: left promiscuous mode
[  281.033567][ T8907] bridge0: port 2(bridge_slave_1) entered disabled state
[  281.046116][ T8907] bridge_slave_0: left allmulticast mode
[  281.051913][ T8907] bridge_slave_0: left promiscuous mode
[  281.057585][ T8907] bridge0: port 1(bridge_slave_0) entered disabled state
[  281.137843][T12325] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  281.191724][ T8907] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  281.202865][T13336] loop0: detected capacity change from 0 to 2048
[  281.215546][ T8907] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  281.237780][ T8907] bond0 (unregistering): Released all slaves
[  281.247073][T13306] team0: Port device team_slave_1 added
[  281.259462][T13336] Alternate GPT is invalid, using primary GPT.
[  281.265954][T13336]  loop0: p2 p3 p7
[  281.280297][T13306] batman_adv: batadv0: Adding interface: batadv_slave_0
[  281.287327][T13306] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  281.313295][T13306] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  281.325358][T13306] batman_adv: batadv0: Adding interface: batadv_slave_1
[  281.332297][T13306] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  281.358257][T13306] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  281.377921][T13345] loop1: detected capacity change from 0 to 1024
[  281.384583][T13345] EXT4-fs: Ignoring removed orlov option
[  281.434644][T13345] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  281.458511][ T8907] hsr_slave_0: left promiscuous mode
[  281.458669][T13342] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3054'.
[  281.474994][ T8907] hsr_slave_1: left promiscuous mode
[  281.483997][ T8907] veth1_macvtap: left promiscuous mode
[  281.499653][ T8907] veth0_macvtap: left promiscuous mode
[  281.505650][ T8907] veth1_vlan: left promiscuous mode
[  281.510955][ T8907] veth0_vlan: left promiscuous mode
[  281.521557][T13352] loop0: detected capacity change from 0 to 512
[  281.529935][T13352] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.3057: bg 0: block 393: padding at end of block bitmap is not set
[  281.546840][T13352] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  281.568823][T13352] EXT4-fs (loop0): 2 truncates cleaned up
[  281.575006][T13352] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  281.603027][T12325] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  281.624262][ T8907] team0 (unregistering): Port device team_slave_0 removed
[  281.683329][T13306] hsr_slave_0: entered promiscuous mode
[  281.695015][T13306] hsr_slave_1: entered promiscuous mode
[  281.702948][T13361] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3060'.
[  281.998384][T13306] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  282.007054][T13306] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  282.015678][T13306] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  282.024357][T13306] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  282.058725][T13306] 8021q: adding VLAN 0 to HW filter on device bond0
[  282.071265][T13306] 8021q: adding VLAN 0 to HW filter on device team0
[  282.080416][ T8880] bridge0: port 1(bridge_slave_0) entered blocking state
[  282.087584][ T8880] bridge0: port 1(bridge_slave_0) entered forwarding state
[  282.106447][ T8880] bridge0: port 2(bridge_slave_1) entered blocking state
[  282.113511][ T8880] bridge0: port 2(bridge_slave_1) entered forwarding state
[  282.160118][T13306] 8021q: adding VLAN 0 to HW filter on device batadv0
[  282.203532][T13003] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  282.238796][T13382] loop1: detected capacity change from 0 to 512
[  282.257366][T13382] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  282.266505][T13386] loop3: detected capacity change from 0 to 512
[  282.272720][T13382] EXT4-fs (loop1): orphan cleanup on readonly fs
[  282.281401][T13382] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #16: comm syz.1.3061: corrupted inode contents
[  282.294272][T13382] EXT4-fs (loop1): Remounting filesystem read-only
[  282.301319][T13382] EXT4-fs (loop1): 1 truncate cleaned up
[  282.302404][T13386] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  282.308532][T13306] veth0_vlan: entered promiscuous mode
[  282.315204][T13386] EXT4-fs (loop3): orphan cleanup on readonly fs
[  282.324750][T13306] veth1_vlan: entered promiscuous mode
[  282.327218][ T8924] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  282.342872][ T8924] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  282.343973][T13306] veth0_macvtap: entered promiscuous mode
[  282.353796][ T8924] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[  282.361290][T13386] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #16: comm syz.3.3062: corrupted inode contents
[  282.371174][T13306] veth1_macvtap: entered promiscuous mode
[  282.385671][T13382] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  282.388583][T13386] EXT4-fs (loop3): Remounting filesystem read-only
[  282.410253][T13306] batman_adv: batadv0: Interface activated: batadv_slave_0
[  282.411665][T13386] EXT4-fs (loop3): 1 truncate cleaned up
[  282.422343][T13306] batman_adv: batadv0: Interface activated: batadv_slave_1
[  282.423252][ T8907] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  282.435414][ T8924] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  282.440969][ T8907] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  282.460516][ T8907] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  282.463155][ T8896] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  282.481460][T13386] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  282.498738][ T8896] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  282.507845][ T8896] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  282.545500][T13396] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3063'.
[  282.557266][T13398] netlink: 64 bytes leftover after parsing attributes in process `syz.4.3048'.
[  282.586607][T13003] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  282.604396][T13401] loop2: detected capacity change from 0 to 512
[  282.613667][T13403] loop4: detected capacity change from 0 to 7
[  282.620195][T13403] Buffer I/O error on dev loop4, logical block 0, async page read
[  282.637387][T13403] Buffer I/O error on dev loop4, logical block 0, async page read
[  282.645283][T13403]  loop4: unable to read partition table
[  282.657034][T12665] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  282.665653][T13403] loop_reread_partitions: partition scan of loop4 (���������S�j̖�P=ý?�}X���	���%��`��ր����5) failed (rc=-5)
[  282.723062][T13409] loop3: detected capacity change from 0 to 1024
[  282.741118][T13409] EXT4-fs: Ignoring removed orlov option
[  282.770826][T13409] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  282.813890][   T29] kauditd_printk_skb: 75 callbacks suppressed
[  282.813905][   T29] audit: type=1326 audit(1762711764.848:25670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13417 comm="syz.4.3069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfecadf6c9 code=0x7ffc0000
[  282.843783][   T29] audit: type=1326 audit(1762711764.848:25671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13417 comm="syz.4.3069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdfecadf6c9 code=0x7ffc0000
[  282.867467][   T29] audit: type=1326 audit(1762711764.848:25672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13417 comm="syz.4.3069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfecadf6c9 code=0x7ffc0000
[  282.891103][   T29] audit: type=1326 audit(1762711764.848:25673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13417 comm="syz.4.3069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=68 compat=0 ip=0x7fdfecadf6c9 code=0x7ffc0000
[  282.914728][   T29] audit: type=1326 audit(1762711764.848:25674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13417 comm="syz.4.3069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfecadf6c9 code=0x7ffc0000
[  282.938373][   T29] audit: type=1326 audit(1762711764.848:25675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13417 comm="syz.4.3069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdfecadf6c9 code=0x7ffc0000
[  282.962092][   T29] audit: type=1326 audit(1762711764.848:25676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13417 comm="syz.4.3069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfecadf6c9 code=0x7ffc0000
[  282.972863][T13423] loop0: detected capacity change from 0 to 512
[  282.986082][   T29] audit: type=1326 audit(1762711764.848:25677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13417 comm="syz.4.3069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdfecadf6c9 code=0x7ffc0000
[  283.062459][   T29] audit: type=1326 audit(1762711764.848:25678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13417 comm="syz.4.3069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfecadf6c9 code=0x7ffc0000
[  283.086245][   T29] audit: type=1326 audit(1762711764.848:25679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13417 comm="syz.4.3069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=71 compat=0 ip=0x7fdfecadf6c9 code=0x7ffc0000
[  283.112257][T13423] EXT4-fs error (device loop0): ext4_init_orphan_info:581: comm syz.0.3064: inode #0: comm syz.0.3064: iget: illegal inode #
[  283.126690][T13423] EXT4-fs (loop0): get orphan inode failed
[  283.132821][T13423] EXT4-fs (loop0): mount failed
[  283.147794][T13429] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3072'.
[  283.161626][T13429] team0: Port device team_slave_1 removed
[  283.200980][T13404] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3064'.
[  283.469590][T13435] loop1: detected capacity change from 0 to 1024
[  283.487050][T13435] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  283.516333][T12665] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  283.536828][T13439] loop3: detected capacity change from 0 to 512
[  283.546590][T13439] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  283.559294][T13439] ext4 filesystem being mounted at /36/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  283.573885][T13435] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  283.582907][T13435] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  283.688501][T13444] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3075'.
[  283.752076][T13457] loop0: detected capacity change from 0 to 512
[  283.759513][T13457] EXT4-fs: Ignoring removed bh option
[  283.768995][T13457] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  283.789969][T13448] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #2: comm syz.3.3074: corrupted inode contents
[  283.802731][T13448] EXT4-fs error (device loop3): ext4_dirty_inode:6517: inode #2: comm syz.3.3074: mark_inode_dirty error
[  283.814424][T13448] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #2: comm syz.3.3074: corrupted inode contents
[  283.827563][T13457] ext4 filesystem being mounted at /53/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  283.863008][T12325] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  284.166021][T13477] loop0: detected capacity change from 0 to 1024
[  284.173012][T13477] EXT4-fs: Ignoring removed orlov option
[  284.180843][T13477] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  284.428851][T12665] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  284.551745][T13482] netlink: 'syz.3.3086': attribute type 16 has an invalid length.
[  284.559634][T13482] netlink: 'syz.3.3086': attribute type 17 has an invalid length.
[  284.580293][T13482] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  284.662770][T13486] xt_TPROXY: Can be used only with -p tcp or -p udp
[  284.806299][T13495] loop4: detected capacity change from 0 to 512
[  284.816575][T13495] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  284.824720][T13495] EXT4-fs (loop4): orphan cleanup on readonly fs
[  284.833156][T13495] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #16: comm syz.4.3090: corrupted inode contents
[  284.849894][T13495] EXT4-fs (loop4): Remounting filesystem read-only
[  284.856863][T13495] EXT4-fs (loop4): 1 truncate cleaned up
[  284.862790][ T8889] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  284.873356][ T8889] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  284.884079][ T8889] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[  284.895078][T13495] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  284.917296][T12325] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  284.965712][T13306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  284.979880][T13505] syzkaller0: entered promiscuous mode
[  284.985469][T13505] syzkaller0: entered allmulticast mode
[  285.212023][T13519] loop4: detected capacity change from 0 to 128
[  285.322677][T13521] bio_check_eod: 101 callbacks suppressed
[  285.322720][T13521] syz.4.3099: attempt to access beyond end of device
[  285.322720][T13521] loop4: rw=2049, sector=185, nr_sectors = 16 limit=128
[  285.363497][T13521] syz.4.3099: attempt to access beyond end of device
[  285.363497][T13521] loop4: rw=2049, sector=209, nr_sectors = 8 limit=128
[  285.377171][T13521] syz.4.3099: attempt to access beyond end of device
[  285.377171][T13521] loop4: rw=2049, sector=225, nr_sectors = 8 limit=128
[  285.391770][T13521] syz.4.3099: attempt to access beyond end of device
[  285.391770][T13521] loop4: rw=2049, sector=241, nr_sectors = 8 limit=128
[  285.405462][T13521] syz.4.3099: attempt to access beyond end of device
[  285.405462][T13521] loop4: rw=2049, sector=257, nr_sectors = 8 limit=128
[  285.419375][T13521] syz.4.3099: attempt to access beyond end of device
[  285.419375][T13521] loop4: rw=2049, sector=273, nr_sectors = 8 limit=128
[  285.432993][T13521] syz.4.3099: attempt to access beyond end of device
[  285.432993][T13521] loop4: rw=2049, sector=289, nr_sectors = 8 limit=128
[  285.446721][T13521] syz.4.3099: attempt to access beyond end of device
[  285.446721][T13521] loop4: rw=2049, sector=305, nr_sectors = 8 limit=128
[  285.460370][T13521] syz.4.3099: attempt to access beyond end of device
[  285.460370][T13521] loop4: rw=2049, sector=321, nr_sectors = 8 limit=128
[  285.473917][T13521] syz.4.3099: attempt to access beyond end of device
[  285.473917][T13521] loop4: rw=2049, sector=337, nr_sectors = 8 limit=128
[  285.571194][T13530] syzkaller0: entered promiscuous mode
[  285.576887][T13530] syzkaller0: entered allmulticast mode
[  285.595126][ T8889] Bluetooth: hci0: Frame reassembly failed (-84)
[  285.674952][T13535] loop3: detected capacity change from 0 to 1024
[  285.681584][T13535] EXT4-fs: Ignoring removed orlov option
[  285.689458][T13535] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  286.078950][T13545] loop4: detected capacity change from 0 to 1024
[  286.087456][T13545] EXT4-fs: Ignoring removed orlov option
[  286.095011][T13545] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  286.411928][T12665] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  286.527121][T13003] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  286.826361][T13306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  286.851931][T13560] loop2: detected capacity change from 0 to 512
[  286.872382][T13560] EXT4-fs error (device loop2): ext4_init_orphan_info:581: comm syz.2.3112: inode #0: comm syz.2.3112: iget: illegal inode #
[  286.890715][T13569] loop3: detected capacity change from 0 to 512
[  286.898098][T13569] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  286.907014][T13560] EXT4-fs (loop2): get orphan inode failed
[  286.913405][T13560] EXT4-fs (loop2): mount failed
[  286.927239][T13569] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  286.940117][T13569] ext4 filesystem being mounted at /44/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  286.953784][T13569] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.3115: Failed to acquire dquot type 0
[  286.955795][T13560] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3112'.
[  286.978354][T12665] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  287.001854][T13575] loop3: detected capacity change from 0 to 512
[  287.016409][T13575] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  287.024660][T13575] EXT4-fs (loop3): orphan cleanup on readonly fs
[  287.034981][T13575] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #16: comm syz.3.3116: corrupted inode contents
[  287.050104][T13575] EXT4-fs (loop3): Remounting filesystem read-only
[  287.056882][T13575] EXT4-fs (loop3): 1 truncate cleaned up
[  287.062635][ T8880] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  287.073191][ T8880] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  287.083896][ T8880] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  287.094379][T13575] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  287.181618][T12665] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  287.203705][T13579] netlink: 168 bytes leftover after parsing attributes in process `syz.3.3117'.
[  287.293139][T13556] syz.2.3112 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  287.298513][T13580] loop3: detected capacity change from 0 to 2048
[  287.307393][T13556] CPU: 0 UID: 0 PID: 13556 Comm: syz.2.3112 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  287.307427][T13556] Tainted: [W]=WARN
[  287.307435][T13556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  287.307513][T13556] Call Trace:
[  287.307521][T13556]  <TASK>
[  287.307530][T13556]  __dump_stack+0x1d/0x30
[  287.307556][T13556]  dump_stack_lvl+0xe8/0x140
[  287.307579][T13556]  dump_stack+0x15/0x1b
[  287.307600][T13556]  dump_header+0x81/0x220
[  287.307621][T13556]  oom_kill_process+0x342/0x400
[  287.307664][T13556]  out_of_memory+0x979/0xb80
[  287.307702][T13556]  try_charge_memcg+0x610/0xa10
[  287.307816][T13556]  obj_cgroup_charge_pages+0xa6/0x150
[  287.307875][T13556]  __memcg_kmem_charge_page+0x9f/0x170
[  287.307900][T13556]  __alloc_frozen_pages_noprof+0x188/0x360
[  287.307996][T13556]  alloc_pages_mpol+0xb3/0x260
[  287.308021][T13556]  ? alloc_pages_noprof+0xf4/0x130
[  287.308047][T13556]  alloc_pages_noprof+0x90/0x130
[  287.308123][T13556]  __vmalloc_node_range_noprof+0x7a5/0xed0
[  287.308248][T13556]  __kvmalloc_node_noprof+0x483/0x670
[  287.308302][T13556]  ? ip_set_alloc+0x24/0x30
[  287.308337][T13556]  ? ip_set_alloc+0x24/0x30
[  287.308372][T13556]  ? __kmalloc_cache_noprof+0x249/0x4a0
[  287.308432][T13556]  ip_set_alloc+0x24/0x30
[  287.308467][T13556]  hash_netiface_create+0x282/0x740
[  287.308508][T13556]  ? __pfx_hash_netiface_create+0x10/0x10
[  287.308590][T13556]  ip_set_create+0x3cc/0x970
[  287.308623][T13556]  ? __nla_parse+0x40/0x60
[  287.308650][T13556]  nfnetlink_rcv_msg+0x4c6/0x590
[  287.308720][T13556]  netlink_rcv_skb+0x123/0x220
[  287.308780][T13556]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  287.308833][T13556]  nfnetlink_rcv+0x167/0x16c0
[  287.308864][T13556]  ? kmem_cache_free+0xe4/0x3d0
[  287.308970][T13556]  ? __kfree_skb+0x109/0x150
[  287.309045][T13556]  ? nlmon_xmit+0x4f/0x60
[  287.309072][T13556]  ? consume_skb+0x49/0x150
[  287.309112][T13556]  ? nlmon_xmit+0x4f/0x60
[  287.309140][T13556]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  287.309181][T13556]  ? __dev_queue_xmit+0x1200/0x2000
[  287.309265][T13556]  ? __dev_queue_xmit+0x182/0x2000
[  287.309286][T13556]  ? ref_tracker_free+0x37d/0x3e0
[  287.309332][T13556]  ? __netlink_deliver_tap+0x4dc/0x500
[  287.309375][T13556]  netlink_unicast+0x5c0/0x690
[  287.309445][T13556]  netlink_sendmsg+0x58b/0x6b0
[  287.309470][T13556]  ? __pfx_netlink_sendmsg+0x10/0x10
[  287.309500][T13556]  __sock_sendmsg+0x145/0x180
[  287.309592][T13556]  ____sys_sendmsg+0x31e/0x4e0
[  287.309635][T13556]  ___sys_sendmsg+0x17b/0x1d0
[  287.309670][T13556]  __x64_sys_sendmsg+0xd4/0x160
[  287.309731][T13556]  x64_sys_call+0x191e/0x3000
[  287.309831][T13556]  do_syscall_64+0xd2/0x200
[  287.309854][T13556]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  287.309934][T13556]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  287.309974][T13556]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  287.310036][T13556] RIP: 0033:0x7fe8d752f6c9
[  287.310054][T13556] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  287.310075][T13556] RSP: 002b:00007fe8d5f8f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  287.310097][T13556] RAX: ffffffffffffffda RBX: 00007fe8d7785fa0 RCX: 00007fe8d752f6c9
[  287.310113][T13556] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000004
[  287.310128][T13556] RBP: 00007fe8d75b1f91 R08: 0000000000000000 R09: 0000000000000000
[  287.310153][T13556] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  287.310168][T13556] R13: 00007fe8d7786038 R14: 00007fe8d7785fa0 R15: 00007ffda46fc248
[  287.310189][T13556]  </TASK>
[  287.310203][T13556] memory: usage 307200kB, limit 307200kB, failcnt 4689
[  287.613357][ T4540] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  287.621383][T13556] memory+swap: usage 376064kB, limit 9007199254740988kB, failcnt 0
[  287.685847][T13556] kmem: usage 307052kB, limit 9007199254740988kB, failcnt 0
[  287.693367][T13556] Memory cgroup stats for /syz2:
[  287.718998][T13580]  loop3: p1 < > p4
[  287.748799][T13580] loop3: p4 size 8388608 extends beyond EOD, truncated
[  287.757775][T13585] loop4: detected capacity change from 0 to 1024
[  287.765621][T13556] cache 0
[  287.765652][T13585] EXT4-fs: Ignoring removed orlov option
[  287.768957][T13556] rss 40960
[  287.777353][T13556] shmem 0
[  287.780292][T13556] mapped_file 0
[  287.780338][T13585] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  287.783740][T13556] dirty 0
[  287.783748][T13556] writeback 4096
[  287.783757][T13556] workingset_refault_anon 1497
[  287.783767][T13556] workingset_refault_file 4963
[  287.812245][T13556] swap 70512640
[  287.815816][T13556] swapcached 12288
[  287.819543][T13556] pgpgin 180964
[  287.823041][T13556] pgpgout 180927
[  287.827050][T13556] pgfault 149269
[  287.830583][T13556] pgmajfault 961
[  287.834194][T13556] inactive_anon 40960
[  287.838194][T13556] active_anon 12288
[  287.841984][T13556] inactive_file 94208
[  287.846086][T13556] active_file 0
[  287.849588][T13556] unevictable 0
[  287.853058][T13556] hierarchical_memory_limit 314572800
[  287.858507][T13556] hierarchical_memsw_limit 9223372036854771712
[  287.864776][T13556] total_cache 0
[  287.868271][T13556] total_rss 40960
[  287.871942][T13556] total_shmem 0
[  287.875450][T13556] total_mapped_file 0
[  287.879431][T13556] total_dirty 0
[  287.882962][T13556] total_writeback 4096
[  287.887055][T13556] total_workingset_refault_anon 1497
[  287.892375][T13556] total_workingset_refault_file 4963
[  287.897767][T13556] total_swap 70512640
[  287.901743][T13556] total_swapcached 12288
[  287.906096][T13556] total_pgpgin 180964
[  287.910139][T13556] total_pgpgout 180927
[  287.914201][T13556] total_pgfault 149269
[  287.918465][T13556] total_pgmajfault 961
[  287.922542][T13556] total_inactive_anon 40960
[  287.927345][T13556] total_active_anon 12288
[  287.931811][T13556] total_inactive_file 94208
[  287.936341][T13556] total_active_file 0
[  287.940315][T13556] total_unevictable 0
[  287.944364][T13556] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.3112,pid=13555,uid=0
[  287.959080][T13556] Memory cgroup out of memory: Killed process 13555 (syz.2.3112) total-vm:94084kB, anon-rss:1264kB, file-rss:22500kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[  288.270688][T13597] loop3: detected capacity change from 0 to 512
[  288.287446][T13597] EXT4-fs error (device loop3): ext4_init_orphan_info:581: comm syz.3.3120: inode #0: comm syz.3.3120: iget: illegal inode #
[  288.316029][T13597] EXT4-fs (loop3): get orphan inode failed
[  288.329639][T13597] EXT4-fs (loop3): mount failed
[  288.354396][T13597] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3120'.
[  288.384833][T13588] ==================================================================
[  288.393041][T13588] BUG: KCSAN: data-race in __filemap_remove_folio / folio_mapping
[  288.400845][T13588] 
[  288.403236][T13588] write to 0xffffea00052afd58 of 8 bytes by task 13581 on cpu 1:
[  288.411019][T13588]  __filemap_remove_folio+0x1a5/0x2a0
[  288.416373][T13588]  filemap_remove_folio+0x6d/0x1d0
[  288.421469][T13588]  truncate_inode_folio+0x42/0x50
[  288.426471][T13588]  shmem_undo_range+0x244/0xa80
[  288.431305][T13588]  shmem_evict_inode+0x134/0x520
[  288.436306][T13588]  evict+0x2e3/0x550
[  288.440173][T13588]  iput+0x4ed/0x650
[  288.443967][T13588]  dentry_unlink_inode+0x24f/0x260
[  288.449052][T13588]  __dentry_kill+0x18d/0x4b0
[  288.453630][T13588]  dput+0x5e/0xd0
[  288.457242][T13588]  __fput+0x444/0x650
[  288.461218][T13588]  ____fput+0x1c/0x30
[  288.465260][T13588]  task_work_run+0x131/0x1a0
[  288.469834][T13588]  do_exit+0x483/0x15c0
[  288.473974][T13588]  do_group_exit+0xff/0x140
[  288.478554][T13588]  get_signal+0xe58/0xf70
[  288.482899][T13588]  arch_do_signal_or_restart+0x96/0x440
[  288.488426][T13588]  irqentry_exit_to_user_mode+0x5b/0xa0
[  288.494072][T13588]  irqentry_exit+0x12/0x50
[  288.498472][T13588]  exc_general_protection+0x15b/0x1f0
[  288.503819][T13588]  asm_exc_general_protection+0x26/0x30
[  288.509428][T13588] 
[  288.511903][T13588] read to 0xffffea00052afd58 of 8 bytes by task 13588 on cpu 0:
[  288.519678][T13588]  folio_mapping+0xa1/0xe0
[  288.524074][T13588]  evict_folios+0xe05/0x3590
[  288.528647][T13588]  try_to_shrink_lruvec+0x5b5/0x950
[  288.533828][T13588]  shrink_lruvec+0x22e/0x1b50
[  288.538483][T13588]  shrink_node+0x686/0x2120
[  288.543159][T13588]  do_try_to_free_pages+0x3f6/0xcd0
[  288.548411][T13588]  try_to_free_mem_cgroup_pages+0x1ab/0x410
[  288.554304][T13588]  try_charge_memcg+0x383/0xa10
[  288.559140][T13588]  obj_cgroup_charge_pages+0xa6/0x150
[  288.564502][T13588]  __memcg_kmem_charge_page+0x9f/0x170
[  288.569948][T13588]  __alloc_frozen_pages_noprof+0x188/0x360
[  288.575765][T13588]  alloc_pages_mpol+0xb3/0x260
[  288.580531][T13588]  alloc_pages_noprof+0x90/0x130
[  288.585628][T13588]  __vmalloc_node_range_noprof+0x7a5/0xed0
[  288.591433][T13588]  __kvmalloc_node_noprof+0x483/0x670
[  288.596806][T13588]  ip_set_alloc+0x24/0x30
[  288.601134][T13588]  hash_netiface_create+0x282/0x740
[  288.606325][T13588]  ip_set_create+0x3cc/0x970
[  288.610897][T13588]  nfnetlink_rcv_msg+0x4c6/0x590
[  288.615905][T13588]  netlink_rcv_skb+0x123/0x220
[  288.620664][T13588]  nfnetlink_rcv+0x167/0x16c0
[  288.625410][T13588]  netlink_unicast+0x5c0/0x690
[  288.630166][T13588]  netlink_sendmsg+0x58b/0x6b0
[  288.634920][T13588]  __sock_sendmsg+0x145/0x180
[  288.639586][T13588]  ____sys_sendmsg+0x31e/0x4e0
[  288.644610][T13588]  ___sys_sendmsg+0x17b/0x1d0
[  288.649262][T13588]  __x64_sys_sendmsg+0xd4/0x160
[  288.654089][T13588]  x64_sys_call+0x191e/0x3000
[  288.658743][T13588]  do_syscall_64+0xd2/0x200
[  288.663225][T13588]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  288.669099][T13588] 
[  288.671411][T13588] value changed: 0xffff8881203d2d88 -> 0x0000000000000000
[  288.678499][T13588] 
[  288.680806][T13588] Reported by Kernel Concurrency Sanitizer on:
[  288.686941][T13588] CPU: 0 UID: 0 PID: 13588 Comm: syz.3.3120 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  288.698401][T13588] Tainted: [W]=WARN
[  288.702266][T13588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  288.712308][T13588] ==================================================================
[  288.930458][T13306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.