last executing test programs:

6m46.914713318s ago: executing program 4 (id=6236):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x5}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b7030000000000fd850000002d0000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000680)='sys_exit\x00', r1}, 0x10)

6m46.901156869s ago: executing program 4 (id=6237):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4c080}, 0x0)

6m46.87528962s ago: executing program 4 (id=6239):
r0 = epoll_create1(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002100)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00'}, 0x10)
r4 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r0, &(0x7f0000000040))
r5 = eventfd2(0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r5, &(0x7f0000000b80))
epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r5, &(0x7f0000000180)={0x20000005})

6m45.919368391s ago: executing program 4 (id=6251):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x800714, &(0x7f0000000000), 0xff, 0x4a7, &(0x7f0000000280)="$eJzs3M9rHFUcAPDv7OZHfyfWWm1tdbWKxR9Jk1btwYOKggcFQQ/1GJO01mwbaSLYEjQVqUcpeBePgn+BNy+iHkTwquBRCkWD0NRTZHZm2s1mkyZpkm2znw9s9r35se99Z+btvpmXmQDaViX9k0TsiIjfI6Iny85foJK9zc5MDV+fmRpOYm7urb+T2nLXZqaGi0WL9bbnmcOliNJnSbyYLCx34vyFsaFqdfRcnu+fPPNB/8T5C8+cPjN0avTU6NnB48ePHR14/rnBZ9ckzjSua/s/Hj+w77V3Lr8xfOLyuz99m1Zr78Fsfn0ct3S9SUBNVNKt9s9cTeO8x1dQ97vBzrp00tHCirAi5YhId1dnrf33RDlu7ryeePXTllYOWFfpb1P34rOn54BNLIlW1wBojeKHPj3/LV4b1PW4I1x9KaIrT8/OTA3P3oi/I0r59M51LL8SESem//sqfcVKr0MAAKxCrW/zdLP+Xyn21t6zsY5d+RhKb0TcExG7I+LeiNgTEfdF1Ja9PyIeyFae61lm+ZWG/ML+T+lK0zqvkbT/90Jd32+2Lv78rbec53bW4u9MTp6ujh7Jt8nh6OxO8wNLlPH9K799sdi8+v5f+krLL/qCeQWudDRcoBsZmhxaq41w9WLE/o5m8Sc3RgLSI2BfROxf2UfvKhKnn/zmwGIL3Tr+JazBONPc1xFPZPt/OhriLyRLj0/2b4nq6JH+4qhY6OdfL72ZJ7sa591W/Gsg3f/b5h//+ZyL+XvPv0k2XtsZ1erouYmVl3Hpj88XPadZ7fHflbxdG7P+5b1s2kdDk5PnBiK6ktdr+WJD16YP3ly3yBfLp/EfPtS8/e/O10njfzAi0oP4YEQ8FBEP53V/JCIejYhDS8T/48uPvb9E/Ekk0dL9P9L0++/G8d+b1I/XryJRHvvhu/zTtiyMv5i01P4/FtO179pM7fvvFpZbwdvcfAAAAHBXKEXEjkhKfVm6siNKpb6+7H/498S2UnV8YvKpk+Mfnh3J7hHojc5ScaWrp+566EAynX9ilh/MrxUX84/m142/LG+t5fuGx6sjLY4d2t32+e0/ivaf+qvc6toB6879WtC+Gtt/qUX1ADbecn7/nQvA5tSk/W9tRT2Ajef8H9pXs/b/SUNe/x82p4Xt/88mj6wDNiP9f2hf2j+0L+0f2tJy7+LviojuiFj1QwDmJYqbBVa6evFFdWFsy7Lv8L/zEpV1+eTiiRfrWfmtcXNKlO6IjbmBifJYd8tKT1vMxhba5GE1AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAd6H/AwAA///g6dxC")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
write(r0, &(0x7f0000000180)="7e7226ce9b4d692092ffa2b579f0ff5793012c9738a9be19ff3e69a683a0a1bbace0dc3853c661a4e1019e7a1f3af60350126cb99c5f3ace6f5616c00e0fb30b2832398fed6233b8632a001dd0a846cbb8a5d77e3208db486b055edb6ae7917f07ccf4b6811be57047aa17799359e733ec395940d1feb7a9ec2ddadb1ff61070c9c00f9db8e47f74a5271fa77b6e692e6ac97aaae883e5522f8e86c2403aec0ff8dee1cba5d40f0969470b9a2a95f6f22f9d4250809400ea8403a6540948", 0xfffffec6)
creat(&(0x7f0000000380)='./bus\x00', 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x8005, 0x0, 0x0, 0x19, 0xd, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x8]})

6m45.219483852s ago: executing program 4 (id=6255):
r0 = openat$sysfs(0xffffff9c, &(0x7f0000000000)='/sys/kernel/notes', 0x0, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
finit_module(r0, 0x0, 0x7)

6m44.079241051s ago: executing program 4 (id=6259):
socket$inet6_sctp(0xa, 0x1, 0x84)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xd, 0x0, &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0xe, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={0x0, r2, 0x0, 0xfffffffffffff001}, 0x18)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x4000)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r3)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a4c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc080003400000001408000c4000000e45400000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d103000014000000110001"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r3, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a480000001e0a010100000000000000000a0000060900020073797a31000000000900010073797a31000000001c000380180000800c000180060001"], 0x70}, 0x1, 0x0, 0x0, 0x4451099e661a63b1}, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r1}, 0x18)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x8, 0x2, 0x4, 0x5}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r5, <r6=>0xffffffffffffffff}, &(0x7f0000000b00), 0x0}, 0x20)
r7 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r7}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf12}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r8, 0x0, 0xfffffffffffffffe}, 0x18)
r9 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r9)

6m44.062686101s ago: executing program 32 (id=6259):
socket$inet6_sctp(0xa, 0x1, 0x84)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xd, 0x0, &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0xe, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={0x0, r2, 0x0, 0xfffffffffffff001}, 0x18)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x4000)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r3)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a4c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc080003400000001408000c4000000e45400000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d103000014000000110001"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r3, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a480000001e0a010100000000000000000a0000060900020073797a31000000000900010073797a31000000001c000380180000800c000180060001"], 0x70}, 0x1, 0x0, 0x0, 0x4451099e661a63b1}, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r1}, 0x18)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x8, 0x2, 0x4, 0x5}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r5, <r6=>0xffffffffffffffff}, &(0x7f0000000b00), 0x0}, 0x20)
r7 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r7}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf12}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r8, 0x0, 0xfffffffffffffffe}, 0x18)
r9 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r9)

2m27.393679603s ago: executing program 2 (id=10384):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000"], 0x48)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000400000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x41, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe26}, 0x94)
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$inet6_udp(0xa, 0x2, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x41100}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r3, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02030609100000000000004c9e0000000200130002000000da16c167d803f1f805000600200000000a00060000000000ff0000000000000000001ffeff0001000003f1dc7f7c6e7c02000100000000000040000280ffffff05000500000000000a"], 0x80}}, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x6, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0xfffffff8}, [@call={0x85, 0x0, 0x0, 0x36}]}, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x0, 0xe, 0x0, &(0x7f0000000040)="f7edad00"/14, 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x2008042, &(0x7f00000000c0), 0x1, 0x571, &(0x7f0000000780)="$eJzs3c+PG1cdAPDvzP5yk7SbQA9QAQlQCCiKnXXaqOql5QJCVSVExQFxSJddZ7XEjkPsLd0lUrd/A0ggcYI/gQMSB6SeOHDjiMQBEOWAVCACJUgcBs3Yu+ts7MSNvXaz/nykybyZN+Pve/bOvOdnxy+AmXUuInYjYjEi3oyI5e7+pLvEq50lP+7undtr9+7cXksiy974Z1Lk5/ui55zcye5jliLim1+L+G7yYNzW9s711Xq9dqu7XWk3blZa2zsXNxurG7WN2o1q9crKlUsvXX6xOra6nm388oOvbr72rd/8+tPv/373yz/Mi3Wqm9dbj3HqVH1hP05uPiJeO4pgUzDXXS9OuRw8njQiPhYRnyuu/+WYK/46AYDjLMuWI1vu3QYAjru0GANL0nJEpGm3E1DujOE9GyfSerPVvnCtuXVjvTNWdjoW0mub9dqlM0t//H5x8EKSb68UeUV+sV09tH05Is5ExI+Xniq2y2vN+vp0ujwAMPNO9rb/EfGfpTQtl4c6tc+negDAE6M07QIAABOn/QeA2aP9B4DZM0T73/2wf/fIywIATIb3/wAwe7T/ADB7tP8AMFO+8frr+ZLd6/7+9fpb21vXm29dXK+1rpcbW2vlteatm+WNZnOj+M2exqMer95s3lx5IbberrRrrXaltb1ztdHcutG+Wvyu99XawkRqBQA8zJmz7/0hiYjdl58qluiZy0FbDcdbOsajgCfL3Cgn6yDAE81sXzC7hmrCi07C7468LMB09P0x71Lf5P1++iGC+J4RfKSc/+Tw4//meIbjxcg+zK7HG/9/ZezlACbvscf//zzecgCTl2XJ4Tn/F/ezAIBjaYSv8GXvjKsTAkzVoybzHsvn/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDMnIqI70WSlou5wNP837Rcjng6Ik7HQnJts167FBHPxNmIWFjKt1emXWgAYETp35Pu/F/nl58/dTh3MfnvUrGOiB/87I2fvL3abt9ayff/a3//0t70YdWD80aYVxAAGN5fhzmoaL+r3XXPG/m7d26v7S1HWMYHfPCV/clH1+7duV0snZz5yLIsiygVfYkT/05ivntOKSKei4i5McTffTciPtGv/kkxNnK6O/Npb/zoxn56ovHT++KnRV5nnT99Hx9DWWDWvJfff149fP3NFVfWueKI/td/qbhDja64/5Ui9u59B/e/veu9VJTmcPz8mj83bIwXfvv1B3Zmy528dyOem+8XP9mPnwyI//yQ8f/0qc/86JUBednPI85H//i9sSrtxs1Ka3vn4mZjdaO2UbtRrV5ZuXLppcsvVivFGHVlb6T6Qf94+cIzg8qW1//EgPidV/7kofov7p/7hSHr/4v/vfmdzx5sLh2O/6XP93/9ny3W/Z//vE384pDxV0/8auD03Xn89QH1f9Trf2HI+O//bWd9yEMBgAlobe9cX63Xa7dGSuTvQj/8WVmWvZOX4SHH5NnDPeBed3G06vwlisTB05JEEqM/P/cn8s7YMAcvjFyd+xJ7wyXjrk6fxPx+X3G8j/zth/+1DEosjhI0HXstHicRp7uJu5MKOpXbETBBBxf9tEsCAAAAAAAAAAAAAAAMMon/wzTtOgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB8/T8AAP//Z1e+LQ==")
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x801460, 0x0, 0x2, 0x0, &(0x7f0000000000))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='page_pool_release\x00', r2}, 0x10)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='page_pool_release\x00', r6}, 0x10)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r7}, 0x18)

2m27.046820847s ago: executing program 2 (id=10392):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x1, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x42)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x2, @mcast1, 0x9}, 0x1c)
connect$pppl2tp(r2, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r3, 0x8, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @remote}}}, 0x32)
writev(r2, &(0x7f0000000180)=[{&(0x7f0000000080)='v', 0x34000}], 0x1)

2m27.012572459s ago: executing program 2 (id=10395):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x18)
getpriority(0x1, 0x0)

2m26.956786911s ago: executing program 2 (id=10396):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r1}, 0x10)
getresgid(&(0x7f0000000240), &(0x7f0000000280), &(0x7f0000000300))

2m26.956396642s ago: executing program 2 (id=10397):
io_setup(0xb, &(0x7f0000001080)=<r0=>0x0)
r1 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000010c0), 0x224c0, 0x0)
io_cancel(r0, &(0x7f0000001140)={0x0, 0x0, 0x0, 0x3, 0xff00, r1, &(0x7f0000001100)="60f4826eb2c5c49cb208c1984d7d4bbc42909ba48f4180f8ea0079eef25ddecf08ba72edaef45c3fce91", 0x2a, 0x9, 0x0, 0x1}, &(0x7f0000001180))
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000001500)=0x10)
syz_read_part_table(0x1054, &(0x7f0000000000)="$eJzsz8EJwkAQBdC/2aCkC5uwEAUrsAivXmzGLrxYgd2IRDZB0AbUw3uHgT/DftjwU31yWSTZ1JbKY1qWadasurd4renasswxxzbGceg/C6drOdyGU6vNkOXrMt5re7+fu5Ptutudv/BFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPh7zwAAAP//llkLfw==")
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r2}, &(0x7f0000000000), &(0x7f00000005c0)=r3}, 0x20)
kexec_load(0x4, 0xa, 0x0, 0x0)

2m26.713933181s ago: executing program 2 (id=10403):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_PROBE_CLIENT(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x50, r0, 0x100, 0x70bd25, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x50}, 0x1, 0x0, 0x0, 0x2c623a4d87bb3383}, 0x1) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_WOL_SET(r1, &(0x7f00000003c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000380)={&(0x7f0000000200)={0x148, r2, 0x4, 0x70bd2d, 0x25dfdbfd, {}, [@ETHTOOL_A_WOL_HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'caif0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @ETHTOOL_A_WOL_SOPASS={0xfc, 0x3, "db9f3542594ad83e5338de218e948c568f203864982240bdba0309288be5f91721c808474b5f7348be99780a8bbdb9ffb64dab19951fbad598998954742d3cdc8cecd5c75ad88f8e08d198530cefc05a7f96c409c1e37615047cf17888d29fe04b8910aa76a2e7ece2b4486180164df80183c4fd8733880ba0e5d17901ed710b45ce0d1d0036499946a9abec6a1e3bd1a6ad0d24e7ddd95e8c67317a0ce37e21354b1587edb2ba84fc87cc654d9e0350ffacea09ae1ca086b887924771a2786afc8d8facfb4bd24686111650975e9803139871f657a27d07c87205883658ba8d9abd91bfe1aef4006f0f6bfd73bb0cae4ec6ce5bd76e2d34"}, @ETHTOOL_A_WOL_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @ETHTOOL_A_WOL_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}]}, 0x148}, 0x1, 0x0, 0x0, 0x8844}, 0x4000) (async)
preadv(r1, &(0x7f0000000900)=[{&(0x7f0000000400)=""/65, 0x41}, {&(0x7f0000000480)=""/175, 0xaf}, {&(0x7f0000000540)=""/93, 0x5d}, {&(0x7f00000005c0)=""/91, 0x5b}, {&(0x7f0000000640)=""/18, 0x12}, {&(0x7f0000000680)=""/217, 0xd9}, {&(0x7f0000000780)=""/66, 0x42}, {&(0x7f0000000800)=""/28, 0x1c}, {&(0x7f0000000840)=""/18, 0x12}, {&(0x7f0000000880)=""/78, 0x4e}], 0xa, 0x8, 0x9) (async)
r3 = dup3(r1, r1, 0x0)
syz_io_uring_setup(0x4205, &(0x7f00000009c0)={0x0, 0x6e55, 0x8901, 0x0, 0x9b, 0x0, r3}, &(0x7f0000000a40), &(0x7f0000000a80)) (async)
sendmsg$RDMA_NLDEV_CMD_RES_GET(r3, &(0x7f0000000b80)={&(0x7f0000000ac0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000b40)={&(0x7f0000000b00)={0x28, 0x1409, 0x2, 0x70bd29, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}]}, 0x28}, 0x1, 0x0, 0x0, 0x400c880}, 0x1) (async)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r3, &(0x7f0000000c80)={&(0x7f0000000bc0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000c40)={&(0x7f0000000c00)={0x30, 0x1411, 0x4, 0x70bd2c, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_STAT_MODE={0x8}, @RDMA_NLDEV_ATTR_STAT_RES={0x8, 0x4b, 0x13}, @RDMA_NLDEV_ATTR_STAT_MODE={0x8, 0x4a, 0x3}]}, 0x30}, 0x1, 0x0, 0x0, 0x4}, 0x4000040)
ioctl$AUTOFS_DEV_IOCTL_FAIL(r3, 0xc0189377, &(0x7f0000000cc0)={{0x1, 0x1, 0x18, <r4=>r1, {0x0, 0x5}}, './file0\x00'})
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r4, &(0x7f0000000dc0)={&(0x7f0000000d00)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000d80)={&(0x7f0000000d40)={0x30, 0x1411, 0x20, 0x70bd25, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x1}, @RDMA_NLDEV_ATTR_RES_MRN={0x8}, @RDMA_NLDEV_ATTR_STAT_MODE={0x8, 0x4a, 0x2}, @RDMA_NLDEV_ATTR_STAT_COUNTER_ID={0x8, 0x4f, 0x4}]}, 0x30}}, 0x20000000) (async)
recvfrom(r3, &(0x7f0000000e00)=""/176, 0xb0, 0x20, &(0x7f0000000ec0)=@rc={0x1f, @none, 0x6}, 0x80) (async)
sendmsg$nl_route_sched(r3, &(0x7f0000001040)={&(0x7f0000000f40)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001000)={&(0x7f0000000f80)=@newqdisc={0x6c, 0x24, 0x12a, 0x70bd2d, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x8, 0xf}, {0x4, 0xd}, {0xf}}, [@TCA_INGRESS_BLOCK={0x8, 0xd, 0x552}, @qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0x10, 0x3, {0x67, 0x5, 0xad}}}}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0xff}, @TCA_RATE={0x6, 0x5, {0x1, 0x5}}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x3}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x4}]}, 0x6c}}, 0x20000010) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000001180)={r3, 0x20, &(0x7f0000001140)={&(0x7f0000001080)=""/87, 0x57, 0x0, &(0x7f0000001100)=""/63, 0x3f}}, 0x10) (async)
recvfrom(r3, &(0x7f00000011c0)=""/108, 0x6c, 0x120, &(0x7f0000001240)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x0, 0x2, 0x3, 0x0, {0xa, 0x4e21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x1}}}, 0x80)
r5 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000012c0), 0x2, 0x0) (async)
inotify_init1(0x0) (async)
setsockopt$netlink_NETLINK_RX_RING(r3, 0x10e, 0x6, &(0x7f0000001300)={0x7, 0x7, 0x1, 0x731}, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r7 = syz_genetlink_get_family_id$mptcp(&(0x7f0000001380), r3)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r6, &(0x7f0000001480)={&(0x7f0000001340)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000001440)={&(0x7f00000013c0)={0x78, r7, 0x20c, 0x70bd27, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_ADDR_REMOTE={0xc, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x1e}, @MPTCP_PM_ATTR_ADDR={0x20, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @loopback}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x10}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0xffff0000}]}, 0x78}, 0x1, 0x0, 0x0, 0x2004c804}, 0x4000000) (async)
close_range(r5, r1, 0x0) (async)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000001500)=@generic={&(0x7f00000014c0)='./file0\x00', 0x0, 0x8}, 0x18) (async)
shutdown(r1, 0x0) (async)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000001580)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_ADD_NAN_FUNCTION(r3, &(0x7f0000001dc0)={&(0x7f0000001540)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000001d80)={&(0x7f00000015c0)={0x788, r0, 0x0, 0x70bd2d, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_NAN_FUNC={0x160, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_SERVICE_INFO={0x3e, 0xb, "f5e02e02e3c63ea06a9e6dcc397a49a1e7bcbede673177fcfa7999f9fb42958abe5a13e0f80308f6b5bf8768e8d8d882ed6a2f240f442df6be5f"}, @NL80211_NAN_FUNC_FOLLOW_UP_REQ_ID={0x5, 0x7, 0xd}, @NL80211_NAN_FUNC_SUBSCRIBE_ACTIVE={0x4}, @NL80211_NAN_FUNC_SRF={0x108, 0xc, 0x0, 0x1, [@NL80211_NAN_SRF_BF={0x103, 0x2, "daab3379ee728ca7355281cb5ba8db7b0c439bd533f327e6b34f1e461f8db74bb93737c8b280148682296100c13457a2948217788373cc684ef2ab848ef23113e53ac2e3ea221ed86e38b9b2765547c90ad00a8d03883f9af19d76f6cc5f5b3f57c8460bbec369d28e097e9bca914cc00ec8d2f7bd9b816d0ee5239825f7ce2995edf68995794019e9a73f542ea0d034e24248031b82325cb73805bce5e144339cf4e90d05854d8d8098e231cb1b3f281ac25ebd74ac219ed44a7a8c9a957aea3d82134864d1a2ef2c2fe19c6dc3cbc8f4c3078ec0036bfae9b82e145c9506d73977db9b5cf6bdad5dc1bac7560e95c1f458472605f8546571ef026d78f9a4"}]}, @NL80211_NAN_FUNC_FOLLOW_UP_ID={0x5, 0x6, 0x7}]}, @NL80211_ATTR_NAN_FUNC={0x8, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_SUBSCRIBE_ACTIVE={0x4}]}, @NL80211_ATTR_NAN_FUNC={0x68, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_PUBLISH_TYPE={0x5, 0x3, 0x51}, @NL80211_NAN_FUNC_PUBLISH_BCAST={0x4}, @NL80211_NAN_FUNC_PUBLISH_TYPE={0x5, 0x3, 0x2}, @NL80211_NAN_FUNC_SRF={0x50, 0xc, 0x0, 0x1, [@NL80211_NAN_SRF_BF_IDX={0x5}, @NL80211_NAN_SRF_BF_IDX={0x5, 0x3, 0xb9}, @NL80211_NAN_SRF_BF_IDX={0x5}, @NL80211_NAN_SRF_MAC_ADDRS={0x34, 0x4, 0x0, 0x1, [{0xa, 0x6, @broadcast}, {0xa, 0x6, @device_b}, {0xa, 0x6, @device_b}, {0xa, 0x6, @device_b}]}]}]}, @NL80211_ATTR_NAN_FUNC={0x59c, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_SERVICE_ID={0xa, 0x2, "151494b3441e"}, @NL80211_NAN_FUNC_PUBLISH_BCAST={0x4}, @NL80211_NAN_FUNC_SERVICE_ID={0xa, 0x2, "def9ff142e67"}, @NL80211_NAN_FUNC_CLOSE_RANGE={0x4}, @NL80211_NAN_FUNC_TX_MATCH_FILTER={0x328, 0xe, 0x0, 0x1, [{0x24, 0x0, "85113ae75b40fcb158ea49add86548100b128b6ed4d0587526ea315ab15f7053"}, {0x9, 0x0, "135c04905e"}, {0xab, 0x0, "c710b2422fb0e47abdb359f75aa040d1331f0fb9efebce46f87d3934930b49457b529ea3ed6e38119dd6868e17e9926cb61d9b78274a0059796796332af84ea6fc87602086f5771d152adee42b9d0728e9a9a61da7e1fe5dc995d7b64c58feb175bee9a832a4234e668e317ee7fbd93efa2e294c1772c14919b9a43979e2a5bc3ed7810d76ae4124c4666a3c049db19fa78057a183480719028309a82d84b267523053005542db"}, {0x82, 0x0, "b38a33fa128258dc5860711952ce3f7694757976743d986d8561173ab461a4e2c248d12b12f9682afd503b4008bd5cbbe150b133702b561cc7ebe38097a2f6603f7a38c08868d358962c98392b042f69cd2442ac3161ebcda12ca095c9127581cb24ba0cd05cfda8ccc52a2493a75b994c88411106166258bd0a6d00a3af"}, {0xf0, 0x0, "8e79184788b0f2f3869f1d6f68bfe305d295d1dff9369cf722f74db211c0c58ec89139097368eac71a0c425ac0819960d2f0dd6caeab67e46a58b34d05caa9ee0589af35c4438e9ae1fcc34fec463d096e00ef8771731c6a15ae8ba9a7a7f2dc4a561fbd0ce626f732885ff021866da9f2134d2b3e274719a0ad2245a34ccb19784df16c41641d40814392c776edc26052df31a30c3e51af35645c20c7879ef8cd5a6fac2c22547aae64d5d8a0d9db3a77d78003c2be8aab89f7301e85c66d27d543d4ab65048af19298f60f6207824001e12df882499bf9e44f3f99e2adecf6ecc2876ec9720e78b4460050"}, {0xd2, 0x0, "3a387663c1eef5784894d734f5392e6197185049b3fe071f598ef9631757c1fd998ba4b65c804a69ac894fc9191f5458f5907b4fff49f9fbb25581b1d4fe6c55d8437c39244d6585cd6639b460c26b94f200975b9979aedde891e7e01013ef6958285222337ca038b7825267d5d8aac08c9b67aebb7475e47d45bfd3a0f598d9d1b63f44025e430d5d66441cbf8d96929cba6ad32026a4e23584d992fb4b7d8f3636999ee5886ca70f7411ae72c7005a80097dba7eff9bc8ee09969aaa2d5b37a4dc7c22db64783e14cf11dc3e8b"}]}, @NL80211_NAN_FUNC_SRF={0x12c, 0xc, 0x0, 0x1, [@NL80211_NAN_SRF_MAC_ADDRS={0x10, 0x4, 0x0, 0x1, [{0xa, 0x6, @broadcast}]}, @NL80211_NAN_SRF_BF={0x103, 0x2, "a7e075def50174c3ed3a7c53843a0951e3bab44bb28eb62e5727626a295af5f42a8a482d16ebe2137730f136c8a36274b3fd2ffd35a450b884a76d9e8ced341835977e9ec150ef38dd4f184a656de33be2f5ba756edcf31ded5ccb85bae05e1d7ba0dec20d27d64dd68e0a3cb2d6ec48fe4e71f82c28ff863da1d372ab54595466077a528d9ed0d959fda26882a0b0021527023f5526ea124adbaa3f916c959d4bb2966c3230567f982ebe2a13db29a82fc978504fb727c6b5206087700868153b0590fc96828aa33be951063e6cfbdd2d8069696b5f6057ec7b360149087af1d7e815495498b13e8d8777b15662e96348d296019e04f0984ae77d8e2f236d"}, @NL80211_NAN_SRF_BF_IDX={0x5, 0x3, 0x80}, @NL80211_NAN_SRF_BF_IDX={0x5, 0x3, 0x8}, @NL80211_NAN_SRF_INCLUDE={0x4}]}, @NL80211_NAN_FUNC_PUBLISH_BCAST={0x4}, @NL80211_NAN_FUNC_SERVICE_INFO={0xd0, 0xb, "50f4bdd9d5871748a438ad02ee8cbceeb2a8c8b6cb6521fe5e87262d542a1626ac7cb073375238a2262a1795d1b2f6bb1e51fa775ef02cd6dcd909b507bfa109e4488d0d29aad02bf45425c25e563612fa5d44752939ae37f3c7b98d035df4bf6b036b8afb9e0c536d26d3e18601e8301bfa3bf327560d826090afc9a5f004319e33a0d00dbb94e744ae48c2b3e12a7e0484966e8f154ef5944e45b6896c878821b452870764018feae2798e7e639bb72a53a92f908f2f59cdb820ebbdc73630963bc29cb1b636654ccd938e"}, @NL80211_NAN_FUNC_SERVICE_INFO={0x4d, 0xb, "6896a6ebc18cdff367e220af26e07a1a489af68e6f71079bd5a9e5a07194b227590410bec18b90712d826be92986a80e6502e2c4463e5bde223f6e016b2787999a56f8627bc1e34c7c"}]}]}, 0x788}, 0x1, 0x0, 0x0, 0x24000000}, 0x8800) (async)
r9 = open(&(0x7f0000001e00)='./file1\x00', 0xe8402, 0x50)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r6, 0x8933, &(0x7f0000001e40)={'batadv0\x00', <r10=>0x0})
bind$xdp(r9, &(0x7f0000001e80)={0x2c, 0xc, r10, 0x11, r3}, 0x10)

2m10.622916256s ago: executing program 33 (id=10403):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_PROBE_CLIENT(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x50, r0, 0x100, 0x70bd25, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x50}, 0x1, 0x0, 0x0, 0x2c623a4d87bb3383}, 0x1) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_WOL_SET(r1, &(0x7f00000003c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000380)={&(0x7f0000000200)={0x148, r2, 0x4, 0x70bd2d, 0x25dfdbfd, {}, [@ETHTOOL_A_WOL_HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'caif0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @ETHTOOL_A_WOL_SOPASS={0xfc, 0x3, "db9f3542594ad83e5338de218e948c568f203864982240bdba0309288be5f91721c808474b5f7348be99780a8bbdb9ffb64dab19951fbad598998954742d3cdc8cecd5c75ad88f8e08d198530cefc05a7f96c409c1e37615047cf17888d29fe04b8910aa76a2e7ece2b4486180164df80183c4fd8733880ba0e5d17901ed710b45ce0d1d0036499946a9abec6a1e3bd1a6ad0d24e7ddd95e8c67317a0ce37e21354b1587edb2ba84fc87cc654d9e0350ffacea09ae1ca086b887924771a2786afc8d8facfb4bd24686111650975e9803139871f657a27d07c87205883658ba8d9abd91bfe1aef4006f0f6bfd73bb0cae4ec6ce5bd76e2d34"}, @ETHTOOL_A_WOL_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @ETHTOOL_A_WOL_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}]}, 0x148}, 0x1, 0x0, 0x0, 0x8844}, 0x4000) (async)
preadv(r1, &(0x7f0000000900)=[{&(0x7f0000000400)=""/65, 0x41}, {&(0x7f0000000480)=""/175, 0xaf}, {&(0x7f0000000540)=""/93, 0x5d}, {&(0x7f00000005c0)=""/91, 0x5b}, {&(0x7f0000000640)=""/18, 0x12}, {&(0x7f0000000680)=""/217, 0xd9}, {&(0x7f0000000780)=""/66, 0x42}, {&(0x7f0000000800)=""/28, 0x1c}, {&(0x7f0000000840)=""/18, 0x12}, {&(0x7f0000000880)=""/78, 0x4e}], 0xa, 0x8, 0x9) (async)
r3 = dup3(r1, r1, 0x0)
syz_io_uring_setup(0x4205, &(0x7f00000009c0)={0x0, 0x6e55, 0x8901, 0x0, 0x9b, 0x0, r3}, &(0x7f0000000a40), &(0x7f0000000a80)) (async)
sendmsg$RDMA_NLDEV_CMD_RES_GET(r3, &(0x7f0000000b80)={&(0x7f0000000ac0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000b40)={&(0x7f0000000b00)={0x28, 0x1409, 0x2, 0x70bd29, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}]}, 0x28}, 0x1, 0x0, 0x0, 0x400c880}, 0x1) (async)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r3, &(0x7f0000000c80)={&(0x7f0000000bc0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000c40)={&(0x7f0000000c00)={0x30, 0x1411, 0x4, 0x70bd2c, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_STAT_MODE={0x8}, @RDMA_NLDEV_ATTR_STAT_RES={0x8, 0x4b, 0x13}, @RDMA_NLDEV_ATTR_STAT_MODE={0x8, 0x4a, 0x3}]}, 0x30}, 0x1, 0x0, 0x0, 0x4}, 0x4000040)
ioctl$AUTOFS_DEV_IOCTL_FAIL(r3, 0xc0189377, &(0x7f0000000cc0)={{0x1, 0x1, 0x18, <r4=>r1, {0x0, 0x5}}, './file0\x00'})
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r4, &(0x7f0000000dc0)={&(0x7f0000000d00)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000d80)={&(0x7f0000000d40)={0x30, 0x1411, 0x20, 0x70bd25, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x1}, @RDMA_NLDEV_ATTR_RES_MRN={0x8}, @RDMA_NLDEV_ATTR_STAT_MODE={0x8, 0x4a, 0x2}, @RDMA_NLDEV_ATTR_STAT_COUNTER_ID={0x8, 0x4f, 0x4}]}, 0x30}}, 0x20000000) (async)
recvfrom(r3, &(0x7f0000000e00)=""/176, 0xb0, 0x20, &(0x7f0000000ec0)=@rc={0x1f, @none, 0x6}, 0x80) (async)
sendmsg$nl_route_sched(r3, &(0x7f0000001040)={&(0x7f0000000f40)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001000)={&(0x7f0000000f80)=@newqdisc={0x6c, 0x24, 0x12a, 0x70bd2d, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x8, 0xf}, {0x4, 0xd}, {0xf}}, [@TCA_INGRESS_BLOCK={0x8, 0xd, 0x552}, @qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0x10, 0x3, {0x67, 0x5, 0xad}}}}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0xff}, @TCA_RATE={0x6, 0x5, {0x1, 0x5}}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x3}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x4}]}, 0x6c}}, 0x20000010) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000001180)={r3, 0x20, &(0x7f0000001140)={&(0x7f0000001080)=""/87, 0x57, 0x0, &(0x7f0000001100)=""/63, 0x3f}}, 0x10) (async)
recvfrom(r3, &(0x7f00000011c0)=""/108, 0x6c, 0x120, &(0x7f0000001240)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x0, 0x2, 0x3, 0x0, {0xa, 0x4e21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x1}}}, 0x80)
r5 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000012c0), 0x2, 0x0) (async)
inotify_init1(0x0) (async)
setsockopt$netlink_NETLINK_RX_RING(r3, 0x10e, 0x6, &(0x7f0000001300)={0x7, 0x7, 0x1, 0x731}, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r7 = syz_genetlink_get_family_id$mptcp(&(0x7f0000001380), r3)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r6, &(0x7f0000001480)={&(0x7f0000001340)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000001440)={&(0x7f00000013c0)={0x78, r7, 0x20c, 0x70bd27, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_ADDR_REMOTE={0xc, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x1e}, @MPTCP_PM_ATTR_ADDR={0x20, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @loopback}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x10}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0xffff0000}]}, 0x78}, 0x1, 0x0, 0x0, 0x2004c804}, 0x4000000) (async)
close_range(r5, r1, 0x0) (async)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000001500)=@generic={&(0x7f00000014c0)='./file0\x00', 0x0, 0x8}, 0x18) (async)
shutdown(r1, 0x0) (async)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000001580)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_ADD_NAN_FUNCTION(r3, &(0x7f0000001dc0)={&(0x7f0000001540)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000001d80)={&(0x7f00000015c0)={0x788, r0, 0x0, 0x70bd2d, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_NAN_FUNC={0x160, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_SERVICE_INFO={0x3e, 0xb, "f5e02e02e3c63ea06a9e6dcc397a49a1e7bcbede673177fcfa7999f9fb42958abe5a13e0f80308f6b5bf8768e8d8d882ed6a2f240f442df6be5f"}, @NL80211_NAN_FUNC_FOLLOW_UP_REQ_ID={0x5, 0x7, 0xd}, @NL80211_NAN_FUNC_SUBSCRIBE_ACTIVE={0x4}, @NL80211_NAN_FUNC_SRF={0x108, 0xc, 0x0, 0x1, [@NL80211_NAN_SRF_BF={0x103, 0x2, "daab3379ee728ca7355281cb5ba8db7b0c439bd533f327e6b34f1e461f8db74bb93737c8b280148682296100c13457a2948217788373cc684ef2ab848ef23113e53ac2e3ea221ed86e38b9b2765547c90ad00a8d03883f9af19d76f6cc5f5b3f57c8460bbec369d28e097e9bca914cc00ec8d2f7bd9b816d0ee5239825f7ce2995edf68995794019e9a73f542ea0d034e24248031b82325cb73805bce5e144339cf4e90d05854d8d8098e231cb1b3f281ac25ebd74ac219ed44a7a8c9a957aea3d82134864d1a2ef2c2fe19c6dc3cbc8f4c3078ec0036bfae9b82e145c9506d73977db9b5cf6bdad5dc1bac7560e95c1f458472605f8546571ef026d78f9a4"}]}, @NL80211_NAN_FUNC_FOLLOW_UP_ID={0x5, 0x6, 0x7}]}, @NL80211_ATTR_NAN_FUNC={0x8, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_SUBSCRIBE_ACTIVE={0x4}]}, @NL80211_ATTR_NAN_FUNC={0x68, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_PUBLISH_TYPE={0x5, 0x3, 0x51}, @NL80211_NAN_FUNC_PUBLISH_BCAST={0x4}, @NL80211_NAN_FUNC_PUBLISH_TYPE={0x5, 0x3, 0x2}, @NL80211_NAN_FUNC_SRF={0x50, 0xc, 0x0, 0x1, [@NL80211_NAN_SRF_BF_IDX={0x5}, @NL80211_NAN_SRF_BF_IDX={0x5, 0x3, 0xb9}, @NL80211_NAN_SRF_BF_IDX={0x5}, @NL80211_NAN_SRF_MAC_ADDRS={0x34, 0x4, 0x0, 0x1, [{0xa, 0x6, @broadcast}, {0xa, 0x6, @device_b}, {0xa, 0x6, @device_b}, {0xa, 0x6, @device_b}]}]}]}, @NL80211_ATTR_NAN_FUNC={0x59c, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_SERVICE_ID={0xa, 0x2, "151494b3441e"}, @NL80211_NAN_FUNC_PUBLISH_BCAST={0x4}, @NL80211_NAN_FUNC_SERVICE_ID={0xa, 0x2, "def9ff142e67"}, @NL80211_NAN_FUNC_CLOSE_RANGE={0x4}, @NL80211_NAN_FUNC_TX_MATCH_FILTER={0x328, 0xe, 0x0, 0x1, [{0x24, 0x0, "85113ae75b40fcb158ea49add86548100b128b6ed4d0587526ea315ab15f7053"}, {0x9, 0x0, "135c04905e"}, {0xab, 0x0, "c710b2422fb0e47abdb359f75aa040d1331f0fb9efebce46f87d3934930b49457b529ea3ed6e38119dd6868e17e9926cb61d9b78274a0059796796332af84ea6fc87602086f5771d152adee42b9d0728e9a9a61da7e1fe5dc995d7b64c58feb175bee9a832a4234e668e317ee7fbd93efa2e294c1772c14919b9a43979e2a5bc3ed7810d76ae4124c4666a3c049db19fa78057a183480719028309a82d84b267523053005542db"}, {0x82, 0x0, "b38a33fa128258dc5860711952ce3f7694757976743d986d8561173ab461a4e2c248d12b12f9682afd503b4008bd5cbbe150b133702b561cc7ebe38097a2f6603f7a38c08868d358962c98392b042f69cd2442ac3161ebcda12ca095c9127581cb24ba0cd05cfda8ccc52a2493a75b994c88411106166258bd0a6d00a3af"}, {0xf0, 0x0, "8e79184788b0f2f3869f1d6f68bfe305d295d1dff9369cf722f74db211c0c58ec89139097368eac71a0c425ac0819960d2f0dd6caeab67e46a58b34d05caa9ee0589af35c4438e9ae1fcc34fec463d096e00ef8771731c6a15ae8ba9a7a7f2dc4a561fbd0ce626f732885ff021866da9f2134d2b3e274719a0ad2245a34ccb19784df16c41641d40814392c776edc26052df31a30c3e51af35645c20c7879ef8cd5a6fac2c22547aae64d5d8a0d9db3a77d78003c2be8aab89f7301e85c66d27d543d4ab65048af19298f60f6207824001e12df882499bf9e44f3f99e2adecf6ecc2876ec9720e78b4460050"}, {0xd2, 0x0, "3a387663c1eef5784894d734f5392e6197185049b3fe071f598ef9631757c1fd998ba4b65c804a69ac894fc9191f5458f5907b4fff49f9fbb25581b1d4fe6c55d8437c39244d6585cd6639b460c26b94f200975b9979aedde891e7e01013ef6958285222337ca038b7825267d5d8aac08c9b67aebb7475e47d45bfd3a0f598d9d1b63f44025e430d5d66441cbf8d96929cba6ad32026a4e23584d992fb4b7d8f3636999ee5886ca70f7411ae72c7005a80097dba7eff9bc8ee09969aaa2d5b37a4dc7c22db64783e14cf11dc3e8b"}]}, @NL80211_NAN_FUNC_SRF={0x12c, 0xc, 0x0, 0x1, [@NL80211_NAN_SRF_MAC_ADDRS={0x10, 0x4, 0x0, 0x1, [{0xa, 0x6, @broadcast}]}, @NL80211_NAN_SRF_BF={0x103, 0x2, "a7e075def50174c3ed3a7c53843a0951e3bab44bb28eb62e5727626a295af5f42a8a482d16ebe2137730f136c8a36274b3fd2ffd35a450b884a76d9e8ced341835977e9ec150ef38dd4f184a656de33be2f5ba756edcf31ded5ccb85bae05e1d7ba0dec20d27d64dd68e0a3cb2d6ec48fe4e71f82c28ff863da1d372ab54595466077a528d9ed0d959fda26882a0b0021527023f5526ea124adbaa3f916c959d4bb2966c3230567f982ebe2a13db29a82fc978504fb727c6b5206087700868153b0590fc96828aa33be951063e6cfbdd2d8069696b5f6057ec7b360149087af1d7e815495498b13e8d8777b15662e96348d296019e04f0984ae77d8e2f236d"}, @NL80211_NAN_SRF_BF_IDX={0x5, 0x3, 0x80}, @NL80211_NAN_SRF_BF_IDX={0x5, 0x3, 0x8}, @NL80211_NAN_SRF_INCLUDE={0x4}]}, @NL80211_NAN_FUNC_PUBLISH_BCAST={0x4}, @NL80211_NAN_FUNC_SERVICE_INFO={0xd0, 0xb, "50f4bdd9d5871748a438ad02ee8cbceeb2a8c8b6cb6521fe5e87262d542a1626ac7cb073375238a2262a1795d1b2f6bb1e51fa775ef02cd6dcd909b507bfa109e4488d0d29aad02bf45425c25e563612fa5d44752939ae37f3c7b98d035df4bf6b036b8afb9e0c536d26d3e18601e8301bfa3bf327560d826090afc9a5f004319e33a0d00dbb94e744ae48c2b3e12a7e0484966e8f154ef5944e45b6896c878821b452870764018feae2798e7e639bb72a53a92f908f2f59cdb820ebbdc73630963bc29cb1b636654ccd938e"}, @NL80211_NAN_FUNC_SERVICE_INFO={0x4d, 0xb, "6896a6ebc18cdff367e220af26e07a1a489af68e6f71079bd5a9e5a07194b227590410bec18b90712d826be92986a80e6502e2c4463e5bde223f6e016b2787999a56f8627bc1e34c7c"}]}]}, 0x788}, 0x1, 0x0, 0x0, 0x24000000}, 0x8800) (async)
r9 = open(&(0x7f0000001e00)='./file1\x00', 0xe8402, 0x50)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r6, 0x8933, &(0x7f0000001e40)={'batadv0\x00', <r10=>0x0})
bind$xdp(r9, &(0x7f0000001e80)={0x2c, 0xc, r10, 0x11, r3}, 0x10)

7.217694329s ago: executing program 5 (id=12628):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000b00)=ANY=[@ANYBLOB="18000000000400000000000000000000850000000f00000085"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000d00)='kfree\x00', r0}, 0x18)
r1 = socket(0x15, 0x5, 0x0)
connect$unix(r1, &(0x7f0000000080)=@abs={0xa}, 0x6e)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r2, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000140)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010028bd70000000000008000000180001801400020073797a5f74756e0000000000000000001c00028018000380100001800800010009000000040003"], 0x48}}, 0x0)

6.95639612s ago: executing program 5 (id=12635):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c"], 0x48)
mmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x20010, r0, 0x1cd3d000)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000747dbc1dd100cbc799561f01c319", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x18, &(0x7f0000000400)=ANY=[@ANYBLOB="180000008b000000000000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000500088500000086000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000030000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000010000008500000082000000bf91000000000000b702000003000000850000002a000700b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0xb, 0x1001, &(0x7f0000001cc0)=""/4097, 0x41100, 0x66}, 0x94)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x88604, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x20000, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
r6 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000380)={'veth0_to_bond\x00', <r7=>0x0})
sendmsg$nl_xfrm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=@newsa={0x15c, 0x10, 0x713, 0x0, 0x25dfdbfc, {{@in=@multicast1, @in6=@mcast2, 0x4, 0x0, 0x4e21, 0x2, 0x0, 0x0, 0x0, 0x21, 0x0, 0xee00}, {@in6=@private1, 0x4d6, 0x32}, @in=@multicast2, {0x0, 0x0, 0x0, 0x9, 0xffffffff00000001, 0x0, 0x80000001, 0x543}, {0x4, 0x7fffffffffffffff, 0x0, 0x1}, {}, 0x70bd2c, 0x3500, 0x2, 0x0, 0x0, 0x50}, [@algo_aead={0x60, 0x12, {{'rfc4106(gcm(aes))\x00'}, 0xa0, 0x60, "210466d38547aa140db9a200000000c538c7cb7a"}}, @offload={0xc, 0x1c, {r7, 0x3}}]}, 0x15c}, 0x1, 0x0, 0x0, 0x880}, 0x2014)
sendmsg$MPTCP_PM_CMD_REMOVE(r2, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYRES16=0x0, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x20000080)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0x13, 0x0, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000400)='f2fs_issue_flush\x00', r8, 0x0, 0x800000000000}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
setsockopt$MRT_DEL_VIF(r6, 0x0, 0xcb, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r9 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r10 = openat$cgroup_devices(r9, &(0x7f000000a540)='devices.allow\x00', 0x2, 0x0)
write$cgroup_devices(r10, &(0x7f0000000080)=ANY=[@ANYBLOB='c *:* rr'], 0xa)

6.912462332s ago: executing program 5 (id=12638):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, 0x0, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r0}, 0x10)
add_key$user(&(0x7f0000000080), &(0x7f0000000280)={'syz', 0x0}, &(0x7f00000000c0)="ff", 0x1, 0xffffffffffffffff)

6.878796103s ago: executing program 5 (id=12642):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f00000003c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$unix(0x1, 0x1, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, 0x0})
getrandom(0x0, 0x0, 0x0)
bind$unix(r2, &(0x7f00000000c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r3 = syz_open_dev$usbfs(&(0x7f0000000200), 0x8, 0x81)
ioctl$USBDEVFS_REAPURB(r3, 0x4008550c, &(0x7f0000000240))
r4 = semget$private(0x0, 0x5, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xf, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xfffffffd, 0x1, @perf_config_ext={0x3fffffffc}, 0x0, 0x0, 0x0, 0x3, 0xfff, 0x75, 0x7fff}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
r6 = gettid()
process_vm_writev(r6, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0x7ffff000}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)
fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
semop(r4, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYRES32=0x0, @ANYRES32], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0xf, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000008000000850000008600000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r8}, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000400)='kmem_cache_free\x00', r1}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r9 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
writev(r9, &(0x7f0000000040)=[{&(0x7f0000000240)='4', 0x1}], 0x1)
futex(&(0x7f000000cffc)=0x1, 0x6, 0xffffffff, 0x0, 0x0, 0x0)
mbind(&(0x7f0000400000/0xc00000)=nil, 0xc01100, 0x0, 0x0, 0x0, 0x2)
futex(&(0x7f000000cffc)=0x1, 0x6, 0x4000f0, 0x0, 0x0, 0x0)

5.696194115s ago: executing program 5 (id=12646):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000b00)=ANY=[@ANYBLOB="18000000000400000000000000000000850000000f00000085"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000d00)='kfree\x00', r0}, 0x18)
r1 = socket(0x15, 0x5, 0x0)
connect$unix(r1, &(0x7f0000000080)=@abs={0xa}, 0x6e)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r2, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000140)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010028bd70000000000008000000180001801400020073797a5f74756e0000000000000000001c00028018000380100001800800010009000000040003"], 0x48}}, 0x0)

5.641086367s ago: executing program 5 (id=12649):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
syz_emit_ethernet(0x52, &(0x7f00000002c0)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000086dd"], 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x3, 0xc, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0x0, 0x0, 0x8, &(0x7f00000002c0), &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000740), 0x1, r2}, 0x38)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4000000}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b000000000000000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fdffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000002f80)={0x0, 0x0, &(0x7f0000002f40)={&(0x7f0000000300)=@newtaction={0x68, 0x30, 0x1, 0x70bd2d, 0x0, {}, [{0x54, 0x1, [@m_skbedit={0x50, 0x1, 0x0, 0x0, {{0xc}, {0x24, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PARMS={0x18}, @TCA_SKBEDIT_PRIORITY={0x8, 0x3, {0x4}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x4040000}, 0x40)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000840)={'veth1_to_bond\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000a40)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0x4}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x1000, 0x5, 0x3, 0x1, 0x9}, 0x9, 0x1, 0x1, 0x6, 0x41, 0x11, 0x12, 0x6, 0x4, 0xfffffff8, {0xe61a, 0x8000, 0x10006, 0x1, 0x6, 0xbf5}}}}]}, 0x78}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x28, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="140100002900010000000000fcdbdf2503"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)

5.293977422s ago: executing program 3 (id=12672):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c"], 0x48)
mmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x20010, r0, 0x1cd3d000)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000747dbc1dd100cbc799561f01c319", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x50)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x18, &(0x7f0000000400)=ANY=[@ANYBLOB="180000008b000000000000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000500088500000086000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000030000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000010000008500000082000000bf91000000000000b702000003000000850000002a000700b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0xb, 0x1001, &(0x7f0000001cc0)=""/4097, 0x41100, 0x66}, 0x94)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x88604, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x20000, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
r7 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000380)={'veth0_to_bond\x00', <r8=>0x0})
sendmsg$nl_xfrm(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=@newsa={0x15c, 0x10, 0x713, 0x0, 0x25dfdbfc, {{@in=@multicast1, @in6=@mcast2, 0x4, 0x0, 0x4e21, 0x2, 0x0, 0x0, 0x0, 0x21, 0x0, 0xee00}, {@in6=@private1, 0x4d6, 0x32}, @in=@multicast2, {0x0, 0x0, 0x0, 0x9, 0xffffffff00000001, 0x0, 0x80000001, 0x543}, {0x4, 0x7fffffffffffffff, 0x0, 0x1}, {}, 0x70bd2c, 0x3500, 0x2, 0x0, 0x0, 0x50}, [@algo_aead={0x60, 0x12, {{'rfc4106(gcm(aes))\x00'}, 0xa0, 0x60, "210466d38547aa140db9a200000000c538c7cb7a"}}, @offload={0xc, 0x1c, {r8, 0x3}}]}, 0x15c}, 0x1, 0x0, 0x0, 0x880}, 0x2014)
sendmsg$MPTCP_PM_CMD_REMOVE(r3, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYRES16=0x0, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x20000080)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0x13, 0x0, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000400)='f2fs_issue_flush\x00', r9, 0x0, 0x800000000000}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='svc_authenticate\x00', r2}, 0x18)
setsockopt$MRT_DEL_VIF(r7, 0x0, 0xcb, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r10 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r11 = openat$cgroup_devices(r10, &(0x7f000000a540)='devices.allow\x00', 0x2, 0x0)
write$cgroup_devices(r11, &(0x7f0000000080)=ANY=[@ANYBLOB='c *:* rr'], 0xa)

5.222203405s ago: executing program 3 (id=12663):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000100)={0x0, 'erspan0\x00', {0x1}, 0x26})
openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000000800000003"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r3}, 0x10)
add_key$user(&(0x7f0000000080), &(0x7f0000000280)={'syz', 0x0}, &(0x7f00000000c0)="ff", 0x1, 0xffffffffffffffff)

3.821478045s ago: executing program 3 (id=12675):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c"], 0x48)
mmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x20010, r0, 0x1cd3d000)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000747dbc1dd100cbc799561f01c319", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x50)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x18, &(0x7f0000000400)=ANY=[@ANYBLOB="180000008b000000000000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000500088500000086000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000030000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000010000008500000082000000bf91000000000000b702000003000000850000002a000700b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0xb, 0x1001, &(0x7f0000001cc0)=""/4097, 0x41100, 0x66}, 0x94)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x88604, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x20000, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
r7 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000380)={'veth0_to_bond\x00', <r8=>0x0})
sendmsg$nl_xfrm(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=@newsa={0x15c, 0x10, 0x713, 0x0, 0x25dfdbfc, {{@in=@multicast1, @in6=@mcast2, 0x4, 0x0, 0x4e21, 0x2, 0x0, 0x0, 0x0, 0x21, 0x0, 0xee00}, {@in6=@private1, 0x4d6, 0x32}, @in=@multicast2, {0x0, 0x0, 0x0, 0x9, 0xffffffff00000001, 0x0, 0x80000001, 0x543}, {0x4, 0x7fffffffffffffff, 0x0, 0x1}, {}, 0x70bd2c, 0x3500, 0x2, 0x0, 0x0, 0x50}, [@algo_aead={0x60, 0x12, {{'rfc4106(gcm(aes))\x00'}, 0xa0, 0x60, "210466d38547aa140db9a200000000c538c7cb7a"}}, @offload={0xc, 0x1c, {r8, 0x3}}]}, 0x15c}, 0x1, 0x0, 0x0, 0x880}, 0x2014)
sendmsg$MPTCP_PM_CMD_REMOVE(r3, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYRES16=0x0, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x20000080)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0x13, 0x0, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000400)='f2fs_issue_flush\x00', r9, 0x0, 0x800000000000}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='svc_authenticate\x00', r2}, 0x18)
setsockopt$MRT_DEL_VIF(r7, 0x0, 0xcb, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r10 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r11 = openat$cgroup_devices(r10, &(0x7f000000a540)='devices.allow\x00', 0x2, 0x0)
write$cgroup_devices(r11, &(0x7f0000000080)=ANY=[@ANYBLOB='c *:* rr'], 0xa)

3.774555057s ago: executing program 3 (id=12679):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x7)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in=@initdev={0xac, 0x1e, 0x1, 0x0}, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}, {@in=@dev={0xac, 0x14, 0x14, 0x20}, 0x4d3, 0x32}, @in=@broadcast, {0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x9}, {}, {}, 0x0, 0x0, 0xa}, [@algo_crypt={0x48, 0x2, {{'cbc(aes)\x00'}}}]}, 0x138}}, 0x0)
mkdir(&(0x7f0000000540)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0xa, 0x4, 0x4, 0x5, 0x2}, 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{r4, <r5=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)='%ps    \x00'}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_emit_ethernet(0x72, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000500)='9p_client_req\x00', r6}, 0x10)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x12, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff03, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0xe0880, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r8}, 0x10)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
r9 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r9, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r9, &(0x7f0000000000)={&(0x7f0000000040)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, &(0x7f00000004c0)=[@rdma_args={0x48, 0x114, 0x1, {{0x3, 0x3}, {0x0}, &(0x7f0000000440)=[{&(0x7f0000000a00)=""/4096, 0x1000}], 0x1, 0x60, 0x4}}], 0x48, 0x8004}, 0x0)
r10 = dup(r3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000500)='9p_client_req\x00', r7}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x10, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r10}, 0x2c, {[], [], 0x6b}})
r11 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1b, 0x10, &(0x7f0000000880)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000041000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r11, @ANYBLOB="0000000000000000b70400000800000085000000950000009500000000000000940560f7577030950fc50e9425370e4e0f722ec594d78a2820b705e0cec7cef696b1d3ac4db83e290e7cfd0bfbb76ad374eb938c6dbd4b0d12c45378be679a1a2cefd6c401cd6b762e40eae641e90fc8819dc88b3816e7a6775c915315f874251d225cf108400c1f86d06ed3a27e0c97ee8af192e5b588a14caed720b04a02caec0454f914c68b39d12b46f254ca47b565a2f15af31c68829b499fab51ce806442c471211f3e7c290cfb8aa8945b7e5337f09387e82a"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xeb48195b69e85694, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r12, 0x0, 0x5}, 0x18)
sendmsg$IEEE802154_LLSEC_ADD_DEVKEY(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000640)={&(0x7f0000000380)={0x1c, 0x0, 0x410, 0x70bd29, 0x25dfdbfc, {}, [@IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0x70}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x24008004)

3.577188496s ago: executing program 3 (id=12687):
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0xa, 0x4, 0x4, 0x5, 0x2}, 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)='%ps    \x00'}, 0x20)
r3 = syz_open_procfs(0x0, &(0x7f0000000100)='attr/fscreate\x00')
lseek(r3, 0x8020100001, 0x0)
mkdir(&(0x7f0000000580)='./file0\x00', 0x92)
setxattr$security_capability(0x0, &(0x7f0000000280), 0x0, 0x0, 0x0)
lsetxattr$security_capability(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), &(0x7f0000000040)=@v2={0x2000000, [{0x9, 0xfffffff7}, {0xde7, 0x8002}]}, 0x14, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
socket$inet_sctp(0x2, 0x1, 0x84)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES16=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket(0x2b, 0xe, 0xff)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10)
lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)=ANY=[], &(0x7f00000002c0)=""/203, 0xfffffffffffffe5f)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f00000005c0)=ANY=[@ANYBLOB="18080500000000000000000000000000181100001fe4639bfe30584590a79f14ab7c2918653cc88b0d18783bd410e57bb97d3024b375d9fe253e87a6d5726d41220af2068fdcb59cd93d2e447039350ec065c9ee219fe1088609e294fc8d219f0d18c052cee501cbb410a0dcd5bdf36633a57a2ac2a4a01b8002c55d7e2f5474", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r8 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r8, 0xa02000000000000, 0x60, &(0x7f0000000000)={'filter\x00', 0xb001, 0x4, 0x3e8, 0x0, 0x0, 0x130, 0x300, 0x300, 0x300, 0x7fffffe, 0x0, {[{{@arp={@local, @empty, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'pimreg\x00', 'veth0_to_bridge\x00'}, 0xc0, 0x130}, @unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "f67b23ffdfa27f907a03732da3acbc6518e62a77ca06f258762e88c0d9f9d2f413b94a105f4bdf01425ce81c5d000000000000000500ffffffff00"}}}, {{@arp={@multicast2, @empty, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_to_team\x00', 'ip6tnl0\x00'}, 0xc0, 0xe8}, @unspec=@CLASSIFY={0x28}}, {{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE3={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x438)
r9 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
r10 = socket(0x10, 0x803, 0x0)
getsockname$packet(r10, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000080), &(0x7f00000001c0)=0xc)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r9)

2.404121866s ago: executing program 3 (id=12704):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000340)='/proc/sysvipc/msg\x00', 0x0, 0x0)
ioctl$BTRFS_IOC_DEFRAG_RANGE(r0, 0x40309410, &(0x7f0000000400)={0x5, 0x5, 0x2, 0x5d, 0x0, [0xd, 0xa77a, 0x60, 0x2194]})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000ed074479000000000000000018000000", @ANYRES32=0x0, @ANYRES32=0x0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x33, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r1, 0x0, 0x20000ffffffff}, 0x18)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TCFLSH(r2, 0x400455c8, 0x0)
syz_usb_connect(0x2, 0xfffffffffffffe86, 0x0, 0x0)
open(&(0x7f0000000080)='.\x00', 0x518282, 0x78e22799f4a46e8e)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
syz_emit_ethernet(0x4e, &(0x7f0000000140)={@local, @random, @void, {@ipv4={0x800, @tcp={{0xb, 0x4, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x6, 0x0, @dev, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@ssrr={0x89, 0xf, 0x45, [@private=0x7, @empty, @empty]}, @timestamp={0x44, 0x8, 0x5, 0x3, 0x0, [0x0]}]}}, {{0xfffe, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d000000180100002020732600000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000180)='kfree\x00', r3, 0x0, 0x2}, 0x18)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0}, 0x50)
syz_io_uring_setup(0x2c0c, &(0x7f0000000400)={0x0, 0x0, 0x14002}, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
r4 = timerfd_create(0x0, 0x0)
timerfd_settime(r4, 0x3, &(0x7f0000000380)={{0x0, 0x989680}}, 0x0)
r5 = timerfd_create(0x0, 0x0)
timerfd_settime(r5, 0x3, &(0x7f0000000440)={{0x0, 0x3938700}}, 0x0)
r6 = memfd_create(&(0x7f00000005c0)='-B\xd5NI\xc5j\x9appp\xf0\b\x84\xa2m\x00\v\x18\x004\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\xca\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xacva}knh#\xcf)\x0f\xc8\xc0:\x9cc\x10`\xee\xa9\x8b\x06%\xb8G\xd1c\xe1$\xff\x97k\xde\xc5\xa96\xddU)\xc98M\xcd\xfb\xcc\x82n=\x7f=\xd9Jx\xaa\x8f~\xb94a\xa9\xb2\x04K\x98\x93=\xabQ\xf7\x05\x1d\xa1\xce\x8b\x19\xea\xef\xe3\xd6m\xf7@]iNP\xf1\x1d\xab\x13\xce\x152s\xb8\x85\x98\x84\xbf\x8c\x80{\x16\t\xd6\x17P3\xe9\xebGKL\xd3\x88\xd2\rLG\x8e\xd6\xa72\xf4\x92\xeb&\xa5\xcc\x14FZN\x98%[p\x989\xf6\xf5\xb6\xedk\xe6\xb0\xa1\x8f\x90\xdb\xd6h)\x0f6\x88\x03P\x8ak\xf9\xc9\x82`\xa7Ku\x99\xab\xd4\xb2\xaa1\x99O\x8b\x99-\xe3', 0x1)
dup(r6)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
clock_adjtime(0x0, &(0x7f0000000000)={0x3ff, 0x0, 0x0, 0xc, 0x0, 0x0, 0x4, 0x200000000000000, 0x0, 0x100, 0x0, 0x0, 0x9, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x1000, 0x8, 0x2, 0x3, 0x0, 0x3})
ioctl$TIOCVHANGUP(r2, 0x5437, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={r7, &(0x7f0000000140), &(0x7f0000000000)=""/6, 0x2}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000800)={r7, &(0x7f0000000500)}, 0x20)
bind$can_raw(0xffffffffffffffff, &(0x7f0000000000), 0x10)

2.237902104s ago: executing program 6 (id=12707):
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_FLUSH(r0, 0x0, 0xd1, &(0x7f0000000000)=0xf, 0x4)
getsockopt$MRT(r0, 0x0, 0xcf, 0x0, &(0x7f00000001c0))
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000480)={[{@resgid}, {}, {@data_err_ignore}, {@nobarrier}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@nombcache}, {@stripe={'stripe', 0x3d, 0x2}}]}, 0x3, 0x572, &(0x7f0000000c40)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwIF6kCCIWxD/Au8fiH6B/RUELRUrQg5fIbGbbbZLNJunWbJ3PB6Z9b2ayb96++b79zs4uG0BhjWT/lCJejoivk4iDbdsGI984srLf0sNrk9mSxPLyJ38mkeTrWvsn+f/788pLEfHLFxHHS2vbrS8szlSq1XQur482Zi+P1hcWT1ycrUyn0+ml8YmJU29NjL/7zts96+vr5/7+7uO7H5z66ujStz/dP3Q7iTNxIN/W3o+ncKO9MhIj+XMyFGdW7TjWg8b6SbLTB8C2DORxPhTZHHAwBvKoB/7/rkfEMlBQifiHgmrlAa1r+x5dBz83Hry/cgG0tv+DK++NxJ7mtdG+peSJK6Psene4B+1nbfz8x53b2RJd3oe43oP2AFpu3IyIk4ODa+e/JJ//tu9k883jja1uo2ivP7CT7mb5zxvr5T+lR/lPrJP/7F8ndreje/yX7vegmY6y/O+9dfPfR1PX8EBee6GZ8w0lFy5W05MR8WJEHIuh3Vl9o/s5p5buLXfa1p7/ZUvWfisXzI/j/uDuJ/9mqtKoPE2f2z24GfHK4/w3iTXz/55mrrt6/LPn41xW+PXLrm0cSe+82mlb9/63630GvPxjxGvrjv/jO1rJxvcnR5vnw2jrrFjrr1tHfuvU/tb633vZ+O/buP/DSfv92vrW2/hhzz9pp23bPf93JZ82y7vydVcrjcbcWMSu5KO168cf/22r3to/6/+xoxvPf+ud/3sj4rNN9v/W4Vsdd+2H8Z/a0vhvvXDvw8+/79T+5sb/zWbpWL5mM/PfZg/waZ47AAAAAAAA6DeliDgQSan8qFwqlcsrn+84HPtK1Vq9cfxCbf7SVDS/KzscQ6XWne6DbZ+HGMs/D9uqj6+qT0TEoYj4ZmBvs16erFWndrrzAAAAAAAAAAAAAAAAAAAA0Cf2d/j+f+b3gZ0+OuCZ85PfUFxd478Xv/QE9CWv/1Bc4h+KS/xDcYl/KC7xD8Ul/qG4xD8Ul/gHAAAAAAAAAAAAAAAAAAAAAAAAAACAnjp39my2LC89vDaZ1aeuLMzP1K6cmErrM+XZ+cnyZG3ucnm6VpuupuXJ2my3x6vWapfHxmP+6mgjrTdG6wuL52dr85ca5y/OVqbT8+nQf9IrAAAAAAAAAAAAAAAAAAAAeL7UFxZnKtVqOqfQsXA6+uIwtl1Iuo3y6fxk2NIjR14Y3PkOKjyDwg5PTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQ5t8AAAD//8nLNLM=")
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='kmem_cache_free\x00', r1}, 0x10)
openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x40, 0x0)
pipe2(&(0x7f0000000000), 0x80000)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f00000011c0)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="00001300009f3b67250400000800000000000800000000000000000000000000844875f38ef22ce73aa82163b098f211c2817ec5ec01303e2584400f97b61ff46c918241939317d12f9712347771e74c8d07edfa6879e5a976aa482a1f2027ad51b2"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{0x1}, &(0x7f0000000000), &(0x7f0000000080)}, 0x20)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000100)={{0x1, 0x1, 0x18}, './file1\x00'})
socket$inet6_udp(0xa, 0x2, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x5, 0x10, &(0x7f0000000380)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb702000008000000182300008abd97150411ad2f4a50b3de4fbbc659a5fe283671160d1fdf56d938ff39950e7b6e7841e4edd7459eb652bf54f11ea5143809437e7db74a5ffb5b06f3227b00", @ANYRES16=r5, @ANYRESDEC=r2], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, r1, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', 0xffffffffffffffff, 0x0, 0x1}, 0x18)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000035c0)="5c00000013006bcd9e3fe3dc4e48aa31086b8703340000001f00000000000000040014000d000a00140000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x240000c0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)

1.334307912s ago: executing program 6 (id=12721):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c"], 0x48)
mmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x20010, r0, 0x1cd3d000)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000747dbc1dd100cbc799561f01c319", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x18, &(0x7f0000000400)=ANY=[@ANYBLOB="180000008b000000000000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000500088500000086000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000030000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000010000008500000082000000bf91000000000000b702000003000000850000002a000700b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0xb, 0x1001, &(0x7f0000001cc0)=""/4097, 0x41100, 0x66}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
sendmsg$MPTCP_PM_CMD_REMOVE(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYRES16=0x0, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x20000080)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0x13, 0x0, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000400)='f2fs_issue_flush\x00', r4, 0x0, 0x800000000000}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
setsockopt$MRT_DEL_VIF(0xffffffffffffffff, 0x0, 0xcb, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r6 = openat$cgroup_devices(r5, &(0x7f000000a540)='devices.allow\x00', 0x2, 0x0)
write$cgroup_devices(r6, &(0x7f0000000080)=ANY=[@ANYBLOB='c *:* rr'], 0xa)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)

1.282381095s ago: executing program 0 (id=12722):
r0 = socket(0x1e, 0x4, 0x0)
r1 = socket(0x1e, 0x2, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0xfffffffc}, 0x10)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2, 0x4}, 0x10)
sendmmsg(r0, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x3514}], 0x1}}], 0x400000000000181, 0x9200000000000000)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001380)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000818110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x41, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000280)='kfree\x00', r3, 0x0, 0xbc3}, 0x18)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
r4 = dup3(r1, r0, 0x0)
recvmmsg(r4, &(0x7f0000008840), 0x0, 0x40000001, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r5, 0x0)
inotify_init1(0x0)

1.188828089s ago: executing program 6 (id=12723):
socket$netlink(0x10, 0x3, 0xf)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="9feb01001800000000000000180000001800000004000000000000000000000b020000000200000000000003"], 0x0, 0x34, 0x0, 0xa}, 0x28)
r0 = socket$netlink(0x10, 0x3, 0xf)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0xb, 0x42718, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0xd07, 0x40}, 0x100b28, 0x6, 0x0, 0x1, 0x8, 0x20005, 0x77bc, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bind$netlink(r0, &(0x7f0000000a40)={0x10, 0x0, 0x25dfdbfb, 0x2ffffffff}, 0xc)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f00000003c0)=0x6, 0xdc)
socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_FLUSH(r1, 0x29, 0xd1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
getcwd(&(0x7f0000000080)=""/14, 0xe)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0}, 0x18)
socket(0x10, 0x803, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x58a5}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
syz_genetlink_get_family_id$l2tp(0x0, 0xffffffffffffffff)
r3 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r3, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r3, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027fa80a010100000004"], 0x57)
r4 = socket$netlink(0x10, 0x3, 0x0)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000380)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fdd411efc40800040000000000000000", 0x39}], 0x1)

1.128153461s ago: executing program 1 (id=12725):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$smc(&(0x7f00000033c0), 0xffffffffffffffff)
sendmsg$SMC_PNETID_ADD(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)={0x34, r3, 0x1, 0x70bd2b, 0x25dfdbfd, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'hsr0\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040000}, 0x800)
sendmsg$SMC_PNETID_FLUSH(r2, &(0x7f0000001a80)={0x0, 0x0, &(0x7f0000001a40)={&(0x7f00000019c0)={0x14, r3, 0x1, 0x70bd28, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x800)

1.095338873s ago: executing program 1 (id=12726):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f00000003c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$unix(0x1, 0x1, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, 0x0})
getrandom(0x0, 0x0, 0x0)
bind$unix(r2, &(0x7f00000000c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r3 = syz_open_dev$usbfs(&(0x7f0000000200), 0x8, 0x81)
ioctl$USBDEVFS_REAPURB(r3, 0x4008550c, &(0x7f0000000240))
r4 = semget$private(0x0, 0x5, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xf, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xfffffffd, 0x1, @perf_config_ext={0x3fffffffc}, 0x0, 0x0, 0x0, 0x3, 0xfff, 0x75, 0x7fff}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
r6 = gettid()
process_vm_writev(r6, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0x7ffff000}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)
fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
semop(r4, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYRES32=0x0, @ANYRES32], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0xf, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000008000000850000008600000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r8}, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000400)='kmem_cache_free\x00', r1}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000240)='4', 0x1}], 0x1)

1.070326164s ago: executing program 6 (id=12727):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r0}, 0x18)
add_key$user(&(0x7f0000000080), &(0x7f0000000280)={'syz', 0x0}, &(0x7f00000000c0)="ff", 0x1, 0xffffffffffffffff)

1.052926925s ago: executing program 6 (id=12728):
r0 = syz_clone(0x20006100, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000140)={'veth0_to_team\x00', &(0x7f0000000040)=@ethtool_channels={0x3c, 0x100, 0x0, 0x0, 0x4, 0x2, 0x3, 0x2000, 0xfffffffc}})
ptrace(0x8, r0)
rt_sigprocmask(0x0, &(0x7f000078b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
r2 = gettid()
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x18, 0x7ffc1fff}]})
r3 = getpid()
rt_tgsigqueueinfo(r3, r2, 0x7, &(0x7f00000019c0)={0x0, 0x3, 0x4})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18)
syz_clone3(&(0x7f0000000740)={0x8180080, 0x0, 0x0, 0x0, {0x39}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r4 = syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x0, &(0x7f0000000100)={[{@init_itable_val={'init_itable', 0x3d, 0x1}}, {@errors_remount}, {@dioread_lock}, {@barrier}, {@bsdgroups}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x2000}}]}, 0x1, 0x783, &(0x7f0000001340)="$eJzs3M9rXOUaAOD3nGaa/si9kwt3ce+mCi20UDpJmk27Mm7ETaFQcFtDMgkhJ5mSmdQkFpq6E4TabFQE0b1Lt0Kpf4A7KSi4F0RrXKibkTOZTNt0Zjptk04bnwdO5vvOfN9533dm8uUcyJkA/rFezX8kEUMRcTEiis39aUQcbLQORaxvjdu8d20q35Ko1y/9kuTTYrNebB0raT4ejcaU+F9E3ClEnH7v0bjV1bX5ySwrLzX7I7WFKyPV1bUzcwuTs+XZ8uLY+PnRc+Pj50bHd63WE2+dP3zr2zc2Nr77qnbz2MCZJCYadUeztl0L9ICt16QQEzv2L+5FsD5Kehgz8BzyAACgu/w8/0Dz3KwQxTjQ7SzNCRwAAAC8lOqD9V792fNIAAAA4AWTRL8zAAAAAPbW9v8BbN/bu1f3wXby8+sRMdwu/kDjHuKIQ1GIiCObyUO3HyRb0+CZrN+IiNsTbT5/vdzR3N3o/ebh3Tkiu+12vv5MtFt/0tb6E23Wn4Ht7054Rp3Xv/vxD3RY/y72GOPrz/5f6Bj/RnXl/WPt4iet+EmH+G/3GP/mxge3Oj1X/yLiZNu/P8lDsbp8P8TIzFzW7lerle6dv07d7Vx/xJFH4idJI2rSvf4rPdb/7uZv8+td4p863v3934o/+NC8/DPxYTOPNCJuNR/z/saOGMcXvv/m0cjJ+nb86Q6vf/v3/81W/Z/3WP+PXw6u9DgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGtKIGIokLbXaaVoqRRyNiP/GkTSrVGunZyrLi9P5cxHDUUhn5rLyaEQUt/pJ3h9rtO/3z+7oj0fEf344vBV0LiuXpirZdL+LBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoOVoRAxFkpYiIo2I34tpWir1OysAAABg1w33OwEAAABgz7n+BwAAgP3vaa//k13OAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjXLl64kG/1zXvXpvL+9NXV5fnK1TPT5ep8aWF5qjRVWbpSmq1UZrNyaaqy8LjjpRExdj6WV0Zq5WptpLq6dnmhsrxYuzy3MDlbvlwuPJeqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFJDjS1JSxGRNtppWipF/CsihqOQzMxl5dGI+HdE3C0WBvP+WL+TBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNdVV9fmJ7OsvPRyN+r7q5yeG5FEvABpdGh80nxXuo1J1iP6nmraTPRZjhPxJLOuP+Zl6XfjlT6tRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9Fd1dW1+MsvKS9V+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB/pT8lEZFvJ4snhnY+ezD5o9h4jIh3Pr300cpkrbY0lu//tbW/9nFz/9kHJl5/njUAAADAvvfakwzevk7fvo4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoVXV1bX4yy8pLe9iIG/2uEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBp/BwAA//9Js7nR")
r5 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0)
write$P9_RREADLINK(r5, &(0x7f0000000000)={0xffffffffffffff23, 0x17, 0x2, {0x7, './file0'}}, 0xfffffdab)
fadvise64(r5, 0x807f, 0x1000000, 0x4)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480), 0x4)
r6 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000100)=ANY=[@ANYBLOB='\x00'/20, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0xf, &(0x7f0000001540)=ANY=[@ANYBLOB="180300004000006c71fae100000a000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b50200000000000085000000830000004ce300000000000055090100000000009500000000000000bf91000000000000b7020000010000008500000084000000b700000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x9, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x50)
ioctl(r4, 0x9, &(0x7f00000006c0)="e080539fca2bdedf3f1729dd5f568f7000918d086a07a20f4be7d1d395cc043cc83e6a0d3ac7b658a478")
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r7, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000000380)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010026bd70000000000021040000180001801400020064756d6d7930"], 0x2c}, 0x1, 0x0, 0x0, 0x2008040}, 0x880)
openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)

905.408971ms ago: executing program 1 (id=12729):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x12, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @cgroup_sock_addr=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10)
unshare(0x2a020400)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r2}, &(0x7f0000000200), &(0x7f0000000280)}, 0x20)

844.121394ms ago: executing program 1 (id=12730):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c"], 0x48)
mmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x20010, r0, 0x1cd3d000)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000747dbc1dd100cbc799561f01c319", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x50)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x18, &(0x7f0000000400)=ANY=[@ANYBLOB="180000008b000000000000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000500088500000086000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000030000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000010000008500000082000000bf91000000000000b702000003000000850000002a000700b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0xb, 0x1001, &(0x7f0000001cc0)=""/4097, 0x41100, 0x66}, 0x94)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x88604, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x20000, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
r7 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000380)={'veth0_to_bond\x00', <r8=>0x0})
sendmsg$nl_xfrm(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=@newsa={0x15c, 0x10, 0x713, 0x0, 0x25dfdbfc, {{@in=@multicast1, @in6=@mcast2, 0x4, 0x0, 0x4e21, 0x2, 0x0, 0x0, 0x0, 0x21, 0x0, 0xee00}, {@in6=@private1, 0x4d6, 0x32}, @in=@multicast2, {0x0, 0x0, 0x0, 0x9, 0xffffffff00000001, 0x0, 0x80000001, 0x543}, {0x4, 0x7fffffffffffffff, 0x0, 0x1}, {}, 0x70bd2c, 0x3500, 0x2, 0x0, 0x0, 0x50}, [@algo_aead={0x60, 0x12, {{'rfc4106(gcm(aes))\x00'}, 0xa0, 0x60, "210466d38547aa140db9a200000000c538c7cb7a"}}, @offload={0xc, 0x1c, {r8, 0x3}}]}, 0x15c}, 0x1, 0x0, 0x0, 0x880}, 0x2014)
sendmsg$MPTCP_PM_CMD_REMOVE(r3, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYRES16=0x0, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x20000080)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0x13, 0x0, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='svc_authenticate\x00', r2}, 0x18)
setsockopt$MRT_DEL_VIF(r7, 0x0, 0xcb, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r9 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r10 = openat$cgroup_devices(r9, &(0x7f000000a540)='devices.allow\x00', 0x2, 0x0)
write$cgroup_devices(r10, &(0x7f0000000080)=ANY=[@ANYBLOB='c *:* rr'], 0xa)

791.581536ms ago: executing program 1 (id=12731):
r0 = syz_clone(0x20006100, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000140)={'veth0_to_team\x00', &(0x7f0000000040)=@ethtool_channels={0x3c, 0x100, 0x0, 0x0, 0x4, 0x2, 0x3, 0x2000, 0xfffffffc}})
ptrace(0x8, r0)
rt_sigprocmask(0x0, &(0x7f000078b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
r2 = gettid()
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x18, 0x7ffc1fff}]})
r3 = getpid()
rt_tgsigqueueinfo(r3, r2, 0x7, &(0x7f00000019c0)={0x0, 0x3, 0x4})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_clone3(&(0x7f0000000740)={0x8180080, 0x0, 0x0, 0x0, {0x39}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r4 = syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x0, &(0x7f0000000100)={[{@init_itable_val={'init_itable', 0x3d, 0x1}}, {@errors_remount}, {@dioread_lock}, {@barrier}, {@bsdgroups}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x2000}}]}, 0x1, 0x783, &(0x7f0000001340)="$eJzs3M9rXOUaAOD3nGaa/si9kwt3ce+mCi20UDpJmk27Mm7ETaFQcFtDMgkhJ5mSmdQkFpq6E4TabFQE0b1Lt0Kpf4A7KSi4F0RrXKibkTOZTNt0Zjptk04bnwdO5vvOfN9533dm8uUcyJkA/rFezX8kEUMRcTEiis39aUQcbLQORaxvjdu8d20q35Ko1y/9kuTTYrNebB0raT4ejcaU+F9E3ClEnH7v0bjV1bX5ySwrLzX7I7WFKyPV1bUzcwuTs+XZ8uLY+PnRc+Pj50bHd63WE2+dP3zr2zc2Nr77qnbz2MCZJCYadUeztl0L9ICt16QQEzv2L+5FsD5Kehgz8BzyAACgu/w8/0Dz3KwQxTjQ7SzNCRwAAAC8lOqD9V792fNIAAAA4AWTRL8zAAAAAPbW9v8BbN/bu1f3wXby8+sRMdwu/kDjHuKIQ1GIiCObyUO3HyRb0+CZrN+IiNsTbT5/vdzR3N3o/ebh3Tkiu+12vv5MtFt/0tb6E23Wn4Ht7054Rp3Xv/vxD3RY/y72GOPrz/5f6Bj/RnXl/WPt4iet+EmH+G/3GP/mxge3Oj1X/yLiZNu/P8lDsbp8P8TIzFzW7lerle6dv07d7Vx/xJFH4idJI2rSvf4rPdb/7uZv8+td4p863v3934o/+NC8/DPxYTOPNCJuNR/z/saOGMcXvv/m0cjJ+nb86Q6vf/v3/81W/Z/3WP+PXw6u9DgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGtKIGIokLbXaaVoqRRyNiP/GkTSrVGunZyrLi9P5cxHDUUhn5rLyaEQUt/pJ3h9rtO/3z+7oj0fEf344vBV0LiuXpirZdL+LBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoOVoRAxFkpYiIo2I34tpWir1OysAAABg1w33OwEAAABgz7n+BwAAgP3vaa//k13OAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjXLl64kG/1zXvXpvL+9NXV5fnK1TPT5ep8aWF5qjRVWbpSmq1UZrNyaaqy8LjjpRExdj6WV0Zq5WptpLq6dnmhsrxYuzy3MDlbvlwuPJeqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFJDjS1JSxGRNtppWipF/CsihqOQzMxl5dGI+HdE3C0WBvP+WL+TBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNdVV9fmJ7OsvPRyN+r7q5yeG5FEvABpdGh80nxXuo1J1iP6nmraTPRZjhPxJLOuP+Zl6XfjlT6tRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9Fd1dW1+MsvKS9V+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB/pT8lEZFvJ4snhnY+ezD5o9h4jIh3Pr300cpkrbY0lu//tbW/9nFz/9kHJl5/njUAAADAvvfakwzevk7fvo4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoVXV1bX4yy8pLe9iIG/2uEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBp/BwAA//9Js7nR")
r5 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0)
write$P9_RREADLINK(r5, &(0x7f0000000000)={0xffffffffffffff23, 0x17, 0x2, {0x7, './file0'}}, 0xfffffdab)
fadvise64(r5, 0x807f, 0x1000000, 0x4)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480), 0x4)
r6 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000100)=ANY=[@ANYBLOB='\x00'/20, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0xf, &(0x7f0000001540)=ANY=[@ANYBLOB="180300004000006c71fae100000a000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b50200000000000085000000830000004ce300000000000055090100000000009500000000000000bf91000000000000b7020000010000008500000084000000b700000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x9, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x50)
ioctl(r4, 0x9, &(0x7f00000006c0)="e080539fca2bdedf3f1729dd5f568f7000918d086a07a20f4be7d1d395cc043cc83e6a0d3ac7b658a478")
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r7, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000000380)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010026bd70000000000021040000180001801400020064756d6d7930"], 0x2c}, 0x1, 0x0, 0x0, 0x2008040}, 0x880)
openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)

372.995094ms ago: executing program 0 (id=12732):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$smc(&(0x7f00000033c0), 0xffffffffffffffff)
sendmsg$SMC_PNETID_ADD(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)={0x34, r1, 0x1, 0x70bd2b, 0x25dfdbfd, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'hsr0\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040000}, 0x800)
sendmsg$SMC_PNETID_FLUSH(r0, &(0x7f0000001a80)={0x0, 0x0, &(0x7f0000001a40)={&(0x7f00000019c0)={0x14, r1, 0x1, 0x70bd28, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x800)

178.049322ms ago: executing program 0 (id=12733):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000800000000000000000001811", @ANYRES32=r0], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x1, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x42)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x2, @mcast1, 0x9}, 0x1c)
connect$pppl2tp(r2, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r3, 0x8, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @remote}}}, 0x32)
writev(r2, &(0x7f0000000180)=[{&(0x7f0000000080)='v', 0x34000}], 0x1)

120.832815ms ago: executing program 0 (id=12734):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x3000003, 0x13, r0, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f000000a780), 0xffffffffffffffff)
socket$inet_udplite(0x2, 0x2, 0x88)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_GET(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000300)={&(0x7f0000000400)={0x64, r1, 0x480, 0x70bd2b, 0x25dfdbfb, {}, [@HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dvmrp1\x00'}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}]}, 0x64}, 0x1, 0x0, 0x0, 0xc00}, 0x2880)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x8040)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)

104.980266ms ago: executing program 6 (id=12735):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f00000006c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f0000001540)={0x0, 0x0, 0x0}, 0x0)

49.762978ms ago: executing program 0 (id=12736):
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000440)='kfree\x00', r1}, 0x18)
syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000080)='./file1\x00', 0x1008014, &(0x7f0000000140)=ANY=[@ANYRES16=0x0, @ANYRESOCT=0x0, @ANYRESHEX, @ANYRES64, @ANYRESHEX, @ANYRES16, @ANYRES16], 0x3, 0x7fb, &(0x7f0000001740)="$eJzs3U1oHPcVAPA3smQrChiTFjcYxxnbKTjgKCspVioCTTarkTyJtCt2V8WmlNTEchCWk5A0be1LYgpJWwqlpx7TXHPrraXQQg9tT4Xm0EtvgZxKCv0iJRRUZnZXlmSt5I9YTprfT0gzO/P+838zGubNSDuzAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEUpuuVMaSmMvri2fS/mrTzcb8NvN7y/vNhsEGT23oNyIpvmN4OD76Z2faF6/NPlj8OBaHO68Ox3AxGI4r9x488MQXBgd67bdJ6FYdvcG4JOKNIqmL51ZWll65A4nsoh/+6qab/Ge1+Dmb1fNW5PPV2SzNW410anKy8ujpmVY6k89lrbOtdjaf1ppZtd1opidqD6djU1MTaTZ6trFYn52uzmW9iY8/Ml6pTKbPjC5k1WarUX/0mWjVTudzc3l9towZr3wnipjHix3x2bydtrPqfJpeWF5Zmtgp1SJobKsZezr7z+GHDnzw2vv/WF4qdsh+C0m6O+b42Nj4+NjkqalTj1cqg+OV8Y0TKpvEWkQMRBQRd2Sn5TPkkz2Aw20Y6Nb/mIs86rEYZyLd4msoajEdzWjEfPH6z0PXRXT16v+XH/3bH7frd33971X5+6/NPhRl/T/SeXWkX/3fMtfd/Ho1LseVuBjnYiVWYileuesZ7fA1cLtLSDa8mo0s6pFHKxqRx3xUyylpd0oaUzEZk1GJ5+J0zEQr0piJPOYii1acjVa0Iyv3qFo0I4tqtKMRzUjjRNTi4UhjLKZiKiYijSxG42w0YjHqMRvTUS2XciGWy+0+sSnLg/fEL1/40wdvF+NrQWPbrVZxMlcE/X2boOvK/bb1f3W1OF/YHKH+fw7s3W7mHTiKw61Z7dV/AAAA4P9WUv71vbj+H4oHyrGZfC77+t1OCwAAAPgElf/5P1wMhoqxByIprv8rW0S+t+u5AQAAAJ+MpLzHLomIkXiwM3YhluONWIqt/ggQEQd2O0UAAADgNpX//z9SDEYiXi8n9B6X0uf6HwAAAPis+X6/Z+y/33vGbmthX/LroYgYSq4unHkouVQt4qqX9nTadQdfW1tie+ZQsr+7kHIwOXjl3iQiBmvZ4aT39Mv/7usMPyx/Hhpca97vWf9Js7ltArF9AuWr+FEc7cQcPV8O7u02GUw6vYzM5HPZaK0x90T5SMTiu/3ai8vfjSh6/0F9fn8SF5ZXlkaff2nlfJnL1aL51UvdByhe9xzFbXJZ7W6BeGDrNR4qb8To9jvS6beyfv0HOs0Htu8zWd/nm3GsE3NspDMc6c3p9Dlc9Dk2+sRYVKv7B9rZmfZrq+vWvpvF2NqaD93Smr8Zx9d+dd+OiOMntshifEMWL16fxfj67X9j22JDFqe+2s3i+InjsSmLt4++fubfv2sk2cROWUzcRBareyI2ZwFwt1won/pzrQrdU1ahj1dXV3vHpk7dLYpVtRPQdQPH2n9d62XtLKPXfl2tG4zN1X1g7cB4Y9V9NTp15UQn5kTnfGLw0BZ15eoWR/SXl1/+ffeI/ti7P/3ZN4784edlv7dU3d6Nhzsx3UHc99s+NbZY5+FNVfWdosU7ffttzY0ncTViz7cuvRwHX7185ZHlS+deWHph6cXx8YnJymOVyqnxvd3YofKMYZtMAfj82vkzdvpG9OpM8timq+o4v7Hu3rf2loLReD5eipU4HyfLuw0i4sGt+x1Z9zaEkztctY6s+4SXk9H/qm5j7Pj1sUn0iZ1Yt8W+9JNy8NEd+XUAwK44tkMdTvauhfY7Q0hO7nDdvbGWb7o6jv61fCtfuXObAgA+N7Lmh8lI+62k2cwXnhubmhqrtk9nabNRezZt5tOzWZrX21mzdrpan83ShWaj3aj1/nA8nbXS1uLCQqPZTmcazTQGWvmZ8pPf0+5Hv7ey+Wq9nddaC3NZtZWltUa9Xa210+m8VUsXFp+ey1vDWbNs3FrIavlMXqu280Y9bTUWm7VsNE1bWdYNPJ0103w6q7fzmbwYracLzXy+2rwaEXOL81k6nbVqzXyh3egssNdXXp9pNOfLxY5ev/p/3e3tDQCfBq9evnLx3MrK0iu3NvKXy1cuDkW/mKQzcrfXEQDY6Fq5vtuZAAAAAAAAAAAAAAAA/ay9//9Ab6SYutNtfwNxQ/cI7omdYvbFzdx0uO92blW8AyOx95aaD3W3/Z1LLIl4Y+W2u4jhnfeET/vIN5988mK/mKdfv//0jS0nbvRO2Xhrf8TeX/y4M+Wp/sHf6+4DW8zqPfb5Jtb0vYi4he2zmmwx6+PVXhrr7N3NYxIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9PO/AAAA//8g8UoG")

168.9Вµs ago: executing program 0 (id=12737):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000080)={[{@i_version}, {@nogrpid}, {@bh}]}, 0x1, 0x51d, &(0x7f0000000200)="$eJzs3c9vHFcdAPDvTLK2k7h1WnoABG1oCwFFWceb1qp6gHJCCFVC9AhSauyNZXnXa3nXpTaRcM9ckajECY78AZx74s4FwY1LOSDxwwLVSBwGzezY2di79uaHvZb385FG89688X7fizPvzbxd7wtgbN2IiJ2ImIiI9yNipjyelFu8093y8z7bfbC4t/tgMYkse++fSVGeH4uen8ldK19zKiJ+8J2IHydH47a3tlcXGo36Rpmf7TTXZ9tb27dXmgvL9eX6Wq02Pzd/5627b9YeozVTx5a+0pwoU1/+9A873/hpXq3p8khvO56lbtMrB3FylyPie6cRbAQule2ZGHVFeCJpRLwYEa8W1/9MXCp+mwDARZZlM5HN9OYBgIsuLebAkrRazgVMR5pWq905vJfiatpotTu37rc215a6c2XXo5LeX2nU75RzhdejkuT5uSL9MF87lL8bES9ExC8mrxT56mKrsTTKGx8AGGPXDo3//5nsjv8AwAV3/MdmAICLyPgPAOPH+A8A48f4DwDjpzv+X3ncH8uy7GenUR0A4Ax4/geA8WP8B4Cx8v133823bK/8/uulD7Y2V1sf3F6qt1erzc3F6mJrY7263GotF9/Z0zzp9Rqt1vrcG7H54fVvrrc7s+2t7XvN1uZa517xvd736pXirJ0zaBkAMMgLr3zy5yQfkd++UmzRs5ZDZaQ1A05bOuoKACNzadQVAEbGal8wvh4+4z/2hwBMD8AF0WeJ3kdM9fsDoSzLstOrEnDKbn7B/D+Mq575f58ChjFz0vx/sTawNwnhQjL/D+Mry5Jh1/yPYU8EAM63Y+b4r5/lfQgwOgPe/3+x3P+2fHPgR0uHz/j4NGsFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA59v++r/Vcpnf6UjTajXiuWIBoEpyf6VRvxMRz0fEnyYrk3l+bsR1BgCeVvq3pFz/6+bM69OPFL187SA5ERE/+dV7v/xwodPZ+GPERPKvyf3jnY/L47UTg02dRgsAgOPtj9PFvudB/rPdB4v721nW5+/f7t4V5HH3didi7yD+5bhc7KeiEhFX/52U+a6kZ+7iaex8FBGf79f+JKaLOZDuLcvh+Hns5840fvpI/LRcoDkt/y0+9wzqAuPmk7z/eaff9ZfGjWLf//qfKnqop1f2f/lLLe4VfeDD+Pv936UB/d+NYWO88fvvdlNXjpZ9FPHFyxH7sfd6+p/9+MmA+K8PGf8vX3r51UFl2a8jbkb/+L2xZjvN9dn21vbtlebCcn25vlarzc/N33nr7pu12WKOenbwaPCPt289P6gsb//VAfGnTmj/V4ds/2/+9/4Pv3JM/K+/1i9+Gi8dEz8fE782ZPyFq78b+Nydx1862v5kmN//rSHjf/rX7SPLhgMAo9Pe2l5daDTqGxIS5z+R/5c9B9Xom/jWWcWaiP5FP3+te00fKsqyJ4o1qMd4FrNuwHlwcNFHxH9HXRkAAAAAAAAAAAAAAKCvs/iLpVG3EQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIvr/wEAAP//Rb3T2A==")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x129242, 0x0)
pwrite64(r1, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x3, 0x60, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000740)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r4}, 0x10)
move_pages(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
recvfrom$unix(r2, &(0x7f0000000000)=""/33, 0x21, 0x100, &(0x7f0000000180)=@abs={0x1, 0x0, 0x4e24}, 0x6e)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffc4, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r6}, 0x10)
syz_clone(0x41200100, 0x0, 0x0, 0x0, 0x0, 0x0)

0s ago: executing program 1 (id=12738):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r0}, 0x18)
add_key$user(&(0x7f0000000080), &(0x7f0000000280)={'syz', 0x0}, &(0x7f00000000c0)="ff", 0x1, 0xffffffffffffffff)

kernel console output (not intermixed with test programs):

=4294967295 subj=root:sysadm_r:sysadm_t pid=848 comm="syz.1.11806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7c4c4af749 code=0x7ffc0000
[  550.568045][  T854] netlink: 'syz.5.11807': attribute type 10 has an invalid length.
[  550.576012][  T854] netlink: 40 bytes leftover after parsing attributes in process `syz.5.11807'.
[  550.600365][  T854] batman_adv: batadv0: Adding interface: veth1_vlan
[  550.607016][  T854] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  550.655646][  T862] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11810'.
[  550.667962][  T854] batman_adv: batadv0: Interface activated: veth1_vlan
[  550.717372][  T865] loop3: detected capacity change from 0 to 1024
[  550.743340][  T868] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=868 comm=syz.1.11810
[  550.837769][  T874] netlink: 24 bytes leftover after parsing attributes in process `syz.6.11814'.
[  550.849714][  T875] netlink: 24 bytes leftover after parsing attributes in process `syz.1.11810'.
[  550.939272][  T879] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4193: comm syz.3.11811: Allocating blocks 449-513 which overlap fs metadata
[  550.953622][T26701] Bluetooth: hci0: Frame reassembly failed (-84)
[  551.049773][  T864] EXT4-fs (loop3): pa ffff888106dcbf50: logic 48, phys. 177, len 21
[  551.057816][  T864] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4
[  551.238578][  T896] loop3: detected capacity change from 0 to 1024
[  551.297315][  T890] loop6: detected capacity change from 0 to 512
[  551.319078][  T890] ext4 filesystem being mounted at /269/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  551.373295][  T890] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #2: comm syz.6.11819: corrupted inode contents
[  551.395862][  T890] EXT4-fs error (device loop6): ext4_dirty_inode:6517: inode #2: comm syz.6.11819: mark_inode_dirty error
[  551.521897][  T901] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4193: comm syz.3.11822: Allocating blocks 449-513 which overlap fs metadata
[  551.547098][  T890] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #2: comm syz.6.11819: corrupted inode contents
[  551.563284][  T890] EXT4-fs error (device loop6): __ext4_ext_dirty:206: inode #2: comm syz.6.11819: mark_inode_dirty error
[  551.588698][  T895] EXT4-fs (loop3): pa ffff888106dcbb60: logic 48, phys. 177, len 21
[  551.596723][  T895] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4
[  551.632820][T24347] EXT4-fs unmount: 56 callbacks suppressed
[  551.632834][T24347] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  551.682043][T30171] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  551.825289][  T925] loop3: detected capacity change from 0 to 2048
[  551.847446][  T931] netlink: 'syz.1.11834': attribute type 5 has an invalid length.
[  551.857297][  T925] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  551.882081][  T925] ext4 filesystem being mounted at /579/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  552.011831][  T925] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.11829: bg 0: block 345: padding at end of block bitmap is not set
[  552.049002][  T925] EXT4-fs (loop3): Remounting filesystem read-only
[  552.148907][T24347] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  552.420229][  T941] loop3: detected capacity change from 0 to 512
[  552.479183][  T941] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  552.502724][  T941] ext4 filesystem being mounted at /581/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  552.555320][  T941] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #2: comm syz.3.11837: corrupted inode contents
[  552.595194][  T941] EXT4-fs error (device loop3): ext4_dirty_inode:6517: inode #2: comm syz.3.11837: mark_inode_dirty error
[  552.633152][  T941] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #2: comm syz.3.11837: corrupted inode contents
[  552.673771][  T941] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #2: comm syz.3.11837: mark_inode_dirty error
[  552.862171][T24347] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  552.966817][  T971] netlink: 20 bytes leftover after parsing attributes in process `syz.3.11851'.
[  553.107681][T18255] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  553.164490][  T986] loop3: detected capacity change from 0 to 2048
[  553.195600][  T986] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  553.230282][  T985] loop6: detected capacity change from 0 to 512
[  553.250879][  T986] ext4 filesystem being mounted at /587/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  553.284843][  T985] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  553.312686][  T985] ext4 filesystem being mounted at /280/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  553.368066][  T985] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #2: comm syz.6.11857: corrupted inode contents
[  553.395027][  T986] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.11856: bg 0: block 345: padding at end of block bitmap is not set
[  553.419575][  T985] EXT4-fs error (device loop6): ext4_dirty_inode:6517: inode #2: comm syz.6.11857: mark_inode_dirty error
[  553.437824][  T986] EXT4-fs (loop3): Remounting filesystem read-only
[  553.477626][  T985] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #2: comm syz.6.11857: corrupted inode contents
[  553.516664][  T985] EXT4-fs error (device loop6): __ext4_ext_dirty:206: inode #2: comm syz.6.11857: mark_inode_dirty error
[  553.577859][T24347] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  553.643802][T30171] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  553.918695][ T1024] netlink: 8 bytes leftover after parsing attributes in process `syz.3.11871'.
[  554.016759][ T1030] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=1030 comm=syz.3.11871
[  554.043032][ T1031] loop1: detected capacity change from 0 to 2048
[  554.125749][ T1031] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  554.140363][ T1031] ext4 filesystem being mounted at /587/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  554.163192][ T1033] netlink: 24 bytes leftover after parsing attributes in process `syz.3.11871'.
[  554.232257][ T1031] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.11872: bg 0: block 345: padding at end of block bitmap is not set
[  554.401313][ T1031] EXT4-fs (loop1): Remounting filesystem read-only
[  554.482644][ T1038] loop5: detected capacity change from 0 to 512
[  554.821158][ T1038] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  554.836467][ T1038] ext4 filesystem being mounted at /20/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  554.906372][T25728] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  554.929894][ T1038] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #2: comm syz.5.11873: corrupted inode contents
[  554.948746][ T1038] EXT4-fs error (device loop5): ext4_dirty_inode:6517: inode #2: comm syz.5.11873: mark_inode_dirty error
[  554.979262][ T1038] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #2: comm syz.5.11873: corrupted inode contents
[  554.994612][ T1038] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #2: comm syz.5.11873: mark_inode_dirty error
[  555.131195][ T1065] netlink: 104 bytes leftover after parsing attributes in process `syz.0.11880'.
[  555.319987][ T1089] loop1: detected capacity change from 0 to 1024
[  555.327016][ T1089] EXT4-fs: Ignoring removed orlov option
[  555.337632][ T1089] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  555.348743][  T433] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  555.360765][ T1089] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  555.398543][ T1089] netlink: 'syz.1.11890': attribute type 10 has an invalid length.
[  555.406462][ T1089] netlink: 40 bytes leftover after parsing attributes in process `syz.1.11890'.
[  555.459450][ T1100] ip6t_srh: unknown srh invflags 4000
[  555.556763][ T1101] loop5: detected capacity change from 0 to 2048
[  555.599131][T25728] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  555.610224][   T29] kauditd_printk_skb: 322 callbacks suppressed
[  555.610236][   T29] audit: type=1326 audit(2000000531.115:36579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1105 comm="syz.6.11898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7865ef749 code=0x7ffc0000
[  555.695712][ T1101] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  555.735041][ T1111] FAULT_INJECTION: forcing a failure.
[  555.735041][ T1111] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  555.748129][ T1111] CPU: 0 UID: 0 PID: 1111 Comm: syz.6.11900 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  555.748228][ T1111] Tainted: [W]=WARN
[  555.748234][ T1111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  555.748245][ T1111] Call Trace:
[  555.748252][ T1111]  <TASK>
[  555.748260][ T1111]  __dump_stack+0x1d/0x30
[  555.748283][ T1111]  dump_stack_lvl+0xe8/0x140
[  555.748378][ T1111]  dump_stack+0x15/0x1b
[  555.748396][ T1111]  should_fail_ex+0x265/0x280
[  555.748429][ T1111]  should_fail+0xb/0x20
[  555.748444][ T1111]  should_fail_usercopy+0x1a/0x20
[  555.748464][ T1111]  _copy_from_user+0x1c/0xb0
[  555.748551][ T1111]  memdup_user+0x5e/0xd0
[  555.748613][ T1111]  __se_sys_kexec_load+0x109/0x160
[  555.748679][ T1111]  __x64_sys_kexec_load+0x55/0x70
[  555.748699][ T1111]  x64_sys_call+0x289c/0x3000
[  555.748722][ T1111]  do_syscall_64+0xd2/0x200
[  555.748791][ T1111]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  555.748815][ T1111]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  555.748842][ T1111]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  555.748863][ T1111] RIP: 0033:0x7fa7865ef749
[  555.748916][ T1111] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  555.748931][ T1111] RSP: 002b:00007fa78504f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6
[  555.748962][ T1111] RAX: ffffffffffffffda RBX: 00007fa786845fa0 RCX: 00007fa7865ef749
[  555.748975][ T1111] RDX: 0000000000000000 RSI: 000000000000000a RDI: 0000000000000004
[  555.748989][ T1111] RBP: 00007fa78504f090 R08: 0000000000000000 R09: 0000000000000000
[  555.749002][ T1111] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  555.749015][ T1111] R13: 00007fa786846038 R14: 00007fa786845fa0 R15: 00007ffc9e18a808
[  555.749035][ T1111]  </TASK>
[  555.948407][   T29] audit: type=1326 audit(2000000531.143:36580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1105 comm="syz.6.11898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7865ef749 code=0x7ffc0000
[  555.972020][   T29] audit: type=1326 audit(2000000531.143:36581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1105 comm="syz.6.11898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7fa7865ef749 code=0x7ffc0000
[  555.995656][   T29] audit: type=1326 audit(2000000531.143:36582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1105 comm="syz.6.11898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7865ef749 code=0x7ffc0000
[  556.019298][   T29] audit: type=1326 audit(2000000531.143:36583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1105 comm="syz.6.11898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7865ef749 code=0x7ffc0000
[  556.042914][   T29] audit: type=1326 audit(2000000531.143:36584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1105 comm="syz.6.11898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fa7865ef749 code=0x7ffc0000
[  556.066474][   T29] audit: type=1326 audit(2000000531.143:36585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1105 comm="syz.6.11898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7865ef749 code=0x7ffc0000
[  556.090052][   T29] audit: type=1326 audit(2000000531.143:36586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1105 comm="syz.6.11898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7865ef749 code=0x7ffc0000
[  556.113960][   T29] audit: type=1326 audit(2000000531.143:36587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1105 comm="syz.6.11898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7fa7865ef749 code=0x7ffc0000
[  556.137626][   T29] audit: type=1326 audit(2000000531.143:36588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1105 comm="syz.6.11898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7865ef749 code=0x7ffc0000
[  556.294077][ T1101] ext4 filesystem being mounted at /21/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  556.479837][ T1122] loop1: detected capacity change from 0 to 512
[  556.537395][ T1122] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  556.573867][  T433] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  556.601413][ T1122] ext4 filesystem being mounted at /590/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  556.647200][ T1132] netlink: 8 bytes leftover after parsing attributes in process `syz.0.11906'.
[  556.734329][ T1124] loop3: detected capacity change from 0 to 512
[  556.781157][ T1124] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  556.890278][ T1124] ext4 filesystem being mounted at /598/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  556.943896][ T1124] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #2: comm syz.3.11903: corrupted inode contents
[  556.986187][ T1124] EXT4-fs error (device loop3): ext4_dirty_inode:6517: inode #2: comm syz.3.11903: mark_inode_dirty error
[  557.026528][ T1124] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #2: comm syz.3.11903: corrupted inode contents
[  557.062895][ T1124] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #2: comm syz.3.11903: mark_inode_dirty error
[  557.132229][ T1157] loop6: detected capacity change from 0 to 1024
[  557.153257][ T1157] EXT4-fs: Ignoring removed orlov option
[  557.162234][T24347] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  557.183706][ T1157] EXT4-fs (loop6): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  557.217366][ T1157] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  557.257568][ T1157] netlink: 'syz.6.11916': attribute type 10 has an invalid length.
[  557.265512][ T1157] netlink: 40 bytes leftover after parsing attributes in process `syz.6.11916'.
[  557.319240][ T1157] veth1_vlan: left promiscuous mode
[  557.333044][ T1157] batman_adv: batadv0: Interface activated: veth1_vlan
[  557.381225][T30171] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  557.626707][T25728] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  557.676763][ T1167] chnl_net:caif_netlink_parms(): no params data found
[  557.702613][ T1204] loop1: detected capacity change from 0 to 512
[  557.719104][ T1204] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  557.750311][ T1204] EXT4-fs error (device loop1): ext4_iget_extra_inode:5075: inode #17: comm syz.1.11927: corrupted in-inode xattr: invalid size in ea xattr
[  557.785808][ T1204] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.11927: couldn't read orphan inode 17 (err -117)
[  557.814099][ T1218] netlink: 4 bytes leftover after parsing attributes in process `syz.6.11934'.
[  557.824652][ T1167] bridge0: port 1(bridge_slave_0) entered blocking state
[  557.831700][ T1167] bridge0: port 1(bridge_slave_0) entered disabled state
[  557.839269][ T1204] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  557.851627][ T1167] bridge_slave_0: entered allmulticast mode
[  557.865007][ T1167] bridge_slave_0: entered promiscuous mode
[  557.880787][T25728] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  557.891612][ T1167] bridge0: port 2(bridge_slave_1) entered blocking state
[  557.898681][ T1167] bridge0: port 2(bridge_slave_1) entered disabled state
[  557.917761][ T1167] bridge_slave_1: entered allmulticast mode
[  557.932789][ T1167] bridge_slave_1: entered promiscuous mode
[  557.974164][ T1167] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  557.985487][ T1167] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  558.037587][ T1167] team0: Port device team_slave_0 added
[  558.047646][ T1167] team0: Port device team_slave_1 added
[  558.071242][ T1227] loop1: detected capacity change from 0 to 2048
[  558.079614][ T1167] batman_adv: batadv0: Adding interface: batadv_slave_0
[  558.086558][ T1167] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  558.112622][ T1167] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  558.136972][ T1227] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  558.170638][ T1227] ext4 filesystem being mounted at /593/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  558.176070][ T1167] batman_adv: batadv0: Adding interface: batadv_slave_1
[  558.188099][ T1167] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  558.214099][ T1167] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  558.289177][ T1227] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.11936: bg 0: block 345: padding at end of block bitmap is not set
[  558.328213][ T1227] EXT4-fs (loop1): Remounting filesystem read-only
[  558.385782][ T1167] hsr_slave_0: entered promiscuous mode
[  558.392610][ T1167] hsr_slave_1: entered promiscuous mode
[  558.408724][ T1167] debugfs: 'hsr0' already exists in 'hsr'
[  558.414646][ T1167] Cannot create hsr debugfs directory
[  558.505775][ T1266] netlink: 24 bytes leftover after parsing attributes in process `syz.0.11947'.
[  558.579321][ T1274] FAULT_INJECTION: forcing a failure.
[  558.579321][ T1274] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  558.592435][ T1274] CPU: 0 UID: 0 PID: 1274 Comm: syz.0.11949 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  558.592466][ T1274] Tainted: [W]=WARN
[  558.592473][ T1274] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  558.592520][ T1274] Call Trace:
[  558.592527][ T1274]  <TASK>
[  558.592534][ T1274]  __dump_stack+0x1d/0x30
[  558.592596][ T1274]  dump_stack_lvl+0xe8/0x140
[  558.592612][ T1274]  dump_stack+0x15/0x1b
[  558.592628][ T1274]  should_fail_ex+0x265/0x280
[  558.592661][ T1274]  should_fail+0xb/0x20
[  558.592693][ T1274]  should_fail_usercopy+0x1a/0x20
[  558.592715][ T1274]  strncpy_from_user+0x25/0x230
[  558.592758][ T1274]  ? kmem_cache_alloc_noprof+0x242/0x480
[  558.592793][ T1274]  ? getname_flags+0x80/0x3b0
[  558.592888][ T1274]  getname_flags+0xae/0x3b0
[  558.592912][ T1274]  __x64_sys_execve+0x42/0x70
[  558.592972][ T1274]  x64_sys_call+0x271a/0x3000
[  558.592994][ T1274]  do_syscall_64+0xd2/0x200
[  558.593015][ T1274]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  558.593055][ T1274]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  558.593081][ T1274]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  558.593098][ T1274] RIP: 0033:0x7f247c25f749
[  558.593118][ T1274] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  558.593136][ T1274] RSP: 002b:00007f247acc7038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
[  558.593155][ T1274] RAX: ffffffffffffffda RBX: 00007f247c4b5fa0 RCX: 00007f247c25f749
[  558.593168][ T1274] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000180
[  558.593180][ T1274] RBP: 00007f247acc7090 R08: 0000000000000000 R09: 0000000000000000
[  558.593191][ T1274] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  558.593203][ T1274] R13: 00007f247c4b6038 R14: 00007f247c4b5fa0 R15: 00007ffcd44986d8
[  558.593297][ T1274]  </TASK>
[  558.598003][T25728] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  558.825615][ T1167] netdevsim netdevsim3 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  558.835976][ T1167] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  558.937519][ T1167] netdevsim netdevsim3 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  558.947820][ T1167] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  559.016936][ T1167] netdevsim netdevsim3 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  559.027285][ T1167] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  559.098237][ T1294] loop1: detected capacity change from 0 to 1024
[  559.109789][ T1294] EXT4-fs: Ignoring removed orlov option
[  559.119507][ T1167] netdevsim netdevsim3 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  559.129867][ T1167] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  559.132755][ T1294] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  559.155563][ T1296] netlink: 24 bytes leftover after parsing attributes in process `syz.5.11959'.
[  559.170490][ T1294] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  559.233904][ T1294] netlink: 'syz.1.11950': attribute type 10 has an invalid length.
[  559.241824][ T1294] netlink: 40 bytes leftover after parsing attributes in process `syz.1.11950'.
[  559.362628][ T1167] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  559.381778][ T1167] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  559.399468][T25728] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  559.419904][ T1167] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  559.447242][ T1167] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  559.494960][ T1328] FAULT_INJECTION: forcing a failure.
[  559.494960][ T1328] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  559.508633][ T1328] CPU: 0 UID: 0 PID: 1328 Comm: syz.6.11968 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  559.508671][ T1328] Tainted: [W]=WARN
[  559.508679][ T1328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  559.508691][ T1328] Call Trace:
[  559.508697][ T1328]  <TASK>
[  559.508703][ T1328]  __dump_stack+0x1d/0x30
[  559.508722][ T1328]  dump_stack_lvl+0xe8/0x140
[  559.508768][ T1328]  dump_stack+0x15/0x1b
[  559.508799][ T1328]  should_fail_ex+0x265/0x280
[  559.508832][ T1328]  should_fail+0xb/0x20
[  559.508848][ T1328]  should_fail_usercopy+0x1a/0x20
[  559.508870][ T1328]  _copy_from_user+0x1c/0xb0
[  559.508914][ T1328]  lo_ioctl+0x4b5/0x12b0
[  559.508941][ T1328]  ? avc_has_extended_perms+0x73d/0x940
[  559.509009][ T1328]  ? blkdev_common_ioctl+0xad6/0x1ad0
[  559.509031][ T1328]  ? do_vfs_ioctl+0x866/0xe10
[  559.509074][ T1328]  ? selinux_file_ioctl+0x308/0x3a0
[  559.509100][ T1328]  ? __pfx_lo_ioctl+0x10/0x10
[  559.509121][ T1328]  ? __pfx_blkdev_ioctl+0x10/0x10
[  559.509136][ T1328]  blkdev_ioctl+0x356/0x440
[  559.509152][ T1328]  ? __pfx_blkdev_ioctl+0x10/0x10
[  559.509186][ T1328]  __se_sys_ioctl+0xce/0x140
[  559.509203][ T1328]  __x64_sys_ioctl+0x43/0x50
[  559.509222][ T1328]  x64_sys_call+0x1816/0x3000
[  559.509245][ T1328]  do_syscall_64+0xd2/0x200
[  559.509266][ T1328]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  559.509355][ T1328]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  559.509389][ T1328]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  559.509411][ T1328] RIP: 0033:0x7fa7865ef749
[  559.509424][ T1328] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  559.509441][ T1328] RSP: 002b:00007fa78504f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  559.509486][ T1328] RAX: ffffffffffffffda RBX: 00007fa786845fa0 RCX: 00007fa7865ef749
[  559.509499][ T1328] RDX: 00002000000001c0 RSI: 0000000000004c04 RDI: 0000000000000003
[  559.509512][ T1328] RBP: 00007fa78504f090 R08: 0000000000000000 R09: 0000000000000000
[  559.509525][ T1328] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  559.509538][ T1328] R13: 00007fa786846038 R14: 00007fa786845fa0 R15: 00007ffc9e18a808
[  559.509597][ T1328]  </TASK>
[  559.536071][ T1167] 8021q: adding VLAN 0 to HW filter on device bond0
[  559.700509][ T1334] loop1: detected capacity change from 0 to 128
[  559.728383][ T1167] 8021q: adding VLAN 0 to HW filter on device team0
[  559.751016][ T1334] EXT4-fs: Ignoring removed nobh option
[  559.763515][T26740] bridge0: port 1(bridge_slave_0) entered blocking state
[  559.770674][T26740] bridge0: port 1(bridge_slave_0) entered forwarding state
[  559.784064][T26740] bridge0: port 2(bridge_slave_1) entered blocking state
[  559.791220][T26740] bridge0: port 2(bridge_slave_1) entered forwarding state
[  559.858488][ T1334] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  559.880579][ T1334] ext4 filesystem being mounted at /596/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  559.921953][ T1167] 8021q: adding VLAN 0 to HW filter on device batadv0
[  559.980792][T25728] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  560.178592][ T1167] veth0_vlan: entered promiscuous mode
[  560.205542][ T1167] veth1_vlan: entered promiscuous mode
[  560.226862][ T1364] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  560.261864][ T1167] veth0_macvtap: entered promiscuous mode
[  560.275423][ T1364] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  560.287887][ T1167] veth1_macvtap: entered promiscuous mode
[  560.314080][ T1167] batman_adv: batadv0: Interface activated: batadv_slave_0
[  560.347127][ T1167] batman_adv: batadv0: Interface activated: batadv_slave_1
[  560.374788][T26703] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  560.385524][T26703] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  560.440467][T26703] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  560.477180][T26703] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  561.046467][ T1385] loop5: detected capacity change from 0 to 8192
[  561.066440][ T1385] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  561.222621][ T1389] ip6t_srh: unknown srh invflags 4000
[  561.896574][   T29] kauditd_printk_skb: 489 callbacks suppressed
[  561.896590][   T29] audit: type=1326 audit(2000000536.999:37078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1390 comm="syz.0.11986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f247c25f749 code=0x7ffc0000
[  562.037966][ T1395] netlink: 16 bytes leftover after parsing attributes in process `syz.0.11987'.
[  562.060454][   T29] audit: type=1326 audit(2000000537.036:37079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1390 comm="syz.0.11986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=68 compat=0 ip=0x7f247c25f749 code=0x7ffc0000
[  562.084149][   T29] audit: type=1326 audit(2000000537.036:37080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1390 comm="syz.0.11986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f247c25f749 code=0x7ffc0000
[  562.108198][   T29] audit: type=1326 audit(2000000537.036:37081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1390 comm="syz.0.11986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f247c25f749 code=0x7ffc0000
[  562.131997][   T29] audit: type=1326 audit(2000000537.036:37082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1390 comm="syz.0.11986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f247c25f749 code=0x7ffc0000
[  562.212222][ T1399] loop1: detected capacity change from 0 to 512
[  562.313796][   T29] audit: type=1326 audit(2000000537.335:37083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1401 comm="syz.0.11990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f247c25f749 code=0x7ffc0000
[  562.337415][   T29] audit: type=1326 audit(2000000537.345:37084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1401 comm="syz.0.11990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=93 compat=0 ip=0x7f247c25f749 code=0x7ffc0000
[  562.345849][ T1404] netlink: 4 bytes leftover after parsing attributes in process `syz.0.11992'.
[  562.361112][   T29] audit: type=1326 audit(2000000537.345:37085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1401 comm="syz.0.11990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f247c25f749 code=0x7ffc0000
[  562.396489][   T29] audit: type=1400 audit(2000000537.401:37086): avc:  denied  { setopt } for  pid=1403 comm="syz.0.11992" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  562.495821][ T1399] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  562.508745][ T1399] ext4 filesystem being mounted at /598/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  562.596815][ T1396] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #2: comm syz.1.11988: corrupted inode contents
[  562.638810][ T1396] EXT4-fs error (device loop1): ext4_dirty_inode:6517: inode #2: comm syz.1.11988: mark_inode_dirty error
[  562.668153][ T1423] loop6: detected capacity change from 0 to 1024
[  562.675620][ T1396] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #2: comm syz.1.11988: corrupted inode contents
[  562.691952][ T1423] EXT4-fs: Ignoring removed orlov option
[  562.698073][ T1423] EXT4-fs (loop6): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  562.708369][ T1396] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #2: comm syz.1.11988: mark_inode_dirty error
[  562.742029][ T1423] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  562.764434][   T29] audit: type=1326 audit(2000000537.803:37087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1420 comm="syz.6.11999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7865ef749 code=0x7ffc0000
[  562.793034][ T1423] netlink: 'syz.6.11999': attribute type 10 has an invalid length.
[  562.801213][ T1423] netlink: 40 bytes leftover after parsing attributes in process `syz.6.11999'.
[  562.856238][ T1430] netlink: 8 bytes leftover after parsing attributes in process `syz.0.12001'.
[  562.880291][T30171] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  562.919727][T25728] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  562.931369][ T1436] netlink: 8 bytes leftover after parsing attributes in process `syz.3.12004'.
[  563.052109][ T1448] loop1: detected capacity change from 0 to 512
[  563.064918][ T1450] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check.
[  563.070970][ T1448] EXT4-fs (loop1): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  563.214467][ T1450] loop6: detected capacity change from 0 to 764
[  563.233608][ T1450] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  563.275400][ T1448] netlink: 4 bytes leftover after parsing attributes in process `syz.1.12003'.
[  563.423577][T25728] EXT4-fs (loop1): unmounting filesystem 00000005-0000-0000-0000-000000000000.
[  563.463276][ T1462] No such timeout policy "syz1"
[  563.493761][ T1462] tipc: Can't bind to reserved service type 0
[  563.730010][ T1464] loop5: detected capacity change from 0 to 512
[  563.781454][ T1464] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  563.826605][ T1464] ext4 filesystem being mounted at /54/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  563.900663][ T1465] chnl_net:caif_netlink_parms(): no params data found
[  564.031001][ T1464] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #2: comm syz.5.12014: corrupted inode contents
[  564.111158][ T1482] ip6t_srh: unknown srh invflags 4000
[  564.210651][ T1464] EXT4-fs error (device loop5): ext4_dirty_inode:6517: inode #2: comm syz.5.12014: mark_inode_dirty error
[  564.225407][ T1464] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #2: comm syz.5.12014: corrupted inode contents
[  564.238953][ T1464] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #2: comm syz.5.12014: mark_inode_dirty error
[  565.104938][ T1491] netlink: 8 bytes leftover after parsing attributes in process `syz.0.12018'.
[  565.135547][ T1465] bridge0: port 1(bridge_slave_0) entered blocking state
[  565.142682][ T1465] bridge0: port 1(bridge_slave_0) entered disabled state
[  565.160780][ T1465] bridge_slave_0: entered allmulticast mode
[  565.188279][  T433] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  565.200438][ T1465] bridge_slave_0: entered promiscuous mode
[  565.234311][ T1465] bridge0: port 2(bridge_slave_1) entered blocking state
[  565.241475][ T1465] bridge0: port 2(bridge_slave_1) entered disabled state
[  565.306202][ T1465] bridge_slave_1: entered allmulticast mode
[  565.335183][ T1465] bridge_slave_1: entered promiscuous mode
[  565.448429][ T1465] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  565.585902][ T1465] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  565.946750][T26721] Bluetooth: hci0: Frame reassembly failed (-84)
[  565.979156][ T1465] team0: Port device team_slave_0 added
[  566.038903][ T1465] team0: Port device team_slave_1 added
[  566.183249][ T1465] batman_adv: batadv0: Adding interface: batadv_slave_0
[  566.190215][ T1465] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  566.216485][ T1465] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  566.231641][ T1465] batman_adv: batadv0: Adding interface: batadv_slave_1
[  566.238710][ T1465] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  566.264845][ T1465] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  566.388053][ T1465] hsr_slave_0: entered promiscuous mode
[  566.394812][ T1465] hsr_slave_1: entered promiscuous mode
[  566.407078][ T1465] debugfs: 'hsr0' already exists in 'hsr'
[  566.412881][ T1465] Cannot create hsr debugfs directory
[  566.493495][T26721] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  566.503806][T26721] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  566.644632][T26721] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  566.655232][T26721] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  566.708158][ T1543] netlink: 332 bytes leftover after parsing attributes in process `syz.5.12032'.
[  566.732921][T26721] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  566.743447][T26721] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  566.828856][T26721] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  566.839293][T26721] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  567.040901][T26721] bond0 (unregistering): Released all slaves
[  567.045509][ T1568] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  567.063589][ T1568] netlink: 8 bytes leftover after parsing attributes in process `syz.3.12041'.
[  567.079818][ T1565] netlink: 'syz.0.12039': attribute type 10 has an invalid length.
[  567.087778][ T1565] netlink: 40 bytes leftover after parsing attributes in process `syz.0.12039'.
[  567.107261][T26721] tipc: Left network mode
[  567.115940][T26721] batman_adv: batadv0: Interface deactivated: veth1_vlan
[  567.123024][T26721] batman_adv: batadv0: Removing interface: veth1_vlan
[  567.147063][T26721] veth1_vlan: left promiscuous mode
[  567.152432][T26721] veth0_vlan: left promiscuous mode
[  567.175313][    C1] sd 0:0:1:0: [sda] tag#3481 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  567.185742][    C1] sd 0:0:1:0: [sda] tag#3481 CDB: Write(6) 0a 00 00 00 05 00 00 00 02 00 00 00
[  567.194953][T26721] pimreg (unregistering): left allmulticast mode
[  567.264087][   T29] kauditd_printk_skb: 489 callbacks suppressed
[  567.264100][   T29] audit: type=1400 audit(2000000798.017:37575): avc:  denied  { name_bind } for  pid=1581 comm="syz.5.12047" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[  567.418286][   T29] audit: type=1400 audit(2000000798.157:37576): avc:  denied  { read } for  pid=1578 comm="syz.3.12046" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  567.441585][   T29] audit: type=1400 audit(2000000798.157:37577): avc:  denied  { mount } for  pid=1578 comm="syz.3.12046" name="/" dev="ramfs" ino=113775 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  567.464218][   T29] audit: type=1400 audit(2000000798.157:37578): avc:  denied  { create } for  pid=1578 comm="syz.3.12046" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  567.483851][   T29] audit: type=1400 audit(2000000798.157:37579): avc:  denied  { connect } for  pid=1578 comm="syz.3.12046" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  567.542596][ T1465] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  567.552313][ T1465] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  567.564058][ T1465] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  567.573483][ T1465] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  567.723556][ T1465] 8021q: adding VLAN 0 to HW filter on device bond0
[  567.743169][ T1465] 8021q: adding VLAN 0 to HW filter on device team0
[  567.753790][T26714] bridge0: port 1(bridge_slave_0) entered blocking state
[  567.760850][T26714] bridge0: port 1(bridge_slave_0) entered forwarding state
[  567.819281][ T1465] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  567.829688][ T1465] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  567.845229][T26714] bridge0: port 2(bridge_slave_1) entered blocking state
[  567.852422][T26714] bridge0: port 2(bridge_slave_1) entered forwarding state
[  568.078589][T26721] IPVS: stop unused estimator thread 0...
[  568.197103][T18255] Bluetooth: hci0: command 0x1003 tx timeout
[  568.203199][T18246] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  568.329442][ T1465] 8021q: adding VLAN 0 to HW filter on device batadv0
[  568.392549][   T29] audit: type=1326 audit(2000000799.036:37580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1606 comm="syz.3.12050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f359e5ff749 code=0x7ffc0000
[  568.416168][   T29] audit: type=1326 audit(2000000799.036:37581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1606 comm="syz.3.12050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f359e5ff749 code=0x7ffc0000
[  568.439856][   T29] audit: type=1326 audit(2000000799.036:37582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1606 comm="syz.3.12050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f359e5ff749 code=0x7ffc0000
[  568.463439][   T29] audit: type=1326 audit(2000000799.036:37584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1606 comm="syz.3.12050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f359e5ff749 code=0x7ffc0000
[  568.487041][   T29] audit: type=1326 audit(2000000799.036:37583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1606 comm="syz.3.12050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f359e5ff749 code=0x7ffc0000
[  568.615941][ T1465] veth0_vlan: entered promiscuous mode
[  568.625417][ T1465] veth1_vlan: entered promiscuous mode
[  568.648878][ T1465] veth0_macvtap: entered promiscuous mode
[  568.660217][ T1465] veth1_macvtap: entered promiscuous mode
[  568.676322][ T1465] batman_adv: batadv0: Interface activated: batadv_slave_0
[  568.705572][ T1465] batman_adv: batadv0: Interface activated: batadv_slave_1
[  568.741206][T26701] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  568.750422][T26701] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  568.797453][T26701] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  568.809237][T26701] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  568.825713][ T1625] netlink: 'syz.0.12054': attribute type 1 has an invalid length.
[  568.844990][ T1627] netlink: 72 bytes leftover after parsing attributes in process `syz.5.12056'.
[  568.854055][ T1627] netlink: 72 bytes leftover after parsing attributes in process `syz.5.12056'.
[  569.009918][ T1647] netlink: 'syz.1.12061': attribute type 5 has an invalid length.
[  569.022877][ T1647] batman_adv: batadv0: Adding interface: vxlan0
[  569.029181][ T1647] batman_adv: batadv0: The MTU of interface vxlan0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  569.058486][ T1647] batman_adv: batadv0: Interface activated: vxlan0
[  569.065408][T26721] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  569.074843][T26721] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  569.083916][T26721] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  569.095002][T26721] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  569.104035][   T10] IPVS: starting estimator thread 0...
[  569.167336][ T1651] loop5: detected capacity change from 0 to 8192
[  569.196967][ T1650] IPVS: using max 2928 ests per chain, 146400 per kthread
[  569.207997][ T1651]  loop5: p1 p2 p3 p4
[  569.213710][ T1651] loop5: p3 start 331777 is beyond EOD, truncated
[  569.220200][ T1651] loop5: p4 size 262912 extends beyond EOD, truncated
[  569.279356][ T1657] netlink: 12 bytes leftover after parsing attributes in process `syz.3.12067'.
[  569.290519][ T1659] netlink: 12 bytes leftover after parsing attributes in process `syz.5.12068'.
[  569.332207][ T1661] 9pnet_fd: Insufficient options for proto=fd
[  569.344957][ T1661] loop3: detected capacity change from 0 to 764
[  569.368237][ T1667] loop5: detected capacity change from 0 to 512
[  569.379633][ T1667] EXT4-fs (loop5): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  569.426543][  T433] EXT4-fs (loop5): unmounting filesystem 00000005-0000-0000-0000-000000000000.
[  569.554315][ T1686] netlink: 12 bytes leftover after parsing attributes in process `syz.3.12079'.
[  569.563624][ T1679] loop5: detected capacity change from 0 to 8192
[  569.603700][ T1679]  loop5: p1 p2 p3 p4
[  569.609193][ T1679] loop5: p3 start 331777 is beyond EOD, truncated
[  569.615772][ T1679] loop5: p4 size 262912 extends beyond EOD, truncated
[  570.079401][ T1720] sch_tbf: peakrate 1024 is lower than or equals to rate 14457733672772839691 !
[  570.084412][ T1717] netlink: 'syz.1.12088': attribute type 1 has an invalid length.
[  570.096264][ T1717] netlink: 24 bytes leftover after parsing attributes in process `syz.1.12088'.
[  570.282124][ T1731] loop1: detected capacity change from 0 to 8192
[  570.290311][ T1735] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=1735 comm=syz.0.12094
[  570.332149][ T1739] FAULT_INJECTION: forcing a failure.
[  570.332149][ T1739] name failslab, interval 1, probability 0, space 0, times 0
[  570.345129][ T1739] CPU: 0 UID: 0 PID: 1739 Comm: +}[@ Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  570.345234][ T1739] Tainted: [W]=WARN
[  570.345241][ T1739] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  570.345252][ T1739] Call Trace:
[  570.345259][ T1739]  <TASK>
[  570.345266][ T1739]  __dump_stack+0x1d/0x30
[  570.345289][ T1739]  dump_stack_lvl+0xe8/0x140
[  570.345310][ T1739]  dump_stack+0x15/0x1b
[  570.345390][ T1739]  should_fail_ex+0x265/0x280
[  570.345420][ T1739]  ? __se_sys_mount+0xef/0x2e0
[  570.345442][ T1739]  should_failslab+0x8c/0xb0
[  570.345467][ T1739]  __kmalloc_cache_noprof+0x4c/0x4a0
[  570.345549][ T1739]  ? memdup_user+0x99/0xd0
[  570.345572][ T1739]  __se_sys_mount+0xef/0x2e0
[  570.345620][ T1739]  ? fput+0x8f/0xc0
[  570.345635][ T1739]  ? ksys_write+0x192/0x1a0
[  570.345657][ T1739]  __x64_sys_mount+0x67/0x80
[  570.345714][ T1739]  x64_sys_call+0x2b51/0x3000
[  570.345733][ T1739]  do_syscall_64+0xd2/0x200
[  570.345751][ T1739]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  570.345810][ T1731]  loop1: p1 p2 p3 p4
[  570.345834][ T1739]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  570.345865][ T1739]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  570.345886][ T1739] RIP: 0033:0x7f247c25f749
[  570.345902][ T1739] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  570.345948][ T1739] RSP: 002b:00007f247acc7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  570.345967][ T1739] RAX: ffffffffffffffda RBX: 00007f247c4b5fa0 RCX: 00007f247c25f749
[  570.346046][ T1739] RDX: 0000200000000040 RSI: 0000200000000000 RDI: 0000000000000000
[  570.346065][ T1739] RBP: 00007f247acc7090 R08: 0000200000000140 R09: 0000000000000000
[  570.346077][ T1739] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  570.346087][ T1739] R13: 00007f247c4b6038 R14: 00007f247c4b5fa0 R15: 00007ffcd44986d8
[  570.346104][ T1739]  </TASK>
[  570.470028][ T1747] loop6: detected capacity change from 0 to 512
[  570.558735][ T1747] ext4: Unknown parameter 'uid<18446744073709551615'
[  570.576302][ T1731] loop1: p3 start 331777 is beyond EOD, truncated
[  570.582790][ T1731] loop1: p4 size 262912 extends beyond EOD, truncated
[  570.599182][ T1752] syz_tun: entered allmulticast mode
[  570.611290][ T1752] TCP: TCP_TX_DELAY enabled
[  570.639960][ T1752] gre1: entered promiscuous mode
[  570.692867][ T1751] syz_tun: left allmulticast mode
[  570.858546][ T1763] loop6: detected capacity change from 0 to 512
[  570.903979][ T1777] loop3: detected capacity change from 0 to 512
[  570.924553][ T1763] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  570.947756][ T1763] ext4 filesystem being mounted at /346/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  570.960007][ T1777] EXT4-fs (loop3): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  570.967926][ T1763] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #2: comm syz.6.12107: corrupted inode contents
[  570.998495][ T1167] EXT4-fs (loop3): unmounting filesystem 00000005-0000-0000-0000-000000000000.
[  571.008721][ T1763] EXT4-fs error (device loop6): ext4_dirty_inode:6517: inode #2: comm syz.6.12107: mark_inode_dirty error
[  571.031023][ T1763] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #2: comm syz.6.12107: corrupted inode contents
[  571.051559][ T1784] loop3: detected capacity change from 0 to 512
[  571.059204][ T1763] EXT4-fs error (device loop6): __ext4_ext_dirty:206: inode #2: comm syz.6.12107: mark_inode_dirty error
[  571.081692][ T1784] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  571.092268][ T1784] EXT4-fs (loop3): orphan cleanup on readonly fs
[  571.111174][ T1784] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.12115: couldn't read orphan inode 26 (err -116)
[  571.129512][T30171] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  571.140970][ T1784] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  571.186312][ T1167] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  571.277143][ T1767] __nla_validate_parse: 1 callbacks suppressed
[  571.277157][ T1767] netlink: 16 bytes leftover after parsing attributes in process `syz.1.12109'.
[  571.296750][ T1767] netlink: 184 bytes leftover after parsing attributes in process `syz.1.12109'.
[  571.316992][ T1794] loop3: detected capacity change from 0 to 2048
[  571.317175][ T1767] netlink: 536 bytes leftover after parsing attributes in process `syz.1.12109'.
[  571.333406][ T1767] netlink: 60 bytes leftover after parsing attributes in process `syz.1.12109'.
[  571.357885][ T1795] loop6: detected capacity change from 0 to 2048
[  571.369303][ T1794] Alternate GPT is invalid, using primary GPT.
[  571.375546][ T1794]  loop3: p2 p3 p7
[  571.387905][ T1795] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  571.432311][T30171] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  572.535382][ T1821] loop5: detected capacity change from 0 to 1024
[  572.554891][ T1821] EXT4-fs: Ignoring removed orlov option
[  573.704661][ T1821] EXT4-fs (loop5): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  575.018785][ T1821] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  575.169950][ T1821] netlink: 'syz.5.12125': attribute type 10 has an invalid length.
[  575.177886][ T1821] netlink: 40 bytes leftover after parsing attributes in process `syz.5.12125'.
[  575.186932][   T29] kauditd_printk_skb: 3502 callbacks suppressed
[  575.186945][   T29] audit: type=1326 audit(2000000805.406:41087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1820 comm="syz.5.12125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ace96f749 code=0x7ffc0000
[  575.216821][   T29] audit: type=1326 audit(2000000805.406:41088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1820 comm="syz.5.12125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5ace96f749 code=0x7ffc0000
[  575.240441][   T29] audit: type=1326 audit(2000000805.406:41089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1820 comm="syz.5.12125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ace96f749 code=0x7ffc0000
[  575.265113][   T29] audit: type=1326 audit(2000000805.406:41090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1820 comm="syz.5.12125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ace96f749 code=0x7ffc0000
[  575.288702][   T29] audit: type=1326 audit(2000000805.406:41091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1820 comm="syz.5.12125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f5ace96f749 code=0x7ffc0000
[  575.312249][   T29] audit: type=1326 audit(2000000805.406:41092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1820 comm="syz.5.12125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ace96f749 code=0x7ffc0000
[  575.335881][   T29] audit: type=1326 audit(2000000805.406:41093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1820 comm="syz.5.12125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5ace96f749 code=0x7ffc0000
[  575.359518][   T29] audit: type=1326 audit(2000000805.406:41094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1820 comm="syz.5.12125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ace96f749 code=0x7ffc0000
[  575.383119][   T29] audit: type=1326 audit(2000000805.406:41095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1820 comm="syz.5.12125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5ace96f749 code=0x7ffc0000
[  575.406659][   T29] audit: type=1326 audit(2000000805.406:41096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1820 comm="syz.5.12125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ace96f749 code=0x7ffc0000
[  575.531005][ T1831] netlink: 8 bytes leftover after parsing attributes in process `syz.1.12127'.
[  575.590741][ T1825] loop3: detected capacity change from 0 to 512
[  575.735741][  T433] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  576.019946][ T1849] ip6t_srh: unknown srh invflags 4000
[  577.122181][ T1825] EXT4-fs: error -4 creating inode table initialization thread
[  577.130067][ T1825] EXT4-fs (loop3): mount failed
[  577.323099][ T1866] FAULT_INJECTION: forcing a failure.
[  577.323099][ T1866] name failslab, interval 1, probability 0, space 0, times 0
[  577.335730][ T1866] CPU: 1 UID: 0 PID: 1866 Comm: syz.5.12140 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  577.335763][ T1866] Tainted: [W]=WARN
[  577.335770][ T1866] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  577.335780][ T1866] Call Trace:
[  577.335785][ T1866]  <TASK>
[  577.335791][ T1866]  __dump_stack+0x1d/0x30
[  577.335810][ T1866]  dump_stack_lvl+0xe8/0x140
[  577.335854][ T1866]  dump_stack+0x15/0x1b
[  577.335872][ T1866]  should_fail_ex+0x265/0x280
[  577.335952][ T1866]  should_failslab+0x8c/0xb0
[  577.335996][ T1866]  kmem_cache_alloc_noprof+0x50/0x480
[  577.336067][ T1866]  ? dst_alloc+0xbd/0x100
[  577.336096][ T1866]  ? __pfx_ip6_dst_gc+0x10/0x10
[  577.336166][ T1866]  dst_alloc+0xbd/0x100
[  577.336191][ T1866]  ip6_pol_route+0x6bf/0xb40
[  577.336241][ T1866]  ? ip6_pol_route+0x389/0xb40
[  577.336307][ T1866]  ip6_pol_route_output+0x40/0x50
[  577.336372][ T1866]  ? __pfx_ip6_pol_route_output+0x10/0x10
[  577.336423][ T1866]  fib6_rule_lookup+0x112/0x470
[  577.336440][ T1866]  ? __pfx_ip6_pol_route_output+0x10/0x10
[  577.336468][ T1866]  ? mod_memcg_lruvec_state+0x1fc/0x2c0
[  577.336519][ T1866]  ? __rcu_read_unlock+0x4f/0x70
[  577.336612][ T1866]  ip6_route_output_flags+0x1e0/0x2c0
[  577.336638][ T1866]  ip6_dst_lookup_tail+0xb6/0xab0
[  577.336660][ T1866]  ? avc_has_perm_noaudit+0x1b1/0x200
[  577.336683][ T1866]  ? avc_has_perm+0xf7/0x180
[  577.336764][ T1866]  ? __rcu_read_unlock+0x4f/0x70
[  577.336791][ T1866]  ip6_sk_dst_lookup_flow+0x4a8/0x5b0
[  577.336812][ T1866]  ? __rcu_read_unlock+0x4f/0x70
[  577.336914][ T1866]  udpv6_sendmsg+0x1263/0x15b0
[  577.336943][ T1866]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  577.337009][ T1866]  ? __rcu_read_unlock+0x4f/0x70
[  577.337043][ T1866]  ? __pfx_udpv6_sendmsg+0x10/0x10
[  577.337068][ T1866]  inet6_sendmsg+0xac/0xd0
[  577.337163][ T1866]  __sock_sendmsg+0x8b/0x180
[  577.337188][ T1866]  __sys_sendto+0x268/0x330
[  577.337224][ T1866]  __x64_sys_sendto+0x76/0x90
[  577.337248][ T1866]  x64_sys_call+0x2d14/0x3000
[  577.337323][ T1866]  do_syscall_64+0xd2/0x200
[  577.337344][ T1866]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  577.337368][ T1866]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  577.337415][ T1866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  577.337435][ T1866] RIP: 0033:0x7f5ace96f749
[  577.337451][ T1866] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  577.337470][ T1866] RSP: 002b:00007f5acd3d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  577.337488][ T1866] RAX: ffffffffffffffda RBX: 00007f5acebc5fa0 RCX: 00007f5ace96f749
[  577.337517][ T1866] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  577.337530][ T1866] RBP: 00007f5acd3d7090 R08: 0000200000000300 R09: 000000000000001c
[  577.337544][ T1866] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  577.337556][ T1866] R13: 00007f5acebc6038 R14: 00007f5acebc5fa0 R15: 00007ffe41979768
[  577.337577][ T1866]  </TASK>
[  577.815747][ T1863] netlink: 'syz.0.12138': attribute type 1 has an invalid length.
[  577.895479][ T1876] 9pnet_rdma: rdma_create_trans (1876): problem binding to privport: 13
[  577.915068][ T1874] netlink: 256 bytes leftover after parsing attributes in process `syz.1.12139'.
[  577.970831][ T1877] 8021q: adding VLAN 0 to HW filter on device batadv1
[  578.071791][ T1877] bond0: (slave batadv1): making interface the new active one
[  578.088259][ T1877] bond0: (slave batadv1): Enslaving as an active interface with an up link
[  578.244030][ T1886] netlink: 4 bytes leftover after parsing attributes in process `syz.5.12146'.
[  578.442941][ T1898] netlink: 8 bytes leftover after parsing attributes in process `syz.0.12151'.
[  578.479136][ T1896] 9pnet_fd: Insufficient options for proto=fd
[  578.490471][ T1896] loop5: detected capacity change from 0 to 764
[  578.560039][ T1900] 9pnet_fd: Insufficient options for proto=fd
[  578.610790][ T1889] loop3: detected capacity change from 0 to 8192
[  578.671414][ T1889]  loop3: p1 p2 p3 p4
[  578.676276][ T1907] xt_connbytes: Forcing CT accounting to be enabled
[  578.702574][ T1889] loop3: p3 start 331777 is beyond EOD, truncated
[  578.709035][ T1889] loop3: p4 size 262912 extends beyond EOD, truncated
[  578.722769][ T1907] set match dimension is over the limit!
[  578.941653][ T1925] netlink: 'syz.0.12162': attribute type 10 has an invalid length.
[  578.949794][ T1925] netlink: 40 bytes leftover after parsing attributes in process `syz.0.12162'.
[  578.971432][ T1928] netlink: 'syz.3.12163': attribute type 4 has an invalid length.
[  578.978051][ T1917] 9pnet_fd: Insufficient options for proto=fd
[  578.993548][ T1917] loop6: detected capacity change from 0 to 764
[  579.053043][ T1934] netlink: 'syz.0.12166': attribute type 4 has an invalid length.
[  579.103257][ T1939] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  579.142154][ T1940] loop3: detected capacity change from 0 to 2048
[  579.161067][ T1940] EXT4-fs (loop3): failed to initialize system zone (-117)
[  579.168288][ T1940] EXT4-fs (loop3): mount failed
[  579.216631][ T1953] loop6: detected capacity change from 0 to 2048
[  579.241501][ T1953] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  579.272174][ T1959] xt_connbytes: Forcing CT accounting to be enabled
[  579.287520][ T1953] ext4 filesystem being mounted at /351/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  579.300721][ T1960] netlink: 96 bytes leftover after parsing attributes in process `syz.5.12174'.
[  579.340653][ T1959] set match dimension is over the limit!
[  579.431329][ T1964] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.12173: bg 0: block 345: padding at end of block bitmap is not set
[  579.489212][ T1964] EXT4-fs (loop6): Remounting filesystem read-only
[  579.491147][ T1970] netlink: 12 bytes leftover after parsing attributes in process `syz.3.12177'.
[  579.496021][T26740] EXT4-fs warning (device loop6): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[  579.516355][ T1970] loop3: detected capacity change from 0 to 512
[  579.527964][ T1970] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  579.540447][ T1970] EXT4-fs (loop3): 1 orphan inode deleted
[  579.546233][ T1970] EXT4-fs (loop3): 1 truncate cleaned up
[  579.555741][ T1970] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  579.585416][ T1167] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  579.595350][T30171] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  579.618433][ T1975] netlink: 'syz.0.12178': attribute type 4 has an invalid length.
[  579.748615][ T1991] netlink: 28 bytes leftover after parsing attributes in process `syz.0.12186'.
[  579.773449][ T1991] netlink: 'syz.0.12186': attribute type 1 has an invalid length.
[  579.781418][ T1991] netlink: 'syz.0.12186': attribute type 2 has an invalid length.
[  579.789221][ T1991] netlink: 108 bytes leftover after parsing attributes in process `syz.0.12186'.
[  579.864499][ T1994] loop5: detected capacity change from 0 to 1764
[  580.018070][ T2005] 9pnet_fd: Insufficient options for proto=fd
[  580.045030][ T2007] loop5: detected capacity change from 0 to 1024
[  580.053137][ T2007] EXT4-fs: test_dummy_encryption option not supported
[  580.354461][ T2010] netlink: 84 bytes leftover after parsing attributes in process `syz.5.12192'.
[  580.540007][   T29] kauditd_printk_skb: 935 callbacks suppressed
[  580.540021][   T29] audit: type=1326 audit(2000000810.439:42032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1982 comm="syz.6.12180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fa786622005 code=0x7ffc0000
[  580.609148][   T29] audit: type=1326 audit(2000000810.439:42033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1982 comm="syz.6.12180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fa786622005 code=0x7ffc0000
[  580.632824][   T29] audit: type=1326 audit(2000000810.439:42034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1982 comm="syz.6.12180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fa786622005 code=0x7ffc0000
[  580.647831][ T2014] smc: net device hsr0 applied user defined pnetid SYZ2
[  580.656436][   T29] audit: type=1326 audit(2000000810.439:42035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1982 comm="syz.6.12180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fa786622005 code=0x7ffc0000
[  580.686915][   T29] audit: type=1326 audit(2000000810.439:42036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1982 comm="syz.6.12180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fa786622005 code=0x7ffc0000
[  580.696480][ T2014] smc: net device hsr0 erased user defined pnetid SYZ2
[  580.710523][   T29] audit: type=1326 audit(2000000810.439:42037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1982 comm="syz.6.12180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fa786622005 code=0x7ffc0000
[  580.710554][   T29] audit: type=1326 audit(2000000810.439:42038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1982 comm="syz.6.12180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fa786622005 code=0x7ffc0000
[  580.764547][   T29] audit: type=1326 audit(2000000810.439:42039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1982 comm="syz.6.12180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fa786622005 code=0x7ffc0000
[  580.788157][   T29] audit: type=1326 audit(2000000810.467:42040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1982 comm="syz.6.12180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fa7865ef749 code=0x7ffc0000
[  580.811712][   T29] audit: type=1326 audit(2000000810.467:42041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1982 comm="syz.6.12180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7fa7865ef749 code=0x7ffc0000
[  581.033628][ T2030] loop9: detected capacity change from 0 to 7
[  581.040036][    C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  581.049706][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  581.063803][    C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  581.072961][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  581.083957][ T2030]  loop9: unable to read partition table
[  581.092188][ T2027] netlink: 28 bytes leftover after parsing attributes in process `syz.6.12199'.
[  581.119967][ T2030] loop_reread_partitions: partition scan of loop9 (ъщ) failed (rc=-5)
[  581.264478][ T2035] loop3: detected capacity change from 0 to 1024
[  581.273655][ T2035] EXT4-fs: Ignoring removed orlov option
[  581.334032][ T2035] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  581.370366][ T2035] openvswitch: netlink: Key 0 has unexpected len 2 expected 0
[  581.521401][ T1167] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  581.965986][ T2040] loop6: detected capacity change from 0 to 764
[  582.255302][ T2053] lo speed is unknown, defaulting to 1000
[  582.271540][ T2053] lo speed is unknown, defaulting to 1000
[  582.299265][ T2053] lo speed is unknown, defaulting to 1000
[  582.319980][ T2053] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  582.340974][ T2059] veth2: entered promiscuous mode
[  582.346010][ T2059] veth2: entered allmulticast mode
[  582.399395][ T2062] smc: net device hsr0 applied user defined pnetid SYZ2
[  582.406925][ T2057] smc: net device hsr0 erased user defined pnetid SYZ2
[  582.430340][ T2053] lo speed is unknown, defaulting to 1000
[  582.465091][ T2053] lo speed is unknown, defaulting to 1000
[  582.481528][ T2053] lo speed is unknown, defaulting to 1000
[  582.506964][ T2053] lo speed is unknown, defaulting to 1000
[  582.513583][ T2053] lo speed is unknown, defaulting to 1000
[  582.521306][ T2053] lo speed is unknown, defaulting to 1000
[  582.527678][ T2053] lo speed is unknown, defaulting to 1000
[  582.549134][ T2053] lo speed is unknown, defaulting to 1000
[  582.558486][ T2075] netlink: 'syz.6.12215': attribute type 4 has an invalid length.
[  582.569924][ T2053] lo speed is unknown, defaulting to 1000
[  582.586922][ T2053] lo speed is unknown, defaulting to 1000
[  582.613513][ T2079] netlink: 'syz.3.12217': attribute type 4 has an invalid length.
[  582.613520][ T2053] lo speed is unknown, defaulting to 1000
[  582.620205][ T2053] lo speed is unknown, defaulting to 1000
[  582.656815][ T2053] lo speed is unknown, defaulting to 1000
[  582.663167][ T2053] lo speed is unknown, defaulting to 1000
[  582.868633][ T2097] loop6: detected capacity change from 0 to 764
[  583.002276][T23195] Bluetooth: hci0: Frame reassembly failed (-84)
[  583.087534][ T2118] loop6: detected capacity change from 0 to 8192
[  583.137770][ T2118]  loop6: p1 p2 p3 p4
[  583.143518][ T2118] loop6: p3 start 331777 is beyond EOD, truncated
[  583.149987][ T2118] loop6: p4 size 262912 extends beyond EOD, truncated
[  583.330123][ T2127] FAULT_INJECTION: forcing a failure.
[  583.330123][ T2127] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  583.343291][ T2127] CPU: 0 UID: 0 PID: 2127 Comm: syz.6.12239 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  583.343318][ T2127] Tainted: [W]=WARN
[  583.343323][ T2127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  583.343355][ T2127] Call Trace:
[  583.343361][ T2127]  <TASK>
[  583.343368][ T2127]  __dump_stack+0x1d/0x30
[  583.343392][ T2127]  dump_stack_lvl+0xe8/0x140
[  583.343413][ T2127]  dump_stack+0x15/0x1b
[  583.343432][ T2127]  should_fail_ex+0x265/0x280
[  583.343483][ T2127]  should_fail+0xb/0x20
[  583.343496][ T2127]  should_fail_usercopy+0x1a/0x20
[  583.343516][ T2127]  _copy_from_iter+0xd2/0xe80
[  583.343555][ T2127]  ? __build_skb_around+0x1ab/0x200
[  583.343580][ T2127]  ? __alloc_skb+0x223/0x320
[  583.343607][ T2127]  netlink_sendmsg+0x471/0x6b0
[  583.343626][ T2127]  ? __pfx_netlink_sendmsg+0x10/0x10
[  583.343691][ T2127]  __sock_sendmsg+0x145/0x180
[  583.343716][ T2127]  ____sys_sendmsg+0x31e/0x4e0
[  583.343746][ T2127]  ___sys_sendmsg+0x17b/0x1d0
[  583.343775][ T2127]  __x64_sys_sendmsg+0xd4/0x160
[  583.343823][ T2127]  x64_sys_call+0x191e/0x3000
[  583.343841][ T2127]  do_syscall_64+0xd2/0x200
[  583.343858][ T2127]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  583.343924][ T2127]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  583.343954][ T2127]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  583.343976][ T2127] RIP: 0033:0x7fa7865ef749
[  583.343991][ T2127] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  583.344009][ T2127] RSP: 002b:00007fa78504f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  583.344032][ T2127] RAX: ffffffffffffffda RBX: 00007fa786845fa0 RCX: 00007fa7865ef749
[  583.344046][ T2127] RDX: 000000000000c050 RSI: 0000200000000cc0 RDI: 0000000000000003
[  583.344059][ T2127] RBP: 00007fa78504f090 R08: 0000000000000000 R09: 0000000000000000
[  583.344072][ T2127] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  583.344160][ T2127] R13: 00007fa786846038 R14: 00007fa786845fa0 R15: 00007ffc9e18a808
[  583.344179][ T2127]  </TASK>
[  583.625706][ T2131] smc: net device hsr0 applied user defined pnetid SYZ2
[  583.643696][ T2131] smc: net device hsr0 erased user defined pnetid SYZ2
[  583.724456][ T2133] loop6: detected capacity change from 0 to 764
[  583.763318][ T2135] __nla_validate_parse: 1 callbacks suppressed
[  583.763332][ T2135] netlink: 8 bytes leftover after parsing attributes in process `syz.0.12243'.
[  583.846635][ T2139] netlink: 'syz.6.12246': attribute type 4 has an invalid length.
[  584.656259][ T2153] netlink: 16 bytes leftover after parsing attributes in process `syz.0.12251'.
[  584.900292][ T2170] netlink: 8 bytes leftover after parsing attributes in process `syz.6.12258'.
[  585.028615][ T2176] netlink: 8 bytes leftover after parsing attributes in process `syz.0.12261'.
[  585.179490][T18246] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  585.179556][T18255] Bluetooth: hci0: command 0x1003 tx timeout
[  586.480910][ T2215] netlink: 256 bytes leftover after parsing attributes in process `syz.1.12275'.
[  586.541689][   T29] kauditd_printk_skb: 290 callbacks suppressed
[  586.541758][   T29] audit: type=1326 audit(2000001072.048:42332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2218 comm="syz.3.12279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f359e5ff749 code=0x7ffc0000
[  586.851928][   T29] audit: type=1326 audit(2000001072.076:42333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2218 comm="syz.3.12279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f359e5ff749 code=0x7ffc0000
[  586.875603][   T29] audit: type=1326 audit(2000001072.076:42334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2218 comm="syz.3.12279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f359e5ff749 code=0x7ffc0000
[  586.899402][   T29] audit: type=1326 audit(2000001072.076:42335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2218 comm="syz.3.12279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f359e5ff749 code=0x7ffc0000
[  586.923609][   T29] audit: type=1326 audit(2000001072.085:42336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2218 comm="syz.3.12279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f359e5ff749 code=0x7ffc0000
[  586.947337][   T29] audit: type=1326 audit(2000001072.085:42337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2218 comm="syz.3.12279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f359e5ff749 code=0x7ffc0000
[  586.970892][   T29] audit: type=1326 audit(2000001072.085:42338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2218 comm="syz.3.12279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f359e5ff749 code=0x7ffc0000
[  586.994526][   T29] audit: type=1326 audit(2000001072.085:42339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2218 comm="syz.3.12279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f359e5ff749 code=0x7ffc0000
[  587.018190][   T29] audit: type=1326 audit(2000001072.085:42340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2218 comm="syz.3.12279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f359e5ff749 code=0x7ffc0000
[  587.041820][   T29] audit: type=1326 audit(2000001072.085:42341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2218 comm="syz.3.12279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f359e5ff749 code=0x7ffc0000
[  587.726071][T26688] Bluetooth: hci0: Frame reassembly failed (-84)
[  587.966058][ T2322] loop6: detected capacity change from 0 to 1024
[  587.980914][ T2322] EXT4-fs: Ignoring removed orlov option
[  587.992692][ T2322] EXT4-fs (loop6): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  588.079338][ T2322] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  588.121453][ T2322] netlink: 'syz.6.12288': attribute type 10 has an invalid length.
[  588.129393][ T2322] netlink: 40 bytes leftover after parsing attributes in process `syz.6.12288'.
[  588.179093][T30171] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  589.961931][T18255] Bluetooth: hci0: command 0x1003 tx timeout
[  589.967988][T18246] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  590.405560][ T2347] netlink: 'syz.0.12296': attribute type 10 has an invalid length.
[  590.413569][ T2347] netlink: 40 bytes leftover after parsing attributes in process `syz.0.12296'.
[  590.957665][ T2368] loop5: detected capacity change from 0 to 512
[  590.964442][ T2368] journal_path: Non-blockdev passed as './bus'
[  590.970593][ T2368] EXT4-fs: error: could not find journal device path
[  591.149069][ T2375] loop3: detected capacity change from 0 to 512
[  591.160567][ T2374] netlink: 'syz.0.12303': attribute type 5 has an invalid length.
[  591.203160][ T2375] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[  591.214892][ T2375] netlink: 108 bytes leftover after parsing attributes in process `syz.3.12305'.
[  591.224038][ T2375] netlink: 8 bytes leftover after parsing attributes in process `syz.3.12305'.
[  591.265762][ T2375] loop3: detected capacity change from 0 to 512
[  591.296623][ T2375] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  591.335731][ T2375] ext4 filesystem being mounted at /71/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  591.388048][ T1167] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  591.414136][ T2381] netlink: 'syz.6.12307': attribute type 4 has an invalid length.
[  591.605953][ T2398] smc: net device hsr0 applied user defined pnetid SYZ2
[  591.609696][ T2397] loop3: detected capacity change from 0 to 2048
[  591.613198][ T2398] smc: net device hsr0 erased user defined pnetid SYZ2
[  591.638178][ T2397] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  591.673090][ T2397] ext4 filesystem being mounted at /75/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  591.772601][ T2393] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.12313: bg 0: block 345: padding at end of block bitmap is not set
[  591.819746][ T2393] EXT4-fs (loop3): Remounting filesystem read-only
[  591.886736][ T2409] loop6: detected capacity change from 0 to 512
[  591.969885][ T2409] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  591.984689][ T2409] ext4 filesystem being mounted at /404/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  592.021456][ T2403] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #2: comm syz.6.12315: corrupted inode contents
[  592.216780][ T2403] EXT4-fs error (device loop6): ext4_dirty_inode:6517: inode #2: comm syz.6.12315: mark_inode_dirty error
[  592.256971][ T2403] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #2: comm syz.6.12315: corrupted inode contents
[  592.285226][   T29] kauditd_printk_skb: 128 callbacks suppressed
[  592.285239][   T29] audit: type=1400 audit(2000001333.418:42470): avc:  denied  { execute } for  pid=2414 comm="syz.0.12318" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=115573 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  592.333523][ T2403] EXT4-fs error (device loop6): __ext4_ext_dirty:206: inode #2: comm syz.6.12315: mark_inode_dirty error
[  592.374684][ T1167] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  592.468771][   T29] audit: type=1326 audit(2000001333.587:42471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2417 comm="syz.3.12319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f359e5ff749 code=0x7ffc0000
[  592.521621][   T29] audit: type=1326 audit(2000001333.587:42472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2417 comm="syz.3.12319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f359e5ff749 code=0x7ffc0000
[  592.545387][   T29] audit: type=1326 audit(2000001333.587:42473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2417 comm="syz.3.12319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=253 compat=0 ip=0x7f359e5ff749 code=0x7ffc0000
[  592.569366][   T29] audit: type=1326 audit(2000001333.587:42474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2417 comm="syz.3.12319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f359e5ff749 code=0x7ffc0000
[  592.577785][ T2418] loop3: detected capacity change from 0 to 128
[  592.593004][   T29] audit: type=1326 audit(2000001333.587:42475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2417 comm="syz.3.12319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f359e5ff749 code=0x7ffc0000
[  592.622858][   T29] audit: type=1326 audit(2000001333.587:42476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2417 comm="syz.3.12319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f359e5ff749 code=0x7ffc0000
[  592.648332][   T29] audit: type=1326 audit(2000001333.587:42477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2417 comm="syz.3.12319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f359e5ff749 code=0x7ffc0000
[  592.672065][   T29] audit: type=1326 audit(2000001333.587:42478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2417 comm="syz.3.12319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f359e5ff749 code=0x7ffc0000
[  592.695669][   T29] audit: type=1326 audit(2000001333.587:42479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2417 comm="syz.3.12319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f359e5ff749 code=0x7ffc0000
[  592.727578][T30171] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  592.742175][ T2424] netlink: 'syz.0.12323': attribute type 4 has an invalid length.
[  592.813043][ T2434] loop6: detected capacity change from 0 to 164
[  592.820269][ T2434] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  592.828911][ T2433] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  592.837580][ T2433] Symlink component flag not implemented
[  592.843212][ T2433] Symlink component flag not implemented
[  592.843614][ T2434] Symlink component flag not implemented (7)
[  592.855350][ T2434] Symlink component flag not implemented (116)
[  593.402555][ T2451] loop3: detected capacity change from 0 to 1024
[  593.425743][ T2451] EXT4-fs: Ignoring removed orlov option
[  593.448647][ T2451] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  593.554337][ T2451] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  593.615298][ T2451] netlink: 'syz.3.12332': attribute type 10 has an invalid length.
[  593.623247][ T2451] netlink: 40 bytes leftover after parsing attributes in process `syz.3.12332'.
[  593.677127][ T2451] batman_adv: batadv0: Adding interface: veth1_vlan
[  593.683810][ T2451] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  593.809638][ T2451] batman_adv: batadv0: Interface activated: veth1_vlan
[  593.849096][ T1167] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  594.072459][ T2461] netlink: 'syz.3.12335': attribute type 4 has an invalid length.
[  594.343232][ T2481] loop5: detected capacity change from 0 to 2048
[  594.447022][ T2481] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  594.581147][ T2481] ext4 filesystem being mounted at /121/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  594.808340][ T2481] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.12341: bg 0: block 345: padding at end of block bitmap is not set
[  594.855996][ T2481] EXT4-fs (loop5): Remounting filesystem read-only
[  594.942086][  T433] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  595.684475][ T2511] netlink: 'syz.6.12351': attribute type 4 has an invalid length.
[  595.715242][ T2513] smc: net device hsr0 applied user defined pnetid SYZ2
[  595.777159][ T2513] smc: net device hsr0 erased user defined pnetid SYZ2
[  595.835823][ T2509] loop3: detected capacity change from 0 to 512
[  596.144924][ T2518] netlink: 'syz.0.12353': attribute type 5 has an invalid length.
[  596.203329][ T2509] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  596.249058][ T2509] ext4 filesystem being mounted at /85/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  596.324048][ T2508] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #2: comm syz.3.12350: corrupted inode contents
[  596.360874][ T2508] EXT4-fs error (device loop3): ext4_dirty_inode:6517: inode #2: comm syz.3.12350: mark_inode_dirty error
[  596.385487][ T2508] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #2: comm syz.3.12350: corrupted inode contents
[  596.436024][ T2528] loop5: detected capacity change from 0 to 2048
[  596.442470][ T2508] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #2: comm syz.3.12350: mark_inode_dirty error
[  596.510620][ T2528] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  596.541519][ T1167] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  596.560115][ T2528] ext4 filesystem being mounted at /123/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  596.731380][ T2528] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.12355: bg 0: block 345: padding at end of block bitmap is not set
[  596.781050][ T2528] EXT4-fs (loop5): Remounting filesystem read-only
[  596.872208][  T433] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  597.053340][ T2549] loop5: detected capacity change from 0 to 1024
[  597.062414][ T2547] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  597.078520][ T2549] EXT4-fs: Ignoring removed orlov option
[  597.081501][ T2547] vhci_hcd: invalid port number 96
[  597.089344][ T2547] vhci_hcd: default hub control req: 0300 vfffa i0060 l0
[  597.094195][ T2549] EXT4-fs (loop5): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  597.204126][ T2556] smc: net device hsr0 applied user defined pnetid SYZ2
[  597.211693][ T2556] smc: net device hsr0 erased user defined pnetid SYZ2
[  597.362765][ T2549] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  597.459846][ T2566] ip6t_srh: unknown srh invflags 4000
[  597.734567][   T29] kauditd_printk_skb: 379 callbacks suppressed
[  597.734580][   T29] audit: type=1326 audit(2000001338.516:42859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2571 comm="syz.6.12369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7865ef749 code=0x7ffc0000
[  598.409941][   T29] audit: type=1326 audit(2000001338.544:42860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2571 comm="syz.6.12369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7865ef749 code=0x7ffc0000
[  598.433789][   T29] audit: type=1326 audit(2000001338.544:42861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2571 comm="syz.6.12369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=274 compat=0 ip=0x7fa7865ef749 code=0x7ffc0000
[  598.457429][   T29] audit: type=1326 audit(2000001338.544:42862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2571 comm="syz.6.12369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7865ef749 code=0x7ffc0000
[  598.481007][   T29] audit: type=1326 audit(2000001338.544:42863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2571 comm="syz.6.12369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7865ef749 code=0x7ffc0000
[  598.504661][   T29] audit: type=1326 audit(2000001338.544:42864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2571 comm="syz.6.12369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa7865ef749 code=0x7ffc0000
[  598.529185][   T29] audit: type=1326 audit(2000001338.544:42865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2571 comm="syz.6.12369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7865ef749 code=0x7ffc0000
[  598.552822][   T29] audit: type=1326 audit(2000001338.544:42866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2571 comm="syz.6.12369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7865ef749 code=0x7ffc0000
[  598.576412][   T29] audit: type=1326 audit(2000001338.544:42867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2571 comm="syz.6.12369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa7865ef749 code=0x7ffc0000
[  598.600058][   T29] audit: type=1326 audit(2000001338.544:42868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2571 comm="syz.6.12369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7865ef749 code=0x7ffc0000
[  598.932855][ T2549] netlink: 'syz.5.12360': attribute type 10 has an invalid length.
[  598.940798][ T2549] netlink: 40 bytes leftover after parsing attributes in process `syz.5.12360'.
[  599.147343][  T433] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  599.159859][ T2599] netlink: 'syz.6.12380': attribute type 4 has an invalid length.
[  600.346895][ T2655] lo speed is unknown, defaulting to 1000
[  601.275149][ T2688] netlink: 'syz.1.12405': attribute type 5 has an invalid length.
[  601.374598][ T2687] smc: net device hsr0 applied user defined pnetid SYZ2
[  601.398893][ T2687] smc: net device hsr0 erased user defined pnetid SYZ2
[  601.406339][T26729] Bluetooth: hci0: Frame reassembly failed (-84)
[  601.634019][ T2701] smc: net device hsr0 applied user defined pnetid SYZ2
[  601.641980][ T2701] smc: net device hsr0 erased user defined pnetid SYZ2
[  601.691171][ T2707] loop5: detected capacity change from 0 to 2048
[  601.753704][ T2707] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  601.853868][ T2707] ext4 filesystem being mounted at /132/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  601.981637][ T2709] loop3: detected capacity change from 0 to 512
[  602.014236][ T2707] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.12412: bg 0: block 345: padding at end of block bitmap is not set
[  602.042253][ T2707] EXT4-fs (loop5): Remounting filesystem read-only
[  602.108941][ T2709] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  602.165221][ T2709] ext4 filesystem being mounted at /98/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  602.218283][  T433] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  602.391139][ T2709] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #2: comm syz.3.12413: corrupted inode contents
[  602.410661][ T2709] EXT4-fs error (device loop3): ext4_dirty_inode:6517: inode #2: comm syz.3.12413: mark_inode_dirty error
[  602.440341][ T2709] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #2: comm syz.3.12413: corrupted inode contents
[  602.477672][ T2732] syzkaller0: entered allmulticast mode
[  602.483566][ T2732] syzkaller0: entered promiscuous mode
[  602.496250][ T2709] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #2: comm syz.3.12413: mark_inode_dirty error
[  602.511067][ T2731] syzkaller0: left promiscuous mode
[  602.516590][ T2731] syzkaller0: left allmulticast mode
[  602.604128][ T2734] netlink: 'syz.1.12421': attribute type 10 has an invalid length.
[  602.612135][ T2734] netlink: 40 bytes leftover after parsing attributes in process `syz.1.12421'.
[  602.634187][ T2734] batman_adv: batadv0: Adding interface: veth1_vlan
[  602.641375][ T2734] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  602.668141][ T1167] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  602.668299][ T2734] batman_adv: batadv0: Interface activated: veth1_vlan
[  602.791783][ T2751] loop3: detected capacity change from 0 to 764
[  603.003736][ T2774] loop3: detected capacity change from 0 to 1024
[  603.040397][ T2774] EXT4-fs: Ignoring removed orlov option
[  603.054799][ T2774] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  603.101076][ T2774] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  603.168741][   T29] kauditd_printk_skb: 486 callbacks suppressed
[  603.168752][   T29] audit: type=1326 audit(2000001599.592:43355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2773 comm="syz.3.12435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f359e5ff749 code=0x7ffc0000
[  603.198631][   T29] audit: type=1326 audit(2000001599.592:43356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2773 comm="syz.3.12435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f359e5ff749 code=0x7ffc0000
[  603.222268][   T29] audit: type=1326 audit(2000001599.592:43357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2773 comm="syz.3.12435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f359e5ff749 code=0x7ffc0000
[  603.316777][ T2772] loop5: detected capacity change from 0 to 512
[  603.344548][   T29] audit: type=1326 audit(2000001599.676:43358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2773 comm="syz.3.12435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f359e5ff749 code=0x7ffc0000
[  603.368380][   T29] audit: type=1326 audit(2000001599.676:43359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2773 comm="syz.3.12435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f359e5ff749 code=0x7ffc0000
[  603.372608][ T2774] netlink: 'syz.3.12435': attribute type 10 has an invalid length.
[  603.392194][   T29] audit: type=1326 audit(2000001599.676:43360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2773 comm="syz.3.12435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f359e5ff749 code=0x7ffc0000
[  603.399942][ T2774] netlink: 40 bytes leftover after parsing attributes in process `syz.3.12435'.
[  603.432772][   T29] audit: type=1326 audit(2000001599.676:43361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2773 comm="syz.3.12435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f359e5ff749 code=0x7ffc0000
[  603.456365][   T29] audit: type=1326 audit(2000001599.676:43362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2773 comm="syz.3.12435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f359e5ff749 code=0x7ffc0000
[  603.480043][   T29] audit: type=1326 audit(2000001599.685:43363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2773 comm="syz.3.12435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f359e5ff749 code=0x7ffc0000
[  603.481232][ T2785] ip6t_srh: unknown srh invflags 4000
[  603.503682][   T29] audit: type=1326 audit(2000001599.685:43364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2773 comm="syz.3.12435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f359e5ff749 code=0x7ffc0000
[  603.567285][T18255] Bluetooth: hci0: command 0x1003 tx timeout
[  603.573291][T18246] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  603.614707][ T1167] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  603.648645][ T2772] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  603.664445][ T2772] ext4 filesystem being mounted at /139/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  603.681539][ T2792] netlink: 'syz.1.12440': attribute type 4 has an invalid length.
[  603.731073][ T2772] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #2: comm syz.5.12434: corrupted inode contents
[  603.760153][ T2772] EXT4-fs error (device loop5): ext4_dirty_inode:6517: inode #2: comm syz.5.12434: mark_inode_dirty error
[  603.814535][ T2772] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #2: comm syz.5.12434: corrupted inode contents
[  603.854099][ T2772] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #2: comm syz.5.12434: mark_inode_dirty error
[  603.897597][T26740] Bluetooth: hci0: Frame reassembly failed (-84)
[  603.920060][  T433] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  603.948291][T26703] Bluetooth: hci1: Frame reassembly failed (-84)
[  604.448824][ T2816] IPv4: Oversized IP packet from 127.202.26.0
[  604.547501][ T2825] loop3: detected capacity change from 0 to 2048
[  604.584453][ T2825] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  604.597117][ T2825] ext4 filesystem being mounted at /108/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  604.631762][ T1167] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  604.779910][ T2842] siw: device registration error -23
[  604.825076][ T2845] smc: net device hsr0 applied user defined pnetid SYZ2
[  604.833129][ T2845] smc: net device hsr0 erased user defined pnetid SYZ2
[  604.893790][ T2840] loop6: detected capacity change from 0 to 512
[  604.928126][ T2840] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  604.942348][ T2840] ext4 filesystem being mounted at /427/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  604.963013][ T2840] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #2: comm syz.6.12455: corrupted inode contents
[  604.976040][ T2840] EXT4-fs error (device loop6): ext4_dirty_inode:6517: inode #2: comm syz.6.12455: mark_inode_dirty error
[  604.988636][ T2840] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #2: comm syz.6.12455: corrupted inode contents
[  605.001968][ T2840] EXT4-fs error (device loop6): __ext4_ext_dirty:206: inode #2: comm syz.6.12455: mark_inode_dirty error
[  605.054361][T30171] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  605.111320][ T2855] lo speed is unknown, defaulting to 1000
[  605.301292][ T2862] smc: net device hsr0 applied user defined pnetid SYZ2
[  605.310103][ T2862] smc: net device hsr0 erased user defined pnetid SYZ2
[  605.491896][ T2875] smc: net device hsr0 applied user defined pnetid SYZ2
[  605.499282][ T2875] smc: net device hsr0 erased user defined pnetid SYZ2
[  605.602424][ T2886] smc: net device hsr0 applied user defined pnetid SYZ2
[  605.609647][ T2886] smc: net device hsr0 erased user defined pnetid SYZ2
[  605.768683][ T2895] loop6: detected capacity change from 0 to 2048
[  605.804342][ T2895] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  605.822783][ T2895] ext4 filesystem being mounted at /438/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  605.825492][ T2910] smc: net device hsr0 applied user defined pnetid SYZ2
[  605.847139][ T2910] smc: net device hsr0 erased user defined pnetid SYZ2
[  605.905897][T30171] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  605.964737][ T2919] netlink: 48 bytes leftover after parsing attributes in process `syz.3.12485'.
[  606.001670][ T2926] netlink: 8 bytes leftover after parsing attributes in process `syz.3.12487'.
[  606.047741][T18246] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  606.053905][ T5563] Bluetooth: hci0: command 0x1003 tx timeout
[  606.144297][ T5563] Bluetooth: hci1: command 0x1003 tx timeout
[  606.150664][T18255] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  607.751866][ T2954] netlink: 48 bytes leftover after parsing attributes in process `syz.5.12497'.
[  607.819671][ T2957] netlink: 'syz.5.12498': attribute type 4 has an invalid length.
[  608.168114][ T2972] loop5: detected capacity change from 0 to 2048
[  608.423987][ T2972] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  608.497651][ T2993] ip6t_srh: unknown srh invflags 4000
[  608.562044][ T2972] ext4 filesystem being mounted at /146/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  608.581386][ T2991] smc: net device hsr0 applied user defined pnetid SYZ2
[  608.661170][ T2994] smc: net device hsr0 erased user defined pnetid SYZ2
[  608.709626][   T29] kauditd_printk_skb: 504 callbacks suppressed
[  608.709639][   T29] audit: type=1326 audit(2000002116.782:43869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2995 comm="syz.3.12508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f359e5ff749 code=0x7ffc0000
[  608.800218][ T2998] netlink: 48 bytes leftover after parsing attributes in process `syz.3.12508'.
[  608.914508][ T3001] netlink: 'syz.6.12509': attribute type 5 has an invalid length.
[  608.940466][   T29] audit: type=1326 audit(2000002116.810:43870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2995 comm="syz.3.12508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f359e5ff749 code=0x7ffc0000
[  608.964262][   T29] audit: type=1326 audit(2000002116.820:43871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2995 comm="syz.3.12508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=274 compat=0 ip=0x7f359e5ff749 code=0x7ffc0000
[  608.987948][   T29] audit: type=1326 audit(2000002116.820:43872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2995 comm="syz.3.12508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f359e5ff749 code=0x7ffc0000
[  609.011628][   T29] audit: type=1326 audit(2000002116.820:43873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2995 comm="syz.3.12508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f359e5ff749 code=0x7ffc0000
[  609.035279][   T29] audit: type=1326 audit(2000002116.820:43874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2995 comm="syz.3.12508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f359e5ff749 code=0x7ffc0000
[  609.058902][   T29] audit: type=1326 audit(2000002116.820:43875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2995 comm="syz.3.12508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f359e5ff749 code=0x7ffc0000
[  609.082500][   T29] audit: type=1326 audit(2000002116.820:43876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2995 comm="syz.3.12508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f359e5ff749 code=0x7ffc0000
[  609.106197][   T29] audit: type=1326 audit(2000002116.820:43877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2995 comm="syz.3.12508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f359e5ff749 code=0x7ffc0000
[  609.129741][   T29] audit: type=1326 audit(2000002116.820:43878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2995 comm="syz.3.12508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f359e5ff749 code=0x7ffc0000
[  609.308859][ T2967] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR
[  609.519514][  T433] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  609.605287][ T3014] loop3: detected capacity change from 0 to 764
[  609.682058][ T3020] smc: net device hsr0 applied user defined pnetid SYZ2
[  609.689448][ T3020] smc: net device hsr0 erased user defined pnetid SYZ2
[  610.539943][ T3055] ip6t_srh: unknown srh invflags 4000
[  611.518251][ T3059] smc: net device hsr0 applied user defined pnetid SYZ2
[  611.533813][ T3059] smc: net device hsr0 erased user defined pnetid SYZ2
[  611.662602][ T3070] netlink: 'syz.6.12537': attribute type 4 has an invalid length.
[  612.118763][ T3099] smc: net device hsr0 applied user defined pnetid SYZ2
[  612.166940][ T3099] smc: net device hsr0 erased user defined pnetid SYZ2
[  612.926879][ T3113] ip6t_srh: unknown srh invflags 4000
[  615.009935][   T29] kauditd_printk_skb: 250 callbacks suppressed
[  615.009947][   T29] audit: type=1326 audit(2000002122.675:44129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3147 comm="syz.1.12568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8dd5ff749 code=0x7ffc0000
[  615.536474][   T29] audit: type=1326 audit(2000002122.703:44130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3147 comm="syz.1.12568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8dd5ff749 code=0x7ffc0000
[  615.560219][   T29] audit: type=1326 audit(2000002122.703:44131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3147 comm="syz.1.12568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7fc8dd5ff749 code=0x7ffc0000
[  615.583815][   T29] audit: type=1326 audit(2000002122.703:44132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3147 comm="syz.1.12568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8dd5ff749 code=0x7ffc0000
[  615.607401][   T29] audit: type=1326 audit(2000002122.703:44133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3147 comm="syz.1.12568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8dd5ff749 code=0x7ffc0000
[  615.631041][   T29] audit: type=1326 audit(2000002122.703:44134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3147 comm="syz.1.12568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fc8dd5ff749 code=0x7ffc0000
[  615.654550][   T29] audit: type=1326 audit(2000002122.703:44135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3147 comm="syz.1.12568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8dd5ff749 code=0x7ffc0000
[  615.678116][   T29] audit: type=1326 audit(2000002122.703:44136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3147 comm="syz.1.12568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7fc8dd5ff749 code=0x7ffc0000
[  615.701676][   T29] audit: type=1326 audit(2000002122.703:44137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3147 comm="syz.1.12568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8dd5ff749 code=0x7ffc0000
[  615.725245][   T29] audit: type=1326 audit(2000002122.703:44138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3147 comm="syz.1.12568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8dd5ff749 code=0x7ffc0000
[  618.089746][ T3188] netlink: 8 bytes leftover after parsing attributes in process `syz.3.12582'.
[  618.299681][ T3198] loop3: detected capacity change from 0 to 764
[  618.337722][ T3197] netlink: 'syz.1.12585': attribute type 10 has an invalid length.
[  618.343509][ T3200] netlink: 8 bytes leftover after parsing attributes in process `syz.5.12586'.
[  618.345658][ T3197] netlink: 40 bytes leftover after parsing attributes in process `syz.1.12585'.
[  618.394908][ T3205] netlink: 'syz.6.12588': attribute type 4 has an invalid length.
[  618.460437][ T3209] netlink: 'syz.3.12590': attribute type 21 has an invalid length.
[  618.473762][ T3213] smc: net device hsr0 applied user defined pnetid SYZ2
[  618.481947][ T3213] smc: net device hsr0 erased user defined pnetid SYZ2
[  618.507582][ T3209] loop3: detected capacity change from 0 to 512
[  618.560412][ T3220] netlink: 'syz.5.12594': attribute type 5 has an invalid length.
[  618.574222][ T3220] batman_adv: batadv0: Adding interface: vxlan0
[  618.580522][ T3220] batman_adv: batadv0: The MTU of interface vxlan0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  618.611687][ T3220] batman_adv: batadv0: Interface activated: vxlan0
[  618.618953][ T3209] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  618.621869][ T3393] IPVS: starting estimator thread 0...
[  618.627078][T26690] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  618.641376][ T3209] EXT4-fs (loop3): orphan cleanup on readonly fs
[  618.649257][T26690] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  618.649873][ T3209] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #16: comm syz.3.12590: corrupted inode contents
[  618.658033][T26690] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  618.670350][ T3209] EXT4-fs (loop3): Remounting filesystem read-only
[  618.679216][T26690] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  618.685723][ T3209] EXT4-fs (loop3): 1 truncate cleaned up
[  618.769551][ T3224] IPVS: using max 2640 ests per chain, 132000 per kthread
[  619.067558][ T3229] netlink: 8 bytes leftover after parsing attributes in process `syz.1.12597'.
[  619.347256][T12430] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  619.357811][T12430] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  619.368888][T12430] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  619.439469][ T3209] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  619.539145][ T1167] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  619.564691][ T3242] netlink: 'syz.0.12602': attribute type 10 has an invalid length.
[  619.572640][ T3242] netlink: 40 bytes leftover after parsing attributes in process `syz.0.12602'.
[  619.627544][ T3245] netlink: 28 bytes leftover after parsing attributes in process `syz.0.12604'.
[  619.646038][ T3245] netlink: 'syz.0.12604': attribute type 1 has an invalid length.
[  619.653865][ T3245] netlink: 'syz.0.12604': attribute type 2 has an invalid length.
[  619.661710][ T3245] netlink: 108 bytes leftover after parsing attributes in process `syz.0.12604'.
[  619.913804][ T3259] loop6: detected capacity change from 0 to 764
[  619.958904][ T3262] netlink: 'syz.3.12611': attribute type 4 has an invalid length.
[  620.427613][   T29] kauditd_printk_skb: 537 callbacks suppressed
[  620.427628][   T29] audit: type=1400 audit(2000002127.745:44670): avc:  denied  { egress } for  pid=3263 comm="syz.6.12610" saddr=fe80::1c daddr=ff02::2 netif=gretap0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:netif_t tclass=netif permissive=1
[  620.499922][   T29] audit: type=1400 audit(2000002127.745:44671): avc:  denied  { sendto } for  pid=3263 comm="syz.6.12610" saddr=fe80::1c daddr=ff02::2 netif=gretap0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:node_t tclass=node permissive=1
[  620.523644][   T29] audit: type=1326 audit(2000002127.782:44672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3283 comm="syz.5.12619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ace96f749 code=0x7ffc0000
[  620.547336][   T29] audit: type=1326 audit(2000002127.782:44673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3283 comm="syz.5.12619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ace96f749 code=0x7ffc0000
[  620.570972][   T29] audit: type=1326 audit(2000002127.782:44674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3283 comm="syz.5.12619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=274 compat=0 ip=0x7f5ace96f749 code=0x7ffc0000
[  620.594728][   T29] audit: type=1326 audit(2000002127.782:44675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3283 comm="syz.5.12619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ace96f749 code=0x7ffc0000
[  620.618337][   T29] audit: type=1326 audit(2000002127.782:44676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3283 comm="syz.5.12619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ace96f749 code=0x7ffc0000
[  620.641963][   T29] audit: type=1326 audit(2000002127.782:44677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3283 comm="syz.5.12619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5ace96f749 code=0x7ffc0000
[  620.665515][   T29] audit: type=1326 audit(2000002127.782:44678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3283 comm="syz.5.12619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ace96f749 code=0x7ffc0000
[  620.689126][   T29] audit: type=1326 audit(2000002127.782:44679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3283 comm="syz.5.12619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5ace96f749 code=0x7ffc0000
[  620.734150][ T3286] netlink: 8 bytes leftover after parsing attributes in process `syz.5.12619'.
[  620.810911][T12430] bridge_slave_1: left allmulticast mode
[  620.816637][T12430] bridge_slave_1: left promiscuous mode
[  620.822314][T12430] bridge0: port 2(bridge_slave_1) entered disabled state
[  620.943237][ T3292] loop5: detected capacity change from 0 to 128
[  620.949670][T12430] bridge_slave_0: left promiscuous mode
[  620.955438][T12430] bridge0: port 1(bridge_slave_0) entered disabled state
[  621.014114][T12430] batman_adv: batadv0: Interface deactivated: vxlan0
[  621.253682][T12430] team0: Port device geneve1 removed
[  621.270273][T12430] batman_adv: batadv0: Removing interface: vxlan0
[  621.304377][T26729] Bluetooth: hci0: Frame reassembly failed (-84)
[  621.338174][T12430] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  621.353994][T12430] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  621.364988][T12430] bond0 (unregistering): Released all slaves
[  621.383145][ T3322] smc: net device hsr0 applied user defined pnetid SYZ2
[  621.390605][ T3322] smc: net device hsr0 erased user defined pnetid SYZ2
[  621.457673][T12430] tipc: Left network mode
[  621.543791][ T3343] netlink: 'syz.3.12637': attribute type 5 has an invalid length.
[  621.606224][T12430] hsr_slave_0: left promiscuous mode
[  621.612150][T12430] hsr_slave_1: left promiscuous mode
[  621.624203][T12430] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  621.631588][T12430] batman_adv: batadv0: Removing interface: batadv_slave_0
[  621.691625][  T798] IPVS: starting estimator thread 0...
[  621.784896][ T3348] IPVS: using max 2928 ests per chain, 146400 per kthread
[  622.063233][T12430] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  622.070672][T12430] batman_adv: batadv0: Removing interface: batadv_slave_1
[  622.083618][T12430] batman_adv: batadv0: Interface deactivated: veth1_vlan
[  622.090717][T12430] batman_adv: batadv0: Removing interface: veth1_vlan
[  622.109861][T12430] veth1_macvtap: left promiscuous mode
[  622.115500][T12430] veth0_macvtap: left promiscuous mode
[  622.121443][T12430] veth1_vlan: left promiscuous mode
[  622.127671][T12430] veth0_vlan: left promiscuous mode
[  622.213760][T12430] pimreg (unregistering): left allmulticast mode
[  622.329480][T12430] team0 (unregistering): Port device team_slave_1 removed
[  622.347967][T12430] team0 (unregistering): Port device team_slave_0 removed
[  622.457834][T12430] team0 (unregistering): Port device dummy0 removed
[  622.483482][ T3343] batman_adv: batadv0: Adding interface: vxlan0
[  622.489998][ T3343] batman_adv: batadv0: The MTU of interface vxlan0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  622.517840][ T3343] batman_adv: batadv0: Interface activated: vxlan0
[  622.525527][T26721] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  622.540059][T26721] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  622.580285][T26721] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  622.612099][T26721] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  622.721430][ T3382] netlink: 'syz.0.12647': attribute type 21 has an invalid length.
[  622.838663][T12430] IPVS: stop unused estimator thread 0...
[  623.073092][ T3445] loop6: detected capacity change from 0 to 512
[  623.089774][ T3445] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  623.098026][ T3445] EXT4-fs (loop6): orphan cleanup on readonly fs
[  623.106397][ T3445] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #16: comm syz.6.12662: corrupted inode contents
[  623.118854][ T3445] EXT4-fs (loop6): Remounting filesystem read-only
[  623.125745][ T3445] EXT4-fs (loop6): 1 truncate cleaned up
[  623.131885][T26690] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  623.142570][T26690] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  623.168357][T26690] EXT4-fs (loop6): Quota write (off=8, len=24) cancelled because transaction is not started
[  623.179454][ T3445] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  623.196845][ T3452] netlink: 256 bytes leftover after parsing attributes in process `syz.5.12649'.
[  623.222577][T30171] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  623.542906][T18255] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  624.427177][ T3471] smc: net device hsr0 applied user defined pnetid SYZ2
[  624.451331][ T3471] smc: net device hsr0 erased user defined pnetid SYZ2
[  624.573558][ T3481] validate_nla: 2 callbacks suppressed
[  624.573574][ T3481] netlink: 'syz.0.12677': attribute type 4 has an invalid length.
[  624.608666][ T3490] smc: net device hsr0 applied user defined pnetid SYZ2
[  624.615932][ T3490] smc: net device hsr0 erased user defined pnetid SYZ2
[  624.708242][ T3503] loop6: detected capacity change from 0 to 764
[  624.724821][ T3505] smc: net device hsr0 applied user defined pnetid SYZ2
[  624.732084][ T3505] smc: net device hsr0 erased user defined pnetid SYZ2
[  625.140096][ T3523] netlink: 12 bytes leftover after parsing attributes in process `syz.0.12691'.
[  625.264442][ T3525] smc: net device hsr0 applied user defined pnetid SYZ2
[  625.289613][ T3525] smc: net device hsr0 erased user defined pnetid SYZ2
[  625.617711][ T3535] smc: net device hsr0 applied user defined pnetid SYZ2
[  625.676075][ T3539] smc: net device hsr0 erased user defined pnetid SYZ2
[  625.888971][ T3554] netlink: 'syz.1.12702': attribute type 4 has an invalid length.
[  625.926284][T12430] batman_adv: batadv0: Interface deactivated: vxlan0
[  625.981833][T26690] Bluetooth: hci0: Frame reassembly failed (-84)
[  626.067906][T12430] batman_adv: batadv0: Removing interface: vxlan0
[  626.110874][T12430] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  626.124172][T12430] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  626.133934][T12430] bond0 (unregistering): Released all slaves
[  626.144389][T12430] bond1 (unregistering): Released all slaves
[  626.155882][   T29] kauditd_printk_skb: 267 callbacks suppressed
[  626.155895][   T29] audit: type=1400 audit(2000002645.100:44941): avc:  denied  { getopt } for  pid=3566 comm="syz.6.12707" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  626.186972][ T3567] loop6: detected capacity change from 0 to 1024
[  626.207708][ T3567] EXT4-fs: Ignoring removed orlov option
[  626.233846][T12430] tipc: Disabling bearer <udp:syz2>
[  626.239081][T12430] tipc: Left network mode
[  626.248974][ T3567] EXT4-fs (loop6): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  626.249320][T12430] IPVS: stopping master sync thread 26169 ...
[  626.264357][ T3571] smc: net device hsr0 applied user defined pnetid SYZ2
[  626.276610][T12430] hsr_slave_0: left promiscuous mode
[  626.282272][T12430] hsr_slave_1: left promiscuous mode
[  626.283531][ T3571] smc: net device hsr0 erased user defined pnetid SYZ2
[  626.288464][T12430] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  626.301998][T12430] batman_adv: batadv0: Removing interface: batadv_slave_0
[  626.310975][T12430] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  626.318536][T12430] batman_adv: batadv0: Removing interface: batadv_slave_1
[  626.345342][ T3567] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  626.345483][T12430] batman_adv: batadv0: Interface deactivated: veth1_vlan
[  626.364371][T12430] batman_adv: batadv0: Removing interface: veth1_vlan
[  626.381515][   T29] audit: type=1400 audit(2000002645.315:44942): avc:  denied  { read } for  pid=3566 comm="syz.6.12707" name="autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  626.385129][ T3567] netlink: 'syz.6.12707': attribute type 10 has an invalid length.
[  626.412778][ T3567] netlink: 40 bytes leftover after parsing attributes in process `syz.6.12707'.
[  626.433929][   T29] audit: type=1400 audit(2000002645.315:44943): avc:  denied  { open } for  pid=3566 comm="syz.6.12707" path="/dev/autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  626.457813][   T29] audit: type=1326 audit(2000002645.315:44944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3566 comm="syz.6.12707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7865ef749 code=0x7ffc0000
[  626.481521][   T29] audit: type=1326 audit(2000002645.315:44945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3566 comm="syz.6.12707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa7865ef749 code=0x7ffc0000
[  626.505144][   T29] audit: type=1326 audit(2000002645.315:44946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3566 comm="syz.6.12707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7865ef749 code=0x7ffc0000
[  626.528783][   T29] audit: type=1326 audit(2000002645.315:44947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3566 comm="syz.6.12707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa7865ef749 code=0x7ffc0000
[  626.552348][   T29] audit: type=1326 audit(2000002645.315:44948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3566 comm="syz.6.12707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7865ef749 code=0x7ffc0000
[  626.576722][   T29] audit: type=1326 audit(2000002645.315:44949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3566 comm="syz.6.12707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa7865ef749 code=0x7ffc0000
[  626.600219][   T29] audit: type=1326 audit(2000002645.315:44950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3566 comm="syz.6.12707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7865ef749 code=0x7ffc0000
[  626.642072][T12430] veth1_macvtap: left promiscuous mode
[  626.647736][T12430] veth0_macvtap: left promiscuous mode
[  626.667686][T12430] veth1_vlan: left promiscuous mode
[  626.675415][T12430] veth0_vlan: left promiscuous mode
[  626.814096][T12430] pimreg (unregistering): left allmulticast mode
[  626.869835][T12430] team0 (unregistering): Port device team_slave_0 removed
[  626.976060][T30171] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  627.041393][ T3610] smc: net device hsr0 applied user defined pnetid SYZ2
[  627.048735][ T3610] smc: net device hsr0 erased user defined pnetid SYZ2
[  627.171288][ T3618] smc: net device hsr0 applied user defined pnetid SYZ2
[  627.172719][ T3616] netlink: 'syz.6.12723': attribute type 4 has an invalid length.
[  627.179073][ T3618] smc: net device hsr0 erased user defined pnetid SYZ2
[  627.227534][ T3620] smc: net device hsr0 applied user defined pnetid SYZ2
[  627.234919][ T3620] smc: net device hsr0 erased user defined pnetid SYZ2
[  627.335540][T12430] IPVS: stop unused estimator thread 0...
[  627.492027][ T3626] loop6: detected capacity change from 0 to 2048
[  627.524341][ T3626] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  627.548090][ T3626] ext4 filesystem being mounted at /483/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  627.705992][ T3629] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.12728: bg 0: block 345: padding at end of block bitmap is not set
[  627.985324][ T3650] smc: net device hsr0 applied user defined pnetid SYZ2
[  628.009198][ T3629] EXT4-fs (loop6): Remounting filesystem read-only
[  628.016939][ T3650] smc: net device hsr0 erased user defined pnetid SYZ2
[  628.209132][T18255] Bluetooth: hci0: command 0x1003 tx timeout
[  628.223860][ T5563] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  628.242605][T30171] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  628.355014][T30171] ==================================================================
[  628.363114][T30171] BUG: KCSAN: data-race in generic_fillattr / inode_add_bytes
[  628.370572][T30171] 
[  628.372887][T30171] read-write to 0xffff888126fe9e18 of 8 bytes by task 3631 on cpu 0:
[  628.380941][T30171]  inode_add_bytes+0x47/0xe0
[  628.385520][T30171]  __dquot_alloc_space+0x180/0x8a0
[  628.390637][T30171]  shmem_inode_acct_blocks+0x129/0x240
[  628.396102][T30171]  shmem_get_folio_gfp+0x5a7/0xd60
[  628.401209][T30171]  shmem_write_begin+0xa8/0x190
[  628.406054][T30171]  generic_perform_write+0x184/0x490
[  628.411337][T30171]  shmem_file_write_iter+0xc5/0xf0
[  628.416443][T30171]  __kernel_write_iter+0x2d6/0x540
[  628.421548][T30171]  dump_user_range+0x61e/0x8f0
[  628.426305][T30171]  elf_core_dump+0x1de7/0x1f80
[  628.431081][T30171]  coredump_write+0xb12/0xe30
[  628.435760][T30171]  vfs_coredump+0x143a/0x20d0
[  628.440431][T30171]  get_signal+0xd84/0xf70
[  628.444752][T30171]  arch_do_signal_or_restart+0x96/0x440
[  628.450291][T30171]  irqentry_exit_to_user_mode+0x5b/0xa0
[  628.455831][T30171]  irqentry_exit+0x12/0x50
[  628.460236][T30171]  asm_exc_page_fault+0x26/0x30
[  628.465070][T30171] 
[  628.467378][T30171] read to 0xffff888126fe9e18 of 8 bytes by task 30171 on cpu 1:
[  628.474986][T30171]  generic_fillattr+0x27d/0x340
[  628.479832][T30171]  shmem_getattr+0x181/0x200
[  628.484411][T30171]  vfs_getattr_nosec+0x146/0x1e0
[  628.489348][T30171]  vfs_statx+0x113/0x390
[  628.493586][T30171]  vfs_fstatat+0x115/0x170
[  628.497993][T30171]  __se_sys_newfstatat+0x55/0x260
[  628.503011][T30171]  __x64_sys_newfstatat+0x55/0x70
[  628.508027][T30171]  x64_sys_call+0x135a/0x3000
[  628.512692][T30171]  do_syscall_64+0xd2/0x200
[  628.517185][T30171]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  628.523071][T30171] 
[  628.525381][T30171] value changed: 0x0000000000018920 -> 0x0000000000018938
[  628.532462][T30171] 
[  628.534771][T30171] Reported by Kernel Concurrency Sanitizer on:
[  628.540906][T30171] CPU: 1 UID: 0 PID: 30171 Comm: syz-executor Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  628.552435][T30171] Tainted: [W]=WARN
[  628.556228][T30171] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  628.566269][T30171] ==================================================================
[  628.972560][ T3664] lo speed is unknown, defaulting to 1000