last executing test programs:

4.393990497s ago: executing program 0 (id=4767):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000cc0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x4}}], 0x18}}], 0x1, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kmem_cache_free\x00', r4, 0x0, 0xf7}, 0x18)
rmdir(0x0)
ioctl$sock_SIOCBRDELBR(r2, 0x89a2, &(0x7f0000000200)='bridge0\x00')
ioctl$sock_SIOCBRDELBR(r1, 0x89a3, &(0x7f0000000200)='bridge0\x00')
fsopen(0x0, 0x1)
r5 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x9)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
ioctl$PERF_EVENT_IOC_SET_BPF(r5, 0x40042408, r6)
socket$inet_udp(0x2, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000080), 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV")
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
fsconfig$FSCONFIG_CMD_RECONFIGURE(0xffffffffffffffff, 0x7, 0x0, 0x0, 0x0)
socket$inet6(0xa, 0x1, 0x0)
quotactl$Q_GETNEXTQUOTA(0xffffffff80000901, &(0x7f00000000c0)=@sr0, 0x0, 0x0)

3.579564579s ago: executing program 0 (id=4773):
socket$phonet_pipe(0x23, 0x5, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000002c0)=@ipv4_newnexthop={0x28, 0x68, 0x4, 0x70bd2a, 0x25dfdbfb, {0x2, 0x0, 0x4, 0x0, 0x14}, [@NHA_BLACKHOLE={0x4}, @NHA_RES_GROUP={0xc, 0xc, 0x0, 0x1, [@NHA_RES_GROUP_UNBALANCED_TIMER={0x8, 0x3, 0x7ff}]}]}, 0x28}}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f006bbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000001000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mount$9p_rdma(0x0, &(0x7f0000000400)='.\x00', &(0x7f0000000440), 0x0, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, 0x0)
r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={0x14, r5, 0x1, 0x0, 0xfffffffd, {0x3}}, 0x14}}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r6 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r6, &(0x7f0000000140)={0x28, 0x0, 0x0, @hyper}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r6, 0x28, 0x1, &(0x7f0000000100)=0xfffffffffffffffe, 0x112)

3.094835865s ago: executing program 4 (id=4776):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00'}, 0x10)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r0, 0x0, 0x9}, 0x18)
syz_clone3(&(0x7f0000000540)={0x28000000, 0x0, 0x0, 0x0, {0x10}, 0x0, 0x0, 0x0, &(0x7f0000000400)=[0x0], 0x1}, 0x58)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="3183000000010000000019000000180001801400020064756d6d793000000000000000000000c16dfec98de65a73535715e56ccd11434d3eef823f2eb8a846a7f4e879d7fc1470ecc2d117500e7030aae8809fc0b4c5b2969f0b8706b91c8923312e009176b01002dd52684930fd5d468cedd55bcc5e498f807e7ac0ee72824f6708c8ce0c7b2415b3b43928cf3eb81396566ee34c477f8a26316069bff5aba6e11069e76fe5784435b4ab938afc835577d68244d3267553cc5fcd44cc699fa078a2db28072eb18f3e79c44276fb4d60edb31784567804d5a60bf1cbc214b6ca842247b3b638d36c80d09e84c86d38"], 0x2c}, 0x1, 0x0, 0x0, 0x50}, 0x4886)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x408e, &(0x7f0000000240)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@min_batch_time={'min_batch_time', 0x3d, 0xfff}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x40}}, {@stripe={'stripe', 0x3d, 0x4000}}, {@errors_remount}, {@minixdf}]}, 0x3, 0x43a, &(0x7f0000000340)="$eJzs28tvG0UYAPBv13FKXySU8ugDCBRExCNp0gI9cAGBxAEkJDiUY0jSqtRtUBMkWlUQECpHVIk74ojEX8AJLgg4IXGFO6pUoVxaOBmtvZs4jp0mwY5L/ftJm8zsjjPzeXbs2Z1sAH1rJPuRROyJiN8jYqieXV1gpP7r5tLl6b+XLk8nUa2+9VdSK3dj6fJ0UbR43e48M5pGpJ8lcahFvfMXL52dqlRmL+T58YVz74/PX7z07JlzU6dnT8+enzxx4vixiReen3yuI3Fmbbpx8KO5wwdee+fqG9Mnr77787dJEX9THB0yst7BJ6rVDlfXW3sb0slADxvCppQiIuuucm38D0UpVjpvKF79tKeNA7qqWq1Wd7c/vFgF7mBJbLTk2fzzArgzFF/02fVvsW3T1OO2cP2l+gVQFvfNfKsfGYg0L1Nuur7tpJGIOLn4z1fZFt25DwEAsMr32fznmVbzvzTubyh3d742NBwR90TEvoi4NyL2R8R9EbWyD0TEg5usv3mRZO38J722pcA2KJv/vZivba2e/xWzvxgu5bm9tfjLyakzldmj+XsyGuUdWX5inTp+eOW3L9oda5z/ZVtWfzEXzNtxbWDH6tfMTC1M/ZeYG13/JOLgQKv4k+WVgCQiDkTEwS3Wceapbw63O9Yu/vJG/nAH1pmqX0c8We//xWiKv5Csvz45fldUZo+OF2fFWr/8euXNdvXfuv+7K+v/XS3P/+X4h5PG9dr5zddx5Y/P217TbPX8H0zerqUH830fTi0sXJiIGExerze6cf/kymuLfFE+i3/0SOvxvy9W3olDEZGdxA9FxMMR8Uje9kcj4rGIOLJO/D+9/Ph7W4+/u7L4ZzbV/yuJwWje0zpROvvjd6sqHd5M/Fn/H6+lRvM9G/n820i7tnY2AwAAwP9PGhF7IknHltNpOjZW/3/5/bErrczNLzx9au6D8zP1ZwSGo5wWd7qGGu6HTuSX9UV+sil/LL9v/GVpZy0/Nj1Xmel18NDndrcZ/5k/S71uHdB1nteC/mX8Q/8y/qF/Gf/Qv1qM/529aAew/Vp9/3/cg3YA269p/Fv2gz7i+h/6l/EP/cv4h740vzNu/ZC8hMSaRKS3RTMkupTo9ScTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZ/wbAAD//9E940M=")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x58)
pwritev2(r4, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5405, 0x0, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r3, 0x40305829, &(0x7f00000000c0)={0x17c04, 0xffffffffffffffff, 0x6, 0x100000001})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
r6 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080), 0x140, 0x0)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r6, 0xc018937e, &(0x7f0000001040)={{0x1, 0x1, 0x1018}, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00'})
writev(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3af, 0x4}, 0x100000, 0x0, 0x0, 0x3, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
syz_clone(0x4021400, 0x0, 0x9000, 0x0, 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB="030000002300ff6fd0dcc4ac7e23cf290460b872", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0x10, &(0x7f0000000340)=ANY=[@ANYBLOB, @ANYRES32=r7, @ANYBLOB="00009f855548e17f4b63bd5f88de6b600d5160a9c80a794adb000000001000b70400000800000085"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

2.560118603s ago: executing program 4 (id=4779):
bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00"/13], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x1, &(0x7f0000000480)={{0x0, 0x989680}, {0x77359400}}, 0x0)
futex_waitv(&(0x7f0000001080)=[{0x3, &(0x7f0000001040)=0x3, 0x82}], 0x1, 0x0, 0x0, 0x1)

2.10039246s ago: executing program 2 (id=4784):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00'}, 0x10)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r0, 0x0, 0x9}, 0x18)
syz_clone3(&(0x7f0000000540)={0x28000000, 0x0, 0x0, 0x0, {0x10}, 0x0, 0x0, 0x0, &(0x7f0000000400)=[0x0], 0x1}, 0x58)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="3183000000010000000019000000180001801400020064756d6d793000000000000000000000c16dfec98de65a73535715e56ccd11434d3eef823f2eb8a846a7f4e879d7fc1470ecc2d117500e7030aae8809fc0b4c5b2969f0b8706b91c8923312e009176b01002dd52684930fd5d468cedd55bcc5e498f807e7ac0ee72824f6708c8ce0c7b2415b3b43928cf3eb81396566ee34c477f8a26316069bff5aba6e11069e76fe5784435b4ab938afc835577d68244d3267553cc5fcd44cc699fa078a2db28072eb18f3e79c44276fb4d60edb31784567804d5a60bf1cbc214b6ca842247b3b638d36c80d09e84c86d38"], 0x2c}, 0x1, 0x0, 0x0, 0x50}, 0x4886)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x408e, &(0x7f0000000240)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@min_batch_time={'min_batch_time', 0x3d, 0xfff}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x40}}, {@stripe={'stripe', 0x3d, 0x4000}}, {@errors_remount}, {@minixdf}]}, 0x3, 0x43a, &(0x7f0000000340)="$eJzs28tvG0UYAPBv13FKXySU8ugDCBRExCNp0gI9cAGBxAEkJDiUY0jSqtRtUBMkWlUQECpHVIk74ojEX8AJLgg4IXGFO6pUoVxaOBmtvZs4jp0mwY5L/ftJm8zsjjPzeXbs2Z1sAH1rJPuRROyJiN8jYqieXV1gpP7r5tLl6b+XLk8nUa2+9VdSK3dj6fJ0UbR43e48M5pGpJ8lcahFvfMXL52dqlRmL+T58YVz74/PX7z07JlzU6dnT8+enzxx4vixiReen3yuI3Fmbbpx8KO5wwdee+fqG9Mnr77787dJEX9THB0yst7BJ6rVDlfXW3sb0slADxvCppQiIuuucm38D0UpVjpvKF79tKeNA7qqWq1Wd7c/vFgF7mBJbLTk2fzzArgzFF/02fVvsW3T1OO2cP2l+gVQFvfNfKsfGYg0L1Nuur7tpJGIOLn4z1fZFt25DwEAsMr32fznmVbzvzTubyh3d742NBwR90TEvoi4NyL2R8R9EbWyD0TEg5usv3mRZO38J722pcA2KJv/vZivba2e/xWzvxgu5bm9tfjLyakzldmj+XsyGuUdWX5inTp+eOW3L9oda5z/ZVtWfzEXzNtxbWDH6tfMTC1M/ZeYG13/JOLgQKv4k+WVgCQiDkTEwS3Wceapbw63O9Yu/vJG/nAH1pmqX0c8We//xWiKv5Csvz45fldUZo+OF2fFWr/8euXNdvXfuv+7K+v/XS3P/+X4h5PG9dr5zddx5Y/P217TbPX8H0zerqUH830fTi0sXJiIGExerze6cf/kymuLfFE+i3/0SOvxvy9W3olDEZGdxA9FxMMR8Uje9kcj4rGIOLJO/D+9/Ph7W4+/u7L4ZzbV/yuJwWje0zpROvvjd6sqHd5M/Fn/H6+lRvM9G/n820i7tnY2AwAAwP9PGhF7IknHltNpOjZW/3/5/bErrczNLzx9au6D8zP1ZwSGo5wWd7qGGu6HTuSX9UV+sil/LL9v/GVpZy0/Nj1Xmel18NDndrcZ/5k/S71uHdB1nteC/mX8Q/8y/qF/Gf/Qv1qM/529aAew/Vp9/3/cg3YA269p/Fv2gz7i+h/6l/EP/cv4h740vzNu/ZC8hMSaRKS3RTMkupTo9ScTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZ/wbAAD//9E940M=")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x58)
pwritev2(r4, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5405, 0x0, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r3, 0x40305829, &(0x7f00000000c0)={0x17c04, 0xffffffffffffffff, 0x6, 0x100000001})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
r6 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080), 0x140, 0x0)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r6, 0xc018937e, &(0x7f0000001040)={{0x1, 0x1, 0x1018}, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00'})
writev(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3af, 0x4}, 0x100000, 0x0, 0x0, 0x3, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
syz_clone(0x4021400, 0x0, 0x9000, 0x0, 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB="030000002300ff6fd0dcc4ac7e23cf290460b872", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0x10, &(0x7f0000000340)=ANY=[@ANYBLOB, @ANYRES32=r7, @ANYBLOB="00009f855548e17f4b63bd5f88de6b600d5160a9c80a794adb000000001000b70400000800000085"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

1.830948413s ago: executing program 0 (id=4788):
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r0)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, r1, 0x300, 0x70bd2c, 0x25dfdbfb, {}, [@ETHTOOL_A_CHANNELS_RX_COUNT={0x8, 0x6, 0x8}, @ETHTOOL_A_CHANNELS_RX_COUNT={0x8, 0x6, 0x6}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x20000001)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r2}, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x10)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001540)={&(0x7f0000000240)=ANY=[@ANYBLOB="240100001600010428bd700000000000fe8000000000000000000000000000bbfc01000000000000000000000000000100040000000000000000a00000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="ff02000000000000000000000000000100000000330000000a0101010000000000000000000000000000000000004e340100000000000000000000000000000004000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000a0000002bbd70000000000000000200000000000000000008000020ffffffdf2c0027cc"], 0x124}}, 0x0)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000440)=0xcf7f, 0x4)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448d4, &(0x7f0000000000)={0x0, 0xe, "e900", 0xc})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r6, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r7, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x11, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f000000850000002300000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x800, @void, @value}, 0x69)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r8}, 0x18)
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r9, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})

1.676293176s ago: executing program 4 (id=4789):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00'}, 0x10)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r0, 0x0, 0x9}, 0x18)
syz_clone3(&(0x7f0000000540)={0x28000000, 0x0, 0x0, 0x0, {0x10}, 0x0, 0x0, 0x0, &(0x7f0000000400)=[0x0], 0x1}, 0x58)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="3183000000010000000019000000180001801400020064756d6d793000000000000000000000c16dfec98de65a73535715e56ccd11434d3eef823f2eb8a846a7f4e879d7fc1470ecc2d117500e7030aae8809fc0b4c5b2969f0b8706b91c8923312e009176b01002dd52684930fd5d468cedd55bcc5e498f807e7ac0ee72824f6708c8ce0c7b2415b3b43928cf3eb81396566ee34c477f8a26316069bff5aba6e11069e76fe5784435b4ab938afc835577d68244d3267553cc5fcd44cc699fa078a2db28072eb18f3e79c44276fb4d60edb31784567804d5a60bf1cbc214b6ca842247b3b638d36c80d09e84c86d38"], 0x2c}, 0x1, 0x0, 0x0, 0x50}, 0x4886)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x408e, &(0x7f0000000240)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@min_batch_time={'min_batch_time', 0x3d, 0xfff}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x40}}, {@stripe={'stripe', 0x3d, 0x4000}}, {@errors_remount}, {@minixdf}]}, 0x3, 0x43a, &(0x7f0000000340)="$eJzs28tvG0UYAPBv13FKXySU8ugDCBRExCNp0gI9cAGBxAEkJDiUY0jSqtRtUBMkWlUQECpHVIk74ojEX8AJLgg4IXGFO6pUoVxaOBmtvZs4jp0mwY5L/ftJm8zsjjPzeXbs2Z1sAH1rJPuRROyJiN8jYqieXV1gpP7r5tLl6b+XLk8nUa2+9VdSK3dj6fJ0UbR43e48M5pGpJ8lcahFvfMXL52dqlRmL+T58YVz74/PX7z07JlzU6dnT8+enzxx4vixiReen3yuI3Fmbbpx8KO5wwdee+fqG9Mnr77787dJEX9THB0yst7BJ6rVDlfXW3sb0slADxvCppQiIuuucm38D0UpVjpvKF79tKeNA7qqWq1Wd7c/vFgF7mBJbLTk2fzzArgzFF/02fVvsW3T1OO2cP2l+gVQFvfNfKsfGYg0L1Nuur7tpJGIOLn4z1fZFt25DwEAsMr32fznmVbzvzTubyh3d742NBwR90TEvoi4NyL2R8R9EbWyD0TEg5usv3mRZO38J722pcA2KJv/vZivba2e/xWzvxgu5bm9tfjLyakzldmj+XsyGuUdWX5inTp+eOW3L9oda5z/ZVtWfzEXzNtxbWDH6tfMTC1M/ZeYG13/JOLgQKv4k+WVgCQiDkTEwS3Wceapbw63O9Yu/vJG/nAH1pmqX0c8We//xWiKv5Csvz45fldUZo+OF2fFWr/8euXNdvXfuv+7K+v/XS3P/+X4h5PG9dr5zddx5Y/P217TbPX8H0zerqUH830fTi0sXJiIGExerze6cf/kymuLfFE+i3/0SOvxvy9W3olDEZGdxA9FxMMR8Uje9kcj4rGIOLJO/D+9/Ph7W4+/u7L4ZzbV/yuJwWje0zpROvvjd6sqHd5M/Fn/H6+lRvM9G/n820i7tnY2AwAAwP9PGhF7IknHltNpOjZW/3/5/bErrczNLzx9au6D8zP1ZwSGo5wWd7qGGu6HTuSX9UV+sil/LL9v/GVpZy0/Nj1Xmel18NDndrcZ/5k/S71uHdB1nteC/mX8Q/8y/qF/Gf/Qv1qM/529aAew/Vp9/3/cg3YA269p/Fv2gz7i+h/6l/EP/cv4h740vzNu/ZC8hMSaRKS3RTMkupTo9ScTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZ/wbAAD//9E940M=")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x58)
pwritev2(r4, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5405, 0x0, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r3, 0x40305829, &(0x7f00000000c0)={0x17c04, 0xffffffffffffffff, 0x6, 0x100000001})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
r6 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080), 0x140, 0x0)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r6, 0xc018937e, &(0x7f0000001040)={{0x1, 0x1, 0x1018}, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00'})
writev(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
syz_clone(0x4021400, 0x0, 0x9000, 0x0, 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB="030000002300ff6fd0dcc4ac7e23cf290460b872", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0x10, &(0x7f0000000340)=ANY=[@ANYBLOB="180500000000000000000000ffffffffb7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r7, @ANYBLOB="00009f855548e17f4b63bd5f88de6b600d5160a9c80a794adb000000001000b70400000800000085"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

1.34949982s ago: executing program 2 (id=4792):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x800000001fe, 0x82)
r2 = dup(r1)
ioctl$USBDEVFS_CONTROL(r2, 0xc0185500, &(0x7f0000000080)={0x23, 0x3, 0x17, 0x2000, 0x0, 0x0, 0x0})

1.333754451s ago: executing program 4 (id=4793):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r1}, &(0x7f0000000240), &(0x7f0000000280)=r2}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)={{0x14}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x7, 0x0, 0x0, {0x2}}, @NFT_MSG_NEWCHAIN={0x28, 0x3, 0xa, 0x201, 0x0, 0x0, {0x2}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_USERDATA={0x7, 0x3, "91abc1"}]}], {0x14}}, 0x64}}, 0x0)

1.319735191s ago: executing program 0 (id=4794):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x14)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000cc0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x4}}], 0x18}}], 0x1, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000001811", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kmem_cache_free\x00', r5, 0x0, 0xf7}, 0x18)
rmdir(0x0)
ioctl$sock_SIOCBRDELBR(r3, 0x89a2, &(0x7f0000000200)='bridge0\x00')
ioctl$sock_SIOCBRDELBR(r2, 0x89a3, &(0x7f0000000200)='bridge0\x00')
fsopen(0x0, 0x1)
r6 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x9)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
ioctl$PERF_EVENT_IOC_SET_BPF(r6, 0x40042408, r7)
socket$inet_udp(0x2, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000080), 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV")
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
fsconfig$FSCONFIG_CMD_RECONFIGURE(0xffffffffffffffff, 0x7, 0x0, 0x0, 0x0)
socket$inet6(0xa, 0x1, 0x0)
quotactl$Q_GETNEXTQUOTA(0xffffffff80000901, &(0x7f00000000c0)=@sr0, 0x0, 0x0)

1.312110231s ago: executing program 4 (id=4795):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)={{0x14}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x7, 0x0, 0x0, {0x2}}, @NFT_MSG_NEWCHAIN={0x28, 0x3, 0xa, 0x201, 0x0, 0x0, {0x2}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_USERDATA={0x7, 0x3, "91abc1"}]}], {0x14}}, 0x64}}, 0x0)

1.277947181s ago: executing program 1 (id=4796):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000180000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000f0850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r2 = dup(r1)
ioctl$PTP_EXTTS_REQUEST2(r2, 0x43403d05, 0x0)

1.277563211s ago: executing program 2 (id=4797):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x28, 0x0, 0x2, 0x101, 0x0, 0x0, {0x7, 0x0, 0x2}, [@CTA_EXPECT_ZONE={0x6, 0x7, 0x1, 0x0, 0x2}, @CTA_EXPECT_TUPLE={0x4}, @CTA_EXPECT_MASTER={0x4}, @CTA_EXPECT_MASK={0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x40000)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x8, 0x84085, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x7}, 0x1320, 0x0, 0x20103, 0x5, 0x800, 0x840101, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0x80047441, 0xf0ff1f00000000)
creat(&(0x7f0000000340)='./file0\x00', 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000940)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$netlink(0x10, 0x3, 0x9)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[], 0x28}}, 0x20040050)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000780)=ANY=[@ANYRES64=r3, @ANYRESDEC=r3, @ANYRES64=r3, @ANYRES64, @ANYRES64=r3, @ANYRESOCT=r3, @ANYRES32, @ANYBLOB="1ca0627f7ec9332260baf1511e69832e3a190f925948afd44a0843b063bb25bfc3f7e6c1671d4227e7288e53227b376e7904c71e81d6e2dcb3a5e496c8c238530db1cc0a9c4d1d853925956e7f05a81ac58781639edf0a889f75dc2fca357a1e0c5cbdf5b5c8bdcbaf01ad7692de06a47112e77ab1f34209179081", @ANYRES16=r3, @ANYRESDEC=r3], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x11, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000b7080000000000007baaf8ff00000000b5080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70500000800000085000000a700000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000580)={r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdec, 0x0, 0x0, 0x4, 0x0, &(0x7f0000000480)="116be16c", 0x4, 0x0, 0x3}, 0x50)
socket$inet_udp(0x2, 0x2, 0x0)
r6 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
socket$inet6(0xa, 0x2, 0x8e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r6, 0x89f3, &(0x7f0000000740)={'ip6tnl0\x00', &(0x7f00000006c0)={'ip6_vti0\x00', <r8=>0x0, 0x2b, 0x7, 0x7, 0xfff, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, @remote, 0x1, 0x1, 0xf, 0x4}})
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x13, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000040000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000240)='GPL\x00', 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', r8, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_emit_ethernet(0xfc1, &(0x7f00000013c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa10080045000fb30000000000849078ac1414bbac14140edd9dec79219eb5499325e16c96335bc5ff0e043319357749084ca9d0ae1378f4e88112a2f7c10fd1523b9007773fd2b2bd0ebabccd2e5c35fb3baff587585840f2530c6f4d025f118440ac22a8b34da7b5e1e873bd429686be3ef84439e05fc0fefedb8b897b09445a9e10cf24aec2ff3ca6a86d94df0c4a928ed904dcfb02e6c6c5918a839d33cb9b55dfb3cd89d80eb18dc06415d313b4ea240a65eff4b941ac018e8f81de044239960271333255291b5fbfdcf8db25e175640f36986b859aeb3370ca17e6a20aeeb5c5d27eb097fc1fab796a7ff8fcbe119bbe4be2c8a5c58890191c59bea20bfe4edf9c5453e59f610d3bd1d6eb49b02e464aee0480187c5717936add1347b08cdf5b056adb941708e8a0498900419e98b75658c6dd00f88eebf8c9aaee2e38c80eafcf6ca08ea305da9c7050948ef78a1457a2e933287fe8d2e100cb00078ed829985f8812d543cc5cdb71521f4113829551efe915e4d6773f2d285cc1e8813919356ca5ef202b0d2b8a3d7de51e4635e761ffd7efe5d51dd1325596f0e4e1c0b1ce73240cb931227892d66f3629c9d152372d5790c1c25e2f6f850a5eb83654f423b84adbbf4169d472b2cddaa7137ff14c2944ade3a57613806810707a2e6c078beb4b87cf8cf39c9950bcb3f9bb42308bd5e68d81f7f4d9e528541703059787f5e342be8ebb9841d587f7455b409115d511c130d9641fc74391228bda52d2fa58e2ca74b26583e73e2cfb881945d8ecbc77eb35e783057f6c35ba06b7f639ec516ee54bf3645f6ec436ba859e22ed480a862285aa21f3d5cd3734dde388a7f8920c4a6b4a952f830e0d2811f2f2714e660e961de0b3e0b8d5fd1007690a61e414e82245dbe4e47c73465ed40af1cee2eae4801ee408ad1fce81ff8db77082c5efd93fa9a1a3e3d78eff84f326df1c6fa656cc7d4dab842fe8e0d9ce47ad0a7e74dfe1a53776a346a22dc7a0e476754d385d99aa9cbd3f445ffb2ed61e01b28fc071d706ad204b1e8014481dba0cbc460b67e64d6e955184271cedef7f951021e3595ebe9c3384b53efafb67cbed2aa1ede5d7fcff3a9d27d05766fb8894d7948609441759f4c4dfa33b6d486d4fb7e231f04d4f0f9e98f4b156129d9307fb9ebf3b278232062e7fe9ec2db7c4c991f83733368a107bf5798a1df45c919d71cce45ed907240c2f2fa6a4227e8e11cef2e7968c63e7a1adc3edec2170c17ed2cc54d0ea2b34e99b81015ffe51a501c2b73ddac5223e69d0dd451d358c0cd2ff7db256850ec1e9e349901f168d854284da68d80c68298a75c5d859008c82fe08b4cf2e68a2c0190760a03aff1be2c9425b6d46f5c67bafb6d16fffeeb0211d90abbade4db9d6a9e9c981dde14c1d54e9138f9760bcdccbf17e7416042cfe7bbd8bba2f739f7f900ee45b965316b950e8474f3be92081fb63f43a4858b39e20e14d5a38c0973d680f2fda9e310d0e088523bdcbb728bcd0074447b4ace876da5642cd7d781cdb023a31446e0a0c59d5388674a5c8a97927e014a73d0330bd5c5187db79f1c546a8bcca008263509c23b246dea58fb36c44d373c1c92ffdd1600c27d4b10b3fc86b88ecefe8743bb59a6b8e443f06d2ae3a6908b6bc25b647deee13262225b8879dd79413ffa3d4aef91a0a04d4dc3030b5beb081c5fdf9152c3a17e6b24457fd580d84d3006af27ff44d6ec3664c4955a1d1dc5eb041682644ae564390a3d0aa602b2a18cdd3f8a1efff7b8f3afc31c283c9b74b806a98bd9f1ad8ecce410160c0a27f7ef90a2b0c1bea64e187adc04a04bff7c435659bc4c3ce5c2730e121972541062102e93d2a136e1aaaf3e25d547cad6e2b0874500fc098469494d2654808ee88588fd167f4332061a9b4cae6b22d87624e325e89a269f61ce0d26465ddfedc1f0fa2a5cf1ee7fe3e6cb375f1ff04cf8d22667debe574b8395023bde9a8302376af2e119c4c88433d1722011ade605f3a4201860742b0392ac96cc138d9ddb952f4e4742a7fd9d625465dac35347c1662b2085c357120c6ff69dedc013c5fe46555a4448b0be41e21ad73162bf9aa1cfb70f4702c7051c0a13fae918133f123d33c5c02e66ae8fceb3109b2e13a7a3e71484d59dfcba16db2d21549be1ba6cd5ad7610eefda427982384961f18bd6857ad97e868c2914d0ba934a296eda52646031c4504864061f3cba1df65cd04ef6b1050fb30b5abbbe28f8f7adb8073e452f4c0c5492a5f8d427ddf451ae303a86639e5dbccfe2b2bedb911d534a77c012e2f8a24917d98ab14557caf3e66040f21767685644f0003459762d4ab25a0e33a92b54748cf46a977505074b79b9b0746b2b5b168876a2ca10bb903edc1d1992a4a94c0ee0dd7b37add092163b5fbaf16090f8143187d060b19e3822f3def14717e41558f9582467a5a5f89148450fde235e7a5bb900e4e9d14e2147bfd2a52f84a115eb170bf3d3b9b3de9781960be4e53025c7dce005e1458140bb9cf9da8fa1124ac558fb220d57c23a7f120f5171eb2208d9e6ab7186ae457973da564f1fd45b241c15596035f55034c3995a587b4471068076839420df947f10ab2fc211732d768c135d63cc5eeda1bdfc780e7ed90855fa5a364e63f529703cd0f691b0b6a41232bfd1c1f61ef6b16ed3b9055ca888c8ebcd16a0623ede9e4e37b7d6175e3d0ddba8e7d87639eb8b0ba246131951a581575f1adf4c598a9f2f087d5eb2a0a5834d8cb12b0ad76d9381a838ccfbfcc20bbb970474c48677f10aa57be1d607d5b049d397178035f7f3393cd9000336c83218850ecd64142a22f7ae7e6a7e62013d6d105eb7c862e13979698681d44121ee9e2e552315d4d3913ff7bcd90d6bed72d50107a971a37d5a1d75efeebf03cc91239b7e427fba8df6b79674c15acd2093289fe6155063af81d85840abf4635f66083b3707d34b2149dfdf95cb4deb71e1574118c242b160c770347e6b1f135a985e89fe8e6d7f40281cfb6dc05cd8b9d4f6680c0863acb34516092acdf2bea67f54ab4282ba2d898287f34d9384e335b2ddbb87aaea8cadb8f0b397e99a68a7a214fae5a1f56c95bcd901534c23cd5cff3c168813d7fa1191dd7437c96b07324a7b21b48e205b859dcd080bd62ab7cca4bd7a73959218d0eeb21c887483201eaf3afb19efe1741b57332c5441685a7bb8324d9e85faafc785312b58aabef2eef6a8048663bf13db9ae9edd4b1dcebc99890693f11b354b1f1aad19b66251b4bcaed0daed73b87dedd140fd680e7d3355362844d1d7ba2ae6be7ffae59d7b3c679b890448b0de1acf591abfe6f3096794b7e142e0ac0862ab8cb76eb79b17d1138be3747f907c3f11c636a0f0e0d315d1ff05aab0ce62fbac03a2b4ddeac7ee192bba2da93b7a926271f6d594aa14de2c294ad0c77770a624d1ce24cc8d8f5e9b629604fa7897f0cbd641f76a85dc8df33b5715eb100e30e53b85110d2252c22575a7365eb08006b4d62d305e780101965094ce2aaad170df470870e687fb280b772d41ad5d470b71e256af3a0d2c02df95821d38f28cdff26fa7a3f6e920edbd3174d2d2bde854ef68dae8a0a4a63753c825930903a2ca75d4321bad0ad9ff6852f94dd04972a45bb9625b3726dfbcc959e85242f0d327b181aee0fdab7af064dd97151b131a5c4a51a66692cbbd9f1348a16470cedef1b255e172cd2b15184177ad43744de941869af884ff8e59ef0e63ac5e1b99c851e0f915359ce12d9c380bb6f9c2bc773267157afeda7abcc120a31a1b72af6662bff7f5f194dad00b4ebfdcbb4dfc39854412db1ae99b449d741f841239159ea467cf1e38b95bcb7603ebcb400cb31410b2a4e25126caade0019bf667cc998bc4582578da0f8a6268f6d114ccf9dd8379995e8be1b934bb5645d72f97e05628129a7d2bc548e08796341f43dc3c9fcbe89d8284dc6633bee0d17e99f600425f0172b6bc478f5117dadf15e36e850ecc0ca75664ef8e4877a44b4ffa22a6f1d6719f8d81f9937928caa0690b77406a3298aaf446e2f78343267399bb7f64c60f82bf5d07210281eaad09a3810790720c98a041332c809be7aea1480b9e5eb989085c23b4aee75143068def3e89d1c417b63321e68d340a1472d2504088c17cd75de0e700508c55a7246ca9a762cc50ca35cbcaa7dcf4ae3264c32ff2cd67566ed501fb8182b5f16c58295783f3b2b554b06aae700f198c71ad7519868c1e6fbeb0246569b04beeb8b71bcbb9af93372bee365efb1d7424689e8241b1dc346a73a84b5773487f388356b8dbec1a108846e3f8dc74865b156e8ad18b353efc4ad0b11412a381fec8f5d45678b4f8b680591be8077303e7aff71acf9052ae3b73e41e19668f9b53bfd75b778970831b6891a78ffe0d4863e62cbbf6cf8c085032864479cd3a250842984dcc2860f057f86c8e2d4d2afefb8a45b7d5b8c94e752f369a1b434c827cd26cd0276a8b40019a95ebe7c16de4c1ce8efbd5c70e0c507631818aa4fbc937d212e428aefa895069656babdbd921af974da32c49f4ca6d1e1e28319b427c8bad4d650809c673ec6073770b4097e5700a8071110fd07acbc5a59f8d7b0735a98fd40ce03718a9a93c035948859215c59f54343b08bfd95a35d73c5f09a9ebe63c509fe8443fa74e6efd0fd87defc7cb16725ce3c3d5f7664cfe253faf2cbeb307052dd2269b6266acdb31e2006b9355f673ca5c9cb907605ce071824254b139607a069531f9598f4040ddeb9cd018e9dfa1808032dfb65a4af0820da810a7b58fbb65ac8e65b017a40ec2d445a5c7b78d1f0e717b19427ef1fe6cc08c5e9da5a7d1d508fd939854589dcba8d75ff3d8d1c1fb28af1ed6900bcd4cedbe42fd6243c81264fe81be756bfd71ebcd4d96bd7ec50a676bc57e130bd8da21bb6e888eb6c8402516f6fe6dfe25be9a3e33f2cdbed9de00efb867cbe80ec2309458f41924b967d254166e5a0a5f776395214a67900d180704b9fb09f9c4c4c62fd382fcd5efe099e22d2c82f198a39d193f65b68e09454e2ab8f2d7413c64563742f1c34ca9285e501bff5efa30a0da946f875d23162eaa53c4008bed38e9a190b08ff8bfb6bfb91553c4c329fc73b8be308b00347dee2afdc08bab311c75386f452b706d1820c9038998924665010a548c09743a16167b0b09373b5cd2fb1da4f6c9ea5b1f1dd7775f6fcb23eab4fd1990364dacb2a1656b9bcf1c4866b7222872a3a3a03d397499222a3f31a35d3aeaf6a6d39f0fbee1e0f6e1e10ba0774f15f245d955cc8132d86c2d768f8a06274caa5a12c46e9e08ee556c1da49830f1e6c0a0c53a9ef1489c3fba0251c3e6839e891ac298108f3ed05066e48b8bda2c5f6e691c7a7425b7019e0a547f6560a0af41831a4a790c3a8eac9a3a9119da3eef85cb12f3f3115f04ae95534ac847b4ee2cc2fc43cdba382ecae7c4f499ce1be1ca1907313ff665c2fd7d4c8f36716f33b6861f5cf3f1c878feadfa9a664b8d629a16c750c466326a951efaa830e4f328270041f2ca0be49f0affe5806b94b027033f008957e83d167d6fe4168ec4fb79385cc06e257bba807ecfccaba56cf751dac996b"], 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000180)='sys_enter\x00', r9}, 0x10)
pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, <r10=>0xffffffffffffffff}, 0x80000)
write$P9_RVERSION(r10, &(0x7f0000000380)=ANY=[@ANYRESDEC=r7], 0x15)
io_destroy(0x0)
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r2, &(0x7f0000000480)={0x0, 0x300, &(0x7f0000000140)={&(0x7f0000000180)={0x14, r11, 0x9c3fa077fa966179, 0x4, 0x0, {{0x7e}, {@void, @void}}}, 0x14}}, 0x0)

1.271710802s ago: executing program 4 (id=4798):
socket$phonet_pipe(0x23, 0x5, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000002c0)=@ipv4_newnexthop={0x28, 0x68, 0x4, 0x70bd2a, 0x25dfdbfb, {0x2, 0x0, 0x4, 0x0, 0x14}, [@NHA_BLACKHOLE={0x4}, @NHA_RES_GROUP={0xc, 0xc, 0x0, 0x1, [@NHA_RES_GROUP_UNBALANCED_TIMER={0x8, 0x3, 0x7ff}]}]}, 0x28}}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f006bbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000001000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mount$9p_rdma(0x0, &(0x7f0000000400)='.\x00', &(0x7f0000000440), 0x0, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, 0x0)
r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={0x14, r5, 0x1, 0x0, 0xfffffffd, {0x3}}, 0x14}}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r6 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r6, &(0x7f0000000140)={0x28, 0x0, 0x0, @hyper}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={0x0}, 0x18)
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r6, 0x28, 0x1, &(0x7f0000000100)=0xfffffffffffffffe, 0x112)

1.194726372s ago: executing program 1 (id=4800):
unshare(0x24040000)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = syz_open_dev$usbfs(&(0x7f0000000080), 0x72, 0x101301)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000280)=ANY=[], &(0x7f0000000280)='GPL\x00', 0xffffffff, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @sched_cls=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r2}, &(0x7f0000000000), &(0x7f00000005c0)=r3}, 0x20)
ioctl$USBDEVFS_IOCTL(r1, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r1, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10)
r5 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$UHID_DESTROY(r5, &(0x7f00000001c0), 0x4)
r6 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000000140))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
readv(r5, &(0x7f0000000300)=[{&(0x7f0000000380)=""/4096, 0x1000}], 0x1)
readv(0xffffffffffffffff, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

1.082854734s ago: executing program 2 (id=4801):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00'}, 0x10)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r0, 0x0, 0x9}, 0x18)
syz_clone3(&(0x7f0000000540)={0x28000000, 0x0, 0x0, 0x0, {0x10}, 0x0, 0x0, 0x0, &(0x7f0000000400)=[0x0], 0x1}, 0x58)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="3183000000010000000019000000180001801400020064756d6d793000000000000000000000c16dfec98de65a73535715e56ccd11434d3eef823f2eb8a846a7f4e879d7fc1470ecc2d117500e7030aae8809fc0b4c5b2969f0b8706b91c8923312e009176b01002dd52684930fd5d468cedd55bcc5e498f807e7ac0ee72824f6708c8ce0c7b2415b3b43928cf3eb81396566ee34c477f8a26316069bff5aba6e11069e76fe5784435b4ab938afc835577d68244d3267553cc5fcd44cc699fa078a2db28072eb18f3e79c44276fb4d60edb31784567804d5a60bf1cbc214b6ca842247b3b638d36c80d09e84c86d38"], 0x2c}, 0x1, 0x0, 0x0, 0x50}, 0x4886)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x408e, &(0x7f0000000240)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@min_batch_time={'min_batch_time', 0x3d, 0xfff}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x40}}, {@stripe={'stripe', 0x3d, 0x4000}}, {@errors_remount}, {@minixdf}]}, 0x3, 0x43a, &(0x7f0000000340)="$eJzs28tvG0UYAPBv13FKXySU8ugDCBRExCNp0gI9cAGBxAEkJDiUY0jSqtRtUBMkWlUQECpHVIk74ojEX8AJLgg4IXGFO6pUoVxaOBmtvZs4jp0mwY5L/ftJm8zsjjPzeXbs2Z1sAH1rJPuRROyJiN8jYqieXV1gpP7r5tLl6b+XLk8nUa2+9VdSK3dj6fJ0UbR43e48M5pGpJ8lcahFvfMXL52dqlRmL+T58YVz74/PX7z07JlzU6dnT8+enzxx4vixiReen3yuI3Fmbbpx8KO5wwdee+fqG9Mnr77787dJEX9THB0yst7BJ6rVDlfXW3sb0slADxvCppQiIuuucm38D0UpVjpvKF79tKeNA7qqWq1Wd7c/vFgF7mBJbLTk2fzzArgzFF/02fVvsW3T1OO2cP2l+gVQFvfNfKsfGYg0L1Nuur7tpJGIOLn4z1fZFt25DwEAsMr32fznmVbzvzTubyh3d742NBwR90TEvoi4NyL2R8R9EbWyD0TEg5usv3mRZO38J722pcA2KJv/vZivba2e/xWzvxgu5bm9tfjLyakzldmj+XsyGuUdWX5inTp+eOW3L9oda5z/ZVtWfzEXzNtxbWDH6tfMTC1M/ZeYG13/JOLgQKv4k+WVgCQiDkTEwS3Wceapbw63O9Yu/vJG/nAH1pmqX0c8We//xWiKv5Csvz45fldUZo+OF2fFWr/8euXNdvXfuv+7K+v/XS3P/+X4h5PG9dr5zddx5Y/P217TbPX8H0zerqUH830fTi0sXJiIGExerze6cf/kymuLfFE+i3/0SOvxvy9W3olDEZGdxA9FxMMR8Uje9kcj4rGIOLJO/D+9/Ph7W4+/u7L4ZzbV/yuJwWje0zpROvvjd6sqHd5M/Fn/H6+lRvM9G/n820i7tnY2AwAAwP9PGhF7IknHltNpOjZW/3/5/bErrczNLzx9au6D8zP1ZwSGo5wWd7qGGu6HTuSX9UV+sil/LL9v/GVpZy0/Nj1Xmel18NDndrcZ/5k/S71uHdB1nteC/mX8Q/8y/qF/Gf/Qv1qM/529aAew/Vp9/3/cg3YA269p/Fv2gz7i+h/6l/EP/cv4h740vzNu/ZC8hMSaRKS3RTMkupTo9ScTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZ/wbAAD//9E940M=")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x58)
pwritev2(r4, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5405, 0x0, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r3, 0x40305829, &(0x7f00000000c0)={0x17c04, 0xffffffffffffffff, 0x6, 0x100000001})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
r6 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080), 0x140, 0x0)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r6, 0xc018937e, &(0x7f0000001040)={{0x1, 0x1, 0x1018}, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00'})
writev(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3af, 0x4}, 0x100000, 0x0, 0x0, 0x3, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
syz_clone(0x4021400, 0x0, 0x9000, 0x0, 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB="030000002300ff6fd0dcc4ac7e23cf290460b872", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0x10, &(0x7f0000000340)=ANY=[@ANYBLOB="180500000000000000000000ffffffffb7080000000000007b8af8ff00000000b7080000000000007b8af0ff0000", @ANYRES32=r7, @ANYBLOB="00009f855548e17f4b63bd5f88de6b600d5160a9c80a794adb000000001000b70400000800000085"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

1.061763714s ago: executing program 0 (id=4802):
r0 = epoll_create1(0x0)
vmsplice(r0, 0x0, 0x0, 0xa)

874.520597ms ago: executing program 0 (id=4805):
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r0)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, r1, 0x300, 0x70bd2c, 0x25dfdbfb, {}, [@ETHTOOL_A_CHANNELS_RX_COUNT={0x8, 0x6, 0x8}, @ETHTOOL_A_CHANNELS_RX_COUNT={0x8, 0x6, 0x6}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x20000001)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r2}, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x10)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001540)={&(0x7f0000000240)=ANY=[@ANYBLOB="240100001600010428bd700000000000fe8000000000000000000000000000bbfc01000000000000000000000000000100040000000000000000a00000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="ff02000000000000000000000000000100000000330000000a0101010000000000000000000000000000000000004e340100000000000000000000000000000004000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000a0000002bbd70000000000000000200000000000000000008000020ffffffdf2c0027cc"], 0x124}}, 0x0)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000440)=0xcf7f, 0x4)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448d4, &(0x7f0000000000)={0x0, 0xe, "e900", 0xc})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r6, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r7, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x11, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f000000850000002300000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x800, @void, @value}, 0x69)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r8}, 0x18)
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r9, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})

792.236358ms ago: executing program 3 (id=4806):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r1}, &(0x7f0000000240), &(0x7f0000000280)=r2}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)={{0x14}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x7, 0x0, 0x0, {0x2}}, @NFT_MSG_NEWCHAIN={0x28, 0x3, 0xa, 0x201, 0x0, 0x0, {0x2}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_USERDATA={0x7, 0x3, "91abc1"}]}], {0x14}}, 0x64}}, 0x0)

738.500459ms ago: executing program 3 (id=4807):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000300000000000800000085000000453068979500000000000000"], &(0x7f0000000040)='syzkaller\x00', 0x4, 0x0, 0xfffffffffffffffc, 0x0, 0x0, '\x00', 0x0, 0x38, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket(0x400000000010, 0x3, 0x0)
r1 = socket$unix(0x1, 0x5, 0x0)
r2 = add_key$keyring(&(0x7f00000085c0), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
r3 = add_key$keyring(&(0x7f0000008540), &(0x7f0000008580)={'syz', 0x3}, 0x0, 0x0, r2)
keyctl$unlink(0x9, r3, r2)
keyctl$unlink(0x9, r3, r2)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket(0x2a, 0x5, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
request_key(&(0x7f0000000040)='user\x00', &(0x7f0000000080)={'syz', 0x0}, &(0x7f0000000140)='\\\\@[*#)\x00', 0xfffffffffffffffe)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="38000000031401002dbd7000ffdbdf250900020073797a310000000008004100736977001400330076657468305f746f5f62726964676500b67ba412fb5fbc892b267565aa22ffc23965a410c618eacc18139a2684e8da05a9d737791e771cb50c8f407073510239d0b64bd36af99965398709f17232f69343a1af51eeed3a5694b3d13a3683778c5f68216a6a4d3f3e9bfd5a28ff4051aa4113ee159b814518b62f81a0dd374b44b0edda7cf8ecc03356f1c535672fb8466f6657f8faa12f67851c32061122ec4a85c1d6a9f1f6c6c11cc596d41733a53e0076f62e13581a85b4bed31f6844e7d3379d75688c865b0cd74b0b27a33d33ff30bc1814836d3c65228f2478bcd9878dee0111222cf4d1fa7cf0c6b4f2474e646a202609e70e18b580fa3900c0d6c3909b68bce3cbfd32975853c2b5fa58eba741884ce3a8c43866d982fb"], 0x38}, 0x1, 0x0, 0x0, 0x8081}, 0x20000010)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)=ANY=[], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000240)='kfree\x00', 0xffffffffffffffff, 0x0, 0x4ab}, 0x18)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f0000000080)={0x2, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="020a0000"], 0x10}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[], 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfecc)
socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})

657.53556ms ago: executing program 3 (id=4808):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000800"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
close_range(r0, 0xffffffffffffffff, 0x0)

605.418521ms ago: executing program 3 (id=4809):
unshare(0x24040000)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = syz_open_dev$usbfs(&(0x7f0000000080), 0x72, 0x101301)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000280)=ANY=[], &(0x7f0000000280)='GPL\x00', 0xffffffff, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @sched_cls=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r2}, &(0x7f0000000000), &(0x7f00000005c0)=r3}, 0x20)
ioctl$USBDEVFS_IOCTL(r1, 0xc0105512, &(0x7f0000000200))
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10)
r5 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$UHID_CREATE(r5, &(0x7f0000002a00)={0x0, {'syz1\x00', 'syz0\x00', 'syz0\x00', &(0x7f00000000c0)=""/43, 0x2b, 0x0, 0x7f, 0xfffffffe}}, 0x120)
write$UHID_DESTROY(r5, &(0x7f00000001c0), 0x4)
r6 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000000140))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
readv(r5, &(0x7f0000000300)=[{&(0x7f0000000380)=""/4096, 0x1000}], 0x1)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r7, 0x0, 0x80, &(0x7f00000009c0)=@nat={'nat\x00', 0x19, 0x0, 0x90, [0x200000000500, 0x0, 0x0, 0x200000000530, 0x200000000560], 0x0, 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff00000000"]}, 0x108)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
readv(0xffffffffffffffff, 0x0, 0x0)
unshare(0x2c020400)
r8 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r8, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @empty, 0xc7ec}, 0x1c)
r9 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$PIO_UNIMAP(r9, 0x4b67, &(0x7f0000000040)={0x0, 0x0})
socket$nl_route(0x10, 0x3, 0x0)

248.406216ms ago: executing program 1 (id=4810):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
socket$rxrpc(0x21, 0x2, 0xa)
socket$kcm(0x21, 0x2, 0xa)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
timerfd_create(0x9, 0x800)

183.331427ms ago: executing program 1 (id=4811):
pipe(&(0x7f00000000c0))
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="05000000050000000100000004"], 0x48)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
r2 = socket$netlink(0x10, 0x3, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000200)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffffdc2}]})
migrate_pages(0x0, 0x4, 0x0, 0xffffffffffffffff)
sendmsg$nl_route_sched(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0x0, 0x0, 0x80}, 0x4000c00)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x1c, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000005c0)='kmem_cache_free\x00', r4}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
request_key(&(0x7f0000001000)='dns_resolver\x00', 0x0, 0x0, 0x0)

136.251458ms ago: executing program 1 (id=4812):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x28, 0x0, 0x2, 0x101, 0x0, 0x0, {0x7, 0x0, 0x2}, [@CTA_EXPECT_ZONE={0x6, 0x7, 0x1, 0x0, 0x2}, @CTA_EXPECT_TUPLE={0x4}, @CTA_EXPECT_MASTER={0x4}, @CTA_EXPECT_MASK={0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x40000)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x8, 0x84085, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x7}, 0x1320, 0x0, 0x20103, 0x5, 0x800, 0x840101, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0x80047441, 0xf0ff1f00000000)
creat(&(0x7f0000000340)='./file0\x00', 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000940)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$netlink(0x10, 0x3, 0x9)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[], 0x28}}, 0x20040050)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000780)=ANY=[@ANYRES64=r3, @ANYRESDEC=r3, @ANYRES64=r3, @ANYRES64, @ANYRES64=r3, @ANYRESOCT=r3, @ANYRES32, @ANYBLOB="1ca0627f7ec9332260baf1511e69832e3a190f925948afd44a0843b063bb25bfc3f7e6c1671d4227e7288e53227b376e7904c71e81d6e2dcb3a5e496c8c238530db1cc0a9c4d1d853925956e7f05a81ac58781639edf0a889f75dc2fca357a1e0c5cbdf5b5c8bdcbaf01ad7692de06a47112e77ab1f34209179081", @ANYRES16=r3, @ANYRESDEC=r3], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x11, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000b7080000000000007baaf8ff00000000b5080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70500000800000085000000a700000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000580)={r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdec, 0x0, 0x0, 0x4, 0x0, &(0x7f0000000480)="116be16c", 0x4, 0x0, 0x3}, 0x50)
socket$inet_udp(0x2, 0x2, 0x0)
r6 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
socket$inet6(0xa, 0x2, 0x8e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r6, 0x89f3, &(0x7f0000000740)={'ip6tnl0\x00', &(0x7f00000006c0)={'ip6_vti0\x00', <r8=>0x0, 0x2b, 0x7, 0x7, 0xfff, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, @remote, 0x1, 0x1, 0xf, 0x4}})
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x13, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000040000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000240)='GPL\x00', 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', r8, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_emit_ethernet(0xfc1, &(0x7f00000013c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa10080045000fb30000000000849078ac1414bbac14140edd9dec79219eb5499325e16c96335bc5ff0e043319357749084ca9d0ae1378f4e88112a2f7c10fd1523b9007773fd2b2bd0ebabccd2e5c35fb3baff587585840f2530c6f4d025f118440ac22a8b34da7b5e1e873bd429686be3ef84439e05fc0fefedb8b897b09445a9e10cf24aec2ff3ca6a86d94df0c4a928ed904dcfb02e6c6c5918a839d33cb9b55dfb3cd89d80eb18dc06415d313b4ea240a65eff4b941ac018e8f81de044239960271333255291b5fbfdcf8db25e175640f36986b859aeb3370ca17e6a20aeeb5c5d27eb097fc1fab796a7ff8fcbe119bbe4be2c8a5c58890191c59bea20bfe4edf9c5453e59f610d3bd1d6eb49b02e464aee0480187c5717936add1347b08cdf5b056adb941708e8a0498900419e98b75658c6dd00f88eebf8c9aaee2e38c80eafcf6ca08ea305da9c7050948ef78a1457a2e933287fe8d2e100cb00078ed829985f8812d543cc5cdb71521f4113829551efe915e4d6773f2d285cc1e8813919356ca5ef202b0d2b8a3d7de51e4635e761ffd7efe5d51dd1325596f0e4e1c0b1ce73240cb931227892d66f3629c9d152372d5790c1c25e2f6f850a5eb83654f423b84adbbf4169d472b2cddaa7137ff14c2944ade3a57613806810707a2e6c078beb4b87cf8cf39c9950bcb3f9bb42308bd5e68d81f7f4d9e528541703059787f5e342be8ebb9841d587f7455b409115d511c130d9641fc74391228bda52d2fa58e2ca74b26583e73e2cfb881945d8ecbc77eb35e783057f6c35ba06b7f639ec516ee54bf3645f6ec436ba859e22ed480a862285aa21f3d5cd3734dde388a7f8920c4a6b4a952f830e0d2811f2f2714e660e961de0b3e0b8d5fd1007690a61e414e82245dbe4e47c73465ed40af1cee2eae4801ee408ad1fce81ff8db77082c5efd93fa9a1a3e3d78eff84f326df1c6fa656cc7d4dab842fe8e0d9ce47ad0a7e74dfe1a53776a346a22dc7a0e476754d385d99aa9cbd3f445ffb2ed61e01b28fc071d706ad204b1e8014481dba0cbc460b67e64d6e955184271cedef7f951021e3595ebe9c3384b53efafb67cbed2aa1ede5d7fcff3a9d27d05766fb8894d7948609441759f4c4dfa33b6d486d4fb7e231f04d4f0f9e98f4b156129d9307fb9ebf3b278232062e7fe9ec2db7c4c991f83733368a107bf5798a1df45c919d71cce45ed907240c2f2fa6a4227e8e11cef2e7968c63e7a1adc3edec2170c17ed2cc54d0ea2b34e99b81015ffe51a501c2b73ddac5223e69d0dd451d358c0cd2ff7db256850ec1e9e349901f168d854284da68d80c68298a75c5d859008c82fe08b4cf2e68a2c0190760a03aff1be2c9425b6d46f5c67bafb6d16fffeeb0211d90abbade4db9d6a9e9c981dde14c1d54e9138f9760bcdccbf17e7416042cfe7bbd8bba2f739f7f900ee45b965316b950e8474f3be92081fb63f43a4858b39e20e14d5a38c0973d680f2fda9e310d0e088523bdcbb728bcd0074447b4ace876da5642cd7d781cdb023a31446e0a0c59d5388674a5c8a97927e014a73d0330bd5c5187db79f1c546a8bcca008263509c23b246dea58fb36c44d373c1c92ffdd1600c27d4b10b3fc86b88ecefe8743bb59a6b8e443f06d2ae3a6908b6bc25b647deee13262225b8879dd79413ffa3d4aef91a0a04d4dc3030b5beb081c5fdf9152c3a17e6b24457fd580d84d3006af27ff44d6ec3664c4955a1d1dc5eb041682644ae564390a3d0aa602b2a18cdd3f8a1efff7b8f3afc31c283c9b74b806a98bd9f1ad8ecce410160c0a27f7ef90a2b0c1bea64e187adc04a04bff7c435659bc4c3ce5c2730e121972541062102e93d2a136e1aaaf3e25d547cad6e2b0874500fc098469494d2654808ee88588fd167f4332061a9b4cae6b22d87624e325e89a269f61ce0d26465ddfedc1f0fa2a5cf1ee7fe3e6cb375f1ff04cf8d22667debe574b8395023bde9a8302376af2e119c4c88433d1722011ade605f3a4201860742b0392ac96cc138d9ddb952f4e4742a7fd9d625465dac35347c1662b2085c357120c6ff69dedc013c5fe46555a4448b0be41e21ad73162bf9aa1cfb70f4702c7051c0a13fae918133f123d33c5c02e66ae8fceb3109b2e13a7a3e71484d59dfcba16db2d21549be1ba6cd5ad7610eefda427982384961f18bd6857ad97e868c2914d0ba934a296eda52646031c4504864061f3cba1df65cd04ef6b1050fb30b5abbbe28f8f7adb8073e452f4c0c5492a5f8d427ddf451ae303a86639e5dbccfe2b2bedb911d534a77c012e2f8a24917d98ab14557caf3e66040f21767685644f0003459762d4ab25a0e33a92b54748cf46a977505074b79b9b0746b2b5b168876a2ca10bb903edc1d1992a4a94c0ee0dd7b37add092163b5fbaf16090f8143187d060b19e3822f3def14717e41558f9582467a5a5f89148450fde235e7a5bb900e4e9d14e2147bfd2a52f84a115eb170bf3d3b9b3de9781960be4e53025c7dce005e1458140bb9cf9da8fa1124ac558fb220d57c23a7f120f5171eb2208d9e6ab7186ae457973da564f1fd45b241c15596035f55034c3995a587b4471068076839420df947f10ab2fc211732d768c135d63cc5eeda1bdfc780e7ed90855fa5a364e63f529703cd0f691b0b6a41232bfd1c1f61ef6b16ed3b9055ca888c8ebcd16a0623ede9e4e37b7d6175e3d0ddba8e7d87639eb8b0ba246131951a581575f1adf4c598a9f2f087d5eb2a0a5834d8cb12b0ad76d9381a838ccfbfcc20bbb970474c48677f10aa57be1d607d5b049d397178035f7f3393cd9000336c83218850ecd64142a22f7ae7e6a7e62013d6d105eb7c862e13979698681d44121ee9e2e552315d4d3913ff7bcd90d6bed72d50107a971a37d5a1d75efeebf03cc91239b7e427fba8df6b79674c15acd2093289fe6155063af81d85840abf4635f66083b3707d34b2149dfdf95cb4deb71e1574118c242b160c770347e6b1f135a985e89fe8e6d7f40281cfb6dc05cd8b9d4f6680c0863acb34516092acdf2bea67f54ab4282ba2d898287f34d9384e335b2ddbb87aaea8cadb8f0b397e99a68a7a214fae5a1f56c95bcd901534c23cd5cff3c168813d7fa1191dd7437c96b07324a7b21b48e205b859dcd080bd62ab7cca4bd7a73959218d0eeb21c887483201eaf3afb19efe1741b57332c5441685a7bb8324d9e85faafc785312b58aabef2eef6a8048663bf13db9ae9edd4b1dcebc99890693f11b354b1f1aad19b66251b4bcaed0daed73b87dedd140fd680e7d3355362844d1d7ba2ae6be7ffae59d7b3c679b890448b0de1acf591abfe6f3096794b7e142e0ac0862ab8cb76eb79b17d1138be3747f907c3f11c636a0f0e0d315d1ff05aab0ce62fbac03a2b4ddeac7ee192bba2da93b7a926271f6d594aa14de2c294ad0c77770a624d1ce24cc8d8f5e9b629604fa7897f0cbd641f76a85dc8df33b5715eb100e30e53b85110d2252c22575a7365eb08006b4d62d305e780101965094ce2aaad170df470870e687fb280b772d41ad5d470b71e256af3a0d2c02df95821d38f28cdff26fa7a3f6e920edbd3174d2d2bde854ef68dae8a0a4a63753c825930903a2ca75d4321bad0ad9ff6852f94dd04972a45bb9625b3726dfbcc959e85242f0d327b181aee0fdab7af064dd97151b131a5c4a51a66692cbbd9f1348a16470cedef1b255e172cd2b15184177ad43744de941869af884ff8e59ef0e63ac5e1b99c851e0f915359ce12d9c380bb6f9c2bc773267157afeda7abcc120a31a1b72af6662bff7f5f194dad00b4ebfdcbb4dfc39854412db1ae99b449d741f841239159ea467cf1e38b95bcb7603ebcb400cb31410b2a4e25126caade0019bf667cc998bc4582578da0f8a6268f6d114ccf9dd8379995e8be1b934bb5645d72f97e05628129a7d2bc548e08796341f43dc3c9fcbe89d8284dc6633bee0d17e99f600425f0172b6bc478f5117dadf15e36e850ecc0ca75664ef8e4877a44b4ffa22a6f1d6719f8d81f9937928caa0690b77406a3298aaf446e2f78343267399bb7f64c60f82bf5d07210281eaad09a3810790720c98a041332c809be7aea1480b9e5eb989085c23b4aee75143068def3e89d1c417b63321e68d340a1472d2504088c17cd75de0e700508c55a7246ca9a762cc50ca35cbcaa7dcf4ae3264c32ff2cd67566ed501fb8182b5f16c58295783f3b2b554b06aae700f198c71ad7519868c1e6fbeb0246569b04beeb8b71bcbb9af93372bee365efb1d7424689e8241b1dc346a73a84b5773487f388356b8dbec1a108846e3f8dc74865b156e8ad18b353efc4ad0b11412a381fec8f5d45678b4f8b680591be8077303e7aff71acf9052ae3b73e41e19668f9b53bfd75b778970831b6891a78ffe0d4863e62cbbf6cf8c085032864479cd3a250842984dcc2860f057f86c8e2d4d2afefb8a45b7d5b8c94e752f369a1b434c827cd26cd0276a8b40019a95ebe7c16de4c1ce8efbd5c70e0c507631818aa4fbc937d212e428aefa895069656babdbd921af974da32c49f4ca6d1e1e28319b427c8bad4d650809c673ec6073770b4097e5700a8071110fd07acbc5a59f8d7b0735a98fd40ce03718a9a93c035948859215c59f54343b08bfd95a35d73c5f09a9ebe63c509fe8443fa74e6efd0fd87defc7cb16725ce3c3d5f7664cfe253faf2cbeb307052dd2269b6266acdb31e2006b9355f673ca5c9cb907605ce071824254b139607a069531f9598f4040ddeb9cd018e9dfa1808032dfb65a4af0820da810a7b58fbb65ac8e65b017a40ec2d445a5c7b78d1f0e717b19427ef1fe6cc08c5e9da5a7d1d508fd939854589dcba8d75ff3d8d1c1fb28af1ed6900bcd4cedbe42fd6243c81264fe81be756bfd71ebcd4d96bd7ec50a676bc57e130bd8da21bb6e888eb6c8402516f6fe6dfe25be9a3e33f2cdbed9de00efb867cbe80ec2309458f41924b967d254166e5a0a5f776395214a67900d180704b9fb09f9c4c4c62fd382fcd5efe099e22d2c82f198a39d193f65b68e09454e2ab8f2d7413c64563742f1c34ca9285e501bff5efa30a0da946f875d23162eaa53c4008bed38e9a190b08ff8bfb6bfb91553c4c329fc73b8be308b00347dee2afdc08bab311c75386f452b706d1820c9038998924665010a548c09743a16167b0b09373b5cd2fb1da4f6c9ea5b1f1dd7775f6fcb23eab4fd1990364dacb2a1656b9bcf1c4866b7222872a3a3a03d397499222a3f31a35d3aeaf6a6d39f0fbee1e0f6e1e10ba0774f15f245d955cc8132d86c2d768f8a06274caa5a12c46e9e08ee556c1da49830f1e6c0a0c53a9ef1489c3fba0251c3e6839e891ac298108f3ed05066e48b8bda2c5f6e691c7a7425b7019e0a547f6560a0af41831a4a790c3a8eac9a3a9119da3eef85cb12f3f3115f04ae95534ac847b4ee2cc2fc43cdba382ecae7c4f499ce1be1ca1907313ff665c2fd7d4c8f36716f33b6861f5cf3f1c878feadfa9a664b8d629a16c750c466326a951efaa830e4f328270041f2ca0be49f0affe5806b94b027033f008957e83d167d6fe4168ec4fb79385cc06e257bba807ecfccaba56cf751dac996b"], 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000180)='sys_enter\x00', r9}, 0x10)
pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, <r10=>0xffffffffffffffff}, 0x80000)
write$P9_RVERSION(r10, &(0x7f0000000380)=ANY=[@ANYRESDEC=r7], 0x15)
io_destroy(0x0)
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r2, &(0x7f0000000480)={0x0, 0x300, &(0x7f0000000140)={&(0x7f0000000180)={0x14, r11, 0x9c3fa077fa966179, 0x4, 0x0, {{0x7e}, {@void, @void}}}, 0x14}}, 0x0)

135.227408ms ago: executing program 2 (id=4813):
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r0)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, r1, 0x300, 0x70bd2c, 0x25dfdbfb, {}, [@ETHTOOL_A_CHANNELS_RX_COUNT={0x8, 0x6, 0x8}, @ETHTOOL_A_CHANNELS_RX_COUNT={0x8, 0x6, 0x6}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x20000001)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r2, <r3=>0xffffffffffffffff}, 0x4)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r4}, 0x10)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001540)={&(0x7f0000000240)=ANY=[@ANYBLOB="240100001600010428bd700000000000fe8000000000000000000000000000bbfc01000000000000000000000000000100040000000000000000a00000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="ff02000000000000000000000000000100000000330000000a0101010000000000000000000000000000000000004e340100000000000000000000000000000004000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000a0000002bbd70000000000000000200000000000000000008000020ffffffdf2c0027cc"], 0x124}}, 0x0)
close_range(r3, r0, 0x0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000440)=0xcf7f, 0x4)
write$qrtrtun(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r6, 0x800448d4, &(0x7f0000000000)={0x0, 0xe, "e900", 0xc})
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa2c"], 0xfdef)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_RATE_NEW(r7, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, 0x0, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x11, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f000000850000002300000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x800, @void, @value}, 0x69)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r8}, 0x18)
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r9, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})

74.446029ms ago: executing program 2 (id=4814):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007d000000850000002a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x14)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000cc0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x4}}], 0x18}}], 0x1, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f00000000c0)})
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
rmdir(0x0)
ioctl$sock_SIOCBRDELBR(r3, 0x89a2, &(0x7f0000000200)='bridge0\x00')
ioctl$sock_SIOCBRDELBR(r2, 0x89a3, &(0x7f0000000200)='bridge0\x00')
fsopen(0x0, 0x1)
r5 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x9)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="180000000000120000"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r5, 0x40042408, r6)
socket$inet_udp(0x2, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000080), 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV")
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
fsconfig$FSCONFIG_CMD_RECONFIGURE(0xffffffffffffffff, 0x7, 0x0, 0x0, 0x0)
r7 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000240)={0x0, <r8=>0x0}, &(0x7f0000000280)=0xc)
getresgid(&(0x7f0000000440), &(0x7f0000000480), &(0x7f00000004c0))
quotactl$Q_GETNEXTQUOTA(0xffffffff80000901, &(0x7f00000000c0)=@sr0, r8, 0x0)

74.096649ms ago: executing program 3 (id=4815):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000200)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x33, 0x33, 0x5, [@datasec={0xa, 0x2, 0x0, 0xf, 0x3, [{0x5, 0x6bb, 0xfffffffa}, {0x4, 0x2}], "5150a0"}, @fwd={0xd}]}, {0x0, [0x30, 0x61, 0x2e]}}, &(0x7f0000000280)=""/197, 0x51, 0xc5, 0x0, 0x9aa, 0x0, @void, @value}, 0x28)

12.018439ms ago: executing program 3 (id=4816):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00'}, 0x10)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r0, 0x0, 0x9}, 0x18)
syz_clone3(&(0x7f0000000540)={0x28000000, 0x0, 0x0, 0x0, {0x10}, 0x0, 0x0, 0x0, &(0x7f0000000400)=[0x0], 0x1}, 0x58)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="3183000000010000000019000000180001801400020064756d6d793000000000000000000000c16dfec98de65a73535715e56ccd11434d3eef823f2eb8a846a7f4e879d7fc1470ecc2d117500e7030aae8809fc0b4c5b2969f0b8706b91c8923312e009176b01002dd52684930fd5d468cedd55bcc5e498f807e7ac0ee72824f6708c8ce0c7b2415b3b43928cf3eb81396566ee34c477f8a26316069bff5aba6e11069e76fe5784435b4ab938afc835577d68244d3267553cc5fcd44cc699fa078a2db28072eb18f3e79c44276fb4d60edb31784567804d5a60bf1cbc214b6ca842247b3b638d36c80d09e84c86d38"], 0x2c}, 0x1, 0x0, 0x0, 0x50}, 0x4886)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x408e, &(0x7f0000000240)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@min_batch_time={'min_batch_time', 0x3d, 0xfff}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x40}}, {@stripe={'stripe', 0x3d, 0x4000}}, {@errors_remount}, {@minixdf}]}, 0x3, 0x43a, &(0x7f0000000340)="$eJzs28tvG0UYAPBv13FKXySU8ugDCBRExCNp0gI9cAGBxAEkJDiUY0jSqtRtUBMkWlUQECpHVIk74ojEX8AJLgg4IXGFO6pUoVxaOBmtvZs4jp0mwY5L/ftJm8zsjjPzeXbs2Z1sAH1rJPuRROyJiN8jYqieXV1gpP7r5tLl6b+XLk8nUa2+9VdSK3dj6fJ0UbR43e48M5pGpJ8lcahFvfMXL52dqlRmL+T58YVz74/PX7z07JlzU6dnT8+enzxx4vixiReen3yuI3Fmbbpx8KO5wwdee+fqG9Mnr77787dJEX9THB0yst7BJ6rVDlfXW3sb0slADxvCppQiIuuucm38D0UpVjpvKF79tKeNA7qqWq1Wd7c/vFgF7mBJbLTk2fzzArgzFF/02fVvsW3T1OO2cP2l+gVQFvfNfKsfGYg0L1Nuur7tpJGIOLn4z1fZFt25DwEAsMr32fznmVbzvzTubyh3d742NBwR90TEvoi4NyL2R8R9EbWyD0TEg5usv3mRZO38J722pcA2KJv/vZivba2e/xWzvxgu5bm9tfjLyakzldmj+XsyGuUdWX5inTp+eOW3L9oda5z/ZVtWfzEXzNtxbWDH6tfMTC1M/ZeYG13/JOLgQKv4k+WVgCQiDkTEwS3Wceapbw63O9Yu/vJG/nAH1pmqX0c8We//xWiKv5Csvz45fldUZo+OF2fFWr/8euXNdvXfuv+7K+v/XS3P/+X4h5PG9dr5zddx5Y/P217TbPX8H0zerqUH830fTi0sXJiIGExerze6cf/kymuLfFE+i3/0SOvxvy9W3olDEZGdxA9FxMMR8Uje9kcj4rGIOLJO/D+9/Ph7W4+/u7L4ZzbV/yuJwWje0zpROvvjd6sqHd5M/Fn/H6+lRvM9G/n820i7tnY2AwAAwP9PGhF7IknHltNpOjZW/3/5/bErrczNLzx9au6D8zP1ZwSGo5wWd7qGGu6HTuSX9UV+sil/LL9v/GVpZy0/Nj1Xmel18NDndrcZ/5k/S71uHdB1nteC/mX8Q/8y/qF/Gf/Qv1qM/529aAew/Vp9/3/cg3YA269p/Fv2gz7i+h/6l/EP/cv4h740vzNu/ZC8hMSaRKS3RTMkupTo9ScTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZ/wbAAD//9E940M=")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x58)
pwritev2(r4, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5405, 0x0, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r3, 0x40305829, &(0x7f00000000c0)={0x17c04, 0xffffffffffffffff, 0x6, 0x100000001})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
r6 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080), 0x140, 0x0)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r6, 0xc018937e, &(0x7f0000001040)={{0x1, 0x1, 0x1018}, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00'})
writev(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3af, 0x4}, 0x100000, 0x0, 0x0, 0x3, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
syz_clone(0x4021400, 0x0, 0x9000, 0x0, 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB="030000002300ff6fd0dcc4ac7e23cf290460b872", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0x10, &(0x7f0000000340)=ANY=[@ANYBLOB="180500000000000000000000ffffffffb7080000000000007b8af8ff00000000b7080000000000007b8af0ff0000", @ANYRES32=r7, @ANYBLOB="00009f855548e17f4b63bd5f88de6b600d5160a9c80a794adb000000001000b70400000800000085"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

0s ago: executing program 1 (id=4817):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f60000008500000043"], 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x1, &(0x7f0000000480)={{0x0, 0x989680}, {0x77359400}}, 0x0)
futex_waitv(&(0x7f0000001080)=[{0x3, &(0x7f0000001040)=0x3, 0x82}], 0x1, 0x0, 0x0, 0x1)

kernel console output (not intermixed with test programs):

99] hid-generic 0000:007F:FFFFFFFE.001B: unknown main item tag 0x0
[  345.417598][ T3399] hid-generic 0000:007F:FFFFFFFE.001B: unknown main item tag 0x0
[  345.425362][ T3399] hid-generic 0000:007F:FFFFFFFE.001B: unknown main item tag 0x0
[  345.434199][ T3399] hid-generic 0000:007F:FFFFFFFE.001B: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  345.473662][  T271] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  345.490104][T16202] syz.3.4356: attempt to access beyond end of device
[  345.490104][T16202] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  345.517211][T16206] loop1: detected capacity change from 0 to 512
[  345.529051][T16206] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  345.545101][T16204] hub 4-0:1.0: USB hub found
[  345.545501][T16206] ext4 filesystem being mounted at /281/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  345.550827][T16204] hub 4-0:1.0: 8 ports detected
[  345.572415][   T36] hid-generic 0000:007F:FFFFFFFE.001C: unknown main item tag 0x1
[  345.580262][   T36] hid-generic 0000:007F:FFFFFFFE.001C: unknown main item tag 0x0
[  345.588074][   T36] hid-generic 0000:007F:FFFFFFFE.001C: unknown main item tag 0x0
[  345.595860][   T36] hid-generic 0000:007F:FFFFFFFE.001C: unknown main item tag 0x0
[  345.603674][   T36] hid-generic 0000:007F:FFFFFFFE.001C: unknown main item tag 0x0
[  345.611562][   T36] hid-generic 0000:007F:FFFFFFFE.001C: unknown main item tag 0x0
[  345.619373][   T36] hid-generic 0000:007F:FFFFFFFE.001C: unknown main item tag 0x4
[  345.627232][   T36] hid-generic 0000:007F:FFFFFFFE.001C: unknown main item tag 0x0
[  345.635027][   T36] hid-generic 0000:007F:FFFFFFFE.001C: unknown main item tag 0x0
[  345.642838][   T36] hid-generic 0000:007F:FFFFFFFE.001C: unknown main item tag 0x0
[  345.650619][   T36] hid-generic 0000:007F:FFFFFFFE.001C: unknown main item tag 0x2
[  345.658493][   T36] hid-generic 0000:007F:FFFFFFFE.001C: unknown main item tag 0x0
[  345.666373][   T36] hid-generic 0000:007F:FFFFFFFE.001C: unknown main item tag 0x0
[  345.674206][   T36] hid-generic 0000:007F:FFFFFFFE.001C: unknown main item tag 0x0
[  345.682023][   T36] hid-generic 0000:007F:FFFFFFFE.001C: unknown main item tag 0x0
[  345.689847][   T36] hid-generic 0000:007F:FFFFFFFE.001C: unknown main item tag 0x0
[  345.697648][   T36] hid-generic 0000:007F:FFFFFFFE.001C: unknown main item tag 0x2
[  345.705480][   T36] hid-generic 0000:007F:FFFFFFFE.001C: unknown main item tag 0x0
[  345.713277][   T36] hid-generic 0000:007F:FFFFFFFE.001C: unknown main item tag 0x0
[  345.721196][   T36] hid-generic 0000:007F:FFFFFFFE.001C: unknown main item tag 0x0
[  345.729017][   T36] hid-generic 0000:007F:FFFFFFFE.001C: unknown main item tag 0x0
[  345.736847][   T36] hid-generic 0000:007F:FFFFFFFE.001C: unknown main item tag 0x0
[  345.744681][   T36] hid-generic 0000:007F:FFFFFFFE.001C: unknown main item tag 0x0
[  345.752499][   T36] hid-generic 0000:007F:FFFFFFFE.001C: unknown main item tag 0x0
[  345.760253][   T36] hid-generic 0000:007F:FFFFFFFE.001C: unknown main item tag 0x0
[  345.768080][   T36] hid-generic 0000:007F:FFFFFFFE.001C: unknown main item tag 0x0
[  345.775951][   T36] hid-generic 0000:007F:FFFFFFFE.001C: unknown main item tag 0x0
[  345.783733][   T36] hid-generic 0000:007F:FFFFFFFE.001C: unknown main item tag 0x0
[  345.791536][   T36] hid-generic 0000:007F:FFFFFFFE.001C: unknown main item tag 0x0
[  345.799275][   T36] hid-generic 0000:007F:FFFFFFFE.001C: unknown main item tag 0x0
[  345.807080][   T36] hid-generic 0000:007F:FFFFFFFE.001C: unknown main item tag 0x0
[  345.814835][   T36] hid-generic 0000:007F:FFFFFFFE.001C: unknown main item tag 0x0
[  345.822605][   T36] hid-generic 0000:007F:FFFFFFFE.001C: unknown main item tag 0x0
[  345.830394][   T36] hid-generic 0000:007F:FFFFFFFE.001C: unknown main item tag 0x0
[  345.838142][   T36] hid-generic 0000:007F:FFFFFFFE.001C: unknown main item tag 0x0
[  345.846038][   T36] hid-generic 0000:007F:FFFFFFFE.001C: unknown main item tag 0x0
[  345.853894][   T36] hid-generic 0000:007F:FFFFFFFE.001C: unknown main item tag 0x0
[  345.861802][   T36] hid-generic 0000:007F:FFFFFFFE.001C: unknown main item tag 0x0
[  345.908597][   T36] hid-generic 0000:007F:FFFFFFFE.001C: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  345.993610][  T271] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  346.260718][   T29] kauditd_printk_skb: 176 callbacks suppressed
[  346.260736][   T29] audit: type=1326 audit(2000000163.130:22253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16225 comm="syz.4.4364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42e8abe969 code=0x7ffc0000
[  346.328588][   T29] audit: type=1326 audit(2000000163.170:22254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16225 comm="syz.4.4364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42e8abe969 code=0x7ffc0000
[  346.352364][   T29] audit: type=1326 audit(2000000163.170:22255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16225 comm="syz.4.4364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f42e8abe969 code=0x7ffc0000
[  346.375948][   T29] audit: type=1326 audit(2000000163.170:22256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16225 comm="syz.4.4364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42e8abe969 code=0x7ffc0000
[  346.399652][   T29] audit: type=1326 audit(2000000163.170:22257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16225 comm="syz.4.4364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f42e8abe969 code=0x7ffc0000
[  346.423271][   T29] audit: type=1326 audit(2000000163.170:22258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16225 comm="syz.4.4364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42e8abe969 code=0x7ffc0000
[  346.446850][   T29] audit: type=1326 audit(2000000163.170:22259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16225 comm="syz.4.4364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42e8abe969 code=0x7ffc0000
[  346.470438][   T29] audit: type=1326 audit(2000000163.170:22260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16225 comm="syz.4.4364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f42e8abe969 code=0x7ffc0000
[  346.494017][   T29] audit: type=1326 audit(2000000163.170:22261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16225 comm="syz.4.4364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42e8abe969 code=0x7ffc0000
[  346.513794][  T271] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  346.517618][   T29] audit: type=1326 audit(2000000163.170:22262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16225 comm="syz.4.4364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42e8abe969 code=0x7ffc0000
[  346.677210][T11876] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  346.748647][T16241] hub 4-0:1.0: USB hub found
[  346.754869][T16244] syz.2.4370: attempt to access beyond end of device
[  346.754869][T16244] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  346.768388][T16241] hub 4-0:1.0: 8 ports detected
[  346.778761][ T3399] hid-generic 0000:007F:FFFFFFFE.001D: unknown main item tag 0x1
[  346.786788][ T3399] hid-generic 0000:007F:FFFFFFFE.001D: unknown main item tag 0x0
[  346.794601][ T3399] hid-generic 0000:007F:FFFFFFFE.001D: unknown main item tag 0x0
[  346.802378][ T3399] hid-generic 0000:007F:FFFFFFFE.001D: unknown main item tag 0x0
[  346.810223][ T3399] hid-generic 0000:007F:FFFFFFFE.001D: unknown main item tag 0x0
[  346.818195][ T3399] hid-generic 0000:007F:FFFFFFFE.001D: unknown main item tag 0x0
[  346.826123][ T3399] hid-generic 0000:007F:FFFFFFFE.001D: unknown main item tag 0x4
[  346.834001][ T3399] hid-generic 0000:007F:FFFFFFFE.001D: unknown main item tag 0x0
[  346.841757][ T3399] hid-generic 0000:007F:FFFFFFFE.001D: unknown main item tag 0x0
[  346.849609][ T3399] hid-generic 0000:007F:FFFFFFFE.001D: unknown main item tag 0x0
[  346.857388][ T3399] hid-generic 0000:007F:FFFFFFFE.001D: unknown main item tag 0x2
[  346.865206][ T3399] hid-generic 0000:007F:FFFFFFFE.001D: unknown main item tag 0x0
[  346.868115][T16250] hub 4-0:1.0: USB hub found
[  346.872964][ T3399] hid-generic 0000:007F:FFFFFFFE.001D: unknown main item tag 0x0
[  346.878594][T16250] hub 4-0:1.0: 8 ports detected
[  346.885445][ T3399] hid-generic 0000:007F:FFFFFFFE.001D: unknown main item tag 0x0
[  346.898087][ T3399] hid-generic 0000:007F:FFFFFFFE.001D: unknown main item tag 0x0
[  346.903366][T16127] hid-generic 0000:007F:FFFFFFFE.001E: unknown main item tag 0x1
[  346.905864][ T3399] hid-generic 0000:007F:FFFFFFFE.001D: unknown main item tag 0x0
[  346.913616][T16127] hid-generic 0000:007F:FFFFFFFE.001E: unknown main item tag 0x0
[  346.921447][ T3399] hid-generic 0000:007F:FFFFFFFE.001D: unknown main item tag 0x2
[  346.921470][ T3399] hid-generic 0000:007F:FFFFFFFE.001D: unknown main item tag 0x0
[  346.921491][ T3399] hid-generic 0000:007F:FFFFFFFE.001D: unknown main item tag 0x0
[  346.929277][T16127] hid-generic 0000:007F:FFFFFFFE.001E: unknown main item tag 0x0
[  346.937036][ T3399] hid-generic 0000:007F:FFFFFFFE.001D: unknown main item tag 0x0
[  346.944751][T16127] hid-generic 0000:007F:FFFFFFFE.001E: unknown main item tag 0x0
[  346.952439][ T3399] hid-generic 0000:007F:FFFFFFFE.001D: unknown main item tag 0x0
[  346.960207][T16127] hid-generic 0000:007F:FFFFFFFE.001E: unknown main item tag 0x0
[  346.967957][ T3399] hid-generic 0000:007F:FFFFFFFE.001D: unknown main item tag 0x0
[  346.975649][T16127] hid-generic 0000:007F:FFFFFFFE.001E: unknown main item tag 0x0
[  346.983321][ T3399] hid-generic 0000:007F:FFFFFFFE.001D: unknown main item tag 0x0
[  346.991050][T16127] hid-generic 0000:007F:FFFFFFFE.001E: unknown main item tag 0x4
[  346.998854][ T3399] hid-generic 0000:007F:FFFFFFFE.001D: unknown main item tag 0x0
[  347.006693][T16127] hid-generic 0000:007F:FFFFFFFE.001E: unknown main item tag 0x0
[  347.014365][ T3399] hid-generic 0000:007F:FFFFFFFE.001D: unknown main item tag 0x0
[  347.022044][T16127] hid-generic 0000:007F:FFFFFFFE.001E: unknown main item tag 0x0
[  347.029826][ T3399] hid-generic 0000:007F:FFFFFFFE.001D: unknown main item tag 0x0
[  347.037491][T16127] hid-generic 0000:007F:FFFFFFFE.001E: unknown main item tag 0x0
[  347.045196][ T3399] hid-generic 0000:007F:FFFFFFFE.001D: unknown main item tag 0x0
[  347.052894][T16127] hid-generic 0000:007F:FFFFFFFE.001E: unknown main item tag 0x2
[  347.060707][ T3399] hid-generic 0000:007F:FFFFFFFE.001D: unknown main item tag 0x0
[  347.068475][T16127] hid-generic 0000:007F:FFFFFFFE.001E: unknown main item tag 0x0
[  347.076362][ T3399] hid-generic 0000:007F:FFFFFFFE.001D: unknown main item tag 0x0
[  347.084070][T16127] hid-generic 0000:007F:FFFFFFFE.001E: unknown main item tag 0x0
[  347.091806][ T3399] hid-generic 0000:007F:FFFFFFFE.001D: unknown main item tag 0x0
[  347.099543][T16127] hid-generic 0000:007F:FFFFFFFE.001E: unknown main item tag 0x0
[  347.107246][ T3399] hid-generic 0000:007F:FFFFFFFE.001D: unknown main item tag 0x0
[  347.107312][ T3399] hid-generic 0000:007F:FFFFFFFE.001D: unknown main item tag 0x0
[  347.107339][ T3399] hid-generic 0000:007F:FFFFFFFE.001D: unknown main item tag 0x0
[  347.115081][T16127] hid-generic 0000:007F:FFFFFFFE.001E: unknown main item tag 0x0
[  347.122832][ T3399] hid-generic 0000:007F:FFFFFFFE.001D: unknown main item tag 0x0
[  347.130613][T16127] hid-generic 0000:007F:FFFFFFFE.001E: unknown main item tag 0x0
[  347.138309][ T3399] hid-generic 0000:007F:FFFFFFFE.001D: unknown main item tag 0x0
[  347.146035][T16127] hid-generic 0000:007F:FFFFFFFE.001E: unknown main item tag 0x2
[  347.153788][ T3399] hid-generic 0000:007F:FFFFFFFE.001D: unknown main item tag 0x0
[  347.161458][T16127] hid-generic 0000:007F:FFFFFFFE.001E: unknown main item tag 0x0
[  347.169175][ T3399] hid-generic 0000:007F:FFFFFFFE.001D: unknown main item tag 0x0
[  347.176884][T16127] hid-generic 0000:007F:FFFFFFFE.001E: unknown main item tag 0x0
[  347.184625][ T3399] hid-generic 0000:007F:FFFFFFFE.001D: unknown main item tag 0x0
[  347.192409][T16127] hid-generic 0000:007F:FFFFFFFE.001E: unknown main item tag 0x0
[  347.201601][   T59] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  347.207841][T16127] hid-generic 0000:007F:FFFFFFFE.001E: unknown main item tag 0x0
[  347.261756][T16127] hid-generic 0000:007F:FFFFFFFE.001E: unknown main item tag 0x0
[  347.269604][T16127] hid-generic 0000:007F:FFFFFFFE.001E: unknown main item tag 0x0
[  347.277379][T16127] hid-generic 0000:007F:FFFFFFFE.001E: unknown main item tag 0x0
[  347.284127][ T3399] hid-generic 0000:007F:FFFFFFFE.001D: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  347.285140][T16127] hid-generic 0000:007F:FFFFFFFE.001E: unknown main item tag 0x0
[  347.285163][T16127] hid-generic 0000:007F:FFFFFFFE.001E: unknown main item tag 0x0
[  347.285186][T16127] hid-generic 0000:007F:FFFFFFFE.001E: unknown main item tag 0x0
[  347.318311][T16127] hid-generic 0000:007F:FFFFFFFE.001E: unknown main item tag 0x0
[  347.326091][T16127] hid-generic 0000:007F:FFFFFFFE.001E: unknown main item tag 0x0
[  347.333854][T16127] hid-generic 0000:007F:FFFFFFFE.001E: unknown main item tag 0x0
[  347.341621][T16127] hid-generic 0000:007F:FFFFFFFE.001E: unknown main item tag 0x0
[  347.349404][T16127] hid-generic 0000:007F:FFFFFFFE.001E: unknown main item tag 0x0
[  347.357221][T16127] hid-generic 0000:007F:FFFFFFFE.001E: unknown main item tag 0x0
[  347.365029][T16127] hid-generic 0000:007F:FFFFFFFE.001E: unknown main item tag 0x0
[  347.372852][T16127] hid-generic 0000:007F:FFFFFFFE.001E: unknown main item tag 0x0
[  347.380645][T16127] hid-generic 0000:007F:FFFFFFFE.001E: unknown main item tag 0x0
[  347.388475][T16127] hid-generic 0000:007F:FFFFFFFE.001E: unknown main item tag 0x0
[  347.396249][T16127] hid-generic 0000:007F:FFFFFFFE.001E: unknown main item tag 0x0
[  347.411110][T16127] hid-generic 0000:007F:FFFFFFFE.001E: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  347.645223][T16275] IPVS: sync thread started: state = BACKUP, mcast_ifn = batadv0, syncid = 4, id = 0
[  347.724487][  T271] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  348.244280][ T5299] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  348.261938][T16300] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  348.326325][T16300] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  348.378435][T16303] bridge0: port 3(gretap0) entered blocking state
[  348.384984][T16303] bridge0: port 3(gretap0) entered disabled state
[  348.391739][T16303] gretap0: entered allmulticast mode
[  348.398000][T16303] gretap0: entered promiscuous mode
[  348.403379][T16303] bridge0: port 3(gretap0) entered blocking state
[  348.409859][T16303] bridge0: port 3(gretap0) entered forwarding state
[  348.422535][T16300] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  348.440483][T16303] gretap0: left allmulticast mode
[  348.445768][T16303] gretap0: left promiscuous mode
[  348.450995][T16303] bridge0: port 3(gretap0) entered disabled state
[  348.485914][T16300] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  348.549078][T16127] hid-generic 0000:007F:FFFFFFFE.001F: unknown main item tag 0x0
[  348.556935][T16127] hid-generic 0000:007F:FFFFFFFE.001F: unknown main item tag 0x0
[  348.564737][T16127] hid-generic 0000:007F:FFFFFFFE.001F: unknown main item tag 0x0
[  348.572487][T16127] hid-generic 0000:007F:FFFFFFFE.001F: unknown main item tag 0x0
[  348.580358][T16127] hid-generic 0000:007F:FFFFFFFE.001F: unknown main item tag 0x0
[  348.588238][T16127] hid-generic 0000:007F:FFFFFFFE.001F: unknown main item tag 0x0
[  348.596087][T16127] hid-generic 0000:007F:FFFFFFFE.001F: unknown main item tag 0x0
[  348.603852][T16127] hid-generic 0000:007F:FFFFFFFE.001F: unknown main item tag 0x0
[  348.611663][T16127] hid-generic 0000:007F:FFFFFFFE.001F: unknown main item tag 0x0
[  348.619431][T16127] hid-generic 0000:007F:FFFFFFFE.001F: unknown main item tag 0x0
[  348.627230][T16127] hid-generic 0000:007F:FFFFFFFE.001F: unknown main item tag 0x0
[  348.635098][T16127] hid-generic 0000:007F:FFFFFFFE.001F: unknown main item tag 0x0
[  348.642882][T16127] hid-generic 0000:007F:FFFFFFFE.001F: unknown main item tag 0x0
[  348.650709][T16127] hid-generic 0000:007F:FFFFFFFE.001F: unknown main item tag 0x0
[  348.658509][T16127] hid-generic 0000:007F:FFFFFFFE.001F: unknown main item tag 0x0
[  348.666434][T16127] hid-generic 0000:007F:FFFFFFFE.001F: unknown main item tag 0x0
[  348.674313][T16127] hid-generic 0000:007F:FFFFFFFE.001F: unknown main item tag 0x0
[  348.682094][T16127] hid-generic 0000:007F:FFFFFFFE.001F: unknown main item tag 0x0
[  348.689877][T16127] hid-generic 0000:007F:FFFFFFFE.001F: unknown main item tag 0x0
[  348.697709][T16127] hid-generic 0000:007F:FFFFFFFE.001F: unknown main item tag 0x0
[  348.705610][T16127] hid-generic 0000:007F:FFFFFFFE.001F: unknown main item tag 0x0
[  348.713367][T16127] hid-generic 0000:007F:FFFFFFFE.001F: unknown main item tag 0x0
[  348.721154][T16127] hid-generic 0000:007F:FFFFFFFE.001F: unknown main item tag 0x0
[  348.729077][T16127] hid-generic 0000:007F:FFFFFFFE.001F: unknown main item tag 0x0
[  348.736882][T16127] hid-generic 0000:007F:FFFFFFFE.001F: unknown main item tag 0x0
[  348.744660][T16127] hid-generic 0000:007F:FFFFFFFE.001F: unknown main item tag 0x0
[  348.752418][T16127] hid-generic 0000:007F:FFFFFFFE.001F: unknown main item tag 0x0
[  348.760284][T16127] hid-generic 0000:007F:FFFFFFFE.001F: unknown main item tag 0x0
[  348.768066][T16127] hid-generic 0000:007F:FFFFFFFE.001F: unknown main item tag 0x0
[  348.769026][  T271] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  348.775824][T16127] hid-generic 0000:007F:FFFFFFFE.001F: unknown main item tag 0x0
[  348.775851][T16127] hid-generic 0000:007F:FFFFFFFE.001F: unknown main item tag 0x0
[  348.775873][T16127] hid-generic 0000:007F:FFFFFFFE.001F: unknown main item tag 0x0
[  348.813436][T16127] hid-generic 0000:007F:FFFFFFFE.001F: unknown main item tag 0x0
[  348.821290][T16127] hid-generic 0000:007F:FFFFFFFE.001F: unknown main item tag 0x0
[  348.829084][T16127] hid-generic 0000:007F:FFFFFFFE.001F: unknown main item tag 0x0
[  348.836935][T16127] hid-generic 0000:007F:FFFFFFFE.001F: unknown main item tag 0x0
[  348.844711][T16127] hid-generic 0000:007F:FFFFFFFE.001F: unknown main item tag 0x0
[  348.852522][T16127] hid-generic 0000:007F:FFFFFFFE.001F: unknown main item tag 0x0
[  348.860296][T16127] hid-generic 0000:007F:FFFFFFFE.001F: unknown main item tag 0x0
[  348.868116][T16127] hid-generic 0000:007F:FFFFFFFE.001F: unknown main item tag 0x0
[  348.875936][T16127] hid-generic 0000:007F:FFFFFFFE.001F: unknown main item tag 0x0
[  348.883716][T16127] hid-generic 0000:007F:FFFFFFFE.001F: unknown main item tag 0x0
[  348.891683][T16127] hid-generic 0000:007F:FFFFFFFE.001F: unknown main item tag 0x0
[  348.942575][T16300] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  348.954623][T16300] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  348.967009][T16300] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  348.984521][T16127] hid-generic 0000:007F:FFFFFFFE.001F: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  348.990905][T16300] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  349.294499][   T12] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  349.619332][T16338] loop0: detected capacity change from 0 to 512
[  349.660447][T16347] bridge0: port 3(gretap0) entered blocking state
[  349.667011][T16347] bridge0: port 3(gretap0) entered disabled state
[  349.673973][T16347] gretap0: entered allmulticast mode
[  349.680388][T16347] gretap0: entered promiscuous mode
[  349.686673][T16338] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  349.700421][T16347] bridge0: port 3(gretap0) entered blocking state
[  349.707058][T16347] bridge0: port 3(gretap0) entered forwarding state
[  349.714929][T16338] ext4 filesystem being mounted at /215/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  349.726596][T16349] gretap0: left allmulticast mode
[  349.731661][T16349] gretap0: left promiscuous mode
[  349.736836][T16349] bridge0: port 3(gretap0) entered disabled state
[  349.758174][T16347] loop1: detected capacity change from 0 to 512
[  349.771473][T16347] EXT4-fs (loop1): orphan cleanup on readonly fs
[  349.778547][T16347] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.4406: bg 0: block 248: padding at end of block bitmap is not set
[  349.807760][T13238] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  349.817026][ T5299] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  349.836213][T16352] syz.3.4408: attempt to access beyond end of device
[  349.836213][T16352] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  349.853026][T16347] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.4406: Failed to acquire dquot type 1
[  349.868560][T16347] EXT4-fs (loop1): 1 truncate cleaned up
[  349.875317][T16347] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  349.877492][T16354] syz.0.4409: attempt to access beyond end of device
[  349.877492][T16354] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  349.911700][T11876] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  349.958084][T16358] hub 4-0:1.0: USB hub found
[  349.962891][T16358] hub 4-0:1.0: 8 ports detected
[  349.981340][T16360] siw: device registration error -23
[  350.117121][T16369] loop0: detected capacity change from 0 to 512
[  350.132886][T16369] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  350.161063][T16369] EXT4-fs (loop0): 1 truncate cleaned up
[  350.168205][T16369] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  350.343601][ T5299] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  350.610259][T13238] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  350.784004][T16396] syz.2.4421: attempt to access beyond end of device
[  350.784004][T16396] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  350.819320][T16404] FAULT_INJECTION: forcing a failure.
[  350.819320][T16404] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  350.832517][T16404] CPU: 1 UID: 0 PID: 16404 Comm: syz.2.4423 Not tainted 6.15.0-rc5-syzkaller-00353-gcd802e7e5f1e #0 PREEMPT(voluntary) 
[  350.832606][T16404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  350.832621][T16404] Call Trace:
[  350.832628][T16404]  <TASK>
[  350.832638][T16404]  __dump_stack+0x1d/0x30
[  350.832663][T16404]  dump_stack_lvl+0xe8/0x140
[  350.832690][T16404]  dump_stack+0x15/0x1b
[  350.832710][T16404]  should_fail_ex+0x265/0x280
[  350.832748][T16404]  should_fail+0xb/0x20
[  350.832782][T16404]  should_fail_usercopy+0x1a/0x20
[  350.832807][T16404]  _copy_from_user+0x1c/0xb0
[  350.832832][T16404]  __sys_bpf+0x178/0x790
[  350.832873][T16404]  __x64_sys_bpf+0x41/0x50
[  350.832904][T16404]  x64_sys_call+0x2478/0x2fb0
[  350.832977][T16404]  do_syscall_64+0xd0/0x1a0
[  350.833004][T16404]  ? clear_bhb_loop+0x25/0x80
[  350.833030][T16404]  ? clear_bhb_loop+0x25/0x80
[  350.833070][T16404]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  350.833095][T16404] RIP: 0033:0x7f3a664fe969
[  350.833142][T16404] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  350.833163][T16404] RSP: 002b:00007f3a64b67038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  350.833184][T16404] RAX: ffffffffffffffda RBX: 00007f3a66725fa0 RCX: 00007f3a664fe969
[  350.833197][T16404] RDX: 0000000000000090 RSI: 00002000000000c0 RDI: 0000000000000005
[  350.833211][T16404] RBP: 00007f3a64b67090 R08: 0000000000000000 R09: 0000000000000000
[  350.833224][T16404] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  350.833236][T16404] R13: 0000000000000000 R14: 00007f3a66725fa0 R15: 00007ffe546f5008
[  350.833285][T16404]  </TASK>
[  351.005625][ T5299] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  351.076011][T16405] bridge0: port 3(gretap0) entered blocking state
[  351.082499][T16405] bridge0: port 3(gretap0) entered disabled state
[  351.093729][T16405] gretap0: entered allmulticast mode
[  351.113280][T16405] gretap0: entered promiscuous mode
[  351.123763][T16405] bridge0: port 3(gretap0) entered blocking state
[  351.130290][T16405] bridge0: port 3(gretap0) entered forwarding state
[  351.263775][T16400] gretap0: left allmulticast mode
[  351.268863][T16400] gretap0: left promiscuous mode
[  351.274092][T16400] bridge0: port 3(gretap0) entered disabled state
[  351.341351][T16405] loop1: detected capacity change from 0 to 512
[  351.389018][T16405] EXT4-fs (loop1): orphan cleanup on readonly fs
[  351.486641][T16405] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.4422: bg 0: block 248: padding at end of block bitmap is not set
[  351.533830][  T271] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  351.533867][T16405] __quota_error: 209 callbacks suppressed
[  351.533881][T16405] Quota error (device loop1): write_blk: dquota write failed
[  351.561388][T16405] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  351.571349][T16405] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.4422: Failed to acquire dquot type 1
[  351.584795][T16405] EXT4-fs (loop1): 1 truncate cleaned up
[  351.626781][T16405] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  351.733651][T11876] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  351.913080][T16432] loop1: detected capacity change from 0 to 512
[  351.951024][T16432] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  351.993617][   T29] audit: type=1400 audit(2000000168.840:22470): avc:  denied  { read } for  pid=16430 comm="syz.3.4431" name="qrtr-tun" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  352.016738][   T29] audit: type=1400 audit(2000000168.840:22471): avc:  denied  { open } for  pid=16430 comm="syz.3.4431" path="/dev/qrtr-tun" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  352.040306][   T29] audit: type=1400 audit(2000000168.840:22472): avc:  denied  { connect } for  pid=16430 comm="syz.3.4431" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  352.060380][   T29] audit: type=1400 audit(2000000168.850:22473): avc:  denied  { write } for  pid=16430 comm="syz.3.4431" path="socket:[52692]" dev="sockfs" ino=52692 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  352.123925][ T5299] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  352.162284][T16435] loop0: detected capacity change from 0 to 512
[  352.261325][T16435] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  352.347162][T16432] EXT4-fs (loop1): 1 truncate cleaned up
[  352.355676][T16435] EXT4-fs (loop0): 1 truncate cleaned up
[  352.361828][T16432] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  352.374725][T16435] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  352.593656][   T29] audit: type=1326 audit(2000000169.460:22474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16450 comm="syz.2.4434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a664fe969 code=0x7ffc0000
[  352.617503][   T29] audit: type=1326 audit(2000000169.460:22475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16450 comm="syz.2.4434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3a664fe969 code=0x7ffc0000
[  352.641273][   T29] audit: type=1326 audit(2000000169.460:22476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16450 comm="syz.2.4434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a664fe969 code=0x7ffc0000
[  352.664926][   T29] audit: type=1326 audit(2000000169.460:22477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16450 comm="syz.2.4434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a664fe969 code=0x7ffc0000
[  352.676236][ T5299] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  352.815163][T13238] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  352.847210][T11876] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  352.888377][T16465] bridge0: port 3(gretap0) entered blocking state
[  352.894919][T16465] bridge0: port 3(gretap0) entered disabled state
[  352.903897][T16465] gretap0: entered allmulticast mode
[  352.909846][T16465] gretap0: entered promiscuous mode
[  352.916611][T16465] bridge0: port 3(gretap0) entered blocking state
[  352.923081][T16465] bridge0: port 3(gretap0) entered forwarding state
[  352.943267][T16470] gretap0: left allmulticast mode
[  352.948389][T16470] gretap0: left promiscuous mode
[  352.953469][T16470] bridge0: port 3(gretap0) entered disabled state
[  353.007622][T16465] loop1: detected capacity change from 0 to 512
[  353.028409][T16465] EXT4-fs (loop1): orphan cleanup on readonly fs
[  353.038390][T16465] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.4438: bg 0: block 248: padding at end of block bitmap is not set
[  353.053356][T16465] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.4438: Failed to acquire dquot type 1
[  353.066228][T16465] EXT4-fs (loop1): 1 truncate cleaned up
[  353.072689][T16465] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  353.083162][T16479] hub 4-0:1.0: USB hub found
[  353.089985][T16479] hub 4-0:1.0: 8 ports detected
[  353.101819][T11876] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  353.117160][T16482] siw: device registration error -23
[  353.138844][T16484] loop2: detected capacity change from 0 to 512
[  353.233016][ T5299] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  353.284871][T16484] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  353.300874][T16491] FAULT_INJECTION: forcing a failure.
[  353.300874][T16491] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  353.309005][T16484] EXT4-fs (loop2): 1 truncate cleaned up
[  353.314021][T16491] CPU: 1 UID: 0 PID: 16491 Comm: syz.0.4445 Not tainted 6.15.0-rc5-syzkaller-00353-gcd802e7e5f1e #0 PREEMPT(voluntary) 
[  353.314057][T16491] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  353.314185][T16491] Call Trace:
[  353.314194][T16491]  <TASK>
[  353.314204][T16491]  __dump_stack+0x1d/0x30
[  353.314232][T16491]  dump_stack_lvl+0xe8/0x140
[  353.314302][T16491]  dump_stack+0x15/0x1b
[  353.314324][T16491]  should_fail_ex+0x265/0x280
[  353.314367][T16491]  should_fail+0xb/0x20
[  353.314479][T16491]  should_fail_usercopy+0x1a/0x20
[  353.314504][T16491]  strncpy_from_user+0x25/0x230
[  353.314609][T16491]  ? __kmalloc_cache_noprof+0x189/0x320
[  353.314639][T16491]  __se_sys_memfd_create+0x1ff/0x590
[  353.314673][T16491]  __x64_sys_memfd_create+0x31/0x40
[  353.314704][T16491]  x64_sys_call+0x122f/0x2fb0
[  353.314755][T16491]  do_syscall_64+0xd0/0x1a0
[  353.314785][T16491]  ? clear_bhb_loop+0x25/0x80
[  353.314813][T16491]  ? clear_bhb_loop+0x25/0x80
[  353.314894][T16491]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  353.314928][T16491] RIP: 0033:0x7f11d100e969
[  353.314949][T16491] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  353.314973][T16491] RSP: 002b:00007f11cf677038 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  353.314997][T16491] RAX: ffffffffffffffda RBX: 00007f11d1235fa0 RCX: 00007f11d100e969
[  353.315013][T16491] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  353.315064][T16491] RBP: 00007f11cf677090 R08: 0000000000000000 R09: 0000000000000000
[  353.315081][T16491] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  353.315097][T16491] R13: 0000000000000000 R14: 00007f11d1235fa0 R15: 00007ffdf815d448
[  353.315122][T16491]  </TASK>
[  353.594777][T16484] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  353.913166][ T5299] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  354.182029][T16511] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 6a:4b:e4:2a:53:62
[  354.221980][T16511] syz.4.4449: attempt to access beyond end of device
[  354.221980][T16511] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  354.335144][T12032] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  354.430672][T16520] syz.2.4451: attempt to access beyond end of device
[  354.430672][T16520] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  354.443859][  T271] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  354.518143][T16528] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  354.605375][T16528] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  354.623889][T16531] pim6reg1: entered promiscuous mode
[  354.629231][T16531] pim6reg1: entered allmulticast mode
[  354.652638][T16528] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  354.684091][T16538] tipc: Started in network mode
[  354.689027][T16538] tipc: Node identity fe80000000000000000000000000001, cluster identity 4711
[  354.713436][T16538] tipc: Enabled bearer <udp:s>, priority 10
[  354.725654][T16528] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  354.789743][T16539] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4458'.
[  354.839909][T16528] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  354.852738][T16528] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  354.862888][T16543] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4461'.
[  354.867080][T16528] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  354.882095][T16543] netlink: 48 bytes leftover after parsing attributes in process `syz.0.4461'.
[  354.887260][T16528] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  354.995352][  T271] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  355.069687][T16555] hub 4-0:1.0: USB hub found
[  355.074417][T16555] hub 4-0:1.0: 8 ports detected
[  355.513563][  T271] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  355.752755][T16574] loop2: detected capacity change from 0 to 164
[  355.761072][T16574] Unable to read rock-ridge attributes
[  355.771960][T16574] Unable to read rock-ridge attributes
[  355.824948][   T36] tipc: Node number set to 4269801488
[  355.850541][T16581] loop1: detected capacity change from 0 to 512
[  355.875982][T16582] netlink: 5028 bytes leftover after parsing attributes in process `syz.2.4473'.
[  355.898976][T16584] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4474'.
[  355.908260][T16584] netlink: 48 bytes leftover after parsing attributes in process `syz.3.4474'.
[  355.913911][T16581] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  355.917578][T16582] netlink: 5028 bytes leftover after parsing attributes in process `syz.2.4473'.
[  355.939211][T16581] EXT4-fs (loop1): 1 truncate cleaned up
[  355.949587][T16581] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  356.043105][T16595] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  356.053704][   T12] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  356.108556][T16595] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  356.217663][T16595] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  356.266303][T16595] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  356.320881][T16595] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  356.344448][T16595] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  356.361697][T16595] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  356.373781][T16595] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  356.392309][T11876] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  356.423107][T16608] loop1: detected capacity change from 0 to 164
[  356.464969][T16608] Unable to read rock-ridge attributes
[  356.474837][T16608] Unable to read rock-ridge attributes
[  356.594887][   T12] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  356.849069][T16621] hub 4-0:1.0: USB hub found
[  356.854568][T16621] hub 4-0:1.0: 8 ports detected
[  357.121257][   T12] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  357.147732][   T29] kauditd_printk_skb: 159 callbacks suppressed
[  357.147750][   T29] audit: type=1326 audit(2000000174.020:22635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16633 comm="syz.2.4490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a664fe969 code=0x7ffc0000
[  357.177690][   T29] audit: type=1326 audit(2000000174.020:22636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16633 comm="syz.2.4490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a664fe969 code=0x7ffc0000
[  357.201380][   T29] audit: type=1326 audit(2000000174.020:22637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16633 comm="syz.2.4490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3a664fe969 code=0x7ffc0000
[  357.225290][   T29] audit: type=1326 audit(2000000174.020:22638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16633 comm="syz.2.4490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a664fe969 code=0x7ffc0000
[  357.249693][T16634] gretap0: left allmulticast mode
[  357.254805][T16634] gretap0: left promiscuous mode
[  357.255127][T16638] loop0: detected capacity change from 0 to 512
[  357.260042][T16634] bridge0: port 3(gretap0) entered disabled state
[  357.294301][T16638] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  357.310104][T16638] EXT4-fs (loop0): 1 truncate cleaned up
[  357.316327][T16638] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  357.330411][   T29] audit: type=1326 audit(2000000174.070:22639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16633 comm="syz.2.4490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3a664fe969 code=0x7ffc0000
[  357.330973][T16644] loop2: detected capacity change from 0 to 512
[  357.354060][   T29] audit: type=1326 audit(2000000174.070:22640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16633 comm="syz.2.4490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a664fe969 code=0x7ffc0000
[  357.383978][   T29] audit: type=1326 audit(2000000174.070:22641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16633 comm="syz.2.4490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a664fe969 code=0x7ffc0000
[  357.407662][   T29] audit: type=1326 audit(2000000174.120:22642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16633 comm="syz.2.4490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=84 compat=0 ip=0x7f3a664fe969 code=0x7ffc0000
[  357.431244][   T29] audit: type=1326 audit(2000000174.120:22643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16633 comm="syz.2.4490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a664fe969 code=0x7ffc0000
[  357.434965][T16644] EXT4-fs (loop2): orphan cleanup on readonly fs
[  357.455017][   T29] audit: type=1326 audit(2000000174.120:22644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16633 comm="syz.2.4490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3a664fe969 code=0x7ffc0000
[  357.493993][T16644] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.4490: bg 0: block 248: padding at end of block bitmap is not set
[  357.509346][T16644] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.4490: Failed to acquire dquot type 1
[  357.521088][T16644] EXT4-fs (loop2): 1 truncate cleaned up
[  357.536807][T16644] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  357.636788][T12032] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  357.646626][ T5299] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  357.726984][T16656] hub 4-0:1.0: USB hub found
[  357.731797][T16656] hub 4-0:1.0: 8 ports detected
[  357.738620][T16658] FAULT_INJECTION: forcing a failure.
[  357.738620][T16658] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  357.738863][T13238] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  357.751777][T16658] CPU: 1 UID: 0 PID: 16658 Comm: syz.3.4497 Not tainted 6.15.0-rc5-syzkaller-00353-gcd802e7e5f1e #0 PREEMPT(voluntary) 
[  357.751813][T16658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  357.751831][T16658] Call Trace:
[  357.751840][T16658]  <TASK>
[  357.751851][T16658]  __dump_stack+0x1d/0x30
[  357.751942][T16658]  dump_stack_lvl+0xe8/0x140
[  357.751973][T16658]  dump_stack+0x15/0x1b
[  357.751995][T16658]  should_fail_ex+0x265/0x280
[  357.752036][T16658]  should_fail+0xb/0x20
[  357.752133][T16658]  should_fail_usercopy+0x1a/0x20
[  357.752158][T16658]  _copy_from_user+0x1c/0xb0
[  357.752185][T16658]  ucma_join_multicast+0x52/0xe0
[  357.752246][T16658]  ucma_write+0x1b0/0x250
[  357.752275][T16658]  ? __pfx_ucma_write+0x10/0x10
[  357.752303][T16658]  vfs_write+0x266/0x8d0
[  357.752335][T16658]  ? __rcu_read_unlock+0x4f/0x70
[  357.752361][T16658]  ? __fget_files+0x184/0x1c0
[  357.752439][T16658]  ksys_write+0xda/0x1a0
[  357.752480][T16658]  __x64_sys_write+0x40/0x50
[  357.752513][T16658]  x64_sys_call+0x2cdd/0x2fb0
[  357.752541][T16658]  do_syscall_64+0xd0/0x1a0
[  357.752632][T16658]  ? clear_bhb_loop+0x25/0x80
[  357.752661][T16658]  ? clear_bhb_loop+0x25/0x80
[  357.752688][T16658]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  357.752768][T16658] RIP: 0033:0x7fd14f9ce969
[  357.752787][T16658] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  357.752854][T16658] RSP: 002b:00007fd14e037038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  357.752877][T16658] RAX: ffffffffffffffda RBX: 00007fd14fbf5fa0 RCX: 00007fd14f9ce969
[  357.752941][T16658] RDX: 00000000000000a0 RSI: 00002000000000c0 RDI: 0000000000000003
[  357.752953][T16658] RBP: 00007fd14e037090 R08: 0000000000000000 R09: 0000000000000000
[  357.752965][T16658] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  357.752976][T16658] R13: 0000000000000000 R14: 00007fd14fbf5fa0 R15: 00007ffd199228d8
[  357.752998][T16658]  </TASK>
[  357.818437][T16660] loop2: detected capacity change from 0 to 512
[  357.973538][T16660] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  357.995125][T16660] EXT4-fs (loop2): 1 truncate cleaned up
[  358.001201][T16660] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  358.112557][T16670] loop0: detected capacity change from 0 to 512
[  358.148646][T16670] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  358.164704][ T5299] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  358.218586][T12032] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  358.228616][T16670] EXT4-fs (loop0): 1 truncate cleaned up
[  358.237263][T16670] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  358.252953][T16675] siw: device registration error -23
[  358.604754][T16689] bridge0: port 3(gretap0) entered blocking state
[  358.611301][T16689] bridge0: port 3(gretap0) entered disabled state
[  358.684518][   T51] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  358.714607][T16689] gretap0: entered allmulticast mode
[  358.755034][T16689] gretap0: entered promiscuous mode
[  358.783770][T13238] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  358.816529][T16689] bridge0: port 3(gretap0) entered blocking state
[  358.823149][T16689] bridge0: port 3(gretap0) entered forwarding state
[  358.939741][T16706] loop0: detected capacity change from 0 to 512
[  358.955447][T16706] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  358.980071][T16706] EXT4-fs (loop0): 1 truncate cleaned up
[  358.994916][T16706] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  359.170975][T16710] bridge0: port 3(gretap0) entered blocking state
[  359.177510][T16710] bridge0: port 3(gretap0) entered disabled state
[  359.198729][T16710] gretap0: entered allmulticast mode
[  359.215573][   T12] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  359.234184][T16710] gretap0: entered promiscuous mode
[  359.239729][T16710] bridge0: port 3(gretap0) entered blocking state
[  359.246318][T16710] bridge0: port 3(gretap0) entered forwarding state
[  359.271656][T16715] gretap0: left allmulticast mode
[  359.276826][T16715] gretap0: left promiscuous mode
[  359.281995][T16715] bridge0: port 3(gretap0) entered disabled state
[  359.310715][T16710] loop2: detected capacity change from 0 to 512
[  359.347610][T13238] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  359.357718][T16710] EXT4-fs (loop2): orphan cleanup on readonly fs
[  359.365462][T16710] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.4513: bg 0: block 248: padding at end of block bitmap is not set
[  359.382487][T16710] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.4513: Failed to acquire dquot type 1
[  359.386958][T16722] hub 4-0:1.0: USB hub found
[  359.405391][T16722] hub 4-0:1.0: 8 ports detected
[  359.419044][ T3465] hid-generic 0000:007F:FFFFFFFE.0020: unknown main item tag 0x1
[  359.426903][ T3465] hid-generic 0000:007F:FFFFFFFE.0020: unknown main item tag 0x0
[  359.434815][ T3465] hid-generic 0000:007F:FFFFFFFE.0020: unknown main item tag 0x0
[  359.442586][ T3465] hid-generic 0000:007F:FFFFFFFE.0020: unknown main item tag 0x0
[  359.448946][T16710] EXT4-fs (loop2): 1 truncate cleaned up
[  359.450512][ T3465] hid-generic 0000:007F:FFFFFFFE.0020: unknown main item tag 0x0
[  359.462472][T16726] loop0: detected capacity change from 0 to 512
[  359.463909][ T3465] hid-generic 0000:007F:FFFFFFFE.0020: unknown main item tag 0x0
[  359.477938][ T3465] hid-generic 0000:007F:FFFFFFFE.0020: unknown main item tag 0x4
[  359.485032][T16726] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  359.485795][ T3465] hid-generic 0000:007F:FFFFFFFE.0020: unknown main item tag 0x0
[  359.499248][T16726] ext4 filesystem being mounted at /238/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  359.505915][ T3465] hid-generic 0000:007F:FFFFFFFE.0020: unknown main item tag 0x0
[  359.524011][ T3465] hid-generic 0000:007F:FFFFFFFE.0020: unknown main item tag 0x0
[  359.531778][ T3465] hid-generic 0000:007F:FFFFFFFE.0020: unknown main item tag 0x2
[  359.539608][ T3465] hid-generic 0000:007F:FFFFFFFE.0020: unknown main item tag 0x0
[  359.547407][ T3465] hid-generic 0000:007F:FFFFFFFE.0020: unknown main item tag 0x0
[  359.555203][ T3465] hid-generic 0000:007F:FFFFFFFE.0020: unknown main item tag 0x0
[  359.562966][ T3465] hid-generic 0000:007F:FFFFFFFE.0020: unknown main item tag 0x0
[  359.570770][ T3465] hid-generic 0000:007F:FFFFFFFE.0020: unknown main item tag 0x0
[  359.578571][ T3465] hid-generic 0000:007F:FFFFFFFE.0020: unknown main item tag 0x2
[  359.586376][ T3465] hid-generic 0000:007F:FFFFFFFE.0020: unknown main item tag 0x0
[  359.594150][ T3465] hid-generic 0000:007F:FFFFFFFE.0020: unknown main item tag 0x0
[  359.602014][ T3465] hid-generic 0000:007F:FFFFFFFE.0020: unknown main item tag 0x0
[  359.609814][ T3465] hid-generic 0000:007F:FFFFFFFE.0020: unknown main item tag 0x0
[  359.617654][ T3465] hid-generic 0000:007F:FFFFFFFE.0020: unknown main item tag 0x0
[  359.625410][ T3465] hid-generic 0000:007F:FFFFFFFE.0020: unknown main item tag 0x0
[  359.633189][ T3465] hid-generic 0000:007F:FFFFFFFE.0020: unknown main item tag 0x0
[  359.641006][ T3465] hid-generic 0000:007F:FFFFFFFE.0020: unknown main item tag 0x0
[  359.648920][ T3465] hid-generic 0000:007F:FFFFFFFE.0020: unknown main item tag 0x0
[  359.656693][ T3465] hid-generic 0000:007F:FFFFFFFE.0020: unknown main item tag 0x0
[  359.664522][ T3465] hid-generic 0000:007F:FFFFFFFE.0020: unknown main item tag 0x0
[  359.672267][ T3465] hid-generic 0000:007F:FFFFFFFE.0020: unknown main item tag 0x0
[  359.680043][ T3465] hid-generic 0000:007F:FFFFFFFE.0020: unknown main item tag 0x0
[  359.687804][ T3465] hid-generic 0000:007F:FFFFFFFE.0020: unknown main item tag 0x0
[  359.695582][ T3465] hid-generic 0000:007F:FFFFFFFE.0020: unknown main item tag 0x0
[  359.703417][ T3465] hid-generic 0000:007F:FFFFFFFE.0020: unknown main item tag 0x0
[  359.711249][ T3465] hid-generic 0000:007F:FFFFFFFE.0020: unknown main item tag 0x0
[  359.719102][ T3465] hid-generic 0000:007F:FFFFFFFE.0020: unknown main item tag 0x0
[  359.726906][ T3465] hid-generic 0000:007F:FFFFFFFE.0020: unknown main item tag 0x0
[  359.734444][ T5299] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  359.734664][ T3465] hid-generic 0000:007F:FFFFFFFE.0020: unknown main item tag 0x0
[  359.756698][ T3465] hid-generic 0000:007F:FFFFFFFE.0020: unknown main item tag 0x0
[  359.765324][ T3465] hid-generic 0000:007F:FFFFFFFE.0020: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  359.853284][T16710] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  359.916903][T16741] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  359.936546][T16740] hub 4-0:1.0: USB hub found
[  359.941354][T16740] hub 4-0:1.0: 8 ports detected
[  359.951218][ T3465] hid-generic 0000:007F:FFFFFFFE.0021: unknown main item tag 0x1
[  359.959146][ T3465] hid-generic 0000:007F:FFFFFFFE.0021: unknown main item tag 0x0
[  359.967027][ T3465] hid-generic 0000:007F:FFFFFFFE.0021: unknown main item tag 0x0
[  359.974848][ T3465] hid-generic 0000:007F:FFFFFFFE.0021: unknown main item tag 0x0
[  359.982610][ T3465] hid-generic 0000:007F:FFFFFFFE.0021: unknown main item tag 0x0
[  359.990496][ T3465] hid-generic 0000:007F:FFFFFFFE.0021: unknown main item tag 0x0
[  359.998383][ T3465] hid-generic 0000:007F:FFFFFFFE.0021: unknown main item tag 0x4
[  360.006274][ T3465] hid-generic 0000:007F:FFFFFFFE.0021: unknown main item tag 0x0
[  360.014065][ T3465] hid-generic 0000:007F:FFFFFFFE.0021: unknown main item tag 0x0
[  360.021915][ T3465] hid-generic 0000:007F:FFFFFFFE.0021: unknown main item tag 0x0
[  360.029834][ T3465] hid-generic 0000:007F:FFFFFFFE.0021: unknown main item tag 0x2
[  360.037645][ T3465] hid-generic 0000:007F:FFFFFFFE.0021: unknown main item tag 0x0
[  360.045418][ T3465] hid-generic 0000:007F:FFFFFFFE.0021: unknown main item tag 0x0
[  360.053194][ T3465] hid-generic 0000:007F:FFFFFFFE.0021: unknown main item tag 0x0
[  360.061089][ T3465] hid-generic 0000:007F:FFFFFFFE.0021: unknown main item tag 0x0
[  360.061120][ T3465] hid-generic 0000:007F:FFFFFFFE.0021: unknown main item tag 0x0
[  360.076654][ T3465] hid-generic 0000:007F:FFFFFFFE.0021: unknown main item tag 0x2
[  360.084468][ T3465] hid-generic 0000:007F:FFFFFFFE.0021: unknown main item tag 0x0
[  360.092247][ T3465] hid-generic 0000:007F:FFFFFFFE.0021: unknown main item tag 0x0
[  360.100042][ T3465] hid-generic 0000:007F:FFFFFFFE.0021: unknown main item tag 0x0
[  360.107808][ T3465] hid-generic 0000:007F:FFFFFFFE.0021: unknown main item tag 0x0
[  360.115579][ T3465] hid-generic 0000:007F:FFFFFFFE.0021: unknown main item tag 0x0
[  360.123320][ T3465] hid-generic 0000:007F:FFFFFFFE.0021: unknown main item tag 0x0
[  360.131133][ T3465] hid-generic 0000:007F:FFFFFFFE.0021: unknown main item tag 0x0
[  360.138977][ T3465] hid-generic 0000:007F:FFFFFFFE.0021: unknown main item tag 0x0
[  360.146846][ T3465] hid-generic 0000:007F:FFFFFFFE.0021: unknown main item tag 0x0
[  360.154714][ T3465] hid-generic 0000:007F:FFFFFFFE.0021: unknown main item tag 0x0
[  360.162481][ T3465] hid-generic 0000:007F:FFFFFFFE.0021: unknown main item tag 0x0
[  360.170363][ T3465] hid-generic 0000:007F:FFFFFFFE.0021: unknown main item tag 0x0
[  360.178254][ T3465] hid-generic 0000:007F:FFFFFFFE.0021: unknown main item tag 0x0
[  360.186035][ T3465] hid-generic 0000:007F:FFFFFFFE.0021: unknown main item tag 0x0
[  360.193801][ T3465] hid-generic 0000:007F:FFFFFFFE.0021: unknown main item tag 0x0
[  360.201593][ T3465] hid-generic 0000:007F:FFFFFFFE.0021: unknown main item tag 0x0
[  360.209353][ T3465] hid-generic 0000:007F:FFFFFFFE.0021: unknown main item tag 0x0
[  360.217108][ T3465] hid-generic 0000:007F:FFFFFFFE.0021: unknown main item tag 0x0
[  360.224858][ T3465] hid-generic 0000:007F:FFFFFFFE.0021: unknown main item tag 0x0
[  360.232597][ T3465] hid-generic 0000:007F:FFFFFFFE.0021: unknown main item tag 0x0
[  360.240395][ T3465] hid-generic 0000:007F:FFFFFFFE.0021: unknown main item tag 0x0
[  360.272788][ T3465] hid-generic 0000:007F:FFFFFFFE.0021: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  360.284095][   T12] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  360.301856][T12032] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  361.088269][  T271] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  361.140293][T16741] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  361.164884][T16753] bridge0: port 3(gretap0) entered blocking state
[  361.171405][T16753] bridge0: port 3(gretap0) entered disabled state
[  361.232370][T16753] gretap0: entered allmulticast mode
[  361.238768][T16753] gretap0: entered promiscuous mode
[  361.245177][T16753] bridge0: port 3(gretap0) entered blocking state
[  361.251663][T16753] bridge0: port 3(gretap0) entered forwarding state
[  361.259703][T16756] gretap0: left allmulticast mode
[  361.264842][T16756] gretap0: left promiscuous mode
[  361.269977][T16756] bridge0: port 3(gretap0) entered disabled state
[  361.347122][T16741] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  361.358863][T13238] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  361.389597][T16753] loop2: detected capacity change from 0 to 512
[  361.405295][T16741] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  361.424229][T16753] EXT4-fs (loop2): orphan cleanup on readonly fs
[  361.431183][T16753] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.4524: bg 0: block 248: padding at end of block bitmap is not set
[  361.476871][T16753] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.4524: Failed to acquire dquot type 1
[  361.502703][T16741] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  361.604039][   T59] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  361.623664][T16753] EXT4-fs (loop2): 1 truncate cleaned up
[  361.655816][T16741] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  361.715752][T16741] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  361.837539][T16741] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  361.947648][T16775] hub 4-0:1.0: USB hub found
[  361.952435][T16775] hub 4-0:1.0: 8 ports detected
[  362.007521][T16784] siw: device registration error -23
[  362.066691][T16787] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4534'.
[  362.177325][ T5299] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  362.624402][T16809] FAULT_INJECTION: forcing a failure.
[  362.624402][T16809] name failslab, interval 1, probability 0, space 0, times 0
[  362.637141][T16809] CPU: 0 UID: 0 PID: 16809 Comm: syz.4.4540 Not tainted 6.15.0-rc5-syzkaller-00353-gcd802e7e5f1e #0 PREEMPT(voluntary) 
[  362.637178][T16809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  362.637261][T16809] Call Trace:
[  362.637270][T16809]  <TASK>
[  362.637280][T16809]  __dump_stack+0x1d/0x30
[  362.637305][T16809]  dump_stack_lvl+0xe8/0x140
[  362.637325][T16809]  dump_stack+0x15/0x1b
[  362.637346][T16809]  should_fail_ex+0x265/0x280
[  362.637449][T16809]  ? __se_sys_mount+0xef/0x2e0
[  362.637473][T16809]  should_failslab+0x8c/0xb0
[  362.637535][T16809]  __kmalloc_cache_noprof+0x4c/0x320
[  362.637556][T16809]  ? __fget_files+0x184/0x1c0
[  362.637646][T16809]  __se_sys_mount+0xef/0x2e0
[  362.637669][T16809]  ? fput+0x8f/0xc0
[  362.637727][T16809]  ? ksys_write+0x16e/0x1a0
[  362.637777][T16809]  __x64_sys_mount+0x67/0x80
[  362.637801][T16809]  x64_sys_call+0xd36/0x2fb0
[  362.637821][T16809]  do_syscall_64+0xd0/0x1a0
[  362.637845][T16809]  ? clear_bhb_loop+0x25/0x80
[  362.637866][T16809]  ? clear_bhb_loop+0x25/0x80
[  362.637962][T16809]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  362.638025][T16809] RIP: 0033:0x7f42e8abe969
[  362.638041][T16809] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  362.638063][T16809] RSP: 002b:00007f42e7127038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  362.638138][T16809] RAX: ffffffffffffffda RBX: 00007f42e8ce5fa0 RCX: 00007f42e8abe969
[  362.638151][T16809] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000000
[  362.638167][T16809] RBP: 00007f42e7127090 R08: 0000200000000440 R09: 0000000000000000
[  362.638183][T16809] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  362.638198][T16809] R13: 0000000000000000 R14: 00007f42e8ce5fa0 R15: 00007ffde6cec378
[  362.638222][T16809]  </TASK>
[  362.826940][ T5299] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  362.955897][   T29] kauditd_printk_skb: 267 callbacks suppressed
[  362.955916][   T29] audit: type=1326 audit(2000000179.830:22906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16810 comm="syz.2.4541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a664fe969 code=0x7ffc0000
[  363.086586][   T29] audit: type=1326 audit(2000000179.830:22907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16810 comm="syz.2.4541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3a664fe969 code=0x7ffc0000
[  363.110444][   T29] audit: type=1326 audit(2000000179.830:22908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16810 comm="syz.2.4541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a664fe969 code=0x7ffc0000
[  363.134156][   T29] audit: type=1326 audit(2000000179.830:22909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16810 comm="syz.2.4541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f3a664fe969 code=0x7ffc0000
[  363.157856][   T29] audit: type=1326 audit(2000000179.830:22910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16810 comm="syz.2.4541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a664fe969 code=0x7ffc0000
[  363.181819][   T29] audit: type=1326 audit(2000000179.830:22911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16810 comm="syz.2.4541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=82 compat=0 ip=0x7f3a664fe969 code=0x7ffc0000
[  363.205577][   T29] audit: type=1326 audit(2000000179.830:22912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16810 comm="syz.2.4541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a664fe969 code=0x7ffc0000
[  363.229193][   T29] audit: type=1326 audit(2000000179.830:22913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16810 comm="syz.2.4541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a664fe969 code=0x7ffc0000
[  363.254279][   T29] audit: type=1326 audit(2000000179.930:22914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16812 comm="syz.4.4542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42e8abe969 code=0x7ffc0000
[  363.278013][   T29] audit: type=1326 audit(2000000179.930:22915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16812 comm="syz.4.4542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=210 compat=0 ip=0x7f42e8abe969 code=0x7ffc0000
[  363.290028][T16819] hub 4-0:1.0: USB hub found
[  363.343613][ T5299] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  363.384503][T16819] hub 4-0:1.0: 8 ports detected
[  363.646200][T16828] siw: device registration error -23
[  363.844009][T16845] pim6reg1: entered promiscuous mode
[  363.849453][T16845] pim6reg1: entered allmulticast mode
[  363.863777][ T5299] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  363.888439][T16849] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 6a:4b:e4:2a:53:62
[  363.904124][T16849] syz.4.4549: attempt to access beyond end of device
[  363.904124][T16849] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  363.935234][T16852] FAULT_INJECTION: forcing a failure.
[  363.935234][T16852] name failslab, interval 1, probability 0, space 0, times 0
[  363.947969][T16852] CPU: 0 UID: 0 PID: 16852 Comm: syz.4.4554 Not tainted 6.15.0-rc5-syzkaller-00353-gcd802e7e5f1e #0 PREEMPT(voluntary) 
[  363.948065][T16852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  363.948078][T16852] Call Trace:
[  363.948084][T16852]  <TASK>
[  363.948091][T16852]  __dump_stack+0x1d/0x30
[  363.948117][T16852]  dump_stack_lvl+0xe8/0x140
[  363.948161][T16852]  dump_stack+0x15/0x1b
[  363.948183][T16852]  should_fail_ex+0x265/0x280
[  363.948224][T16852]  should_failslab+0x8c/0xb0
[  363.948300][T16852]  kmem_cache_alloc_noprof+0x50/0x310
[  363.948371][T16852]  ? security_inode_alloc+0x37/0x100
[  363.948397][T16852]  security_inode_alloc+0x37/0x100
[  363.948416][T16852]  inode_init_always_gfp+0x4b7/0x500
[  363.948518][T16852]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  363.948554][T16852]  alloc_inode+0x58/0x170
[  363.948583][T16852]  new_inode+0x1d/0xe0
[  363.948609][T16852]  shmem_get_inode+0x244/0x750
[  363.948722][T16852]  __shmem_file_setup+0x122/0x1f0
[  363.948751][T16852]  shmem_file_setup+0x3b/0x50
[  363.948782][T16852]  __se_sys_memfd_create+0x2c3/0x590
[  363.948815][T16852]  __x64_sys_memfd_create+0x31/0x40
[  363.948869][T16852]  x64_sys_call+0x122f/0x2fb0
[  363.948897][T16852]  do_syscall_64+0xd0/0x1a0
[  363.948926][T16852]  ? clear_bhb_loop+0x25/0x80
[  363.948952][T16852]  ? clear_bhb_loop+0x25/0x80
[  363.948979][T16852]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  363.949018][T16852] RIP: 0033:0x7f42e8abe969
[  363.949035][T16852] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  363.949055][T16852] RSP: 002b:00007f42e7126e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  363.949073][T16852] RAX: ffffffffffffffda RBX: 000000000000055a RCX: 00007f42e8abe969
[  363.949085][T16852] RDX: 00007f42e7126ef0 RSI: 0000000000000000 RDI: 00007f42e8b41444
[  363.949105][T16852] RBP: 0000200000000cc0 R08: 00007f42e7126bb7 R09: 00007f42e7126e40
[  363.949119][T16852] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000000
[  363.949132][T16852] R13: 00007f42e7126ef0 R14: 00007f42e7126eb0 R15: 0000200000000b80
[  363.949151][T16852]  </TASK>
[  363.953338][T16854] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4555'.
[  363.989465][T16856] gretap0: left allmulticast mode
[  363.991701][T16854] netlink: 48 bytes leftover after parsing attributes in process `syz.0.4555'.
[  363.995941][T16856] gretap0: left promiscuous mode
[  364.194098][T16856] bridge0: port 3(gretap0) entered disabled state
[  364.221657][T16860] loop0: detected capacity change from 0 to 512
[  364.236099][T16860] ext4 filesystem being mounted at /246/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  364.236258][T16862] siw: device registration error -23
[  364.383116][T16879] bridge0: port 3(gretap0) entered blocking state
[  364.384129][   T59] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  364.389668][T16879] bridge0: port 3(gretap0) entered disabled state
[  364.410765][T16879] gretap0: entered allmulticast mode
[  364.417498][T16879] gretap0: entered promiscuous mode
[  364.423060][T16879] bridge0: port 3(gretap0) entered blocking state
[  364.429614][T16879] bridge0: port 3(gretap0) entered forwarding state
[  364.449007][T16879] gretap0: left allmulticast mode
[  364.454130][T16879] gretap0: left promiscuous mode
[  364.459316][T16879] bridge0: port 3(gretap0) entered disabled state
[  364.473713][T16879] loop0: detected capacity change from 0 to 512
[  364.496189][T16879] EXT4-fs (loop0): orphan cleanup on readonly fs
[  364.506060][T16879] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.4564: bg 0: block 248: padding at end of block bitmap is not set
[  364.520944][T16879] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.4564: Failed to acquire dquot type 1
[  364.533142][T16879] EXT4-fs (loop0): 1 truncate cleaned up
[  364.642896][T16891] netlink: 72 bytes leftover after parsing attributes in process `syz.4.4567'.
[  364.645815][T16893] siw: device registration error -23
[  364.681496][T16896] loop2: detected capacity change from 0 to 512
[  364.728917][T16896] ext4 filesystem being mounted at /352/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  364.788673][T16911] loop0: detected capacity change from 0 to 512
[  364.804549][T16911] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  364.834592][T16911] EXT4-fs (loop0): 1 truncate cleaned up
[  364.844571][T16911] EXT4-fs (loop0): Online resizing not supported with sparse_super2
[  364.923700][   T12] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  365.036016][T16934] siw: device registration error -23
[  365.247428][T16959] loop2: detected capacity change from 0 to 512
[  365.255456][T16959] EXT4-fs (loop2): orphan cleanup on readonly fs
[  365.262320][T16959] EXT4-fs error (device loop2): ext4_orphan_get:1417: comm syz.2.4593: bad orphan inode 13
[  365.272668][T16959] ext4_test_bit(bit=12, block=18) = 1
[  365.278140][T16959] is_bad_inode(inode)=0
[  365.282311][T16959] NEXT_ORPHAN(inode)=2130706432
[  365.287238][T16959] max_ino=32
[  365.290493][T16959] i_nlink=1
[  365.443559][  T271] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  365.466194][T16969] loop2: detected capacity change from 0 to 512
[  365.475935][T16969] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  365.512384][T16969] EXT4-fs (loop2): 1 truncate cleaned up
[  365.610128][T16975] FAULT_INJECTION: forcing a failure.
[  365.610128][T16975] name failslab, interval 1, probability 0, space 0, times 0
[  365.622836][T16975] CPU: 0 UID: 0 PID: 16975 Comm: +}[@ Not tainted 6.15.0-rc5-syzkaller-00353-gcd802e7e5f1e #0 PREEMPT(voluntary) 
[  365.622931][T16975] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  365.622947][T16975] Call Trace:
[  365.622954][T16975]  <TASK>
[  365.622962][T16975]  __dump_stack+0x1d/0x30
[  365.622991][T16975]  dump_stack_lvl+0xe8/0x140
[  365.623016][T16975]  dump_stack+0x15/0x1b
[  365.623058][T16975]  should_fail_ex+0x265/0x280
[  365.623100][T16975]  should_failslab+0x8c/0xb0
[  365.623133][T16975]  kmem_cache_alloc_node_noprof+0x57/0x320
[  365.623180][T16975]  ? __alloc_skb+0x101/0x320
[  365.623220][T16975]  __alloc_skb+0x101/0x320
[  365.623261][T16975]  alloc_skb_with_frags+0x7d/0x470
[  365.623335][T16975]  ? selinux_file_open+0x31c/0x370
[  365.623375][T16975]  ? __rcu_read_unlock+0x4f/0x70
[  365.623404][T16975]  sock_alloc_send_pskb+0x43a/0x4f0
[  365.623515][T16975]  ? terminate_walk+0x27f/0x2a0
[  365.623582][T16975]  tun_get_user+0x8c0/0x24d0
[  365.623620][T16975]  ? ref_tracker_alloc+0x1f2/0x2f0
[  365.623707][T16975]  tun_chr_write_iter+0x15e/0x210
[  365.623733][T16975]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  365.623762][T16975]  vfs_write+0x49d/0x8d0
[  365.623799][T16975]  ? bpf_get_current_ancestor_cgroup_id+0xd5/0xf0
[  365.623849][T16975]  ksys_write+0xda/0x1a0
[  365.623877][T16975]  __x64_sys_write+0x40/0x50
[  365.623908][T16975]  x64_sys_call+0x2cdd/0x2fb0
[  365.623942][T16975]  do_syscall_64+0xd0/0x1a0
[  365.623970][T16975]  ? clear_bhb_loop+0x25/0x80
[  365.624034][T16975]  ? clear_bhb_loop+0x25/0x80
[  365.624055][T16975]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  365.624160][T16975] RIP: 0033:0x7fd14f9cd41f
[  365.624178][T16975] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  365.624227][T16975] RSP: 002b:00007fd14e037000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  365.624245][T16975] RAX: ffffffffffffffda RBX: 00007fd14fbf5fa0 RCX: 00007fd14f9cd41f
[  365.624257][T16975] RDX: 000000000000fdef RSI: 0000200000000380 RDI: 00000000000000c8
[  365.624349][T16975] RBP: 00007fd14e037090 R08: 0000000000000000 R09: 0000000000000000
[  365.624363][T16975] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000001
[  365.624374][T16975] R13: 0000000000000000 R14: 00007fd14fbf5fa0 R15: 00007ffd199228d8
[  365.624394][T16975]  </TASK>
[  365.916010][T12032] EXT4-fs unmount: 13 callbacks suppressed
[  365.916029][T12032] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  365.963687][   T12] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  366.037042][T16990] hub 4-0:1.0: USB hub found
[  366.042600][T16990] hub 4-0:1.0: 8 ports detected
[  366.057725][T16994] hub 4-0:1.0: USB hub found
[  366.062431][T16994] hub 4-0:1.0: 8 ports detected
[  366.488668][  T271] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  366.859381][T17013] loop0: detected capacity change from 0 to 512
[  366.862844][T17016] loop1: detected capacity change from 0 to 512
[  366.887740][T17016] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  366.912027][T17013] EXT4-fs (loop0): orphan cleanup on readonly fs
[  366.922105][T17013] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.4612: bg 0: block 248: padding at end of block bitmap is not set
[  366.937290][T17013] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.4612: Failed to acquire dquot type 1
[  366.950756][T17013] EXT4-fs (loop0): 1 truncate cleaned up
[  366.956702][T17016] EXT4-fs (loop1): 1 truncate cleaned up
[  366.965198][T17013] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  366.983187][T17016] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  367.004143][ T5299] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  367.032870][T13238] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  367.335464][T11876] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  367.540557][T17054] hub 4-0:1.0: USB hub found
[  367.568005][T17054] hub 4-0:1.0: 8 ports detected
[  367.581786][T17056] loop1: detected capacity change from 0 to 512
[  367.680273][T17056] EXT4-fs (loop1): orphan cleanup on readonly fs
[  367.687484][   T59] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  367.710918][T17056] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.4627: bg 0: block 248: padding at end of block bitmap is not set
[  367.729997][T17056] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.4627: Failed to acquire dquot type 1
[  367.742841][T17056] EXT4-fs (loop1): 1 truncate cleaned up
[  367.775105][T17056] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  367.802368][T17060] siw: device registration error -23
[  367.808316][T11876] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  367.842787][T17065] loop1: detected capacity change from 0 to 512
[  367.865495][T17065] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  367.879292][T17065] ext4 filesystem being mounted at /315/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  367.894634][T17069] loop0: detected capacity change from 0 to 128
[  367.957717][T11876] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  368.041262][T17072] loop1: detected capacity change from 0 to 512
[  368.058181][T17072] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  368.074801][T17072] EXT4-fs (loop1): 1 truncate cleaned up
[  368.081301][T17072] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  368.095029][   T29] kauditd_printk_skb: 300 callbacks suppressed
[  368.095047][   T29] audit: type=1400 audit(2000000184.940:23210): avc:  denied  { unmount } for  pid=13238 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[  368.197704][T17081] hub 4-0:1.0: USB hub found
[  368.207046][   T59] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  368.235928][T17081] hub 4-0:1.0: 8 ports detected
[  368.300374][T11876] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  368.340286][   T29] audit: type=1326 audit(2000000185.200:23211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17088 comm="syz.0.4639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11d100e969 code=0x7ffc0000
[  368.364233][   T29] audit: type=1326 audit(2000000185.200:23212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17088 comm="syz.0.4639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f11d100e969 code=0x7ffc0000
[  368.387928][   T29] audit: type=1326 audit(2000000185.200:23213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17088 comm="syz.0.4639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11d100e969 code=0x7ffc0000
[  368.411585][   T29] audit: type=1326 audit(2000000185.200:23214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17088 comm="syz.0.4639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f11d100e969 code=0x7ffc0000
[  368.445270][T17089] loop0: detected capacity change from 0 to 512
[  368.476734][T17089] EXT4-fs (loop0): orphan cleanup on readonly fs
[  368.483321][   T29] audit: type=1326 audit(2000000185.310:23215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17088 comm="syz.0.4639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11d100e969 code=0x7ffc0000
[  368.484097][T17089] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.4639: bg 0: block 248: padding at end of block bitmap is not set
[  368.507088][   T29] audit: type=1326 audit(2000000185.310:23216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17088 comm="syz.0.4639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11d100e969 code=0x7ffc0000
[  368.545089][   T29] audit: type=1326 audit(2000000185.310:23217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17088 comm="syz.0.4639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=84 compat=0 ip=0x7f11d100e969 code=0x7ffc0000
[  368.568592][   T29] audit: type=1326 audit(2000000185.310:23218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17088 comm="syz.0.4639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11d100e969 code=0x7ffc0000
[  368.592290][   T29] audit: type=1326 audit(2000000185.310:23219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17088 comm="syz.0.4639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f11d100e969 code=0x7ffc0000
[  368.617164][T17092] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 6a:4b:e4:2a:53:62
[  368.636810][T17089] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.4639: Failed to acquire dquot type 1
[  368.649115][T17089] EXT4-fs (loop0): 1 truncate cleaned up
[  368.656177][T17089] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  368.693139][T17106] debugfs: Directory 'ptm0' with parent 'caif_serial' already present!
[  368.715156][T13238] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  368.724788][   T12] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  368.756844][T17108] bridge0: port 3(gretap0) entered blocking state
[  368.763359][T17108] bridge0: port 3(gretap0) entered disabled state
[  368.787155][T17108] gretap0: entered allmulticast mode
[  368.798043][T17108] gretap0: entered promiscuous mode
[  368.809959][T17112] hub 4-0:1.0: USB hub found
[  368.814852][T17112] hub 4-0:1.0: 8 ports detected
[  368.821311][T17108] bridge0: port 3(gretap0) entered blocking state
[  368.826758][ T3399] hid-generic 0000:007F:FFFFFFFE.0022: unknown main item tag 0x1
[  368.827837][T17108] bridge0: port 3(gretap0) entered forwarding state
[  368.835558][ T3399] hid-generic 0000:007F:FFFFFFFE.0022: unknown main item tag 0x0
[  368.846344][T17106] gretap0: left allmulticast mode
[  368.849865][ T3399] hid-generic 0000:007F:FFFFFFFE.0022: unknown main item tag 0x0
[  368.849931][ T3399] hid-generic 0000:007F:FFFFFFFE.0022: unknown main item tag 0x0
[  368.854993][T17106] gretap0: left promiscuous mode
[  368.862697][ T3399] hid-generic 0000:007F:FFFFFFFE.0022: unknown main item tag 0x0
[  368.870607][T17106] bridge0: port 3(gretap0) entered disabled state
[  368.875438][ T3399] hid-generic 0000:007F:FFFFFFFE.0022: unknown main item tag 0x0
[  368.897507][ T3399] hid-generic 0000:007F:FFFFFFFE.0022: unknown main item tag 0x4
[  368.900718][T17108] loop2: detected capacity change from 0 to 512
[  368.905271][ T3399] hid-generic 0000:007F:FFFFFFFE.0022: unknown main item tag 0x0
[  368.905357][ T3399] hid-generic 0000:007F:FFFFFFFE.0022: unknown main item tag 0x0
[  368.905380][ T3399] hid-generic 0000:007F:FFFFFFFE.0022: unknown main item tag 0x0
[  368.935130][ T3399] hid-generic 0000:007F:FFFFFFFE.0022: unknown main item tag 0x2
[  368.942978][ T3399] hid-generic 0000:007F:FFFFFFFE.0022: unknown main item tag 0x0
[  368.950874][ T3399] hid-generic 0000:007F:FFFFFFFE.0022: unknown main item tag 0x0
[  368.958664][ T3399] hid-generic 0000:007F:FFFFFFFE.0022: unknown main item tag 0x0
[  368.966512][ T3399] hid-generic 0000:007F:FFFFFFFE.0022: unknown main item tag 0x0
[  368.968433][T17119] netlink: 'syz.4.4648': attribute type 4 has an invalid length.
[  368.974317][ T3399] hid-generic 0000:007F:FFFFFFFE.0022: unknown main item tag 0x0
[  368.982024][T17119] netlink: 152 bytes leftover after parsing attributes in process `syz.4.4648'.
[  368.998993][ T3399] hid-generic 0000:007F:FFFFFFFE.0022: unknown main item tag 0x2
[  369.006802][ T3399] hid-generic 0000:007F:FFFFFFFE.0022: unknown main item tag 0x0
[  369.014740][ T3399] hid-generic 0000:007F:FFFFFFFE.0022: unknown main item tag 0x0
[  369.022723][ T3399] hid-generic 0000:007F:FFFFFFFE.0022: unknown main item tag 0x0
[  369.030962][ T3399] hid-generic 0000:007F:FFFFFFFE.0022: unknown main item tag 0x0
[  369.038760][ T3399] hid-generic 0000:007F:FFFFFFFE.0022: unknown main item tag 0x0
[  369.046600][ T3399] hid-generic 0000:007F:FFFFFFFE.0022: unknown main item tag 0x0
[  369.054562][ T3399] hid-generic 0000:007F:FFFFFFFE.0022: unknown main item tag 0x0
[  369.062389][ T3399] hid-generic 0000:007F:FFFFFFFE.0022: unknown main item tag 0x0
[  369.070296][ T3399] hid-generic 0000:007F:FFFFFFFE.0022: unknown main item tag 0x0
[  369.078088][ T3399] hid-generic 0000:007F:FFFFFFFE.0022: unknown main item tag 0x0
[  369.085921][ T3399] hid-generic 0000:007F:FFFFFFFE.0022: unknown main item tag 0x0
[  369.093805][ T3399] hid-generic 0000:007F:FFFFFFFE.0022: unknown main item tag 0x0
[  369.101627][ T3399] hid-generic 0000:007F:FFFFFFFE.0022: unknown main item tag 0x0
[  369.109435][ T3399] hid-generic 0000:007F:FFFFFFFE.0022: unknown main item tag 0x0
[  369.117264][ T3399] hid-generic 0000:007F:FFFFFFFE.0022: unknown main item tag 0x0
[  369.125052][ T3399] hid-generic 0000:007F:FFFFFFFE.0022: unknown main item tag 0x0
[  369.132928][ T3399] hid-generic 0000:007F:FFFFFFFE.0022: unknown main item tag 0x0
[  369.140712][ T3399] hid-generic 0000:007F:FFFFFFFE.0022: unknown main item tag 0x0
[  369.148512][ T3399] hid-generic 0000:007F:FFFFFFFE.0022: unknown main item tag 0x0
[  369.156315][ T3399] hid-generic 0000:007F:FFFFFFFE.0022: unknown main item tag 0x0
[  369.164182][ T3399] hid-generic 0000:007F:FFFFFFFE.0022: unknown main item tag 0x0
[  369.172828][ T3399] hid-generic 0000:007F:FFFFFFFE.0022: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  369.172915][T17108] EXT4-fs (loop2): orphan cleanup on readonly fs
[  369.204631][T17108] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.4644: bg 0: block 248: padding at end of block bitmap is not set
[  369.219982][T17108] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.4644: Failed to acquire dquot type 1
[  369.225832][T17119] : renamed from bond0 (while UP)
[  369.232338][T17108] EXT4-fs (loop2): 1 truncate cleaned up
[  369.244856][   T12] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  369.261229][T17108] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  369.315195][T12032] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  369.402738][T17125] loop1: detected capacity change from 0 to 512
[  369.428077][T17125] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  369.488658][T17125] EXT4-fs (loop1): 1 truncate cleaned up
[  369.575546][T17125] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  369.779434][   T12] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  369.926388][T17140] loop0: detected capacity change from 0 to 1024
[  369.966336][T17140] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  370.134287][T17138] usb usb6: usbfs: process 17138 (syz.0.4653) did not claim interface 2 before use
[  370.145284][T17138] netlink: 96 bytes leftover after parsing attributes in process `syz.0.4653'.
[  370.255110][T13238] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  370.318007][T11876] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  370.318446][T17150] bridge0: port 3(gretap0) entered blocking state
[  370.333938][T17150] bridge0: port 3(gretap0) entered disabled state
[  370.372215][T17152] loop0: detected capacity change from 0 to 512
[  370.389968][T17150] gretap0: entered allmulticast mode
[  370.404987][T17150] gretap0: entered promiscuous mode
[  370.410462][T17150] bridge0: port 3(gretap0) entered blocking state
[  370.416943][T17150] bridge0: port 3(gretap0) entered forwarding state
[  370.480680][T17152] EXT4-fs (loop0): orphan cleanup on readonly fs
[  370.494261][T17152] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.4655: bg 0: block 248: padding at end of block bitmap is not set
[  370.529165][T17152] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.4655: Failed to acquire dquot type 1
[  370.544994][T17152] EXT4-fs (loop0): 1 truncate cleaned up
[  370.553983][T17152] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  370.603423][T17157] bridge0: port 3(gretap0) entered blocking state
[  370.609967][T17157] bridge0: port 3(gretap0) entered disabled state
[  370.628362][T17157] gretap0: entered allmulticast mode
[  370.634207][T13238] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  370.635218][T17157] gretap0: entered promiscuous mode
[  370.649074][T17157] bridge0: port 3(gretap0) entered blocking state
[  370.655689][T17157] bridge0: port 3(gretap0) entered forwarding state
[  370.680409][T17161] gretap0: left allmulticast mode
[  370.685562][T17161] gretap0: left promiscuous mode
[  370.690710][T17161] bridge0: port 3(gretap0) entered disabled state
[  370.717451][T17157] loop2: detected capacity change from 0 to 512
[  370.725576][T17157] EXT4-fs (loop2): orphan cleanup on readonly fs
[  370.732551][T17157] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.4657: bg 0: block 248: padding at end of block bitmap is not set
[  370.749866][T17165] hub 4-0:1.0: USB hub found
[  370.754691][T17165] hub 4-0:1.0: 8 ports detected
[  370.769703][T17157] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.4657: Failed to acquire dquot type 1
[  370.801368][T17170] netlink: 'syz.3.4661': attribute type 4 has an invalid length.
[  370.809218][T17170] netlink: 152 bytes leftover after parsing attributes in process `syz.3.4661'.
[  370.820782][T17157] EXT4-fs (loop2): 1 truncate cleaned up
[  370.824687][T17170] : renamed from bond0 (while UP)
[  370.832907][   T59] net_ratelimit: 1 callbacks suppressed
[  370.832922][   T59] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  370.853755][T17157] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  370.885349][T12032] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  370.906089][T17175] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  370.907584][T17177] loop2: detected capacity change from 0 to 164
[  370.925292][T17177] Unable to read rock-ridge attributes
[  370.975537][T17175] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  371.065176][T17175] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  371.110636][T17188] siw: device registration error -23
[  371.125049][T17175] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  371.201935][T17175] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  371.214207][T17175] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  371.226178][T17175] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  371.238838][T17175] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  371.340805][T17201] tipc: Started in network mode
[  371.345955][T17201] tipc: Node identity ac14140f, cluster identity 4711
[  371.353856][T17201] tipc: New replicast peer: 10.1.1.2
[  371.359386][T17201] tipc: Enabled bearer <udp:syz0>, priority 10
[  371.365912][ T5299] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  371.383618][T17201] netlink: 'syz.4.4674': attribute type 4 has an invalid length.
[  371.391643][T17201] netlink: 152 bytes leftover after parsing attributes in process `syz.4.4674'.
[  371.875741][T17230] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  371.885975][ T5299] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  372.066094][T17236] tipc: Started in network mode
[  372.071084][T17236] tipc: Node identity ac14140f, cluster identity 4711
[  372.083853][T17236] tipc: New replicast peer: 10.1.1.2
[  372.089227][T17236] tipc: Enabled bearer <udp:syz0>, priority 10
[  372.119097][T17238] bridge0: port 3(gretap0) entered blocking state
[  372.125878][T17238] bridge0: port 3(gretap0) entered disabled state
[  372.133433][T17238] gretap0: entered allmulticast mode
[  372.145238][T17238] gretap0: entered promiscuous mode
[  372.157856][T17238] bridge0: port 3(gretap0) entered blocking state
[  372.164432][T17238] bridge0: port 3(gretap0) entered forwarding state
[  372.319308][T17247] loop2: detected capacity change from 0 to 512
[  372.345785][T17247] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  372.364655][ T3391] tipc: Node number set to 2886997007
[  372.410027][T17247] EXT4-fs (loop2): 1 truncate cleaned up
[  372.416156][   T12] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  372.427743][T17247] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  372.532331][T17261] siw: device registration error -23
[  372.619654][T17265] hub 4-0:1.0: USB hub found
[  372.624455][T17265] hub 4-0:1.0: 8 ports detected
[  372.653152][    T9] hid-generic 0000:007F:FFFFFFFE.0023: unknown main item tag 0x1
[  372.656396][T17271] loop0: detected capacity change from 0 to 512
[  372.661085][    T9] hid-generic 0000:007F:FFFFFFFE.0023: unknown main item tag 0x0
[  372.675161][    T9] hid-generic 0000:007F:FFFFFFFE.0023: unknown main item tag 0x0
[  372.682927][    T9] hid-generic 0000:007F:FFFFFFFE.0023: unknown main item tag 0x0
[  372.690766][    T9] hid-generic 0000:007F:FFFFFFFE.0023: unknown main item tag 0x0
[  372.698577][    T9] hid-generic 0000:007F:FFFFFFFE.0023: unknown main item tag 0x0
[  372.706377][    T9] hid-generic 0000:007F:FFFFFFFE.0023: unknown main item tag 0x4
[  372.714194][    T9] hid-generic 0000:007F:FFFFFFFE.0023: unknown main item tag 0x0
[  372.722046][    T9] hid-generic 0000:007F:FFFFFFFE.0023: unknown main item tag 0x0
[  372.729986][    T9] hid-generic 0000:007F:FFFFFFFE.0023: unknown main item tag 0x0
[  372.735529][T17271] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  372.737773][    T9] hid-generic 0000:007F:FFFFFFFE.0023: unknown main item tag 0x2
[  372.755448][    T9] hid-generic 0000:007F:FFFFFFFE.0023: unknown main item tag 0x0
[  372.763237][    T9] hid-generic 0000:007F:FFFFFFFE.0023: unknown main item tag 0x0
[  372.771066][    T9] hid-generic 0000:007F:FFFFFFFE.0023: unknown main item tag 0x0
[  372.778856][    T9] hid-generic 0000:007F:FFFFFFFE.0023: unknown main item tag 0x0
[  372.786740][    T9] hid-generic 0000:007F:FFFFFFFE.0023: unknown main item tag 0x0
[  372.794547][    T9] hid-generic 0000:007F:FFFFFFFE.0023: unknown main item tag 0x2
[  372.802411][    T9] hid-generic 0000:007F:FFFFFFFE.0023: unknown main item tag 0x0
[  372.810232][    T9] hid-generic 0000:007F:FFFFFFFE.0023: unknown main item tag 0x0
[  372.818111][    T9] hid-generic 0000:007F:FFFFFFFE.0023: unknown main item tag 0x0
[  372.825991][    T9] hid-generic 0000:007F:FFFFFFFE.0023: unknown main item tag 0x0
[  372.833916][    T9] hid-generic 0000:007F:FFFFFFFE.0023: unknown main item tag 0x0
[  372.841865][    T9] hid-generic 0000:007F:FFFFFFFE.0023: unknown main item tag 0x0
[  372.849678][    T9] hid-generic 0000:007F:FFFFFFFE.0023: unknown main item tag 0x0
[  372.857461][    T9] hid-generic 0000:007F:FFFFFFFE.0023: unknown main item tag 0x0
[  372.865310][    T9] hid-generic 0000:007F:FFFFFFFE.0023: unknown main item tag 0x0
[  372.873190][    T9] hid-generic 0000:007F:FFFFFFFE.0023: unknown main item tag 0x0
[  372.881020][    T9] hid-generic 0000:007F:FFFFFFFE.0023: unknown main item tag 0x0
[  372.888879][    T9] hid-generic 0000:007F:FFFFFFFE.0023: unknown main item tag 0x0
[  372.896667][    T9] hid-generic 0000:007F:FFFFFFFE.0023: unknown main item tag 0x0
[  372.904469][    T9] hid-generic 0000:007F:FFFFFFFE.0023: unknown main item tag 0x0
[  372.912222][    T9] hid-generic 0000:007F:FFFFFFFE.0023: unknown main item tag 0x0
[  372.920021][    T9] hid-generic 0000:007F:FFFFFFFE.0023: unknown main item tag 0x0
[  372.927995][    T9] hid-generic 0000:007F:FFFFFFFE.0023: unknown main item tag 0x0
[  372.935775][    T9] hid-generic 0000:007F:FFFFFFFE.0023: unknown main item tag 0x0
[  372.943642][    T9] hid-generic 0000:007F:FFFFFFFE.0023: unknown main item tag 0x0
[  372.951424][    T9] hid-generic 0000:007F:FFFFFFFE.0023: unknown main item tag 0x0
[  372.959267][    T9] hid-generic 0000:007F:FFFFFFFE.0023: unknown main item tag 0x0
[  372.967093][   T12] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  372.995104][T12032] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  373.002705][    T9] hid-generic 0000:007F:FFFFFFFE.0023: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  373.020884][T17271] EXT4-fs (loop0): 1 truncate cleaned up
[  373.028855][T17271] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  373.062112][T17277] loop2: detected capacity change from 0 to 512
[  373.082722][T17277] EXT4-fs (loop2): orphan cleanup on readonly fs
[  373.090815][T17277] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.4698: bg 0: block 248: padding at end of block bitmap is not set
[  373.115396][T17277] __quota_error: 423 callbacks suppressed
[  373.115416][T17277] Quota error (device loop2): write_blk: dquota write failed
[  373.128671][T17277] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  373.138658][T17277] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.4698: Failed to acquire dquot type 1
[  373.204326][    T9] tipc: Node number set to 2886997007
[  373.310911][T17277] EXT4-fs (loop2): 1 truncate cleaned up
[  373.324165][T17277] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  373.357462][   T29] audit: type=1326 audit(2000000190.230:23635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17276 comm="syz.2.4698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3a664fd2d0 code=0x7ffc0000
[  373.381213][   T29] audit: type=1326 audit(2000000190.230:23636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17276 comm="syz.2.4698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7f3a664fd6b7 code=0x7ffc0000
[  373.404960][   T29] audit: type=1326 audit(2000000190.230:23637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17276 comm="syz.2.4698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3a664fd2d0 code=0x7ffc0000
[  373.428632][   T29] audit: type=1326 audit(2000000190.230:23638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17276 comm="syz.2.4698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a664fe969 code=0x7ffc0000
[  373.480094][   T29] audit: type=1326 audit(2000000190.230:23639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17276 comm="syz.2.4698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3a664fe969 code=0x7ffc0000
[  373.503876][   T29] audit: type=1326 audit(2000000190.230:23640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17276 comm="syz.2.4698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a664fe969 code=0x7ffc0000
[  373.504843][   T12] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  373.527542][   T29] audit: type=1326 audit(2000000190.230:23641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17276 comm="syz.2.4698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a664fe969 code=0x7ffc0000
[  373.527577][   T29] audit: type=1326 audit(2000000190.230:23642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17276 comm="syz.2.4698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3a664fe969 code=0x7ffc0000
[  373.592549][T12032] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  373.602393][T13238] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  373.858644][T17313] loop0: detected capacity change from 0 to 512
[  373.897444][T17313] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  373.957135][T17313] EXT4-fs (loop0): 1 truncate cleaned up
[  373.963895][T17313] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  373.976958][T17317] loop1: detected capacity change from 0 to 512
[  373.985950][T17317] EXT4-fs (loop1): orphan cleanup on readonly fs
[  374.003831][T17317] EXT4-fs error (device loop1): ext4_orphan_get:1417: comm syz.1.4710: bad orphan inode 13
[  374.035031][T17317] ext4_test_bit(bit=12, block=18) = 1
[  374.040479][T17317] is_bad_inode(inode)=0
[  374.044773][T17317] NEXT_ORPHAN(inode)=2130706432
[  374.049735][T17317] max_ino=32
[  374.053083][T17317] i_nlink=1
[  374.056387][ T5299] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  374.144727][T17317] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  374.188747][T11876] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  374.250458][T13238] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  374.266813][T17332] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[  374.293771][T17335] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 6a:4b:e4:2a:53:62
[  374.316699][T17337] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  374.376901][T17337] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  374.418701][T17344] bridge0: port 3(gretap0) entered blocking state
[  374.425270][T17344] bridge0: port 3(gretap0) entered disabled state
[  374.432532][T17344] gretap0: entered allmulticast mode
[  374.438645][T17344] gretap0: entered promiscuous mode
[  374.444190][T17344] bridge0: port 3(gretap0) entered blocking state
[  374.450742][T17344] bridge0: port 3(gretap0) entered forwarding state
[  374.462949][T17337] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  374.476061][T17344] gretap0: left allmulticast mode
[  374.481204][T17344] gretap0: left promiscuous mode
[  374.486415][T17344] bridge0: port 3(gretap0) entered disabled state
[  374.528893][T17353] siw: device registration error -23
[  374.545957][T17337] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  374.558160][T17356] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  374.583817][   T12] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  374.616075][T17356] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  374.633904][T17337] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  374.646896][T17337] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  374.659954][T17337] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  374.673037][T17337] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  374.683134][T17356] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  374.745878][T17356] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  374.810724][T17356] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  374.841039][T17364] tipc: Started in network mode
[  374.846170][T17364] tipc: Node identity ac14140f, cluster identity 4711
[  374.853600][T17364] tipc: New replicast peer: 10.1.1.2
[  374.858941][T17364] tipc: Enabled bearer <udp:syz0>, priority 10
[  374.960831][T17356] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  374.989249][T17356] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  375.025214][T17356] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  375.103662][   T12] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  375.567352][T17394] gretap0: left allmulticast mode
[  375.572453][T17394] gretap0: left promiscuous mode
[  375.577619][T17394] bridge0: port 3(gretap0) entered disabled state
[  375.588893][T17394] loop0: detected capacity change from 0 to 512
[  375.596972][T17394] EXT4-fs (loop0): orphan cleanup on readonly fs
[  375.604050][T17394] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.4739: bg 0: block 248: padding at end of block bitmap is not set
[  375.606971][T17397] hub 4-0:1.0: USB hub found
[  375.618936][T17394] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.4739: Failed to acquire dquot type 1
[  375.623399][T17397] hub 4-0:1.0: 8 ports detected
[  375.636122][T17394] EXT4-fs (loop0): 1 truncate cleaned up
[  375.645784][T17394] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  375.670135][T13238] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  375.689098][T17400] loop0: detected capacity change from 0 to 128
[  375.859167][T17405] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[  375.869727][T17405] netlink: 'syz.0.4743': attribute type 4 has an invalid length.
[  375.877746][T17405] netlink: 152 bytes leftover after parsing attributes in process `syz.0.4743'.
[  375.891139][T17405] : renamed from bond0 (while UP)
[  375.970029][T17413] bridge0: port 3(gretap0) entered blocking state
[  375.973718][ T3399] tipc: Node number set to 2886997007
[  375.976605][T17413] bridge0: port 3(gretap0) entered disabled state
[  375.988816][T17413] gretap0: entered allmulticast mode
[  375.994906][T17413] gretap0: entered promiscuous mode
[  376.000409][T17413] bridge0: port 3(gretap0) entered blocking state
[  376.007040][T17413] bridge0: port 3(gretap0) entered forwarding state
[  376.015696][T17413] gretap0: left allmulticast mode
[  376.020799][T17413] gretap0: left promiscuous mode
[  376.026067][T17413] bridge0: port 3(gretap0) entered disabled state
[  376.041157][T17413] loop0: detected capacity change from 0 to 512
[  376.050778][T17413] EXT4-fs (loop0): orphan cleanup on readonly fs
[  376.058003][T17413] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.4747: bg 0: block 248: padding at end of block bitmap is not set
[  376.073570][T17413] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.4747: Failed to acquire dquot type 1
[  376.090916][T17413] EXT4-fs (loop0): 1 truncate cleaned up
[  376.098839][T17413] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  376.201330][ T5299] net_ratelimit: 1 callbacks suppressed
[  376.201370][ T5299] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  376.221812][T13238] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  376.270814][T17425] bridge0: port 3(gretap0) entered blocking state
[  376.277342][T17425] bridge0: port 3(gretap0) entered disabled state
[  376.291151][T17425] gretap0: entered allmulticast mode
[  376.307650][T17425] gretap0: entered promiscuous mode
[  376.313582][T17425] bridge0: port 3(gretap0) entered blocking state
[  376.320128][T17425] bridge0: port 3(gretap0) entered forwarding state
[  376.351422][T17426] gretap0: left allmulticast mode
[  376.356588][T17426] gretap0: left promiscuous mode
[  376.361771][T17426] bridge0: port 3(gretap0) entered disabled state
[  376.446681][T17425] loop0: detected capacity change from 0 to 512
[  376.503254][T17425] EXT4-fs (loop0): orphan cleanup on readonly fs
[  376.511647][T17425] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.4751: bg 0: block 248: padding at end of block bitmap is not set
[  376.533945][T17425] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.4751: Failed to acquire dquot type 1
[  376.582812][T17425] EXT4-fs (loop0): 1 truncate cleaned up
[  376.613393][T17425] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  376.687950][T13238] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  376.724099][   T51] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  376.776054][T17438] gretap0: left allmulticast mode
[  376.781152][T17438] gretap0: left promiscuous mode
[  376.786235][T17438] bridge0: port 3(gretap0) entered disabled state
[  377.015858][T17454] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[  377.243613][   T12] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  377.347705][T17463] hub 4-0:1.0: USB hub found
[  377.369864][T17467] loop0: detected capacity change from 0 to 512
[  377.376700][T17463] hub 4-0:1.0: 8 ports detected
[  377.387310][T17467] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  377.442880][T17467] EXT4-fs (loop0): 1 truncate cleaned up
[  377.555566][T17467] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  377.590637][T13238] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  377.614063][T17475] bridge0: port 3(gretap0) entered blocking state
[  377.620537][T17475] bridge0: port 3(gretap0) entered disabled state
[  377.627335][T17475] gretap0: entered allmulticast mode
[  377.634095][T17475] gretap0: entered promiscuous mode
[  377.639556][T17475] bridge0: port 3(gretap0) entered blocking state
[  377.646089][T17475] bridge0: port 3(gretap0) entered forwarding state
[  377.656836][T17475] gretap0: left allmulticast mode
[  377.661971][T17475] gretap0: left promiscuous mode
[  377.667134][T17475] bridge0: port 3(gretap0) entered disabled state
[  377.886419][   T12] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  377.965855][T17475] loop0: detected capacity change from 0 to 512
[  378.009263][T17475] EXT4-fs (loop0): orphan cleanup on readonly fs
[  378.018403][T17481] tipc: Started in network mode
[  378.023432][T17481] tipc: Node identity ac14140f, cluster identity 4711
[  378.032023][T17475] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.4767: bg 0: block 248: padding at end of block bitmap is not set
[  378.032673][T17481] tipc: New replicast peer: 10.1.1.2
[  378.051897][T17481] tipc: Enabled bearer <udp:syz0>, priority 10
[  378.063817][T17481] netlink: 'syz.1.4769': attribute type 4 has an invalid length.
[  378.071587][T17481] netlink: 152 bytes leftover after parsing attributes in process `syz.1.4769'.
[  378.073803][T17475] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.4767: Failed to acquire dquot type 1
[  378.085738][T17481] : renamed from bond0 (while UP)
[  378.098035][T17475] EXT4-fs (loop0): 1 truncate cleaned up
[  378.113197][T17475] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  378.164880][   T29] kauditd_printk_skb: 347 callbacks suppressed
[  378.164897][   T29] audit: type=1326 audit(2000000195.030:23982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17482 comm="syz.3.4770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd14f9ce969 code=0x7ffc0000
[  378.194928][   T29] audit: type=1326 audit(2000000195.030:23983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17482 comm="syz.3.4770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd14f9ce969 code=0x7ffc0000
[  378.218578][   T29] audit: type=1326 audit(2000000195.030:23984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17482 comm="syz.3.4770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd14f9ce969 code=0x7ffc0000
[  378.243339][   T29] audit: type=1326 audit(2000000195.030:23985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17482 comm="syz.3.4770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd14f9ce969 code=0x7ffc0000
[  378.267080][   T29] audit: type=1326 audit(2000000195.030:23986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17482 comm="syz.3.4770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7fd14f9ce969 code=0x7ffc0000
[  378.284023][T17490] hub 4-0:1.0: USB hub found
[  378.290867][   T29] audit: type=1326 audit(2000000195.030:23987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17482 comm="syz.3.4770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd14f9ce969 code=0x7ffc0000
[  378.296527][T17490] hub 4-0:1.0: 8 ports detected
[  378.319020][   T29] audit: type=1326 audit(2000000195.040:23988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17474 comm="syz.0.4767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f11d100d2d0 code=0x7ffc0000
[  378.347671][   T29] audit: type=1326 audit(2000000195.040:23989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17474 comm="syz.0.4767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7f11d100d6b7 code=0x7ffc0000
[  378.371193][   T29] audit: type=1326 audit(2000000195.040:23990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17474 comm="syz.0.4767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f11d100d2d0 code=0x7ffc0000
[  378.394907][   T29] audit: type=1326 audit(2000000195.040:23991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17474 comm="syz.0.4767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11d100e969 code=0x7ffc0000
[  378.428128][   T51] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  378.500052][T13238] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  378.542900][T17496] bridge0: port 3(gretap0) entered blocking state
[  378.549445][T17496] bridge0: port 3(gretap0) entered disabled state
[  378.632945][T17496] gretap0: entered allmulticast mode
[  378.672128][T17496] gretap0: entered promiscuous mode
[  378.704928][T17501] loop2: detected capacity change from 0 to 512
[  378.729085][T17496] bridge0: port 3(gretap0) entered blocking state
[  378.735618][T17496] bridge0: port 3(gretap0) entered forwarding state
[  378.803577][T17501] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  378.894811][T17501] EXT4-fs (loop2): 1 truncate cleaned up
[  378.900936][T17501] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  378.955716][   T51] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  379.063597][T16127] tipc: Node number set to 2886997007
[  379.473807][   T51] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  379.505396][T17520] syz.3.4777: attempt to access beyond end of device
[  379.505396][T17520] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  379.693276][T17523] bridge0: port 3(gretap0) entered blocking state
[  379.699855][T17523] bridge0: port 3(gretap0) entered disabled state
[  379.747588][T17523] gretap0: entered allmulticast mode
[  379.761056][T17523] gretap0: entered promiscuous mode
[  379.769819][T12032] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  379.783222][T17523] bridge0: port 3(gretap0) entered blocking state
[  379.789861][T17523] bridge0: port 3(gretap0) entered forwarding state
[  379.801507][T17525] gretap0: left allmulticast mode
[  379.806789][T17525] gretap0: left promiscuous mode
[  379.812052][T17525] bridge0: port 3(gretap0) entered disabled state
[  379.976487][T17535] loop2: detected capacity change from 0 to 512
[  379.994469][   T59] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  380.012690][T17535] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  380.057645][T17535] EXT4-fs (loop2): 1 truncate cleaned up
[  380.065006][T17535] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  380.167059][T17543] loop1: detected capacity change from 0 to 512
[  380.180835][T17545] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  380.192369][T17543] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  380.224844][T17543] EXT4-fs (loop1): 1 truncate cleaned up
[  380.231345][T17543] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  380.255007][T17545] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  380.315829][T17545] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  380.366430][T17545] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  380.387708][T11876] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  380.450151][T17555] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 6a:4b:e4:2a:53:62
[  380.480063][T17545] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  380.497222][T17545] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  380.507325][T17555] syz.1.4790: attempt to access beyond end of device
[  380.507325][T17555] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  380.520611][   T51] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  380.551686][T17545] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  380.575161][T17545] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  380.605846][T17558] siw: device registration error -23
[  380.635749][T12032] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  380.679254][T17565] bridge0: port 3(gretap0) entered blocking state
[  380.685850][T17565] bridge0: port 3(gretap0) entered disabled state
[  380.714485][T17565] gretap0: entered allmulticast mode
[  380.728659][T17565] gretap0: entered promiscuous mode
[  380.745157][T17565] bridge0: port 3(gretap0) entered blocking state
[  380.751729][T17565] bridge0: port 3(gretap0) entered forwarding state
[  380.778188][T17576] gretap0: left allmulticast mode
[  380.783313][T17576] gretap0: left promiscuous mode
[  380.788685][T17576] bridge0: port 3(gretap0) entered disabled state
[  380.815095][T17565] loop0: detected capacity change from 0 to 512
[  380.826705][T17580] hub 4-0:1.0: USB hub found
[  380.838816][T17565] EXT4-fs (loop0): orphan cleanup on readonly fs
[  380.845863][T17565] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.4794: bg 0: block 248: padding at end of block bitmap is not set
[  380.853184][T17580] hub 4-0:1.0: 8 ports detected
[  380.862489][T17565] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.4794: Failed to acquire dquot type 1
[  380.878107][T17565] EXT4-fs (loop0): 1 truncate cleaned up
[  380.884559][T17565] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  380.930185][T13238] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  380.967300][T17588] loop2: detected capacity change from 0 to 512
[  380.975093][T17587] hub 4-0:1.0: USB hub found
[  380.984166][T17587] hub 4-0:1.0: 8 ports detected
[  381.020164][T17588] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  381.039293][T17592] tipc: New replicast peer: 10.1.1.2
[  381.044742][T17592] tipc: Enabled bearer <udp:syz0>, priority 10
[  381.084663][T17588] EXT4-fs (loop2): 1 truncate cleaned up
[  381.091435][T17592] netlink: 'syz.3.4804': attribute type 4 has an invalid length.
[  381.099349][T17592] netlink: 152 bytes leftover after parsing attributes in process `syz.3.4804'.
[  381.113275][T17588] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  381.126393][T17595] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  381.204731][T17595] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  381.277433][T17595] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  381.355082][T17595] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  381.417942][    T9] hid-generic 0000:007F:FFFFFFFE.0024: unknown main item tag 0x1
[  381.425847][    T9] hid-generic 0000:007F:FFFFFFFE.0024: unknown main item tag 0x0
[  381.433645][    T9] hid-generic 0000:007F:FFFFFFFE.0024: unknown main item tag 0x0
[  381.441384][    T9] hid-generic 0000:007F:FFFFFFFE.0024: unknown main item tag 0x0
[  381.449150][    T9] hid-generic 0000:007F:FFFFFFFE.0024: unknown main item tag 0x0
[  381.456979][    T9] hid-generic 0000:007F:FFFFFFFE.0024: unknown main item tag 0x0
[  381.464743][    T9] hid-generic 0000:007F:FFFFFFFE.0024: unknown main item tag 0x4
[  381.472565][    T9] hid-generic 0000:007F:FFFFFFFE.0024: unknown main item tag 0x0
[  381.480471][    T9] hid-generic 0000:007F:FFFFFFFE.0024: unknown main item tag 0x0
[  381.488417][    T9] hid-generic 0000:007F:FFFFFFFE.0024: unknown main item tag 0x0
[  381.496212][    T9] hid-generic 0000:007F:FFFFFFFE.0024: unknown main item tag 0x2
[  381.504040][    T9] hid-generic 0000:007F:FFFFFFFE.0024: unknown main item tag 0x0
[  381.511791][    T9] hid-generic 0000:007F:FFFFFFFE.0024: unknown main item tag 0x0
[  381.519583][    T9] hid-generic 0000:007F:FFFFFFFE.0024: unknown main item tag 0x0
[  381.527425][    T9] hid-generic 0000:007F:FFFFFFFE.0024: unknown main item tag 0x0
[  381.535308][    T9] hid-generic 0000:007F:FFFFFFFE.0024: unknown main item tag 0x0
[  381.543069][    T9] hid-generic 0000:007F:FFFFFFFE.0024: unknown main item tag 0x2
[  381.550853][    T9] hid-generic 0000:007F:FFFFFFFE.0024: unknown main item tag 0x0
[  381.558677][    T9] hid-generic 0000:007F:FFFFFFFE.0024: unknown main item tag 0x0
[  381.559128][   T12] net_ratelimit: 1 callbacks suppressed
[  381.559144][   T12] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  381.566433][    T9] hid-generic 0000:007F:FFFFFFFE.0024: unknown main item tag 0x0
[  381.566482][    T9] hid-generic 0000:007F:FFFFFFFE.0024: unknown main item tag 0x0
[  381.602231][    T9] hid-generic 0000:007F:FFFFFFFE.0024: unknown main item tag 0x0
[  381.610056][    T9] hid-generic 0000:007F:FFFFFFFE.0024: unknown main item tag 0x0
[  381.617896][    T9] hid-generic 0000:007F:FFFFFFFE.0024: unknown main item tag 0x0
[  381.625691][    T9] hid-generic 0000:007F:FFFFFFFE.0024: unknown main item tag 0x0
[  381.633619][    T9] hid-generic 0000:007F:FFFFFFFE.0024: unknown main item tag 0x0
[  381.633672][    T9] hid-generic 0000:007F:FFFFFFFE.0024: unknown main item tag 0x0
[  381.633696][    T9] hid-generic 0000:007F:FFFFFFFE.0024: unknown main item tag 0x0
[  381.633776][    T9] hid-generic 0000:007F:FFFFFFFE.0024: unknown main item tag 0x0
[  381.633804][    T9] hid-generic 0000:007F:FFFFFFFE.0024: unknown main item tag 0x0
[  381.633827][    T9] hid-generic 0000:007F:FFFFFFFE.0024: unknown main item tag 0x0
[  381.633869][    T9] hid-generic 0000:007F:FFFFFFFE.0024: unknown main item tag 0x0
[  381.633893][    T9] hid-generic 0000:007F:FFFFFFFE.0024: unknown main item tag 0x0
[  381.633964][    T9] hid-generic 0000:007F:FFFFFFFE.0024: unknown main item tag 0x0
[  381.633993][    T9] hid-generic 0000:007F:FFFFFFFE.0024: unknown main item tag 0x0
[  381.634020][    T9] hid-generic 0000:007F:FFFFFFFE.0024: unknown main item tag 0x0
[  381.634075][    T9] hid-generic 0000:007F:FFFFFFFE.0024: unknown main item tag 0x0
[  381.634103][    T9] hid-generic 0000:007F:FFFFFFFE.0024: unknown main item tag 0x0
[  381.837424][T12032] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  381.866866][    T9] hid-generic 0000:007F:FFFFFFFE.0024: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  381.931594][T17627] bridge0: port 3(gretap0) entered blocking state
[  381.938304][T17627] bridge0: port 3(gretap0) entered disabled state
[  381.945965][T17627] gretap0: entered allmulticast mode
[  381.951935][T17627] gretap0: entered promiscuous mode
[  381.957658][T17627] bridge0: port 3(gretap0) entered blocking state
[  381.964178][T17627] bridge0: port 3(gretap0) entered forwarding state
[  381.985568][T17630] gretap0: left allmulticast mode
[  381.990707][T17630] gretap0: left promiscuous mode
[  381.995836][T17630] bridge0: port 3(gretap0) entered disabled state
[  382.013112][T17627] loop2: detected capacity change from 0 to 512
[  382.056255][T17627] EXT4-fs (loop2): orphan cleanup on readonly fs
[  382.066840][T17627] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.4814: bg 0: block 248: padding at end of block bitmap is not set
[  382.083268][T17629] ==================================================================
[  382.091367][T17629] BUG: KCSAN: data-race in call_rcu / mas_state_walk
[  382.098064][T17629] 
[  382.100394][T17629] write to 0xffff888104579708 of 8 bytes by task 17628 on cpu 0:
[  382.108116][T17629]  call_rcu+0x48/0x3e0
[  382.112205][T17629]  mas_replace_node+0x30b/0x440
[  382.117078][T17629]  mas_wr_store_entry+0x2425/0x2b60
[  382.122287][T17629]  mas_store_prealloc+0x74d/0x9e0
[  382.127323][T17629]  vma_iter_store_new+0x1c5/0x200
[  382.132385][T17629]  vma_complete+0x125/0x570
[  382.136915][T17629]  __split_vma+0x54c/0x610
[  382.141795][T17629]  vma_modify+0x107/0x210
[  382.146146][T17629]  vma_modify_flags+0x101/0x130
[  382.151021][T17629]  mprotect_fixup+0x2cc/0x570
[  382.155720][T17629]  do_mprotect_pkey+0x6d6/0x980
[  382.160577][T17629]  __x64_sys_mprotect+0x48/0x60
[  382.165454][T17629]  x64_sys_call+0x2794/0x2fb0
[  382.170139][T17629]  do_syscall_64+0xd0/0x1a0
[  382.174656][T17629]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  382.180557][T17629] 
[  382.182885][T17629] read to 0xffff888104579708 of 8 bytes by task 17629 on cpu 1:
[  382.190520][T17629]  mas_state_walk+0x28f/0x650
[  382.195205][T17629]  mas_walk+0x30/0x120
[  382.199299][T17629]  lock_vma_under_rcu+0xa2/0x2f0
[  382.204253][T17629]  do_user_addr_fault+0x233/0x1090
[  382.209470][T17629]  exc_page_fault+0x54/0xc0
[  382.213994][T17629]  asm_exc_page_fault+0x26/0x30
[  382.218969][T17629] 
[  382.221294][T17629] Reported by Kernel Concurrency Sanitizer on:
[  382.227449][T17629] CPU: 1 UID: 0 PID: 17629 Comm: syz.3.4816 Not tainted 6.15.0-rc5-syzkaller-00353-gcd802e7e5f1e #0 PREEMPT(voluntary) 
[  382.239957][T17629] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  382.250018][T17629] ==================================================================
[  382.260423][   T12] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  382.303764][T17627] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.4814: Failed to acquire dquot type 1
[  382.315731][T17627] EXT4-fs (loop2): 1 truncate cleaned up
[  382.322869][T17627] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  382.363163][T12032] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  382.784383][   T51] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  383.304424][   T12] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  383.824267][   T51] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  384.343822][   T51] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  384.789604][T17595] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  384.801072][T17595] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  384.812407][T17595] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  384.823771][T17595] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  384.863747][   T12] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  385.383606][   T51] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  385.903572][   T59] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  386.423566][   T59] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  386.943645][   T12] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  387.473790][   T12] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  387.993589][   T51] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  388.523575][   T12] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  389.043565][   T12] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  389.563577][   T59] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  390.083576][   T51] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  390.613580][   T51] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  391.133628][   T59] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51
[  391.653589][   T59] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:51