last executing test programs:

9.902517185s ago: executing program 4 (id=4487):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = socket(0x1e, 0x805, 0x0)
connect$tipc(r1, &(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{}, 0x2}}, 0x10)
connect$tipc(r1, &(0x7f0000000000)=@id, 0x10)
close(r1)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000001280)=ANY=[], 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000580)=ANY=[@ANYRESDEC], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={0x0, r2}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000640a00850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1e00000005000000080000000200000000000100", @ANYRES32=r0, @ANYBLOB='\r\v\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0400602914fff3a600b600002c0000000800000000000000", @ANYRES32, @ANYBLOB], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='ext4_request_blocks\x00', r4}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='ext4_request_blocks\x00', r5}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000240)={[{@noload}, {@mblk_io_submit}, {@user_xattr}, {@auto_da_alloc}, {@block_validity}, {@quota}]}, 0x3, 0x449, &(0x7f0000000740)="$eJzs28trXNUfAPDvnSR995f8Sn30oUarGHwkTfqwCzeKggsLgi7qMiZpqZ020kSwpWgVqUspuC8uBf8CV7oRdSW41b0UimTTKghX7sy9ycxkJp2Jk0zrfD5wk3PuPZNzvnPvuXPOPZkA+tZo9iOJ2BURv0bEcDVbX2C0+uvO0pWZP5euzCSRpm/+kVTK3V66MlMULV63s8gMRpQ+TeJAk3oXLl0+N10uz13M8xOL59+bWLh0+fmz56fPzJ2ZuzB14sTRI5MvHJ861pU4s7hu7/9w/uC+196+fnLm1PV3fvw6KeJviKNLRtc6+FSadrm63tpdk04GVx/ftpmNoW0D1W4aQ5X+PxwDsXLyhuPVT3raOGBDpWmaPtj68NUU+A9LotctAHqj+KDP5r/FtklDj3vCrZeqE6As7jv5Vj0yGKW8zFDD/LabRiPi1NW/bmRbbMxzCACAOt9m45/nmo3/SlH7XOh/+RrKSET8PyL2RMTxiNgbEQ9EVMo+FBEPd1h/4yLJ6vFP6ea6AmtTNv57MV/bqh//FaO/GBnIc7sr8Q8lp8+W5w7n78lYDG3N8pNr1PHdK7983upY7fgv27L6i7Fg3o6bg1vrXzM7vTj9b2KudevjiP2DzeJPllcCkojYFxH711nH2We+OtjqWJP4/07T9EZbf7jJOlOn0i8jnq6e/6vREH8hWXt9cmJblOcOTxRXxWo//XztjVb13/38b6zs/O9oev0vxz+S1K7XLnRex7XfPms5p1nv9b8leatu3wfTi4sXJyO2JK8PRX6fWt4/1VBuaqV8Fv/Yoeb9f0+svBMHIiK7iB+JiEcj4rG87Y9HxBMRcWiN+H94+cl363aM7eog/o2VxT/b0flfSWyJxj3NEwPnvv+mrtKR6CD+7PwfraTG8j3t3P/aadf6rmYAAAC4/5QiYlckpfHldKk0Pl79H/69saNUnl9YfPb0/PsXZqvfERiJoVLxpGu45nnoZD6tL/JTDfkj+XPjLwa2V/LjM/Pl2V4HD31uZ4v+n/l9oNetAzZcF9bRgPuU/g/9S/+H/qX/Q/9q0v+396IdwOZr9vn/UQ/aAWy+hv5v2Q/6iPk/9C/9H/qX/g99aWF73P1L8hISqxJRuieaIdFJ4uSxtgv3+s4EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQHf8EAAD//yeb6Hg=")
setxattr$trusted_overlay_upper(&(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000100), &(0x7f00000001c0)=ANY=[], 0x386, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r6, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000340)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="df4800000000000000000c0000002c0003802800038014000180080001000200000005000200000000001000012bbe0002007369743000000000180001801400020073697430"], 0x58}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="200000003700090010000000000000000300000004000080080a3d1d7352a3f0a2c7f80800b52ff195b291000000003000000080f36670bb6a79346f754b5604557194b1060b10aea89961cfa98ea2cf1a96d627893b8cefe1a5cc2942fbabb14e12d1334a5466d9873f6b8e71db00000000000200000000000081356b0f5a78199655969574c2fc5d8af41f9ac99a7a076b8af41b9a0d3c1b6bf63a3df2e330b16dcb13928b0400970ddcd67ebff5e438b5ff82df4004df9ec6f3c44af1949dba46ab81ae6e7fb76bce2c11046c0927f31116548c1daa24f34c422aa4c76386a360ef8460b8bd98658317e556d2764bfaca071ddab40595c99fd30d89707f2bf72a8f5f1edc467100000000000000000000000000370f810695ccc13cfbb4cd931119911bbfad28899b5fed99382b32889fe08b1d9469fa8a546b4f13599ff63556ada28aa413d5ded638d0ff324c4dedaecb0f7c7399961c84f6dffb0386a8f283dbe2d2c79a2f8f56fdd6bf53c45d603a76f54099f971f803fc5674af80c75c637f420cbd10a1f7c9936eab15a0c2020b216ae8274526ee5921f9c768e361e0dd0f1b7462a0995ebbeb0e7e34ed1f505fa9058816ad40c850fc4a7362bbc4ed0c8a85dbc117810c4302d690bef817b7644f544c3db0fd4ffa06859b2ac2d781", @ANYBLOB="d62436c901e8168d1743755a9eca5d0ca6475428f2e736e3158a419265626d2e34512f9deec8b44ee81b89934ded759bed443cf6f07db8154964a9ac27a60f173231d53929770aa21240734c17009c75ea5df0"], 0x20}}, 0x80)
pwritev2(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000400)="223f06a286b400bdd105ed79448991a23e460d07240c87426b375776ce1dc8721b65c1b7f49b0133f2d87d7aeb4b36e058dad6f8b55e0956854a7e70a9e12e57f19f24f9016a1586f446c9eea49762b23fd776f07bb8d6129e391c960215481087a191ecb54d301cd83056389bb4bc810d63845559deedab5a133470ef48264eb6adccb61843ccaf815030cb8c47d2aa21b516401970b66a50bf871304836037d438bc5a64154ae5b0cf1ce99fc409d68a5895b80f", 0xb5}], 0x1, 0xfffffffe, 0x9, 0x10)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)

9.467278833s ago: executing program 4 (id=4493):
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
pipe2$9p(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80000)
r2 = dup(r1)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000fc850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000200)='9p_client_req\x00', r3}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}})
socket$packet(0x11, 0x3, 0x300)

9.357878413s ago: executing program 4 (id=4495):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$netlink(0x10, 0x3, 0xc)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket(0xa, 0x3, 0x4)
r1 = socket(0x10, 0x803, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
socket$can_j1939(0x1d, 0x2, 0x7)
sendmsg$NL80211_CMD_GET_COALESCE(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000400)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x8f)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3c0000001000030400000006000000005dcc0300", @ANYRES32=r2, @ANYBLOB="71e79fd800000000140012800c0001006d616376746170001400028008000500", @ANYRES32=r3], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newtfilter={0x2c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x74, r2, {0xffe0}, {}, {0xa, 0x1}}, [@TCA_RATE={0x6, 0x5, {0x39, 0x1}}]}, 0x2c}, 0x1, 0xf0ffffffffffff, 0x100000000000000, 0x4004140}, 0x0)

9.231996754s ago: executing program 4 (id=4497):
r0 = openat$selinux_validatetrans(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005800000095"], 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
write$selinux_validatetrans(r0, 0x0, 0x62)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x11, 0x5, &(0x7f0000000240)=ANY=[], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f00000006c0)='page_pool_state_release\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x6, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007600000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000070"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0400000004000000060000000500000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0100"/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='xen_cpu_set_ldt\x00'}, 0x18)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000240)={<r6=>0xffffffffffffffff})
close(r6)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r7 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x2, 0x0, 0x80000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
read(r7, &(0x7f0000000380)=""/93, 0x5d)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
close(r6)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r4, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000400), 0x301440, 0x0)
syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b70800004e9d00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r9}, 0x10)

9.16205349s ago: executing program 4 (id=4500):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = socket(0x1e, 0x805, 0x0)
connect$tipc(r1, &(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{}, 0x2}}, 0x10)
connect$tipc(r1, &(0x7f0000000000)=@id, 0x10)
close(r1)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000001280)=ANY=[], 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000580)=ANY=[@ANYRESDEC], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={0x0, r2}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000640a00850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1e00000005000000080000000200000000000100", @ANYRES32=r0, @ANYBLOB='\r\v\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0400602914fff3a600b600002c0000000800000000000000", @ANYRES32, @ANYBLOB], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='ext4_request_blocks\x00', r4}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='ext4_request_blocks\x00', r5}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000240)={[{@noload}, {@mblk_io_submit}, {@user_xattr}, {@auto_da_alloc}, {@block_validity}, {@quota}]}, 0x3, 0x449, &(0x7f0000000740)="$eJzs28trXNUfAPDvnSR995f8Sn30oUarGHwkTfqwCzeKggsLgi7qMiZpqZ020kSwpWgVqUspuC8uBf8CV7oRdSW41b0UimTTKghX7sy9ycxkJp2Jk0zrfD5wk3PuPZNzvnPvuXPOPZkA+tZo9iOJ2BURv0bEcDVbX2C0+uvO0pWZP5euzCSRpm/+kVTK3V66MlMULV63s8gMRpQ+TeJAk3oXLl0+N10uz13M8xOL59+bWLh0+fmz56fPzJ2ZuzB14sTRI5MvHJ861pU4s7hu7/9w/uC+196+fnLm1PV3fvw6KeJviKNLRtc6+FSadrm63tpdk04GVx/ftpmNoW0D1W4aQ5X+PxwDsXLyhuPVT3raOGBDpWmaPtj68NUU+A9LotctAHqj+KDP5r/FtklDj3vCrZeqE6As7jv5Vj0yGKW8zFDD/LabRiPi1NW/bmRbbMxzCACAOt9m45/nmo3/SlH7XOh/+RrKSET8PyL2RMTxiNgbEQ9EVMo+FBEPd1h/4yLJ6vFP6ea6AmtTNv57MV/bqh//FaO/GBnIc7sr8Q8lp8+W5w7n78lYDG3N8pNr1PHdK7983upY7fgv27L6i7Fg3o6bg1vrXzM7vTj9b2KudevjiP2DzeJPllcCkojYFxH711nH2We+OtjqWJP4/07T9EZbf7jJOlOn0i8jnq6e/6vREH8hWXt9cmJblOcOTxRXxWo//XztjVb13/38b6zs/O9oev0vxz+S1K7XLnRex7XfPms5p1nv9b8leatu3wfTi4sXJyO2JK8PRX6fWt4/1VBuaqV8Fv/Yoeb9f0+svBMHIiK7iB+JiEcj4rG87Y9HxBMRcWiN+H94+cl363aM7eog/o2VxT/b0flfSWyJxj3NEwPnvv+mrtKR6CD+7PwfraTG8j3t3P/aadf6rmYAAAC4/5QiYlckpfHldKk0Pl79H/69saNUnl9YfPb0/PsXZqvfERiJoVLxpGu45nnoZD6tL/JTDfkj+XPjLwa2V/LjM/Pl2V4HD31uZ4v+n/l9oNetAzZcF9bRgPuU/g/9S/+H/qX/Q/9q0v+396IdwOZr9vn/UQ/aAWy+hv5v2Q/6iPk/9C/9H/qX/g99aWF73P1L8hISqxJRuieaIdFJ4uSxtgv3+s4EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQHf8EAAD//yeb6Hg=")
setxattr$trusted_overlay_upper(&(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000100), &(0x7f00000001c0)=ANY=[], 0x386, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r6, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000340)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="df4800000000000000000c0000002c0003802800038014000180080001000200000005000200000000001000012bbe0002007369743000000000180001801400020073697430"], 0x58}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="200000003700090010000000000000000300000004000080080a3d1d7352a3f0a2c7f80800b52ff195b291000000003000000080f36670bb6a79346f754b5604557194b1060b10aea89961cfa98ea2cf1a96d627893b8cefe1a5cc2942fbabb14e12d1334a5466d9873f6b8e71db00000000000200000000000081356b0f5a78199655969574c2fc5d8af41f9ac99a7a076b8af41b9a0d3c1b6bf63a3df2e330b16dcb13928b0400970ddcd67ebff5e438b5ff82df4004df9ec6f3c44af1949dba46ab81ae6e7fb76bce2c11046c0927f31116548c1daa24f34c422aa4c76386a360ef8460b8bd98658317e556d2764bfaca071ddab40595c99fd30d89707f2bf72a8f5f1edc467100000000000000000000000000370f810695ccc13cfbb4cd931119911bbfad28899b5fed99382b32889fe08b1d9469fa8a546b4f13599ff63556ada28aa413d5ded638d0ff324c4dedaecb0f7c7399961c84f6dffb0386a8f283dbe2d2c79a2f8f56fdd6bf53c45d603a76f54099f971f803fc5674af80c75c637f420cbd10a1f7c9936eab15a0c2020b216ae8274526ee5921f9c768e361e0dd0f1b7462a0995ebbeb0e7e34ed1f505fa9058816ad40c850fc4a7362bbc4ed0c8a85dbc117810c4302d690bef817b7644f544c3db0fd4ffa06859b2ac2d781", @ANYBLOB="d62436c901e8168d1743755a9eca5d0ca6475428f2e736e3158a419265626d2e34512f9deec8b44ee81b89934ded759bed443cf6f07db8154964a9ac27a60f173231d53929770aa21240734c17009c75ea5df0"], 0x20}}, 0x80)
pwritev2(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000400)="223f06a286b400bdd105ed79448991a23e460d07240c87426b375776ce1dc8721b65c1b7f49b0133f2d87d7aeb4b36e058dad6f8b55e0956854a7e70a9e12e57f19f24f9016a1586f446c9eea49762b23fd776f07bb8d6129e391c960215481087a191ecb54d301cd83056389bb4bc810d63845559deedab5a133470ef48264eb6adccb61843ccaf815030cb8c47d2aa21b516401970b66a50bf871304836037d438bc5a64154ae5b0cf1ce99fc409d68a5895b80f", 0xb5}], 0x1, 0xfffffffe, 0x9, 0x10)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)

9.063398599s ago: executing program 4 (id=4502):
sync()

2.608376233s ago: executing program 2 (id=4584):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000300)={[{@grpquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x84}}, {@resuid}, {@max_batch_time={'max_batch_time', 0x3d, 0x3}}, {@lazytime}, {@jqfmt_vfsold}, {@usrquota}, {@data_err_abort}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1b, 0x8, &(0x7f00000038c0)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x0, 0x0, 0x9}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x802)
ioctl$F2FS_IOC_GARBAGE_COLLECT(r5, 0x40004580, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)

2.136958184s ago: executing program 1 (id=4586):
openat$vcsa(0xffffffffffffff9c, &(0x7f0000000340), 0x101000, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000001700)={0x4, 0x4, &(0x7f0000000000)=ANY=[@ANYRES32], &(0x7f0000000300)='syzkaller\x00', 0x0, 0xc3, &(0x7f0000001600)=""/195, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), 0x0, 0x5, r1}, 0x38)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0)
r2 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f00000009c0)={'vcan0\x00', <r3=>0x0})
r4 = socket$can_j1939(0x1d, 0x2, 0x7)
bind$can_j1939(r4, &(0x7f0000000080)={0x1d, r3}, 0x18)
sendmsg$can_j1939(r4, &(0x7f00000001c0)={&(0x7f0000000040), 0x18, &(0x7f0000000180)={&(0x7f00000000c0)="92", 0x1a000}}, 0xee)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r6, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000240)=@newtfilter={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x74, r7, {}, {0x4, 0x9}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r9}, 0x10)
r10 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r10, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x320, 0x0, 0x168, 0x9, 0x0, 0xb, 0x250, 0x250, 0x250, 0x250, 0x250, 0x3, 0x0, {[{{@ipv6={@remote, @rand_addr=' \x01\x00', [], [], 'veth0_to_bridge\x00', 'sit0\x00', {}, {}, 0x6c}, 0x6000000, 0x108, 0x150, 0x0, {0x0, 0x28e}, [@common=@inet=@ipcomp={{0x30}}, @common=@inet=@ipcomp={{0x30}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@mcast2, 'dvmrp0\x00'}}}, {{@uncond, 0x0, 0xd0, 0x100, 0x0, {}, [@common=@inet=@set2={{0x28}}]}, @common=@inet=@SET2={0x30, 'SET\x00', 0x2, {{}, {0x2}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x380)

1.707246291s ago: executing program 2 (id=4588):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r0}, 0x4)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1600000000000000040000000180000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000008000000000000000000000000080000000000060000000000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000590000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xe, 0x4, 0x8, 0x108, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002c6d8000850000000500000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0700000004000000080000000300000014000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000fdffffff01000000000000000180000000000000000000007d3383cd46133d8ce6a0c7b65f51f7f3f833f03b617b68afcd8ffaf4f8b33cfeb897782d8d6d9265b3611105395045907baf2e6e0224a50e87f4b47fa8bf894f09eb0da0341842f44bd6c8dee5e65c3227d080fc237bf4149cb9d08b12e4e3ce6a174e72798c3f07c0811d462b233540bbae0c8d37a509fc8f06f5eb9712dc53a380f41183f9b5812b7b6acaedcdaef8660916c03e1a4bff7a25c34861204ee71c4e0e818d373ad57c812a880d66c3c6e307f23e383407814181a5"], 0x48)
setsockopt(0xffffffffffffffff, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x1000f4)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r8}, 0x10)
sendto$inet6(0xffffffffffffffff, &(0x7f00000004c0)="cbfff831bdc33233e2c3c959d62f3121d47345372cb2fb8463c6acbb65e8f9809790400000006e", 0x27, 0x0, &(0x7f0000000100)={0xa, 0x4e21, 0x0, @loopback}, 0x1c)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, r4, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@void, @void}}}, 0x14}}, 0x4000054)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x14, &(0x7f0000000780)={@rand_addr, <r9=>0x0}, &(0x7f00000007c0)=0x14)
r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000bc0)={0x11, 0x1, &(0x7f0000000880)=@raw=[@call={0x85, 0x0, 0x0, 0x6}], &(0x7f00000008c0)='syzkaller\x00', 0x9, 0xae, &(0x7f0000000900)=""/174, 0x41000, 0x44, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000009c0)={0x9, 0x5}, 0x8, 0x10, &(0x7f0000000a00)={0x0, 0xd, 0xa, 0x3}, 0x10, 0x0, 0x0, 0x6, &(0x7f0000000b00)=[r0, r0, r5, r5], &(0x7f0000000b40)=[{0x1, 0x3, 0xb, 0x5}, {0x2, 0x4, 0x5, 0xc}, {0x0, 0x1, 0x0, 0x3}, {0x5, 0x3, 0x1, 0x1}, {0x0, 0x5, 0xd}, {0x4, 0x4, 0x8, 0x9}], 0x10, 0x10001, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000cc0)={0x4, 0x1e, &(0x7f0000000500)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x5f12, 0x0, 0x0, 0x0, 0x4}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@map_idx={0x18, 0xa, 0x5, 0x0, 0x8}, @cb_func={0x18, 0x9, 0x4, 0x0, 0x7}, @ldst={0x2, 0x2, 0x6, 0x5, 0xb, 0xfffffffffffffff4}, @ldst={0x3, 0x3, 0x1, 0x4, 0xb, 0xfffffffffffffffc, 0xfffffffffffffff0}, @ldst={0x1, 0x1, 0x6, 0x9, 0x7, 0x6}, @alu={0x7, 0x1, 0x7, 0x3, 0xa, 0xfffffffffffffff0}, @alu={0x7, 0x0, 0xb, 0x3, 0x4, 0x40, 0xffffffffffffffff}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r5}}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000600)='GPL\x00', 0x1ff, 0xa7, &(0x7f00000006c0)=""/167, 0x40f00, 0x2, '\x00', r9, @fallback=0xe, 0xffffffffffffffff, 0x8, &(0x7f0000000800)={0x2, 0x1}, 0x8, 0x10, &(0x7f0000000840)={0x2, 0xe, 0x9, 0x101}, 0x10, 0xffffffffffffffff, r10, 0x0, &(0x7f0000000c80)=[r7, r7], 0x0, 0x10, 0x51b, @void, @value}, 0x94)

1.706840341s ago: executing program 2 (id=4589):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
fcntl$lock(r0, 0x7, &(0x7f0000000140))
fcntl$lock(r0, 0x26, &(0x7f00000002c0)={0x1, 0x0, 0x0, 0x5})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
fcntl$lock(r1, 0x26, &(0x7f00000002c0)={0x1, 0x0, 0xff34})
mkdir(&(0x7f0000000240)='./file1\x00', 0xa1)

1.223226584s ago: executing program 1 (id=4599):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$selinux_load(0xffffffffffffff9c, 0x0, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000480)=ANY=[@ANYBLOB="0209000002"], 0x10}}, 0x0)

1.210643865s ago: executing program 1 (id=4600):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r0}, 0x4)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1600000000000000040000000180000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000008000000000000000000000000080000000000060000000000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000590000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xe, 0x4, 0x8, 0x108, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002c6d8000850000000500000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0700000004000000080000000300000014000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000fdffffff01000000000000000180000000000000000000007d3383cd46133d8ce6a0c7b65f51f7f3f833f03b617b68afcd8ffaf4f8b33cfeb897782d8d6d9265b3611105395045907baf2e6e0224a50e87f4b47fa8bf894f09eb0da0341842f44bd6c8dee5e65c3227d080fc237bf4149cb9d08b12e4e3ce6a174e72798c3f07c0811d462b233540bbae0c8d37a509fc8f06f5eb9712dc53a380f41183f9b5812b7b6acaedcdaef8660916c03e1a4bff7a25c34861204ee71c4e0e818d373ad57c812a880d66c3c6e307f23e383407814181a5"], 0x48)
setsockopt(0xffffffffffffffff, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x1000f4)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r8}, 0x10)
sendto$inet6(0xffffffffffffffff, &(0x7f00000004c0)="cbfff831bdc33233e2c3c959d62f3121d47345372cb2fb8463c6acbb65e8f9809790400000006e", 0x27, 0x0, &(0x7f0000000100)={0xa, 0x4e21, 0x0, @loopback}, 0x1c)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, r4, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@void, @void}}}, 0x14}}, 0x4000054)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x14, &(0x7f0000000780)={@rand_addr, <r9=>0x0}, &(0x7f00000007c0)=0x14)
r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000bc0)={0x11, 0x1, &(0x7f0000000880)=@raw=[@call={0x85, 0x0, 0x0, 0x6}], &(0x7f00000008c0)='syzkaller\x00', 0x9, 0xae, &(0x7f0000000900)=""/174, 0x41000, 0x44, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000009c0)={0x9, 0x5}, 0x8, 0x10, &(0x7f0000000a00)={0x0, 0xd, 0xa, 0x3}, 0x10, 0x0, 0x0, 0x6, &(0x7f0000000b00)=[r0, r0, r5, r5], &(0x7f0000000b40)=[{0x1, 0x3, 0xb, 0x5}, {0x2, 0x4, 0x5, 0xc}, {0x0, 0x1, 0x0, 0x3}, {0x5, 0x3, 0x1, 0x1}, {0x0, 0x5, 0xd}, {0x4, 0x4, 0x8, 0x9}], 0x10, 0x10001, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000cc0)={0x4, 0x1e, &(0x7f0000000500)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x5f12, 0x0, 0x0, 0x0, 0x4}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@map_idx={0x18, 0xa, 0x5, 0x0, 0x8}, @cb_func={0x18, 0x9, 0x4, 0x0, 0x7}, @ldst={0x2, 0x2, 0x6, 0x5, 0xb, 0xfffffffffffffff4}, @ldst={0x3, 0x3, 0x1, 0x4, 0xb, 0xfffffffffffffffc, 0xfffffffffffffff0}, @ldst={0x1, 0x1, 0x6, 0x9, 0x7, 0x6}, @alu={0x7, 0x1, 0x7, 0x3, 0xa, 0xfffffffffffffff0}, @alu={0x7, 0x0, 0xb, 0x3, 0x4, 0x40, 0xffffffffffffffff}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r5}}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000600)='GPL\x00', 0x1ff, 0xa7, &(0x7f00000006c0)=""/167, 0x40f00, 0x2, '\x00', r9, @fallback=0xe, 0xffffffffffffffff, 0x8, &(0x7f0000000800)={0x2, 0x1}, 0x8, 0x10, &(0x7f0000000840)={0x2, 0xe, 0x9, 0x101}, 0x10, 0xffffffffffffffff, r10, 0x0, &(0x7f0000000c80)=[r7, r7], 0x0, 0x10, 0x51b, @void, @value}, 0x94)

1.171939288s ago: executing program 1 (id=4603):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
get_mempolicy(0x0, 0x0, 0x482, &(0x7f000000d000/0x4000)=nil, 0x2)

1.15453639s ago: executing program 1 (id=4605):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = socket$inet6(0xa, 0x40000080806, 0x0)
bind$inet6(r1, &(0x7f000047b000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
listen(r1, 0x20000005)
r2 = socket$inet6(0xa, 0x6, 0x0)
connect$inet6(r2, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
r3 = accept4(r1, 0x0, 0x0, 0x0)
sendmsg$IPCTNL_MSG_EXP_NEW(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x4800)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000c40)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70500001000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r6 = getpid()
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
close(r7)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000002000208500000070"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000280)='tlb_flush\x00', r7}, 0x10)
process_vm_readv(r6, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r5}, 0x10)
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)
sendmsg$NL80211_CMD_DEL_NAN_FUNCTION(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={0x0}}, 0x0)

1.056907458s ago: executing program 0 (id=4610):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18010000000000000000000000000004850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000080000002020702500000000002020207b1af8bdff00000000bfa1000000000000070200000000f3d42ba9403c1effee58234989b7030000ddffffff850000002d0000009500"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x1a, 0x3, &(0x7f0000000400)=@framed, &(0x7f0000000340)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x64, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r5, 0x702, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000700)=@newsa={0x180, 0x10, 0x633, 0x0, 0x0, {{@in=@remote, @in=@initdev={0xac, 0x1e, 0x0, 0x0}}, {@in6=@empty, 0x0, 0x32}, @in6=@empty, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @algo_auth={0x48, 0x1, {{'md5\x00'}}}]}, 0x180}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
setresgid(0xffffffffffffffff, 0x0, 0x0)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
syz_mount_image$msdos(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0xa000c8, &(0x7f00000006c0)=ANY=[], 0xfd, 0x1bf, &(0x7f0000000940)="$eJzs3TGL02AYB/Cn9bzmnG4TRCHg4nSon+BEThADgtJBJ4XT5SqCt0SX9mP4Af0A0qmLRGrSxkaHWmxS6++39En/edvnHZp26ZNXN99dnL+/fPvl+udIkl70T+M0Zr04jn4sTAIA2CezooivRanrXgCAdqzx/f+t5ZYAgC17/uLlkwdZdvYsTZOI6SQf5sPyscwfPc7O7qY/HNerpnk+vLLM76XN3w7z/Gpcq/L75fp0NT+MO7fLfJ49fJo18kGcb3frAAAAAAAAAAAAAAAAAAAAAADQmVuRLvx2vs/JSTM/qvLy6Kf5QI35PQdx46A6rMcDFeM2NgUAAAAAAAAAAAAAAAAAAAD/mMuPny5ej0ZvPtTFICJWn/mTole98IbL2y76sRNtKP5qke5GG6MNPwWHEbGtxmZFUax1cn2NGHR1cQIAAAAAAAAAAAAAAAAAgP9M/affX7Oki4YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAP1/f83KMYRscbJyzc76nSrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7LHvAQAA///DgjXa")
openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r8 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
fcntl$notify(r8, 0x402, 0x6)
ioctl$GIO_UNISCRNMAP(r8, 0x4b69, &(0x7f00000002c0)=""/37)

1.047346429s ago: executing program 1 (id=4611):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f00000001c0), r2)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000100)={0x0, r0}, 0x8)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r4}, 0x10)
mq_unlink(0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000010000800000000000032200850000007b00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r5}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ptrace(0x10, 0x1)
r6 = inotify_init1(0x0)
fcntl$setown(r6, 0x8, 0xffffffffffffffff)
fcntl$getownex(r6, 0x10, &(0x7f0000000380))
pwritev2(0xffffffffffffffff, 0x0, 0x0, 0xf, 0x2, 0x15)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7020000020000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
setitimer(0x1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e06, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}}, 0x1c)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="010000000000000000000200000008000100", @ANYRES32=r1], 0x1c}}, 0x0)
write$nci(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="414601"], 0x4)
r7 = socket$inet6(0xa, 0x5, 0x0)
listen(r7, 0x50)
r8 = socket$netlink(0x10, 0x3, 0x4)
writev(r8, &(0x7f00000002c0)=[{&(0x7f00000001c0)="4800000014001d0d09074beafd0d8c560284606088ffe0064e204e20590000a2bc5603ca00000f7f8907000020008d42188fedc22e6ee11ac3439693b948e142ff0000000309ff5b", 0x48}], 0x1)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

964.540386ms ago: executing program 3 (id=4614):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r0}, 0x4)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1600000000000000040000000180000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000008000000000000000000000000080000000000060000000000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xe, 0x4, 0x8, 0x108, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002c6d8000850000000500000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0700000004000000080000000300000014000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000fdffffff01000000000000000180000000000000000000007d3383cd46133d8ce6a0c7b65f51f7f3f833f03b617b68afcd8ffaf4f8b33cfeb897782d8d6d9265b3611105395045907baf2e6e0224a50e87f4b47fa8bf894f09eb0da0341842f44bd6c8dee5e65c3227d080fc237bf4149cb9d08b12e4e3ce6a174e72798c3f07c0811d462b233540bbae0c8d37a509fc8f06f5eb9712dc53a380f41183f9b5812b7b6acaedcdaef8660916c03e1a4bff7a25c34861204ee71c4e0e818d373ad57c812a880d66c3c6e307f23e383407814181a5"], 0x48)
setsockopt(0xffffffffffffffff, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x1000f4)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r8}, 0x10)
sendto$inet6(0xffffffffffffffff, &(0x7f00000004c0)="cbfff831bdc33233e2c3c959d62f3121d47345372cb2fb8463c6acbb65e8f9809790400000006e", 0x27, 0x0, &(0x7f0000000100)={0xa, 0x4e21, 0x0, @loopback}, 0x1c)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, r4, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@void, @void}}}, 0x14}}, 0x4000054)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x14, &(0x7f0000000780)={@rand_addr, <r9=>0x0}, &(0x7f00000007c0)=0x14)
r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000bc0)={0x11, 0x1, &(0x7f0000000880)=@raw=[@call={0x85, 0x0, 0x0, 0x6}], &(0x7f00000008c0)='syzkaller\x00', 0x9, 0xae, &(0x7f0000000900)=""/174, 0x41000, 0x44, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000009c0)={0x9, 0x5}, 0x8, 0x10, &(0x7f0000000a00)={0x0, 0xd, 0xa, 0x3}, 0x10, 0x0, 0x0, 0x6, &(0x7f0000000b00)=[r0, r0, r5, r5], &(0x7f0000000b40)=[{0x1, 0x3, 0xb, 0x5}, {0x2, 0x4, 0x5, 0xc}, {0x0, 0x1, 0x0, 0x3}, {0x5, 0x3, 0x1, 0x1}, {0x0, 0x5, 0xd}, {0x4, 0x4, 0x8, 0x9}], 0x10, 0x10001, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000cc0)={0x4, 0x1e, &(0x7f0000000500)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x5f12, 0x0, 0x0, 0x0, 0x4}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@map_idx={0x18, 0xa, 0x5, 0x0, 0x8}, @cb_func={0x18, 0x9, 0x4, 0x0, 0x7}, @ldst={0x2, 0x2, 0x6, 0x5, 0xb, 0xfffffffffffffff4}, @ldst={0x3, 0x3, 0x1, 0x4, 0xb, 0xfffffffffffffffc, 0xfffffffffffffff0}, @ldst={0x1, 0x1, 0x6, 0x9, 0x7, 0x6}, @alu={0x7, 0x1, 0x7, 0x3, 0xa, 0xfffffffffffffff0}, @alu={0x7, 0x0, 0xb, 0x3, 0x4, 0x40, 0xffffffffffffffff}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r5}}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000600)='GPL\x00', 0x1ff, 0xa7, &(0x7f00000006c0)=""/167, 0x40f00, 0x2, '\x00', r9, @fallback=0xe, 0xffffffffffffffff, 0x8, &(0x7f0000000800)={0x2, 0x1}, 0x8, 0x10, &(0x7f0000000840)={0x2, 0xe, 0x9, 0x101}, 0x10, 0xffffffffffffffff, r10, 0x0, &(0x7f0000000c80)=[r7, r7], 0x0, 0x10, 0x51b, @void, @value}, 0x94)

948.618578ms ago: executing program 3 (id=4615):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = syz_open_dev$usbfs(&(0x7f0000000080), 0x6f, 0x101301)
ioctl$USBDEVFS_FREE_STREAMS(r1, 0x802c550a, &(0x7f00000000c0)=ANY=[@ANYBLOB="020020031c0007006000000002"])

936.007019ms ago: executing program 3 (id=4616):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, 0x0, &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = socket$netlink(0x10, 0x3, 0xb)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
close(r1)

925.24879ms ago: executing program 3 (id=4617):
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r0, &(0x7f0000000040)="b9", 0x1, 0x0, &(0x7f0000000080)={0xa, 0x0, 0x0, @private2}, 0x1c)
setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000140)=ANY=[], 0x8)
r1 = add_key$keyring(&(0x7f0000000240), &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000007c0)=@newtaction={0x7c, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x68, 0x1, [@m_tunnel_key={0x64, 0x1, 0x0, 0x0, {{0xf}, {0x34, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{}, 0x1}}, @TCA_TUNNEL_KEY_ENC_IPV6_SRC={0x14, 0xb, @loopback={0x40000000c000000}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x7c}}, 0x0)
r3 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_STATUS(r3, 0x84, 0x84, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @empty}}}}, &(0x7f0000000080)=0xb0)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r1, &(0x7f0000000100)='asymmetric\x00', &(0x7f0000000180)=@chain={'key_or_keyring:', r1})
add_key$keyring(&(0x7f0000000000), &(0x7f00000000c0)={'syz', 0x0}, 0x0, 0x0, r1)
listen(r0, 0x100101)
accept4(r0, 0x0, 0x0, 0x0)
r4 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$selinux_load(r4, &(0x7f0000000100)={0xf97cff8c, 0x8, 'SE Linux', "8afda04dd8ad0421af60736dec5e95da"}, 0x20)
listen(0xffffffffffffffff, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
setxattr$trusted_overlay_upper(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200), &(0x7f0000000340)={0x0, 0xfb, 0xc2, 0x6, 0x81, "dea09b58bcfb93586eb031f878dcf869", "86e75cacf5b11b5f15df422480da6c845558bed1a3d88b7c751c68d9133f42c62973e52ed9ebbe64942f09fe52a3566ee59530bfda0394a9a1efc983b9d332b867f35002aae1e21c96e68d477ba2762adb48adcbc0db25e0a8b537cf30a7e16b9b09497b1abc5fd85ba774985babdf7445ce88ba130dbaa6e4237b8bfeb1967e36a1ce85cbe883468977413c0beb4d85d5edf45d2d702780fbf88c5ab04036e8b8126651d70e50d8fa9735869e"}, 0xc2, 0x3)
sendmsg$IPSET_CMD_DESTROY(r5, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000040)={0x58, 0x3, 0x6, 0x401, 0x0, 0x0, {0x2, 0x0, 0x3}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x58}}, 0x48810)

809.15348ms ago: executing program 2 (id=4618):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00'}, 0x10)
r0 = socket$inet6(0xa, 0x40000080806, 0x0)
listen(r0, 0x20000005)
socket$inet6(0xa, 0x6, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$IPCTNL_MSG_EXP_NEW(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x4800)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r3 = getpid()
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
close(r4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000002000208500000070"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000280)='tlb_flush\x00', r4}, 0x10)
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}], 0x1, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r2}, 0x10)
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)
sendmsg$NL80211_CMD_DEL_NAN_FUNCTION(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={0x0}}, 0x0)

719.109598ms ago: executing program 2 (id=4619):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={0x0, r1}, 0x18)
syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000040)='./file1\x00', 0x18, &(0x7f00000005c0)=ANY=[], 0x1, 0x6fd, &(0x7f0000000880)="$eJzs3UFv2+YZAOBXjtN6HlAM21AUQZqybg8JkDqS3Dowehg0mbbZyqJAykWCHYqicYagTjs0G7B4h66XbjvsJ+zQ6/5E/8Ru+w297zQPpCTHTmzZS1K7CJ5HiPmJfMnv/WiBr6lQVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0eiuNputRvSy/tat5Hjd1SLfnLJ8sr3vDk2m9BvRqP7F3Fy8Npr12i8fLX61+rEQl0fPLsdcNZmL3Z+++rP3fzE7M1l/SkJn4sHD3c8+2dnZ/vK8Ezkn62k/K/Nss7OeJlmZJyvLy80bG2tlspb10vJ2OUw3k26RdoZ5kVztXktaKytLSbp4O9/qr692eulk5s132s3mcvLB4iDtFGXev/HBYtndyHq9rL9ex1SLq5ibyW+/KD7Mhskw7Wwmyd17O9tLJyVZBbVOE9Q+KajdbLdbrXa7tfzeyns3m83ZdnMuDs1oPiYOrZI0m7OTF21j/Eo/9b4+4F9PsxI/mJlDz+LP03+zz+vQDc9sZlz/oxdZ9GMrbkVy5KMbq1FEHpvHLB/7LuJPdeNGOrXfg/V/UuVfe7T4UvVjYW787Mpx9f+YXM7u8SAexm58Fp/ETuzEdnx57hmd7WM90uhHFmXkkcVmdOo5yXhOEiuxHMvRjI9jI9aijCTWIotepFHG7ShjGGn9iupGEWl0Yhh5FJHE1ejGtUiiFSuxEkuRRBqLcTvy2Ip+rMdqdOqt3I179X5fmpLjflDrNEHtKUGTYv7S+HU5+8QfBNPr/839+v+Puj48ePsMihM/Dhcmjed7AIdnsDep/7G399+9ynlnBAAAADxvjfrd98aVl/afr2W99DfnnBUAAADwPNWXIV+uJher1uvRqM7/m+edFgAAAPAcNeLK+F2A+Xhj1Jp8EsqbAAAAAPCCqP///0o1ma9ab0TD+T8AAAC8aP766B77u3HkPXbLwUxEzEZE4+vBrbcb9ztVXOf+hdF6Fx7f4nDtUuOV8UbqyfLs+Fk3vdwY3/1y/yaY348nd0+613+jKC4+awIRM+OYN++Mpnf2l9S9zK9lvXSxm/feb0Wn88rMML01/MPn9/4YUfX+t/7mK424e29ne/HTL3bu1Ll8XW3l6/vju7k3/o9cfh+vj2JefzmeGPFuNC7WH8QY9zs/6rd5cPzjsUyG9JNT9PnNJGZhfjSdPzz+uarP1uJxo59vvDxe/5lG/s0k+K2rb40mR2TRnpJFvS/aB/f/Y/viVFnEWydnsXRSFkvPmAXAebm7X4UO192L+/X/ibr7FEe5s6nu38TVUczVS/WBdfbSEUf05pFH9L0Lj9XYp69u/4xro5hrk+Djamw15r/v99uq+/22WuHbY/ste5Mdcv93cWPm4e479+rY7c/b7aXl5rvN5nvtuFgPYzypMv2P2gPAYQv19f/TvmPn6IgLES9Nave78eYo4tFZdVWT9ivez/cvKViMT+OL2Ik7cb3+tEF9xcGR/c4fuAzheiyMkz36rHX+wDe8XD/hrG4UO/nb5TSxo6+XAYAXycIJdXi//k++i28SUZfQUf2/fuC8e+6I8+7DtXz62fHBWg4A/DDS4vvG/PAvjaLIBh+3VlZaneFGmhR598OkyFbX0yTrD9Oiu9Hpr6fJoMiHeTfvVY2PstW0TMqtwSAvhslaXiSDvMxu/SqyXpqMv/q9TDc7/WHWLQe9tFOmSTfvDzvdYbKald1ksPXrXlZ+tbe3V61cDtJutpZ1O8Ms7ydlvlV008UkKdN0HLiRFkm2mvaH2VpWNfvJoMhejuJ28lHe29pMk9W07BbZYJgXdTaTvrL+Wl5s1ptdPO+dDQA/Eg8e7n72yc7O9pdHN+bi2EV149/TVx81znuMAMBh06r0E1efAQAAAAAAAAAAAAAA5+KEz/89faPx2JyZiPih+nrhGntfnUlfkw94+O082fj2wJzkR5DPmTfO+cAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEf4XwAAAP//pPJP3Q==")

674.915932ms ago: executing program 2 (id=4620):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000800000000000000", @ANYRES32, @ANYBLOB="0000000000000000000004000100000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = socket(0x1e, 0x805, 0x0)
connect$tipc(r1, &(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{}, 0x2}}, 0x10)
connect$tipc(r1, &(0x7f0000000000)=@id, 0x10)
close(r1)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000001280)=ANY=[], 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={0x0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000640a00850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1e00000005000000080000000200000000000100", @ANYRES32=r0, @ANYBLOB='\r\v\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0400602914fff3a600b600002c0000000800000000000000", @ANYRES32, @ANYBLOB], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='ext4_request_blocks\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='ext4_request_blocks\x00', r4}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000240)={[{@noload}, {@mblk_io_submit}, {@user_xattr}, {@auto_da_alloc}, {@block_validity}, {@quota}]}, 0x3, 0x449, &(0x7f0000000740)="$eJzs28trXNUfAPDvnSR995f8Sn30oUarGHwkTfqwCzeKggsLgi7qMiZpqZ020kSwpWgVqUspuC8uBf8CV7oRdSW41b0UimTTKghX7sy9ycxkJp2Jk0zrfD5wk3PuPZNzvnPvuXPOPZkA+tZo9iOJ2BURv0bEcDVbX2C0+uvO0pWZP5euzCSRpm/+kVTK3V66MlMULV63s8gMRpQ+TeJAk3oXLl0+N10uz13M8xOL59+bWLh0+fmz56fPzJ2ZuzB14sTRI5MvHJ861pU4s7hu7/9w/uC+196+fnLm1PV3fvw6KeJviKNLRtc6+FSadrm63tpdk04GVx/ftpmNoW0D1W4aQ5X+PxwDsXLyhuPVT3raOGBDpWmaPtj68NUU+A9LotctAHqj+KDP5r/FtklDj3vCrZeqE6As7jv5Vj0yGKW8zFDD/LabRiPi1NW/bmRbbMxzCACAOt9m45/nmo3/SlH7XOh/+RrKSET8PyL2RMTxiNgbEQ9EVMo+FBEPd1h/4yLJ6vFP6ea6AmtTNv57MV/bqh//FaO/GBnIc7sr8Q8lp8+W5w7n78lYDG3N8pNr1PHdK7983upY7fgv27L6i7Fg3o6bg1vrXzM7vTj9b2KudevjiP2DzeJPllcCkojYFxH711nH2We+OtjqWJP4/07T9EZbf7jJOlOn0i8jnq6e/6vREH8hWXt9cmJblOcOTxRXxWo//XztjVb13/38b6zs/O9oev0vxz+S1K7XLnRex7XfPms5p1nv9b8leatu3wfTi4sXJyO2JK8PRX6fWt4/1VBuaqV8Fv/Yoeb9f0+svBMHIiK7iB+JiEcj4rG87Y9HxBMRcWiN+H94+cl363aM7eog/o2VxT/b0flfSWyJxj3NEwPnvv+mrtKR6CD+7PwfraTG8j3t3P/aadf6rmYAAAC4/5QiYlckpfHldKk0Pl79H/69saNUnl9YfPb0/PsXZqvfERiJoVLxpGu45nnoZD6tL/JTDfkj+XPjLwa2V/LjM/Pl2V4HD31uZ4v+n/l9oNetAzZcF9bRgPuU/g/9S/+H/qX/Q/9q0v+396IdwOZr9vn/UQ/aAWy+hv5v2Q/6iPk/9C/9H/qX/g99aWF73P1L8hISqxJRuieaIdFJ4uSxtgv3+s4EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQHf8EAAD//yeb6Hg=")
setxattr$trusted_overlay_upper(&(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000100), &(0x7f00000001c0)=ANY=[], 0x386, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r5, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000340)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="df4800000000000000000c0000002c0003802800038014000180080001000200000005000200000000001000012bbe0002007369743000000000180001801400020073697430"], 0x58}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="200000003700090010000000000000000300000004000080080a3d1d7352a3f0a2c7f80800b52ff195b291000000003000000080f36670bb6a79346f754b5604557194b1060b10aea89961cfa98ea2cf1a96d627893b8cefe1a5cc2942fbabb14e12d1334a5466d9873f6b8e71db00000000000200000000000081356b0f5a78199655969574c2fc5d8af41f9ac99a7a076b8af41b9a0d3c1b6bf63a3df2e330b16dcb13928b0400970ddcd67ebff5e438b5ff82df4004df9ec6f3c44af1949dba46ab81ae6e7fb76bce2c11046c0927f31116548c1daa24f34c422aa4c76386a360ef8460b8bd98658317e556d2764bfaca071ddab40595c99fd30d89707f2bf72a8f5f1edc467100000000000000000000000000370f810695ccc13cfbb4cd931119911bbfad28899b5fed99382b32889fe08b1d9469fa8a546b4f13599ff63556ada28aa413d5ded638d0ff324c4dedaecb0f7c7399961c84f6dffb0386a8f283dbe2d2c79a2f8f56fdd6bf53c45d603a76f54099f971f803fc5674af80c75c637f420cbd10a1f7c9936eab15a0c2020b216ae8274526ee5921f9c768e361e0dd0f1b7462a0995ebbeb0e7e34ed1f505fa9058816ad40c850fc4a7362bbc4ed0c8a85dbc117810c4302d690bef817b7644f544c3db0fd4ffa06859b2ac2d781", @ANYBLOB="d62436c901e8168d1743755a9eca5d0ca6475428f2e736e3158a419265626d2e34512f9deec8b44ee81b89934ded759bed443cf6f07db8154964a9ac27a60f173231d53929770aa21240734c17009c75ea5df0"], 0x20}}, 0x80)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
sendmmsg$unix(r9, &(0x7f0000000000), 0x651, 0x0)
pwritev2(r9, &(0x7f00000004c0)=[{&(0x7f0000000400)="223f06a286b400bdd105ed79448991a23e460d07240c87426b375776ce1dc8721b65c1b7f49b0133f2d87d7aeb4b36e058dad6f8b55e0956854a7e70a9e12e57f19f24f9016a1586f446c9eea49762b23fd776f07bb8d6129e391c960215481087a191ecb54d301cd83056389bb4bc810d63845559deedab5a133470ef48264eb6adccb61843ccaf815030cb8c47d2aa21b516401970b66a50bf871304836037d438bc5a64154ae5b0cf1ce99fc409d68a5895b80f", 0xb5}], 0x1, 0xfffffffe, 0x9, 0x10)
recvmmsg(r8, &(0x7f00000000c0), 0x10106, 0x2, 0x0)

130.646309ms ago: executing program 0 (id=4621):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = socket$inet6(0xa, 0x40000080806, 0x0)
bind$inet6(r1, &(0x7f000047b000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
listen(r1, 0x20000005)
r2 = socket$inet6(0xa, 0x6, 0x0)
connect$inet6(r2, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
r3 = accept4(r1, 0x0, 0x0, 0x0)
sendmsg$IPCTNL_MSG_EXP_NEW(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x4800)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000c40)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70500001000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r6 = getpid()
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
close(r7)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000002000208500000070"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000280)='tlb_flush\x00', r7}, 0x10)
process_vm_readv(r6, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r5}, 0x10)
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)
sendmsg$NL80211_CMD_DEL_NAN_FUNCTION(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={0x0}}, 0x0)

41.993837ms ago: executing program 3 (id=4622):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r0}, &(0x7f0000000000), &(0x7f0000000040)=r1}, 0x20)
ftruncate(0xffffffffffffffff, 0x20cf01)
syz_mount_image$ext4(&(0x7f0000001100)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x2000480, &(0x7f0000004080), 0x1, 0x762, &(0x7f0000001180)="$eJzs3c9rHFUcAPDvbJKmTauJIGg9BQQNlG5Mja2Ch4oHESwU9GxdNttQs8mW7KY0IaAighdBxYOgl579UW/exB9X/S88SEvVtFjxIJHZzKbbZrfJpkmWup8PTPt9M7N5892Zee/tzrATQM8aTf/JRRyOiA+TiOFsfhIRA/WoP+Lk2no3V5aL6ZTE6uqrfyT1dW6sLBej6TWpg1nh0Yj48b2II7mN9VYXl2YK5XJpPiuP12bPj1cXl46emy1Ml6ZLc8cnJiePnXjmxPGdy/WvX5YOXf3opSe/PvnPu49c/uCnJE7GoWxZcx47ZTRGs/dkIH0Lb/PiTlfWZUm3N4BtSU/NvrWzPA7HcPTVIwDg/+ytiFgFAHpMov8HgB7T+B7gxspysTF19xuJvXXthYjYv5Z/4/rm2pL+7Jrd/vp10KEbyW1XRpKIGNmB+kcj4vNvX/8ynWKXrkMCtPL2d1mwof1PNtyz0KmntrDO6B1l7R/sne/T8c+zrcZ/ufXxT7QY/wy2OHe3Y/PzP3dlB6ppKx3/Pd90b9vNpvwzI31Z6YH6mG8gOXuuXErbtgcjYiwGBtPyxF3qGLv+7/V2y5rHf39+/OYXaf3p/7fWyF3pH7z9NVOFWuFecm527Z2Ix/pb5Z+s7/+kzfj39BbrePm59z9rtyzNP823MW3Mf3etXop4ouX+v3VHW3LX+xPH64fDeOOgaOGbXz8dald/8/5Pp7T+xmeBvZDu/6G75z+SNN+vWe28jp8vDf/Qbtnm+bc+/vclr9Xjfdm8i4VabX4iYl/yysb5x269tlFurJ/mP/Z4Pf8D2Sob2r9Wx3/6mfCNzRLPNqL/6u9fbT//3ZXmP9XR/u88uHxzpq9d/Vvb/5P1aCybs5X2b6sbeC/vHQAAAAAAAAAAAAAAAAAAAAAAAABsVS4iDkWSy6/HuVw+v/YM74djKFeuVGtHzlYW5qai/qzskRjINX7qcrjp91Anst/Db5SP3VF+OiIeiohPBg/Uy/lipTzV7eQBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIHOwzfP/U78NdnvrAIBds7/bGwAA7Dn9PwD0nk77f+MFALj/6c8BoPfo/wGg9+j/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2GWnT51Kp9W/V5aLaXnqwuLCTOXC0alSdSY/u1DMFyvz5/PTlcp0uZQvVmY3+3vlSuX8ZMwtXByvlaq18eri0pnZysJc7cy52cJ06UxpYE+yAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDOVBeXZgrlcmleIBAI1oNut0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA94f/AgAA///tuiN0")
r2 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fcntl$setstatus(r2, 0x4, 0x6100)
write$cgroup_type(r2, &(0x7f0000000200), 0x175d9003)

41.664267ms ago: executing program 0 (id=4623):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000800"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='mm_page_alloc\x00', r1}, 0x10)
set_mempolicy(0x4005, &(0x7f0000000080)=0x7e, 0x9)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

37.372827ms ago: executing program 0 (id=4624):
r0 = socket$rxrpc(0x21, 0x2, 0xa)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000180)='syzkaller\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r2, 0x8, 0x0, 0x0, 0x10, &(0x7f00000001c0)={0xfffffffd}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfe, @void, @value}, 0x90)
connect$rxrpc(r0, &(0x7f0000000000)=@in4={0x21, 0x1, 0x2, 0x10, {0x2, 0x4e22, @remote}}, 0x24)
openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x800, 0xf0)
clock_gettime(0x0, &(0x7f0000000100)={<r3=>0x0, <r4=>0x0})
ppoll(&(0x7f0000000080)=[{r0, 0x400}, {0xffffffffffffffff, 0x42}, {r0, 0x220}, {r0, 0x2c0}, {r0, 0x10}, {r0, 0x220}, {r0, 0x108}, {r0, 0x1a}], 0x8, &(0x7f0000000140)={r3, r4+60000000}, &(0x7f00000001c0)={[0x7]}, 0x8)
sendmsg$inet(r0, &(0x7f0000000180)={0x0, 0xfffffffffffffd6b, 0x0, 0x0, &(0x7f00000000c0)=[@ip_tos_int={{0x18, 0x110}}], 0x18, 0x4c00}, 0x0)

1.260301ms ago: executing program 0 (id=4625):
r0 = syz_clone(0x100, &(0x7f0000000000)="f83cce920c722c1517608d82226ea97f13da336668b80966", 0x18, &(0x7f0000000040), &(0x7f0000000080), &(0x7f00000000c0)="4216e0906fd001482aa3355d2b8e616dc2c5d3c5cfb7cc582be0750f4f171ef97133fe2ed3b7b213952ba261c998fa1412cd8e4380c9973fc91ed76b1a1278521f62804488c9c5082fd232bed7499b92f566ccdc5a1fc09716226374853684d79f936441286b188dff721a7c1ec9ec2c58a1e3105c73245a8f7ba09fa9994dd3440331172fe5a153f557d689665403446fe398ca10c7a9070aa7c93f213ac0a9e8bbe70497e5973f71ad735410bacd05dad6814b818bc4549b582dd3d024d86045597092c9f22dd546ea11cc1a529f24b3600944fc3168ddba237569854d745ef6218d2fd8a3afd91142fdea482097e0fbd5097fb4aa83d08593e2da124b47b59cff431d5cece36d8198b093148e9b9b5702342c9068322698eed3eba64bbb3cae32767ce0b8051807f69e7f7f5a18008105d3bcfcd580b911f79ad88819feb134d798198be2263ed7976b1dca0b1d3e818e3da221a81bcd44b1a3df913ed09edf543f68f515e95f4681ada6bbcba708bdaa4245009643204b1167e67ec70f804e89581b8185b158deac50d2d9189ec91b53e0e111e532398762d5d3344c7fad1c6c0469ddd3d60c6da48559a6021ced99c14279f06b208974815e3bf2507924c418d9ebd053021471174f99a1b21ee7001b606af568a87b29ffa0f008986a2d5ceedfa69994a43870d186554d8bb35dc3c972e273ca72fe695521b25f41d5de19f96cd619410fc89f0fa1d5fab8ef40ab7e103ed3782ee0661e7c7e21f72e684fade76dc0404d58a9fa53a655742cb932dc918670bbd3a31777a433d7d3df89b2031234d5f5114f4b1d6ac7eea0798b34564641999ebd5aa4405074837f316054611fac7223f145717a0fce6ef3ab9263b2190e1fc26d1440bc90fdbdd9c5183cbcd816fdb3a9d94bee72307e79db214eddccd8e418c47b77b5186ae5516abe2c9b9768aad6ee610cba20ad1dd0de7414e9485e889e6bed2ed0190b8f2bd9bc81fd026be409f91ffc8efd7c05df7dd2c5a729365ff5ad918f11b7f933ef8663eb32328f5097bc9ed2ff8906450bdcd910f5b9ef6d439baedf3a11a7900d349c18abcd09c70a09e4abdda9326d2c47b0b59b44ee62dd95aa20cde271f9d31934991b11da31004e75cb77ea96d0c01be1c959f2e49e281e077c1f63d8f4cad222dabf0c6a2a2094e4e61561ec546eb4db5fbb82c6de59c596e22df87c123555158b7774a32d7c0c3ff255d364031f1b8963898db015a44a8a344565b61a292f5ac5da2ffac724db750bde3b1057d6d9461e0f78d5eb7d6cbbd0e6c6fb497d2b10f9e6f758bb0b569c12e2d2e2760290ec4c6a3eb911c6a43313af9ab1ebed6ebec953523e7371fdb16edc77d4d737349666c44303012829453063757c431460cc5b1ec3aabb104e8b3ee0e49012d1b9a1b6cb13447582d04300a8d3bd53c4b9f946145e97c2445008536593b8aaadfbcd5d5b24be75e7947d660a199c82e7510bc88f87154164f207c27066842418ba1a4ffa860642d97c78746b67f32e3aee78d0a8ff8b7842618ed90274b064a72796eb4da17f349d1ffe3907c8c12d294dced4cb929c07ed2165a58303f235017501949bb6471b5c5d735e6fd3f55b31876a374bf64ef062fcf48487ebba2a46e261365761a0b69ac8f2ecaf1212e437608c4a31434ecbfcccb7d83aadb49cc3095f673f2890f67965fbdc62575662a863e44d6c16b0dd020b15ad237e08a59780d270e2627100e1863d6effd935ae9d5070523fda41b6ab017533a294f3f61f36afa928f7a7c37f8cc641564ac9e27d8fe53d4e33be1a64e4ddfe2055f08d3239cde38e73e6352d317fd86d7122e483697dcb5fc609c76e06900c63861e7c00b917b3f2c5e60beff681187a699a73aa7ba54c828ad69dfe774e77fd72acff0b14ff6d8a976dcf13f141c8ebaa05be98443f41b95769893d81cbdbe33a35ee74da026919b9f4799d98413287f5fcc54e360f1da576e7486ad128ea4905a3b6761351c3292f94770f6a7813e760e085fd68bc2142c18cc04b7eae084e9b66819813bf47cdf722a79192afe5d1b7c0eaf1d994d7dbe2550d03b85850b0c75b757d31c66ddb1c2b54278c405a12d99831d4f145ad9fdd2a96db56911ca910310b88e46f80cb15c5be2266d15cfa9ede70212f2f96a080b3b21a1c9ea81439c1cc7269dc4f7b084484bf97f78c99d241ddfcf0022035cde65833dea05b4f414859181acf420f62c831f1b336f481e0c933dccc1536779d81f7597a3461fc0a7b6c2c4c32715fc600596e4278f74abbc571b8055a13cc215ab1201b45a65ba454b2b966a19a6677cc501dbbe7d5f57fbd1c3f80a291f12efb586ca45bb1990c1a1580698509a3abb9c1c4e24693523d33dea4eee3fac3b5a7d7d89d437a8898c488ac94540ac3c1f529df49b8b6d00fc990ce66e78ad969fe10c8f63833e8c3ecc25ff36d308e22feb26b7616c723a5228dfde8691264290d8e511b11c846cd04df1336289c0f3f93c45ece43402fbbf4696c142ea0c419e0c28bda3f0c09ae3aa27981966fbe31772c1815f801006b9c692f57b648662be54790d4451a0ba277d85dcf60e583a7cec8de714d9f3584f0e6aa896c0f1c5018733266e7d98875d6e96a8c763e2e1e6001831fbc8bacc6edf8fb128980a41de1643d4b41984c3a49f7aa85e8e987b25687e29ff4b2187e88d71b373100616f3f3b56adc84b5b13fbbdd657349557d839ea4eedbdd51b337fc49126b508947a49b739135a4305ff3c3ff2a35c6d923085bbc91a652f258d565dccecd50d612c4b33abab259bf105fd3d6ad1d00144cee39ca90a29c029e5893bf86f1013a6766a6983936160ccc75b99a04fab9241f9a11cf8ca2ff82826520148d0586b5d9b00de430dd691dc963c8d7c2b5cfc97e7c172553bbf10c3ca992c7b0d597152143f7be57066a8c85be1199bf6c5916492800cd4d02f57f4a4d34ccaa27d00c2ad3da91f708ef6af679078ca190a3824e20f3bda04c2e17767e5f818992217bfe1d17a1d22c8d1c56d926061d8620588e9a2a0fc34d8da6a8e1845e7aca61eb66d0b8a6682fb44f461d8a1f1eb79406329a030ee8da24a2c2547d889ec8eab32d9cf9365834fbae0979fab10c39715ce94d3b7fab10aa4ffcb70f5444db7288fece2a5d70ec1c1d379400fc46d863c852e7c68ef93801a1bae213dbe0d63c22f40274f4004bcc2cc43fa09a47e79b4bf5f372e4bc927b49d00a5008784496e47e9d079b93c45b791edaefe969cdb1b2d53c5e028fbc4a7a1a5270bf464b6366596f78a698d6ea8d4af8df91fe93de79451c6aaf1fc388a4eeae8de01040829bb7120d228e6987525f883e783f33f8c4056729c7863b1bdb2a4d0fc8df9b9cf5205a59a161a10cc90b2095f79af08e048360ee9901623c83c61d7c2b71821c8306e313275414fe37de266751548922ac68536eafbb32230c9e447822b5efb95917c9cd397d6662abf020eb165002abcca93db53b3220efc80ce8f9bbe9a443c33aff911033b4a57df48c21b7b2d373edbe673c544cbc0d93f5c505c47f56ee7abc469d316b7dfdb2e176bf895f2a2ba9a692b763dfddad8f64b088c2f59860d2e08177142a50d2db3da4097a3e4f2db9fcca49a941f6b6a45e74b7beb6baa3d477886708b4d97b5ac9fe392dcc465fb044932a195924d988d5dea86682ffce45dffba4a3e535c0551aa83892ead964a225c8e199c57dec19c78faccb8db5e9d284135b6aa4ff58d54ef314c27e9f551b61477fad6d52bd39729de856dd2215bf488b1f35af7bfeb241d7a73b87daa855bb17a0603a4994488502f3118924955d8042e555a89a9d298595d129c36971f78a0b777d75ab7de92a5fa274b8717e99e9b0df8757bf3d36a122ef174209fcd26d550f546db16b4e5f88eaac8224ceeace670d9483f0fb43a17fe4247c036d1114cf55861b8020b0076eff5e4239ed5946afd90f98db7bb6f96f7194fc76e55a202c011234c4a0df824cf84e55b0c81c781717ca855e03fe385f70fe871a82f6bc4e175040c68b263cedca19f3f87953b2b9873a651551adb88678f04e1e3bb43952e05136508f905f7aa0b0d771cde34f3d64756e20f6faf4b77906894f68bf0ed225db26ff696327bfa25b1de205ae8ae9ee087457eff822422fd6eaabab6acba32a3ef93810dd60dfc7c77c1a765f77c83a3ec9c1abe3c0b38b224581f89ab4ba1a7b80b475c766856ea0b5505e9251d3bcd91e72747919b0574d654676020ad859e0e99442f3541d4e50995e9d03b5708c53695bf93974c6da4f35a4c1273e3d06c8d6a70d999829a29a14256c84dae1f8c2ec8e3c10d0f2755f50fe068686fbdb0b308893789fe32b5b39403a1059b13c44d6da42a55bb3f4bb21c99e7673a46b647692e209b34e13e05575953f3d598f72de3e797c9cfc6719442fa21ff67a2d57080294b65e41497e98bef12c45b0670aa2192bcd3458f4eefff52bbabd98e6a66c24c5457fbc662fc12d13e04775daeab4925a335150dd6ea16d924a41b4f3373d5dd0b5d6daa8b2d6b8f17b5660471f74b98d3b859962a290e0ccac2869620facb5eb73737d8f18d82f547cae1014bf6ae989b4ba7b57ed400a7bbfd9d1711a3bcbabe706f217247f8af5ce8d2a0e096ce84694cafb48d63b41b4481b55e0b6acfd947e4c67d86363caf2517a2382bf5363d0832f69436603862cf680525f7e7e6a77567083673dc0cf97f047667332ba6dcf44ab7f0a6d653612977569059a064228922e465076dfe0b46ced8148ef6571e69389a7729fe3c296aa0e82dfab02feee80db9c5ab9533188e8cfcf79b63283c99e25dfd645e57e19114856d29bdf52f8be0a3ca74a9fc811a3d1c5536bf470130da4e0bafd4a4423d03e5ed62ba14fb897112b7ad1671ab15503c8ef585c8efb994c5fcaf6d1127d2ace36b18d6ff459eca6265a4a146ec40bd98cdec020a3b0d02aec84085840ee634ec3eb3bbed44cb1745cd665cf45b8f699c7e9f5621bc3de3936d8f1c01ae5b171b75907317db5a76482c2c4f0a1913c105594ba8858e16531d79a1de56c55b70b849f1363d93b37189e19f8c652287eca3d3b7de0f2d38116c7d0dc7446d192c8a1576cc70d511361f9dfa3cbf239c817f1bc7ef5ff8b9d68f885962ba117e299e44a1f96730b7ecd2c4186c55047718bf755cc293f1fcf8350ebaba769b80fd4aacaaa4ec5fc5971413b1f861f9e62d2749ba97611f854620ee7d9143e3e85583d39ca0ee689d65bc8c10062df835129cdd1a45a2abc45838834bef1093ab7cf212fe75af14559da85ce63b5c23ec2eb354163a69bb18e459b155a4f40298194c0334ae4f5f9209c810c45356c3125d929aeafce0907ae1241cb77d3619ffabb8cff175342d1aaa8d1e9bfbab1964c11c8c6ddc0beb93b40d72563b5bd4db9957255316063cc54d2b0f0724d39d903c7204409fcfd9de5b2707b5a03321202404b4777399cd9ea832dec50576a055ebcd6aab4451d922c1ebac00ae5704a552df8b8696c9a7dd805316bf9512e0282162ca3ad8366f63ad80092451cf246c7c3eb65d426a0958052ea8eac7b4f5a0f6657dd85180e1aa7d88bbea04598a713cbd80e91fb9eb4169ac285c7b9c8ab2c16a12caf4be57a037dce68b4d2f98981e40968d49338bb87d1de4197e079f1fa7748e7526b248f6b39b0dbb3e1cee37719bdd110b69f49cbcaece5a51250e3fb56e82c27cb0803ae11477e4699593c7f84af455fef869028c99d23229294c")
ptrace$ARCH_MAP_VDSO_X32(0x1e, r0, 0x1, 0x2001)
socket$inet6_udplite(0xa, 0x2, 0x88)
r1 = accept4$packet(0xffffffffffffffff, &(0x7f00000010c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000001100)=0x14, 0x800)
sendto$packet(r1, &(0x7f0000001140)="5e52143e73156c948b33b9d27d7b25bf2ee49bf023288d64aafbc38abca2a40b9930d6b13215c2fb", 0x28, 0x40000, &(0x7f0000001180)={0x11, 0x1c, 0x0, 0x1, 0x80, 0x6, @remote}, 0x14)
syz_genetlink_get_family_id$team(&(0x7f00000011c0), 0xffffffffffffffff)
mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x1000008, 0x80010, r1, 0x8f2db000)
epoll_create1(0x80000)
ptrace$ARCH_ENABLE_TAGGED_ADDR(0x1e, 0xffffffffffffffff, 0x6, 0x4002)
r3 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000001200), 0x420400, 0x0)
sendto$phonet(r3, &(0x7f0000001240)="32628677e00bc74d051c37031c5fbb5674722aee3abdaa2b609e350e63c388", 0x1f, 0x4085, &(0x7f0000001280)={0x23, 0x2, 0x1d, 0xda}, 0x10)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f0000001480)={'tunl0\x00', &(0x7f0000001400)={'ip_vti0\x00', <r4=>r2, 0x20, 0x10, 0x6, 0x5, {{0xf, 0x4, 0x1, 0x0, 0x3c, 0x65, 0x0, 0x75, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @rand_addr=0x64010101, {[@ssrr={0x89, 0x27, 0xc7, [@empty, @initdev={0xac, 0x1e, 0x1, 0x0}, @private=0xa010101, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}, @local, @multicast1, @remote, @initdev={0xac, 0x1e, 0x1, 0x0}]}]}}}}})
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0xa, 0xf, &(0x7f0000001540)=@raw=[@jmp={0x5, 0x0, 0xa, 0xee1191eaceec7f33, 0x8, 0xfffffffffffffff8, 0xfffffffffffffffc}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r3}}, @map_idx={0x18, 0x9, 0x5, 0x0, 0x8}, @printk={@li, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x10000}}], &(0x7f00000015c0)='syzkaller\x00', 0x10000, 0x9e, &(0x7f0000001600)=""/158, 0x41000, 0x40, '\x00', r2, @fallback=0x15, 0xffffffffffffffff, 0x8, &(0x7f00000016c0)={0x2, 0x2}, 0x8, 0x10, &(0x7f0000001700)={0x5, 0xe, 0x3504, 0x100}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x8, &(0x7f0000001740)=[r3], &(0x7f0000001780)=[{0x2, 0x4, 0x10, 0x5}, {0x2, 0x3, 0x1, 0x7}, {0x1, 0x4, 0xf, 0x4}, {0x3, 0x2, 0x5, 0x9}, {0x0, 0x2, 0x6, 0x8}, {0x5, 0x3, 0x7, 0x9}, {0x1, 0x2}, {0x3, 0x3, 0x1}], 0x10, 0xffff9e7e, @void, @value}, 0x94)
r6 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f00000018c0), 0x0, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000001980)={0x9, 0xe, &(0x7f00000012c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0xff}, [@map_val={0x18, 0x0, 0x2, 0x0, r3, 0x0, 0x0, 0x0, 0x7fff}, @jmp={0x5, 0x1, 0x0, 0x0, 0x8, 0x50, 0xfffffffffffffffc}, @printk={@lu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x5}}]}, &(0x7f0000001340)='GPL\x00', 0x6, 0x61, &(0x7f0000001380)=""/97, 0x40f00, 0x10, '\x00', r4, @fallback=0x32, r3, 0x8, &(0x7f00000014c0)={0x0, 0x3}, 0x8, 0x10, &(0x7f0000001500)={0x3, 0x10, 0xce, 0x200}, 0x10, 0xffffffffffffffff, r5, 0x3, &(0x7f0000001900)=[r3, r3, r6], &(0x7f0000001940)=[{0x5, 0x2, 0xe}, {0x1, 0x4, 0x6, 0x3}, {0x4, 0x5, 0x4, 0x2}], 0x10, 0x4, @void, @value}, 0x94)
ioctl$int_in(r5, 0x5452, &(0x7f0000001a40)=0x7)
ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r7, 0x8008f511, &(0x7f0000001a80))
getpeername$inet6(r3, &(0x7f0000001ac0)={0xa, 0x0, 0x0, @private2}, &(0x7f0000001b00)=0x1c)
r8 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000001b80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000001bc0)={'wpan4\x00', <r9=>0x0})
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000001c00)={'wpan4\x00', <r10=>0x0})
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(0xffffffffffffffff, &(0x7f0000001d00)={&(0x7f0000001b40)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000001cc0)={&(0x7f0000001c40)={0x48, r8, 0x2, 0x70bd27, 0x25dfdbff, {}, [@IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x1}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0202}}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0x555e}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xaaa1}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r9}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r10}]}, 0x48}, 0x1, 0x0, 0x0, 0x40}, 0x24000880)
getpid()
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000001d40)=0x80000000)
mount$bind(&(0x7f0000001d80)='./file0\x00', &(0x7f0000001dc0)='./file0\x00', &(0x7f0000001e00), 0x3000020, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000002100)={r6, 0x20, &(0x7f00000020c0)={&(0x7f0000001fc0)=""/103, 0x67, <r11=>0x0, &(0x7f0000002040)=""/73, 0x49}}, 0x10)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000002140)={r3, <r12=>0xffffffffffffffff}, 0x4)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000002200)={{0xffffffffffffffff, <r13=>0xffffffffffffffff}, &(0x7f0000002180), &(0x7f00000021c0)=r3}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000002300)={0x7, 0x5, &(0x7f0000001e40)=@raw=[@map_fd={0x18, 0xa, 0x1, 0x0, r3}, @initr0={0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x800}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}], &(0x7f0000001e80)='syzkaller\x00', 0x3, 0xfc, &(0x7f0000001ec0)=""/252, 0x41000, 0x0, '\x00', r4, @fallback=0x18, r6, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, r11, r5, 0x7, &(0x7f0000002240)=[r6, r3, r12, r13, r3], &(0x7f0000002280)=[{0x3, 0x1, 0xe, 0xc}, {0x2, 0x4, 0x10, 0x2}, {0x0, 0x2, 0x1, 0x7}, {0xfffffff8, 0x4, 0xa, 0xb}, {0x3, 0x5, 0xa, 0x3}, {0x5, 0x4, 0x4, 0x1}, {0x3, 0x5, 0xa, 0x3}], 0x10, 0x7, @void, @value}, 0x94)

518.891µs ago: executing program 0 (id=4626):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r0}, 0x4)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1600000000000000040000000180000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000008000000000000000000000000080000000000060000000000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xe, 0x4, 0x8, 0x108, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002c6d8000850000000500000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0700000004000000080000000300000014000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000fdffffff01000000000000000180000000000000000000007d3383cd46133d8ce6a0c7b65f51f7f3f833f03b617b68afcd8ffaf4f8b33cfeb897782d8d6d9265b3611105395045907baf2e6e0224a50e87f4b47fa8bf894f09eb0da0341842f44bd6c8dee5e65c3227d080fc237bf4149cb9d08b12e4e3ce6a174e72798c3f07c0811d462b233540bbae0c8d37a509fc8f06f5eb9712dc53a380f41183f9b5812b7b6acaedcdaef8660916c03e1a4bff7a25c34861204ee71c4e0e818d373ad57c812a880d66c3c6e307f23e383407814181a5"], 0x48)
setsockopt(0xffffffffffffffff, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x1000f4)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r8}, 0x10)
sendto$inet6(0xffffffffffffffff, &(0x7f00000004c0)="cbfff831bdc33233e2c3c959d62f3121d47345372cb2fb8463c6acbb65e8f9809790400000006e", 0x27, 0x0, &(0x7f0000000100)={0xa, 0x4e21, 0x0, @loopback}, 0x1c)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, r4, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@void, @void}}}, 0x14}}, 0x4000054)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x14, &(0x7f0000000780)={@rand_addr, <r9=>0x0}, &(0x7f00000007c0)=0x14)
r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000bc0)={0x11, 0x1, &(0x7f0000000880)=@raw=[@call={0x85, 0x0, 0x0, 0x6}], &(0x7f00000008c0)='syzkaller\x00', 0x9, 0xae, &(0x7f0000000900)=""/174, 0x41000, 0x44, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000009c0)={0x9, 0x5}, 0x8, 0x10, &(0x7f0000000a00)={0x0, 0xd, 0xa, 0x3}, 0x10, 0x0, 0x0, 0x6, &(0x7f0000000b00)=[r0, r0, r5, r5], &(0x7f0000000b40)=[{0x1, 0x3, 0xb, 0x5}, {0x2, 0x4, 0x5, 0xc}, {0x0, 0x1, 0x0, 0x3}, {0x5, 0x3, 0x1, 0x1}, {0x0, 0x5, 0xd}, {0x4, 0x4, 0x8, 0x9}], 0x10, 0x10001, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000cc0)={0x4, 0x1e, &(0x7f0000000500)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x5f12, 0x0, 0x0, 0x0, 0x4}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@map_idx={0x18, 0xa, 0x5, 0x0, 0x8}, @cb_func={0x18, 0x9, 0x4, 0x0, 0x7}, @ldst={0x2, 0x2, 0x6, 0x5, 0xb, 0xfffffffffffffff4}, @ldst={0x3, 0x3, 0x1, 0x4, 0xb, 0xfffffffffffffffc, 0xfffffffffffffff0}, @ldst={0x1, 0x1, 0x6, 0x9, 0x7, 0x6}, @alu={0x7, 0x1, 0x7, 0x3, 0xa, 0xfffffffffffffff0}, @alu={0x7, 0x0, 0xb, 0x3, 0x4, 0x40, 0xffffffffffffffff}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r5}}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000600)='GPL\x00', 0x1ff, 0xa7, &(0x7f00000006c0)=""/167, 0x40f00, 0x2, '\x00', r9, @fallback=0xe, 0xffffffffffffffff, 0x8, &(0x7f0000000800)={0x2, 0x1}, 0x8, 0x10, &(0x7f0000000840)={0x2, 0xe, 0x9, 0x101}, 0x10, 0xffffffffffffffff, r10, 0x0, &(0x7f0000000c80)=[r7, r7], 0x0, 0x10, 0x51b, @void, @value}, 0x94)

0s ago: executing program 3 (id=4627):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, 0x0, &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = socket$netlink(0x10, 0x3, 0xb)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
close(r1)

kernel console output (not intermixed with test programs):

db failed with error -2
[  363.086821][T19355] 8021q: adding VLAN 0 to HW filter on device batadv0
[  363.228488][T19485] loop1: detected capacity change from 0 to 256
[  363.372435][T19487] loop3: detected capacity change from 0 to 512
[  363.427935][T19487] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  363.469582][T19490] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4061'.
[  363.501196][T19487] EXT4-fs (loop3): 1 orphan inode deleted
[  363.507013][T19487] EXT4-fs (loop3): 1 truncate cleaned up
[  363.533291][T19355] veth0_vlan: entered promiscuous mode
[  363.542765][T19355] veth1_vlan: entered promiscuous mode
[  363.562096][T19355] veth0_macvtap: entered promiscuous mode
[  363.571881][T19355] veth1_macvtap: entered promiscuous mode
[  363.582692][T19355] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  363.593482][T19355] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  363.603319][T19355] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  363.603333][T19355] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  363.603347][T19355] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  363.603357][T19355] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  363.603401][T19355] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  363.603412][T19355] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  363.603421][T19355] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  363.603432][T19355] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  363.603441][T19355] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  363.603508][T19355] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  363.603518][T19355] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  363.603530][T19355] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  363.603540][T19355] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  363.603565][T19355] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  363.603574][T19355] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  363.603586][T19355] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  363.605574][T19355] batman_adv: batadv0: Interface activated: batadv_slave_0
[  363.783113][T19355] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  363.793594][T19355] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  363.803467][T19355] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  363.809780][T19508] loop3: detected capacity change from 0 to 128
[  363.813906][T19355] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  363.821234][T19508] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  363.829973][T19355] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  363.829990][T19355] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  363.830007][T19355] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  363.830019][T19355] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  363.830106][T19355] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  363.830127][T19355] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  363.830138][T19355] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  363.830151][T19355] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  363.830163][T19355] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  363.830174][T19355] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  363.830265][T19355] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  363.830278][T19355] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  363.830291][T19355] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  363.830303][T19355] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  363.832866][T19355] batman_adv: batadv0: Interface activated: batadv_slave_1
[  363.997372][T19355] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  364.006272][T19355] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  364.015064][T19355] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  364.023719][T19355] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  364.036096][T19510] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4067'.
[  364.119936][T19513] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  364.163516][T19518] loop4: detected capacity change from 0 to 2048
[  364.175506][T19522] loop3: detected capacity change from 0 to 512
[  364.197169][T19522] ext4 filesystem being mounted at /512/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  364.231418][T19534] FAULT_INJECTION: forcing a failure.
[  364.231418][T19534] name failslab, interval 1, probability 0, space 0, times 0
[  364.244152][T19534] CPU: 1 UID: 0 PID: 19534 Comm: syz.4.4075 Not tainted 6.11.0-rc7-syzkaller-00039-g77f587896757 #0
[  364.254912][T19534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  364.265785][T19534] Call Trace:
[  364.269264][T19534]  <TASK>
[  364.273770][T19534]  dump_stack_lvl+0xf2/0x150
[  364.282886][T19534]  dump_stack+0x15/0x20
[  364.287314][T19534]  should_fail_ex+0x229/0x230
[  364.291991][T19534]  ? __proc_create+0x254/0x4a0
[  364.296745][T19534]  should_failslab+0x8f/0xb0
[  364.301485][T19534]  kmem_cache_alloc_noprof+0x4c/0x290
[  364.306868][T19534]  ? pcpu_memcg_post_alloc_hook+0x14b/0x1c0
[  364.313292][T19534]  __proc_create+0x254/0x4a0
[  364.317926][T19534]  proc_create_reg+0x8c/0xe0
[  364.322531][T19534]  proc_create_net_data+0x5c/0x100
[  364.327673][T19534]  netlink_net_init+0x40/0x60
[  364.332528][T19534]  ops_init+0x1ef/0x2b0
[  364.336706][T19534]  ? mutex_lock+0xd/0x40
[  364.341333][T19534]  setup_net+0x2ea/0x7c0
[  364.345619][T19534]  ? should_failslab+0x8f/0xb0
[  364.350421][T19534]  copy_net_ns+0x37b/0x510
[  364.354914][T19534]  create_new_namespaces+0x228/0x430
[  364.360288][T19534]  unshare_nsproxy_namespaces+0xe6/0x120
[  364.365954][T19534]  ksys_unshare+0x3da/0x720
[  364.370454][T19534]  ? ksys_write+0x178/0x1b0
[  364.374953][T19534]  __x64_sys_unshare+0x1f/0x30
[  364.379733][T19534]  x64_sys_call+0x2c8d/0x2d60
[  364.384404][T19534]  do_syscall_64+0xc9/0x1c0
[  364.389057][T19534]  ? clear_bhb_loop+0x55/0xb0
[  364.393747][T19534]  ? clear_bhb_loop+0x55/0xb0
[  364.398409][T19534]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  364.404308][T19534] RIP: 0033:0x7fc415a5def9
[  364.408727][T19534] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  364.428421][T19534] RSP: 002b:00007fc4146d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  364.436887][T19534] RAX: ffffffffffffffda RBX: 00007fc415c15f80 RCX: 00007fc415a5def9
[  364.444849][T19534] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000062040200
[  364.452834][T19534] RBP: 00007fc4146d7090 R08: 0000000000000000 R09: 0000000000000000
[  364.460793][T19534] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  364.469186][T19534] R13: 0000000000000000 R14: 00007fc415c15f80 R15: 00007fffdc31f498
[  364.477442][T19534]  </TASK>
[  364.486957][T19536] loop1: detected capacity change from 0 to 128
[  364.499166][T19536] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  364.558085][T19542] loop1: detected capacity change from 0 to 2048
[  364.567172][T19543] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.4077'.
[  364.576946][T19538] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.4077'.
[  364.597541][T19542]  loop1: p1 < > p4
[  364.614941][T19542] loop1: p4 size 8388608 extends beyond EOD, truncated
[  364.634193][T19547] FAULT_INJECTION: forcing a failure.
[  364.634193][T19547] name failslab, interval 1, probability 0, space 0, times 0
[  364.646934][T19547] CPU: 0 UID: 0 PID: 19547 Comm: syz.4.4081 Not tainted 6.11.0-rc7-syzkaller-00039-g77f587896757 #0
[  364.657740][T19547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  364.667844][T19547] Call Trace:
[  364.671113][T19547]  <TASK>
[  364.674059][T19547]  dump_stack_lvl+0xf2/0x150
[  364.678660][T19547]  dump_stack+0x15/0x20
[  364.682806][T19547]  should_fail_ex+0x229/0x230
[  364.687475][T19547]  ? io_rsrc_data_alloc+0x43/0x1a0
[  364.692586][T19547]  should_failslab+0x8f/0xb0
[  364.697173][T19547]  __kmalloc_cache_noprof+0x4b/0x2a0
[  364.702493][T19547]  io_rsrc_data_alloc+0x43/0x1a0
[  364.707427][T19547]  io_sqe_buffers_register+0xdf/0x450
[  364.712803][T19547]  ? __fget_files+0x1da/0x210
[  364.717474][T19547]  __se_sys_io_uring_register+0x96a/0x1070
[  364.723303][T19547]  ? trace_sys_enter+0x65/0xa0
[  364.728078][T19547]  __x64_sys_io_uring_register+0x55/0x70
[  364.733716][T19547]  x64_sys_call+0x202/0x2d60
[  364.738301][T19547]  do_syscall_64+0xc9/0x1c0
[  364.742792][T19547]  ? clear_bhb_loop+0x55/0xb0
[  364.747560][T19547]  ? clear_bhb_loop+0x55/0xb0
[  364.752311][T19547]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  364.758201][T19547] RIP: 0033:0x7fc415a5def9
[  364.762677][T19547] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  364.782281][T19547] RSP: 002b:00007fc4146d7038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab
[  364.790694][T19547] RAX: ffffffffffffffda RBX: 00007fc415c15f80 RCX: 00007fc415a5def9
[  364.798679][T19547] RDX: 0000000020001880 RSI: 0000000000000000 RDI: 0000000000000005
[  364.806638][T19547] RBP: 00007fc4146d7090 R08: 0000000000000000 R09: 0000000000000000
[  364.814594][T19547] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[  364.822549][T19547] R13: 0000000000000000 R14: 00007fc415c15f80 R15: 00007fffdc31f498
[  364.830538][T19547]  </TASK>
[  364.922958][T19558] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  365.110190][T19567] loop3: detected capacity change from 0 to 764
[  365.117745][T19567] ISOFS: unable to read i-node block
[  365.218835][T19569] loop3: detected capacity change from 0 to 512
[  365.227101][T19569] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  365.238771][T19569] EXT4-fs (loop3): 1 orphan inode deleted
[  365.244523][T19569] EXT4-fs (loop3): 1 truncate cleaned up
[  365.296306][T19574] FAULT_INJECTION: forcing a failure.
[  365.296306][T19574] name failslab, interval 1, probability 0, space 0, times 0
[  365.309062][T19574] CPU: 0 UID: 0 PID: 19574 Comm: syz.3.4092 Not tainted 6.11.0-rc7-syzkaller-00039-g77f587896757 #0
[  365.319950][T19574] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  365.330144][T19574] Call Trace:
[  365.333431][T19574]  <TASK>
[  365.336361][T19574]  dump_stack_lvl+0xf2/0x150
[  365.340962][T19574]  dump_stack+0x15/0x20
[  365.345120][T19574]  should_fail_ex+0x229/0x230
[  365.349811][T19574]  ? __kvmalloc_node_noprof+0x72/0x170
[  365.355485][T19574]  should_failslab+0x8f/0xb0
[  365.360104][T19574]  __kmalloc_node_noprof+0xa8/0x380
[  365.365314][T19574]  __kvmalloc_node_noprof+0x72/0x170
[  365.370606][T19574]  alloc_netdev_mqs+0x6b6/0x8d0
[  365.375540][T19574]  ipip6_tunnel_locate+0x2bd/0x3c0
[  365.380665][T19574]  ipip6_tunnel_ctl+0x8a0/0xca0
[  365.385583][T19574]  ip_tunnel_siocdevprivate+0x7e/0x220
[  365.391064][T19574]  ipip6_tunnel_siocdevprivate+0x1ce/0xe20
[  365.396881][T19574]  ? full_name_hash+0x93/0xe0
[  365.401607][T19574]  ? strcmp+0x21/0x50
[  365.405589][T19574]  ? __pfx_ipip6_tunnel_siocdevprivate+0x10/0x10
[  365.412872][T19574]  dev_ifsioc+0x84e/0xa10
[  365.417262][T19574]  dev_ioctl+0x8e9/0xab0
[  365.421505][T19574]  sock_ioctl+0x5c0/0x640
[  365.425852][T19574]  ? __pfx_sock_ioctl+0x10/0x10
[  365.430719][T19574]  __se_sys_ioctl+0xd3/0x150
[  365.435385][T19574]  __x64_sys_ioctl+0x43/0x50
[  365.439993][T19574]  x64_sys_call+0x15cc/0x2d60
[  365.444824][T19574]  do_syscall_64+0xc9/0x1c0
[  365.449381][T19574]  ? clear_bhb_loop+0x55/0xb0
[  365.454106][T19574]  ? clear_bhb_loop+0x55/0xb0
[  365.458766][T19574]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  365.464737][T19574] RIP: 0033:0x7f8480afdef9
[  365.469207][T19574] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  365.488933][T19574] RSP: 002b:00007f847f777038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  365.497368][T19574] RAX: ffffffffffffffda RBX: 00007f8480cb5f80 RCX: 00007f8480afdef9
[  365.505326][T19574] RDX: 0000000020000080 RSI: 00000000000089f1 RDI: 0000000000000006
[  365.513295][T19574] RBP: 00007f847f777090 R08: 0000000000000000 R09: 0000000000000000
[  365.521399][T19574] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  365.529526][T19574] R13: 0000000000000000 R14: 00007f8480cb5f80 R15: 00007ffc7e165d38
[  365.537523][T19574]  </TASK>
[  365.568691][T19583] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4094'.
[  365.577754][T19583] tipc: Started in network mode
[  365.582648][T19583] tipc: Node identity 00005f20000000006e, cluster identity 8
[  365.636962][T19592] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  365.661258][T19595] loop3: detected capacity change from 0 to 128
[  365.668799][T19595] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  365.683857][T19576] chnl_net:caif_netlink_parms(): no params data found
[  365.716199][T19602] loop1: detected capacity change from 0 to 764
[  365.729993][T19576] bridge0: port 1(bridge_slave_0) entered blocking state
[  365.737252][T19576] bridge0: port 1(bridge_slave_0) entered disabled state
[  365.739524][T19602] ISOFS: unable to read i-node block
[  365.744503][T19576] bridge_slave_0: entered allmulticast mode
[  365.757443][T19576] bridge_slave_0: entered promiscuous mode
[  365.764545][T19576] bridge0: port 2(bridge_slave_1) entered blocking state
[  365.771639][T19576] bridge0: port 2(bridge_slave_1) entered disabled state
[  365.786604][T19576] bridge_slave_1: entered allmulticast mode
[  365.793524][T19576] bridge_slave_1: entered promiscuous mode
[  365.816528][   T29] kauditd_printk_skb: 127 callbacks suppressed
[  365.816542][   T29] audit: type=1326 audit(1726177262.890:9914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19610 comm="syz.0.4104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb142def9 code=0x7ffc0000
[  365.868229][T19614] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=61456 sclass=netlink_route_socket pid=19614 comm=syz.0.4105
[  365.881020][   T29] audit: type=1326 audit(1726177262.920:9915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19610 comm="syz.0.4104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb142def9 code=0x7ffc0000
[  365.881048][   T29] audit: type=1326 audit(1726177262.920:9916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19610 comm="syz.0.4104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fdfb142def9 code=0x7ffc0000
[  365.915050][T19060] kmmpd-loop2: attempt to access beyond end of device
[  365.915050][T19060] loop2: rw=14337, sector=48, nr_sectors = 4 limit=11
[  365.929268][   T29] audit: type=1326 audit(1726177262.920:9917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19610 comm="syz.0.4104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb142def9 code=0x7ffc0000
[  365.943423][T19060] Buffer I/O error on dev loop2, logical block 12, lost sync page write
[  365.967494][   T29] audit: type=1326 audit(1726177262.920:9918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19610 comm="syz.0.4104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb142def9 code=0x7ffc0000
[  365.999902][   T29] audit: type=1326 audit(1726177262.920:9919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19610 comm="syz.0.4104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fdfb142def9 code=0x7ffc0000
[  366.023456][   T29] audit: type=1326 audit(1726177262.920:9920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19610 comm="syz.0.4104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb142def9 code=0x7ffc0000
[  366.047041][   T29] audit: type=1326 audit(1726177262.920:9921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19610 comm="syz.0.4104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdfb142def9 code=0x7ffc0000
[  366.070848][   T29] audit: type=1326 audit(1726177262.920:9922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19610 comm="syz.0.4104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb142def9 code=0x7ffc0000
[  366.094347][   T29] audit: type=1326 audit(1726177262.920:9923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19610 comm="syz.0.4104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdfb142def9 code=0x7ffc0000
[  366.125444][T19609] loop3: detected capacity change from 0 to 256
[  366.137972][T19576] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  366.152869][T19576] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  366.175952][T19576] team0: Port device team_slave_0 added
[  366.181784][T19624] netlink: 'syz.0.4109': attribute type 10 has an invalid length.
[  366.190570][T19576] team0: Port device team_slave_1 added
[  366.229731][T19576] batman_adv: batadv0: Adding interface: batadv_slave_0
[  366.236748][T19576] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  366.262763][T19576] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  366.273366][T19044] EXT4-fs error: 110 callbacks suppressed
[  366.273379][T19044] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5810: Out of memory
[  366.309758][T19044] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #19: comm syz.2.3890: mark_inode_dirty error
[  366.329461][T19628] loop1: detected capacity change from 0 to 764
[  366.342266][T19628] ISOFS: unable to read i-node block
[  366.385795][T19576] batman_adv: batadv0: Adding interface: batadv_slave_1
[  366.392813][T19576] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  366.418843][T19576] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  366.454863][T19044] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5810: Out of memory
[  366.467080][T19630] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  366.476886][T19044] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #19: comm syz.2.3890: mark_inode_dirty error
[  366.550876][T19635] loop1: detected capacity change from 0 to 512
[  366.569072][T19576] hsr_slave_0: entered promiscuous mode
[  366.580174][T19635] EXT4-fs: Ignoring removed mblk_io_submit option
[  366.595076][T19576] hsr_slave_1: entered promiscuous mode
[  366.604239][T19635] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  366.615647][T19576] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  366.623199][T19576] Cannot create hsr debugfs directory
[  366.629003][T19044] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5810: Out of memory
[  366.645741][T19044] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #19: comm syz.2.3890: mark_inode_dirty error
[  366.667693][T19635] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.4114: corrupted in-inode xattr: e_value out of bounds
[  366.694187][T19635] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.4114: couldn't read orphan inode 15 (err -117)
[  366.844786][T19044] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5810: Out of memory
[  366.867402][T19044] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #19: comm syz.2.3890: mark_inode_dirty error
[  366.886880][T19635] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4114'.
[  366.993168][T19576] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  367.006307][T19044] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5810: Out of memory
[  367.040036][T19044] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #19: comm syz.2.3890: mark_inode_dirty error
[  367.094167][T19638] loop3: detected capacity change from 0 to 1024
[  367.108983][T19576] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  367.125245][T19638] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  367.172452][T19643] loop0: detected capacity change from 0 to 512
[  367.185100][T19643] EXT4-fs: Ignoring removed mblk_io_submit option
[  367.204814][T19643] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  367.226197][T19576] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  367.241264][T19643] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.4115: corrupted in-inode xattr: e_value out of bounds
[  367.279233][T19576] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  367.297751][T19643] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.4115: couldn't read orphan inode 15 (err -117)
[  367.328590][T19643] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4115'.
[  367.422274][T19648] syzkaller0: entered promiscuous mode
[  367.427859][T19648] syzkaller0: entered allmulticast mode
[  367.436894][T19655] loop0: detected capacity change from 0 to 512
[  367.445708][T19652] netlink: 'syz.1.4119': attribute type 10 has an invalid length.
[  367.458038][T19655] ext4 filesystem being mounted at /97/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  367.510418][T19576] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  367.531756][T19576] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  367.555859][T19576] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  367.566673][T19576] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  367.721633][T19667] loop1: detected capacity change from 0 to 256
[  367.771215][T19576] 8021q: adding VLAN 0 to HW filter on device bond0
[  367.784447][T19669] loop3: detected capacity change from 0 to 764
[  367.823542][T19669] ISOFS: unable to read i-node block
[  367.847717][T19576] 8021q: adding VLAN 0 to HW filter on device team0
[  367.894148][ T3377] bridge0: port 1(bridge_slave_0) entered blocking state
[  367.901333][ T3377] bridge0: port 1(bridge_slave_0) entered forwarding state
[  367.974814][ T3377] bridge0: port 2(bridge_slave_1) entered blocking state
[  367.981930][ T3377] bridge0: port 2(bridge_slave_1) entered forwarding state
[  368.109147][T19576] 8021q: adding VLAN 0 to HW filter on device batadv0
[  368.194963][T19576] veth0_vlan: entered promiscuous mode
[  368.205140][T19576] veth1_vlan: entered promiscuous mode
[  368.235457][T19576] veth0_macvtap: entered promiscuous mode
[  368.241508][T19686] loop0: detected capacity change from 0 to 1024
[  368.250402][T19576] veth1_macvtap: entered promiscuous mode
[  368.258539][T19686] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  368.271500][T19576] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  368.282002][T19576] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  368.291841][T19576] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  368.302371][T19576] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  368.312440][T19576] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  368.322878][T19576] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  368.332719][T19576] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  368.343262][T19576] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  368.353235][T19576] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  368.363662][T19576] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  368.373513][T19576] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  368.384046][T19576] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  368.394009][T19576] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  368.404630][T19576] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  368.414545][T19576] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  368.424977][T19576] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  368.434796][T19576] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  368.445225][T19576] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  368.455032][T19576] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  368.465457][T19576] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  368.484854][T19576] batman_adv: batadv0: Interface activated: batadv_slave_0
[  368.502262][T19576] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  368.512829][T19576] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  368.522677][T19576] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  368.533170][T19576] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  368.543587][T19576] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  368.554109][T19576] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  368.564156][T19576] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  368.574764][T19576] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  368.584733][T19576] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  368.595161][T19576] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  368.605867][T19576] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  368.616434][T19576] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  368.626270][T19576] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  368.636824][T19576] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  368.646671][T19576] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  368.657076][T19576] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  368.666872][T19576] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  368.677295][T19576] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  368.687185][T19576] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  368.697727][T19576] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  368.709700][T19576] batman_adv: batadv0: Interface activated: batadv_slave_1
[  368.719965][T19576] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  368.728712][T19576] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  368.737466][T19576] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  368.746830][T19576] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  368.830814][T19694] netlink: 'syz.4.4130': attribute type 10 has an invalid length.
[  368.838509][T19690] loop0: detected capacity change from 0 to 512
[  368.845335][T19690] EXT4-fs: Ignoring removed mblk_io_submit option
[  368.853071][T19690] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  368.856268][T19694] syz_tun: entered promiscuous mode
[  368.872967][T19690] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.4128: corrupted in-inode xattr: e_value out of bounds
[  368.889627][T19690] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.4128: couldn't read orphan inode 15 (err -117)
[  368.908455][T19694] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  368.920089][T19692] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  368.938036][T19690] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4128'.
[  368.956986][T19708] netlink: 94 bytes leftover after parsing attributes in process `syz.4.4134'.
[  368.996101][T19711] loop1: detected capacity change from 0 to 764
[  369.013364][T19711] ISOFS: unable to read i-node block
[  369.075221][T19717] loop3: detected capacity change from 0 to 764
[  369.236878][T19732] loop4: detected capacity change from 0 to 256
[  369.600622][T19749] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  369.699941][T19756] loop1: detected capacity change from 0 to 764
[  369.707827][T19756] ISOFS: unable to read i-node block
[  369.740511][T19761] loop1: detected capacity change from 0 to 256
[  369.764123][T19761] FAT-fs (loop1): Directory bread(block 64) failed
[  369.772539][T19761] FAT-fs (loop1): Directory bread(block 65) failed
[  369.780549][T19761] FAT-fs (loop1): Directory bread(block 66) failed
[  369.787886][T19761] FAT-fs (loop1): Directory bread(block 67) failed
[  369.789739][T19768] IPVS: sync thread started: state = MASTER, mcast_ifn = ip6gre0, syncid = 0, id = 0
[  369.794433][T19761] FAT-fs (loop1): Directory bread(block 68) failed
[  369.804952][T19766] IPVS: stopping master sync thread 19768 ...
[  369.812559][T19761] FAT-fs (loop1): Directory bread(block 69) failed
[  369.823886][T19761] FAT-fs (loop1): Directory bread(block 70) failed
[  369.833306][T19766] syz.0.4155[19766] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  369.837951][T19761] FAT-fs (loop1): Directory bread(block 71) failed
[  369.858969][T19761] FAT-fs (loop1): Directory bread(block 72) failed
[  369.865991][T19761] FAT-fs (loop1): Directory bread(block 73) failed
[  369.902882][T19776] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  369.906206][T19778] loop0: detected capacity change from 0 to 512
[  369.923412][T19778] EXT4-fs: Ignoring removed mblk_io_submit option
[  369.930738][T19778] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  369.967244][T19778] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.4161: corrupted in-inode xattr: e_value out of bounds
[  369.983492][T19784] SELinux: failed to load policy
[  369.983561][T19778] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.4161: couldn't read orphan inode 15 (err -117)
[  370.028314][T19789] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  370.048180][T19778] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4161'.
[  370.097244][T19797] loop4: detected capacity change from 0 to 128
[  370.117431][T19797] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  370.212937][T19810] loop4: detected capacity change from 0 to 256
[  370.228473][T19810] FAT-fs (loop4): Directory bread(block 1285) failed
[  370.246971][T19810] FAT-fs (loop4): Directory bread(block 1285) failed
[  370.253763][T19810] FAT-fs (loop4): Directory bread(block 1285) failed
[  370.262491][T19810] FAT-fs (loop4): Directory bread(block 1285) failed
[  370.272337][T19810] FAT-fs (loop4): Directory bread(block 1285) failed
[  370.280380][T19810] FAT-fs (loop4): Directory bread(block 1285) failed
[  370.287208][T19810] FAT-fs (loop4): Directory bread(block 1285) failed
[  370.375267][T19820] loop4: detected capacity change from 0 to 4096
[  370.394970][T19820] EXT4-fs: Ignoring removed nomblk_io_submit option
[  370.436175][T19828] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  370.467856][T19830] loop4: detected capacity change from 0 to 764
[  370.500246][T19834] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  370.793508][T19854] loop4: detected capacity change from 0 to 128
[  370.808235][T19854] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  370.826441][T19851] loop1: detected capacity change from 0 to 256
[  370.883895][T19860] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  370.917987][T19862] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  370.928519][T19864] netlink: 'syz.0.4198': attribute type 10 has an invalid length.
[  370.946017][T19060] kmmpd-loop2: attempt to access beyond end of device
[  370.946017][T19060] loop2: rw=14337, sector=48, nr_sectors = 4 limit=11
[  370.959571][T19060] Buffer I/O error on dev loop2, logical block 12, lost sync page write
[  371.047319][T19873] loop0: detected capacity change from 0 to 128
[  371.055306][T19873] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  371.083589][T19874] loop4: detected capacity change from 0 to 764
[  371.104668][T19874] ISOFS: unable to read i-node block
[  371.135700][   T29] kauditd_printk_skb: 3523 callbacks suppressed
[  371.135713][   T29] audit: type=1326 audit(1726177268.210:13447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19877 comm="syz.0.4205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb142def9 code=0x7ffc0000
[  371.157631][T19880] loop4: detected capacity change from 0 to 512
[  371.165574][   T29] audit: type=1326 audit(1726177268.210:13448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19877 comm="syz.0.4205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb142def9 code=0x7ffc0000
[  371.181401][T19880] EXT4-fs: Ignoring removed mblk_io_submit option
[  371.207597][T19880] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  371.220122][   T29] audit: type=1326 audit(1726177268.280:13449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19877 comm="syz.0.4205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fdfb142def9 code=0x7ffc0000
[  371.244940][   T29] audit: type=1326 audit(1726177268.280:13450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19877 comm="syz.0.4205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb142def9 code=0x7ffc0000
[  371.268543][   T29] audit: type=1326 audit(1726177268.280:13451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19877 comm="syz.0.4205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb142def9 code=0x7ffc0000
[  371.293126][   T29] audit: type=1326 audit(1726177268.280:13452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19877 comm="syz.0.4205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fdfb142def9 code=0x7ffc0000
[  371.297211][T19044] EXT4-fs error: 68 callbacks suppressed
[  371.297225][T19044] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5810: Out of memory
[  371.318887][   T29] audit: type=1326 audit(1726177268.280:13453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19877 comm="syz.0.4205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb142def9 code=0x7ffc0000
[  371.318915][   T29] audit: type=1326 audit(1726177268.280:13454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19877 comm="syz.0.4205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb142def9 code=0x7ffc0000
[  371.330847][T19880] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.4206: corrupted in-inode xattr: e_value out of bounds
[  371.336832][   T29] audit: type=1326 audit(1726177268.280:13455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19877 comm="syz.0.4205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdfb142def9 code=0x7ffc0000
[  371.363477][T19044] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #19: comm syz.2.3890: mark_inode_dirty error
[  371.383953][   T29] audit: type=1326 audit(1726177268.280:13456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19877 comm="syz.0.4205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb142def9 code=0x7ffc0000
[  371.463305][T19880] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.4206: couldn't read orphan inode 15 (err -117)
[  371.490187][T19880] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4206'.
[  371.502306][T19888] netlink: 'syz.0.4209': attribute type 10 has an invalid length.
[  371.564965][T19044] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5810: Out of memory
[  371.591470][T19044] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #19: comm syz.2.3890: mark_inode_dirty error
[  371.629995][T19896] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4212'.
[  371.685429][T19902] loop1: detected capacity change from 0 to 128
[  371.709293][T19902] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  371.724926][T19044] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5810: Out of memory
[  371.740819][T19044] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #19: comm syz.2.3890: mark_inode_dirty error
[  371.810493][T19910] loop0: detected capacity change from 0 to 2048
[  371.864972][T19044] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5810: Out of memory
[  371.877556][T19910] Alternate GPT is invalid, using primary GPT.
[  371.883955][T19910]  loop0: p1 p2 p3
[  371.902742][T19044] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #19: comm syz.2.3890: mark_inode_dirty error
[  371.950856][T13018] bond0: (slave syz_tun): Releasing backup interface
[  372.044821][T19044] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5810: Out of memory
[  372.055643][T19044] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #19: comm syz.2.3890: mark_inode_dirty error
[  372.093561][T19950] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  372.138239][T19956] loop0: detected capacity change from 0 to 764
[  372.164354][T19931] chnl_net:caif_netlink_parms(): no params data found
[  372.230730][T19931] bridge0: port 1(bridge_slave_0) entered blocking state
[  372.236132][T19977] loop0: detected capacity change from 0 to 512
[  372.242146][T19931] bridge0: port 1(bridge_slave_0) entered disabled state
[  372.248852][T19977] EXT4-fs: Ignoring removed mblk_io_submit option
[  372.263121][T19931] bridge_slave_0: entered allmulticast mode
[  372.263786][T19977] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  372.270245][T19931] bridge_slave_0: entered promiscuous mode
[  372.289562][T19931] bridge0: port 2(bridge_slave_1) entered blocking state
[  372.296657][T19931] bridge0: port 2(bridge_slave_1) entered disabled state
[  372.303922][T19931] bridge_slave_1: entered allmulticast mode
[  372.310247][T19977] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.4239: corrupted in-inode xattr: e_value out of bounds
[  372.310805][T19931] bridge_slave_1: entered promiscuous mode
[  372.337306][T19977] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.4239: couldn't read orphan inode 15 (err -117)
[  372.354158][T19931] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  372.364147][T19979] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  372.365630][T19931] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  372.406732][T19977] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4239'.
[  372.417186][T19931] team0: Port device team_slave_0 added
[  372.425277][T19931] team0: Port device team_slave_1 added
[  372.436319][T19989] x_tables: duplicate underflow at hook 2
[  372.450057][T19931] batman_adv: batadv0: Adding interface: batadv_slave_0
[  372.457078][T19931] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  372.483818][T19931] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  372.507226][T19931] batman_adv: batadv0: Adding interface: batadv_slave_1
[  372.514548][T19931] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  372.540504][T19931] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  372.576616][T19931] hsr_slave_0: entered promiscuous mode
[  372.583001][T19931] hsr_slave_1: entered promiscuous mode
[  372.594778][T19931] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  372.602433][T19931] Cannot create hsr debugfs directory
[  372.628383][T19999] loop3: detected capacity change from 0 to 1024
[  372.649483][T19999] loop3: detected capacity change from 0 to 512
[  372.659923][T19999] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  372.673453][T19999] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec018, mo2=0002]
[  372.689884][T19999] System zones: 1-12
[  372.697602][T19999] EXT4-fs (loop3): 1 truncate cleaned up
[  372.725690][T20002] syzkaller0: entered promiscuous mode
[  372.731246][T20002] syzkaller0: entered allmulticast mode
[  372.772938][T19931] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  372.873631][T19931] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  372.913979][T20016] loop4: detected capacity change from 0 to 128
[  372.920969][T20016] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  372.952764][T20018] FAULT_INJECTION: forcing a failure.
[  372.952764][T20018] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  372.965893][T20018] CPU: 0 UID: 0 PID: 20018 Comm: +}[@ Not tainted 6.11.0-rc7-syzkaller-00039-g77f587896757 #0
[  372.976198][T20018] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  372.986264][T20018] Call Trace:
[  372.989542][T20018]  <TASK>
[  372.992464][T20018]  dump_stack_lvl+0xf2/0x150
[  372.997057][T20018]  dump_stack+0x15/0x20
[  373.001210][T20018]  should_fail_ex+0x229/0x230
[  373.005909][T20018]  should_fail+0xb/0x10
[  373.010076][T20018]  should_fail_usercopy+0x1a/0x20
[  373.015136][T20018]  _copy_to_user+0x1e/0xa0
[  373.019621][T20018]  simple_read_from_buffer+0xa0/0x110
[  373.025134][T20018]  proc_fail_nth_read+0xff/0x140
[  373.030084][T20018]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  373.035659][T20018]  vfs_read+0x1a2/0x6e0
[  373.039824][T20018]  ? __rcu_read_unlock+0x4e/0x70
[  373.044788][T20018]  ? __fget_files+0x1da/0x210
[  373.049483][T20018]  ksys_read+0xeb/0x1b0
[  373.051558][T20011] loop3: detected capacity change from 0 to 512
[  373.053692][T20018]  __x64_sys_read+0x42/0x50
[  373.064462][T20018]  x64_sys_call+0x27d3/0x2d60
[  373.069285][T20018]  do_syscall_64+0xc9/0x1c0
[  373.073789][T20018]  ? clear_bhb_loop+0x55/0xb0
[  373.078606][T20018]  ? clear_bhb_loop+0x55/0xb0
[  373.083275][T20018]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  373.089214][T20018] RIP: 0033:0x7fc415a5c93c
[  373.093687][T20018] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  373.113551][T20018] RSP: 002b:00007fc4146d7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  373.122167][T20018] RAX: ffffffffffffffda RBX: 00007fc415c15f80 RCX: 00007fc415a5c93c
[  373.131778][T20018] RDX: 000000000000000f RSI: 00007fc4146d70a0 RDI: 0000000000000006
[  373.143755][T20018] RBP: 00007fc4146d7090 R08: 0000000000000000 R09: 00007fc4146d6987
[  373.151927][T20018] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  373.159890][T20018] R13: 0000000000000000 R14: 00007fc415c15f80 R15: 00007fffdc31f498
[  373.167928][T20018]  </TASK>
[  373.172481][T20011] EXT4-fs: Ignoring removed nomblk_io_submit option
[  373.185698][T20011] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  373.194400][T20011] EXT4-fs (loop3): blocks per group (7872) and clusters per group (32768) inconsistent
[  373.207491][T19931] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  373.283470][T19931] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  373.369379][T19931] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  373.377847][T19931] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  373.388495][T19931] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  373.397524][T19931] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  373.449861][T19931] 8021q: adding VLAN 0 to HW filter on device bond0
[  373.466357][T19931] 8021q: adding VLAN 0 to HW filter on device team0
[  373.477140][ T3270] bridge0: port 1(bridge_slave_0) entered blocking state
[  373.484306][ T3270] bridge0: port 1(bridge_slave_0) entered forwarding state
[  373.496993][T16685] bridge0: port 2(bridge_slave_1) entered blocking state
[  373.504148][T16685] bridge0: port 2(bridge_slave_1) entered forwarding state
[  373.568060][T20041] loop0: detected capacity change from 0 to 764
[  373.579818][T20041] ISOFS: unable to read i-node block
[  373.584268][T19931] 8021q: adding VLAN 0 to HW filter on device batadv0
[  373.720270][T19931] veth0_vlan: entered promiscuous mode
[  373.740071][T19931] veth1_vlan: entered promiscuous mode
[  373.763547][T20055] Process accounting resumed
[  373.768977][T20057] loop0: detected capacity change from 0 to 512
[  373.775035][T19931] veth0_macvtap: entered promiscuous mode
[  373.783702][T20057] EXT4-fs: Ignoring removed mblk_io_submit option
[  373.790185][T19931] veth1_macvtap: entered promiscuous mode
[  373.801378][T20057] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  373.803242][T19931] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  373.822520][T19931] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  373.832539][T19931] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  373.843317][T19931] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  373.853335][T19931] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  373.863973][T19931] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  373.873912][T19931] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  373.884438][T19931] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  373.894287][T19931] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  373.904842][T19931] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  373.914905][T19931] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  373.925360][T19931] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  373.935175][T19931] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  373.945607][T19931] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  373.955414][T19931] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  373.965884][T19931] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  373.975707][T19931] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  373.982482][T20057] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.4265: corrupted in-inode xattr: e_value out of bounds
[  373.986339][T19931] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  374.002985][T20057] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.4265: couldn't read orphan inode 15 (err -117)
[  374.010066][T19931] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  374.033019][T19931] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  374.043005][T19931] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  374.053433][T19931] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  374.068000][T19931] batman_adv: batadv0: Interface activated: batadv_slave_0
[  374.076608][T20057] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4265'.
[  374.077606][T19931] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  374.096034][T19931] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  374.105902][T19931] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  374.116434][T19931] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  374.126381][T19931] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  374.136927][T19931] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  374.147041][T19931] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  374.157612][T19931] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  374.167571][T19931] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  374.178046][T19931] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  374.187869][T19931] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  374.198563][T19931] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  374.208472][T19931] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  374.218975][T19931] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  374.228899][T19931] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  374.239334][T19931] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  374.249190][T19931] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  374.259739][T19931] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  374.269655][T19931] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  374.280083][T19931] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  374.289960][T19931] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  374.300587][T19931] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  374.314107][T19931] batman_adv: batadv0: Interface activated: batadv_slave_1
[  374.331465][T19931] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  374.340283][T19931] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  374.349207][T19931] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  374.358125][T19931] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  374.443220][T20081] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4273'.
[  374.457917][T20082] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  374.488158][T20086] loop1: detected capacity change from 0 to 512
[  374.494599][T20086] EXT4-fs: Ignoring removed mblk_io_submit option
[  374.501490][T20086] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  374.517337][T20086] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.4275: corrupted in-inode xattr: e_value out of bounds
[  374.534407][T20086] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.4275: couldn't read orphan inode 15 (err -117)
[  374.556604][T20086] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4275'.
[  374.654292][T18638] EXT4-fs unmount: 51 callbacks suppressed
[  374.654309][T18638] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  374.739775][T20097] loop3: detected capacity change from 0 to 256
[  375.017166][T20103] loop0: detected capacity change from 0 to 764
[  375.024958][T20103] ISOFS: unable to read i-node block
[  375.043639][T20105] netlink: 'syz.0.4282': attribute type 5 has an invalid length.
[  375.086468][T20107] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present!
[  375.166854][T20110] bond0: (slave syz_tun): Releasing backup interface
[  375.181267][T20110] bridge_slave_0: left allmulticast mode
[  375.187048][T20110] bridge_slave_0: left promiscuous mode
[  375.192747][T20110] bridge0: port 1(bridge_slave_0) entered disabled state
[  375.201882][T20110] bridge_slave_1: left allmulticast mode
[  375.207600][T20110] bridge_slave_1: left promiscuous mode
[  375.213334][T20110] bridge0: port 2(bridge_slave_1) entered disabled state
[  375.225344][T20110] bond0: (slave bond_slave_0): Releasing backup interface
[  375.236506][T20110] bond0: (slave bond_slave_1): Releasing backup interface
[  375.253197][T20110] team0: Port device team_slave_0 removed
[  375.262997][T20110] team0: Port device team_slave_1 removed
[  375.272225][T20110] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  375.279715][T20110] batman_adv: batadv0: Removing interface: batadv_slave_0
[  375.291185][T20110] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  375.298726][T20110] batman_adv: batadv0: Removing interface: batadv_slave_1
[  375.332949][T20113] team0: Port device wg2 added
[  375.342067][T20112] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4285'.
[  375.368703][T19931] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  375.420130][T20122] loop1: detected capacity change from 0 to 512
[  375.427766][T20122] EXT4-fs: Ignoring removed mblk_io_submit option
[  375.434586][T20122] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  375.446941][T20122] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.4289: corrupted in-inode xattr: e_value out of bounds
[  375.463481][T20122] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.4289: couldn't read orphan inode 15 (err -117)
[  375.479266][T20122] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  375.494390][T20122] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4289'.
[  375.653900][T20136] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4294'.
[  375.985041][T19060] kmmpd-loop2: attempt to access beyond end of device
[  375.985041][T19060] loop2: rw=14337, sector=48, nr_sectors = 4 limit=11
[  375.998498][T19060] Buffer I/O error on dev loop2, logical block 12, lost sync page write
[  376.053510][T20144] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  376.343683][T19931] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  376.359541][T20161] loop0: detected capacity change from 0 to 256
[  376.384839][T19044] EXT4-fs error: 70 callbacks suppressed
[  376.384852][T19044] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5810: Out of memory
[  376.440049][T19044] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #19: comm syz.2.3890: mark_inode_dirty error
[  376.552794][T20178] loop3: detected capacity change from 0 to 512
[  376.581561][T20178] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  376.596715][T19044] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5810: Out of memory
[  376.608974][T20178] EXT4-fs (loop3): 1 truncate cleaned up
[  376.617005][T20178] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  376.621713][T19044] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #19: comm syz.2.3890: mark_inode_dirty error
[  376.642225][   T29] kauditd_printk_skb: 302 callbacks suppressed
[  376.642239][   T29] audit: type=1326 audit(1726177273.710:13757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20182 comm="syz.1.4314" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fde83e7def9 code=0x0
[  376.693455][   T29] audit: type=1400 audit(1726177273.760:13758): avc:  denied  { mounton } for  pid=20175 comm="syz.3.4312" path="/proc/1415/task" dev="proc" ino=77182 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  376.716379][   T29] audit: type=1400 audit(1726177273.760:13759): avc:  denied  { write } for  pid=20175 comm="syz.3.4312" name="task" dev="proc" ino=77182 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  376.739278][   T29] audit: type=1400 audit(1726177273.760:13760): avc:  denied  { add_name } for  pid=20175 comm="syz.3.4312" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  376.780902][   T29] audit: type=1400 audit(1726177273.760:13761): avc:  denied  { create } for  pid=20175 comm="syz.3.4312" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=file permissive=1
[  376.822449][   T29] audit: type=1400 audit(1726177273.760:13762): avc:  denied  { associate } for  pid=20175 comm="syz.3.4312" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:object_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  376.865962][T19044] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5810: Out of memory
[  376.875761][T20191] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4317'.
[  376.882244][T19044] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #19: comm syz.2.3890: mark_inode_dirty error
[  376.897610][T12190] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  376.909511][   T29] audit: type=1400 audit(1726177273.980:13763): avc:  denied  { create } for  pid=20188 comm="syz.0.4316" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  376.929511][   T29] audit: type=1400 audit(1726177273.980:13764): avc:  denied  { write } for  pid=20188 comm="syz.0.4316" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  376.941688][T20193] loop3: detected capacity change from 0 to 764
[  377.085543][T19044] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5810: Out of memory
[  377.103249][T19044] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #19: comm syz.2.3890: mark_inode_dirty error
[  377.182627][   T29] audit: type=1326 audit(1726177274.240:13765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20216 comm="syz.2.4328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14e55adef9 code=0x7ffc0000
[  377.206316][   T29] audit: type=1326 audit(1726177274.240:13766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20216 comm="syz.2.4328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f14e55ac890 code=0x7ffc0000
[  377.231867][T19044] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5810: Out of memory
[  377.258331][T19044] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #19: comm syz.2.3890: mark_inode_dirty error
[  377.287430][T20227] loop4: detected capacity change from 0 to 764
[  377.369150][T20236] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  377.403490][T20237] loop0: detected capacity change from 0 to 1024
[  377.434502][T20237] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  377.505684][T20237] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  377.560002][T20248] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  377.613415][T20251] loop4: detected capacity change from 0 to 512
[  377.613916][T20253] FAULT_INJECTION: forcing a failure.
[  377.613916][T20253] name failslab, interval 1, probability 0, space 0, times 0
[  377.632427][T20253] CPU: 1 UID: 0 PID: 20253 Comm: syz.1.4342 Not tainted 6.11.0-rc7-syzkaller-00039-g77f587896757 #0
[  377.637168][T20251] EXT4-fs: Ignoring removed nomblk_io_submit option
[  377.643241][T20253] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  377.643257][T20253] Call Trace:
[  377.643264][T20253]  <TASK>
[  377.643273][T20253]  dump_stack_lvl+0xf2/0x150
[  377.650247][T20251] ext4: Unknown parameter 'func'
[  377.659948][T20253]  dump_stack+0x15/0x20
[  377.659974][T20253]  should_fail_ex+0x229/0x230
[  377.684965][T20253]  ? sidtab_sid2str_get+0xb8/0x140
[  377.690107][T20253]  should_failslab+0x8f/0xb0
[  377.694758][T20253]  __kmalloc_node_track_caller_noprof+0xa6/0x380
[  377.701120][T20253]  kmemdup_noprof+0x2a/0x60
[  377.705614][T20253]  sidtab_sid2str_get+0xb8/0x140
[  377.710628][T20253]  security_sid_to_context_core+0x1eb/0x2f0
[  377.716600][T20253]  security_sid_to_context+0x27/0x30
[  377.722086][T20253]  selinux_secid_to_secctx+0x22/0x30
[  377.727388][T20253]  security_secid_to_secctx+0x4a/0x80
[  377.732821][T20253]  audit_log_task_context+0x8c/0x1b0
[  377.738170][T20253]  audit_log_task+0xfb/0x180
[  377.742894][T20253]  audit_seccomp+0x68/0x130
[  377.747430][T20253]  __seccomp_filter+0x6fa/0x1180
[  377.752377][T20253]  ? proc_fail_nth_write+0x130/0x160
[  377.757781][T20253]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  377.763488][T20253]  ? vfs_write+0x5a5/0x900
[  377.767919][T20253]  __secure_computing+0x9f/0x1c0
[  377.772944][T20253]  syscall_trace_enter+0xd1/0x1f0
[  377.777980][T20253]  do_syscall_64+0xaa/0x1c0
[  377.782480][T20253]  ? clear_bhb_loop+0x55/0xb0
[  377.787303][T20253]  ? clear_bhb_loop+0x55/0xb0
[  377.792010][T20253]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  377.797906][T20253] RIP: 0033:0x7fde83e7def9
[  377.802411][T20253] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  377.822116][T20253] RSP: 002b:00007fde82af7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000122
[  377.830510][T20253] RAX: ffffffffffffffda RBX: 00007fde84035f80 RCX: 00007fde83e7def9
[  377.838510][T20253] RDX: 0000000000000000 RSI: 0000000000000801 RDI: 0000000000000100
[  377.846593][T20253] RBP: 00007fde82af7090 R08: 0000000000000000 R09: 0000000000000000
[  377.854577][T20253] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  377.862550][T20253] R13: 0000000000000000 R14: 00007fde84035f80 R15: 00007fff3d1f7898
[  377.870942][T20253]  </TASK>
[  377.945553][T20265] loop1: detected capacity change from 0 to 512
[  377.966053][T20265] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.4347: bg 0: block 393: padding at end of block bitmap is not set
[  378.004610][T20268] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4348'.
[  378.015851][T20263] loop3: detected capacity change from 0 to 8192
[  378.022328][T20265] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  378.033803][T20265] EXT4-fs (loop1): 2 truncates cleaned up
[  378.049060][T20265] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  378.055891][T20263] sctp: [Deprecated]: syz.3.4346 (pid 20263) Use of struct sctp_assoc_value in delayed_ack socket option.
[  378.055891][T20263] Use struct sctp_sack_info instead
[  378.080333][T18638] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  378.122051][T20270] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  378.131535][T20272] x_tables: duplicate underflow at hook 2
[  378.151541][T19931] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  378.176508][    C1] dccp_v6_rcv: dropped packet with invalid checksum
[  378.202830][T20278] loop0: detected capacity change from 0 to 1024
[  378.217956][T20282] FAULT_INJECTION: forcing a failure.
[  378.217956][T20282] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  378.231087][T20282] CPU: 1 UID: 0 PID: 20282 Comm: syz.1.4352 Not tainted 6.11.0-rc7-syzkaller-00039-g77f587896757 #0
[  378.241889][T20282] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  378.251931][T20282] Call Trace:
[  378.255219][T20282]  <TASK>
[  378.258189][T20282]  dump_stack_lvl+0xf2/0x150
[  378.262921][T20282]  dump_stack+0x15/0x20
[  378.267080][T20282]  should_fail_ex+0x229/0x230
[  378.271861][T20282]  should_fail+0xb/0x10
[  378.276010][T20282]  should_fail_usercopy+0x1a/0x20
[  378.281029][T20282]  _copy_to_user+0x1e/0xa0
[  378.285457][T20282]  simple_read_from_buffer+0xa0/0x110
[  378.290833][T20282]  proc_fail_nth_read+0xff/0x140
[  378.295760][T20282]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  378.301377][T20282]  vfs_read+0x1a2/0x6e0
[  378.305603][T20282]  ? __rcu_read_unlock+0x4e/0x70
[  378.310546][T20282]  ? __fget_files+0x1da/0x210
[  378.315235][T20282]  ksys_read+0xeb/0x1b0
[  378.319570][T20282]  __x64_sys_read+0x42/0x50
[  378.324128][T20282]  x64_sys_call+0x27d3/0x2d60
[  378.328858][T20282]  do_syscall_64+0xc9/0x1c0
[  378.333357][T20282]  ? clear_bhb_loop+0x55/0xb0
[  378.338025][T20282]  ? clear_bhb_loop+0x55/0xb0
[  378.342734][T20282]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  378.348625][T20282] RIP: 0033:0x7fde83e7c93c
[  378.353150][T20282] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  378.372746][T20282] RSP: 002b:00007fde82af7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  378.381147][T20282] RAX: ffffffffffffffda RBX: 00007fde84035f80 RCX: 00007fde83e7c93c
[  378.389158][T20282] RDX: 000000000000000f RSI: 00007fde82af70a0 RDI: 0000000000000006
[  378.397225][T20282] RBP: 00007fde82af7090 R08: 0000000000000000 R09: 0000000000000000
[  378.405187][T20282] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  378.413143][T20282] R13: 0000000000000000 R14: 00007fde84035f80 R15: 00007fff3d1f7898
[  378.421137][T20282]  </TASK>
[  378.426131][T20278] EXT4-fs: Ignoring removed orlov option
[  378.431816][T20278] EXT4-fs: Ignoring removed nomblk_io_submit option
[  378.455520][T20278] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84ec018, mo2=0002]
[  378.463640][T20278] System zones: 0-1, 3-36
[  378.471239][T20278] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  378.497938][T20278] pimreg: entered allmulticast mode
[  378.569565][T18638] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  378.607220][T20290] loop1: detected capacity change from 0 to 1024
[  378.614223][T20290] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  378.626846][T20290] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  378.682048][T19931] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  378.851414][T20304] x_tables: duplicate underflow at hook 2
[  378.908059][T20308] FAULT_INJECTION: forcing a failure.
[  378.908059][T20308] name failslab, interval 1, probability 0, space 0, times 0
[  378.920906][T20308] CPU: 0 UID: 0 PID: 20308 Comm: syz.2.4364 Not tainted 6.11.0-rc7-syzkaller-00039-g77f587896757 #0
[  378.931691][T20308] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  378.938634][T20311] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4366'.
[  378.941906][T20308] Call Trace:
[  378.941915][T20308]  <TASK>
[  378.957059][T20308]  dump_stack_lvl+0xf2/0x150
[  378.961674][T20308]  dump_stack+0x15/0x20
[  378.965833][T20308]  should_fail_ex+0x229/0x230
[  378.970495][T20308]  ? ip_set_create+0x1de/0x8a0
[  378.975275][T20308]  should_failslab+0x8f/0xb0
[  378.979854][T20308]  __kmalloc_cache_noprof+0x4b/0x2a0
[  378.985132][T20308]  ip_set_create+0x1de/0x8a0
[  378.989825][T20308]  ? strnstr+0xf1/0x100
[  378.994035][T20308]  ? __nla_parse+0x40/0x60
[  378.998454][T20308]  nfnetlink_rcv_msg+0x4a9/0x570
[  379.003406][T20308]  netlink_rcv_skb+0x12c/0x230
[  379.008163][T20308]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  379.013623][T20308]  nfnetlink_rcv+0x16c/0x15e0
[  379.018293][T20308]  ? kmem_cache_free+0xd8/0x280
[  379.023178][T20308]  ? nlmon_xmit+0x51/0x60
[  379.027611][T20308]  ? __kfree_skb+0x102/0x150
[  379.032213][T20308]  ? consume_skb+0x57/0x180
[  379.036708][T20308]  ? nlmon_xmit+0x51/0x60
[  379.041076][T20308]  ? dev_hard_start_xmit+0x3c1/0x3f0
[  379.046362][T20308]  ? __dev_queue_xmit+0xb86/0x1fe0
[  379.051523][T20308]  ? ref_tracker_free+0x3a5/0x410
[  379.056582][T20308]  ? __dev_queue_xmit+0x161/0x1fe0
[  379.061692][T20308]  ? __netlink_deliver_tap+0x495/0x4c0
[  379.067205][T20308]  netlink_unicast+0x599/0x670
[  379.072486][T20308]  netlink_sendmsg+0x5cc/0x6e0
[  379.077341][T20308]  ? __pfx_netlink_sendmsg+0x10/0x10
[  379.082685][T20308]  __sock_sendmsg+0x140/0x180
[  379.087410][T20308]  ____sys_sendmsg+0x312/0x410
[  379.092175][T20308]  __sys_sendmsg+0x1e9/0x280
[  379.096786][T20308]  __x64_sys_sendmsg+0x46/0x50
[  379.101642][T20308]  x64_sys_call+0x2689/0x2d60
[  379.106312][T20308]  do_syscall_64+0xc9/0x1c0
[  379.110860][T20308]  ? clear_bhb_loop+0x55/0xb0
[  379.115534][T20308]  ? clear_bhb_loop+0x55/0xb0
[  379.120365][T20308]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  379.126370][T20308] RIP: 0033:0x7f14e55adef9
[  379.130812][T20308] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  379.150417][T20308] RSP: 002b:00007f14e4227038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  379.158981][T20308] RAX: ffffffffffffffda RBX: 00007f14e5765f80 RCX: 00007f14e55adef9
[  379.166945][T20308] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003
[  379.174904][T20308] RBP: 00007f14e4227090 R08: 0000000000000000 R09: 0000000000000000
[  379.182950][T20308] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  379.191169][T20308] R13: 0000000000000000 R14: 00007f14e5765f80 R15: 00007ffff7d75de8
[  379.199156][T20308]  </TASK>
[  379.326967][T20321] tmpfs: Bad value for 'mpol'
[  379.335883][T20320] pim6reg1: entered promiscuous mode
[  379.341238][T20320] pim6reg1: entered allmulticast mode
[  379.456436][T20325] loop4: detected capacity change from 0 to 1024
[  379.463401][T20325] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  379.474739][T20325] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  379.538329][T19355] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  380.514703][    C0] sched: RT throttling activated
[  381.017123][T20356] loop0: detected capacity change from 0 to 128
[  381.084187][T19060] kmmpd-loop2: attempt to access beyond end of device
[  381.084187][T19060] loop2: rw=14337, sector=48, nr_sectors = 4 limit=11
[  381.097664][T19060] Buffer I/O error on dev loop2, logical block 12, lost sync page write
[  381.141242][T20356] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  381.174737][T20356] vhci_hcd: invalid port number 219
[  381.179953][T20356] vhci_hcd: default hub control req: ecdb v6ab1 i00db l1556
[  381.310508][T20359] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  381.449180][T20365] loop0: detected capacity change from 0 to 1024
[  381.456286][T20365] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  381.479000][T20365] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  381.496220][T19044] EXT4-fs error: 68 callbacks suppressed
[  381.496234][T19044] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5810: Out of memory
[  381.531711][T18638] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  381.542197][T19044] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #19: comm syz.2.3890: mark_inode_dirty error
[  381.571800][T20380] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4389'.
[  381.605735][T20346] dccp_close: ABORT with 32 bytes unread
[  381.674872][T19044] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5810: Out of memory
[  381.682890][T20393] loop3: detected capacity change from 0 to 764
[  381.703939][T19044] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #19: comm syz.2.3890: mark_inode_dirty error
[  381.717085][T20398] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  381.728699][   T29] kauditd_printk_skb: 181 callbacks suppressed
[  381.728782][   T29] audit: type=1326 audit(1726177278.800:13947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20394 comm="syz.0.4395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb142def9 code=0x7ff00000
[  381.794551][   T29] audit: type=1326 audit(1726177278.800:13948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20394 comm="syz.0.4395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb142def9 code=0x7ff00000
[  381.818299][   T29] audit: type=1326 audit(1726177278.800:13949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20394 comm="syz.0.4395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb142def9 code=0x7ff00000
[  381.841950][   T29] audit: type=1326 audit(1726177278.800:13950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20394 comm="syz.0.4395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb142def9 code=0x7ff00000
[  381.865499][   T29] audit: type=1326 audit(1726177278.800:13951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20394 comm="syz.0.4395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb142def9 code=0x7ff00000
[  381.889072][   T29] audit: type=1326 audit(1726177278.800:13952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20394 comm="syz.0.4395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb142def9 code=0x7ff00000
[  381.912904][   T29] audit: type=1326 audit(1726177278.800:13953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20394 comm="syz.0.4395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb142def9 code=0x7ff00000
[  381.917782][T20407] serio: Serial port pts0
[  381.936532][   T29] audit: type=1326 audit(1726177278.800:13954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20394 comm="syz.0.4395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb142def9 code=0x7ff00000
[  381.936560][   T29] audit: type=1326 audit(1726177278.800:13955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20394 comm="syz.0.4395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb142def9 code=0x7ff00000
[  381.942037][T19044] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5810: Out of memory
[  381.964471][   T29] audit: type=1326 audit(1726177278.800:13956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20394 comm="syz.0.4395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb142def9 code=0x7ff00000
[  382.030776][T19044] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #19: comm syz.2.3890: mark_inode_dirty error
[  382.084067][T20410] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4401'.
[  382.101324][T20412] syz.0.4402[20412] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  382.101418][T20412] syz.0.4402[20412] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  382.185138][T19044] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5810: Out of memory
[  382.237691][T19044] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #19: comm syz.2.3890: mark_inode_dirty error
[  382.283432][T20424] loop0: detected capacity change from 0 to 1024
[  382.290108][T20424] EXT4-fs: Ignoring removed i_version option
[  382.316783][T20424] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  382.330368][T20424] FAULT_INJECTION: forcing a failure.
[  382.330368][T20424] name failslab, interval 1, probability 0, space 0, times 0
[  382.343242][T20424] CPU: 0 UID: 0 PID: 20424 Comm: syz.0.4407 Not tainted 6.11.0-rc7-syzkaller-00039-g77f587896757 #0
[  382.354090][T20424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  382.364131][T20424] Call Trace:
[  382.367395][T20424]  <TASK>
[  382.370334][T20424]  dump_stack_lvl+0xf2/0x150
[  382.374805][T19044] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5810: Out of memory
[  382.375010][T20424]  dump_stack+0x15/0x20
[  382.388067][T20424]  should_fail_ex+0x229/0x230
[  382.388452][T19044] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #19: comm syz.2.3890: mark_inode_dirty error
[  382.392744][T20424]  ? ext4_getfsmap_datadev+0x992/0x1390
[  382.409777][T20424]  should_failslab+0x8f/0xb0
[  382.414432][T20424]  __kmalloc_cache_noprof+0x4b/0x2a0
[  382.419706][T20424]  ext4_getfsmap_datadev+0x992/0x1390
[  382.425139][T20424]  ? __pfx_ext4_getfsmap_datadev+0x10/0x10
[  382.430964][T20424]  ext4_getfsmap+0x7eb/0x840
[  382.435620][T20424]  ? __pfx_ext4_getfsmap_datadev+0x10/0x10
[  382.441406][T20424]  ? __pfx_ext4_getfsmap_format+0x10/0x10
[  382.447183][T20424]  ? __pfx_ext4_getfsmap_datadev+0x10/0x10
[  382.452994][T20424]  ? memchr_inv+0x13a/0x2e0
[  382.457483][T20424]  ext4_ioctl+0x2140/0x2de0
[  382.461981][T20424]  ? __pfx_ext4_ioctl+0x10/0x10
[  382.466858][T20424]  __se_sys_ioctl+0xd3/0x150
[  382.471498][T20424]  __x64_sys_ioctl+0x43/0x50
[  382.476264][T20424]  x64_sys_call+0x15cc/0x2d60
[  382.480926][T20424]  do_syscall_64+0xc9/0x1c0
[  382.485715][T20424]  ? clear_bhb_loop+0x55/0xb0
[  382.490389][T20424]  ? clear_bhb_loop+0x55/0xb0
[  382.495076][T20424]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  382.501033][T20429] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  382.510587][T20424] RIP: 0033:0x7fdfb142def9
[  382.515018][T20424] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  382.534660][T20424] RSP: 002b:00007fdfb00a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  382.534681][T20424] RAX: ffffffffffffffda RBX: 00007fdfb15e5f80 RCX: 00007fdfb142def9
[  382.534737][T20424] RDX: 0000000020000240 RSI: 00000000c0c0583b RDI: 0000000000000006
[  382.559106][T20424] RBP: 00007fdfb00a7090 R08: 0000000000000000 R09: 0000000000000000
[  382.567057][T20424] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  382.575049][T20424] R13: 0000000000000000 R14: 00007fdfb15e5f80 R15: 00007ffd3865a228
[  382.583075][T20424]  </TASK>
[  382.601902][T18638] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  382.621230][T20436] loop1: detected capacity change from 0 to 512
[  382.628331][T20436] EXT4-fs: Ignoring removed mblk_io_submit option
[  382.634899][T20436] EXT4-fs: Ignoring removed i_version option
[  382.636518][T20438] loop4: detected capacity change from 0 to 2048
[  382.650072][T20436] EXT4-fs error (device loop1): __ext4_iget:4985: inode #11: block 1: comm syz.1.4412: invalid block
[  382.661321][T20436] EXT4-fs (loop1): Remounting filesystem read-only
[  382.662520][T20438] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  382.670696][T20436] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  382.695883][T20436] SELinux: (dev loop1, type ext4) getxattr errno 5
[  382.703270][T20436] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  382.703475][T19355] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  382.749854][T20445] devtmpfs: Bad value for 'mpol'
[  382.844270][T20459] loop0: detected capacity change from 0 to 128
[  382.951135][T20413] dccp_close: ABORT with 32 bytes unread
[  383.325354][T20510] syz.4.4440[20510] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  383.325473][T20510] syz.4.4440[20510] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  383.394506][T20513] loop4: detected capacity change from 0 to 512
[  383.457653][T20513] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  383.474868][T20513] ext4 filesystem being mounted at /73/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  383.490776][T20517] syz.2.4442[20517] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  383.535221][T20513] EXT4-fs error (device loop4): ext4_add_entry:2435: inode #2: comm syz.4.4441: Directory hole found for htree leaf block 0
[  383.549921][T20524] loop0: detected capacity change from 0 to 512
[  383.592532][T20524] EXT4-fs: Ignoring removed mblk_io_submit option
[  383.599832][T19355] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  383.611093][T20524] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  383.618747][T20524] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.4445: corrupted in-inode xattr: e_value out of bounds
[  383.618904][T20524] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.4445: couldn't read orphan inode 15 (err -117)
[  383.619546][T20524] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  383.622073][T20524] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4445'.
[  383.691574][T18638] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  383.697947][T20534] loop3: detected capacity change from 0 to 1024
[  383.707202][T20534] EXT4-fs: Ignoring removed i_version option
[  383.721828][T20534] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  383.751472][T20543] loop1: detected capacity change from 0 to 1024
[  383.771032][T20543] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  383.903011][T20559] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4455'.
[  383.919127][T20559] loop0: detected capacity change from 0 to 128
[  383.928153][T20559] vfat: Unknown parameter ''
[  383.936030][T19931] EXT4-fs error (device loop1): ext4_lookup:1815: inode #2: comm syz-executor: deleted inode referenced: 11
[  383.962457][T19931] EXT4-fs error (device loop1): ext4_lookup:1815: inode #2: comm syz-executor: deleted inode referenced: 11
[  384.260131][T20582] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4465'.
[  384.274579][T20554] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  384.301257][ T1625] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  384.362064][ T1625] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  384.409551][ T1625] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  384.480022][T20598] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=20598 comm=syz.4.4469
[  384.501790][ T1625] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  384.555406][T12190] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  384.612102][ T1625] bridge_slave_1: left allmulticast mode
[  384.616250][T20616] loop3: detected capacity change from 0 to 128
[  384.617875][ T1625] bridge_slave_1: left promiscuous mode
[  384.629760][ T1625] bridge0: port 2(bridge_slave_1) entered disabled state
[  384.638253][ T1625] bridge_slave_0: left allmulticast mode
[  384.643921][ T1625] bridge_slave_0: left promiscuous mode
[  384.649691][ T1625] bridge0: port 1(bridge_slave_0) entered disabled state
[  384.662880][T20616] syz.3.4476: attempt to access beyond end of device
[  384.662880][T20616] loop3: rw=2051, sector=128, nr_sectors = 913 limit=128
[  384.795964][T20629] loop3: detected capacity change from 0 to 512
[  384.802726][T20629] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  384.813010][ T1625] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  384.813649][T20629] EXT4-fs (loop3): 1 truncate cleaned up
[  384.828641][T20629] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  384.841153][ T1625] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  384.855537][ T1625] bond0 (unregistering): Released all slaves
[  384.865719][T20621] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  384.877768][T20587] chnl_net:caif_netlink_parms(): no params data found
[  384.908103][T12190] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  384.963830][T20587] bridge0: port 1(bridge_slave_0) entered blocking state
[  384.971057][T20587] bridge0: port 1(bridge_slave_0) entered disabled state
[  384.979013][T20645] loop4: detected capacity change from 0 to 512
[  384.980178][T20587] bridge_slave_0: entered allmulticast mode
[  384.987593][T20645] EXT4-fs: Ignoring removed mblk_io_submit option
[  384.991900][T20587] bridge_slave_0: entered promiscuous mode
[  384.998276][T20645] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  385.016437][T20647] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4488'.
[  385.026185][T20645] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.4487: corrupted in-inode xattr: e_value out of bounds
[  385.048348][T20645] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.4487: couldn't read orphan inode 15 (err -117)
[  385.060628][ T1625] hsr_slave_0: left promiscuous mode
[  385.066771][ T1625] hsr_slave_1: left promiscuous mode
[  385.069353][T20645] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  385.085192][ T1625] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  385.092649][ T1625] batman_adv: batadv0: Removing interface: batadv_slave_0
[  385.100547][ T1625] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  385.108256][ T1625] batman_adv: batadv0: Removing interface: batadv_slave_1
[  385.121067][ T1625] veth1_macvtap: left promiscuous mode
[  385.126609][ T1625] veth0_macvtap: left promiscuous mode
[  385.132224][ T1625] veth1_vlan: left promiscuous mode
[  385.137532][ T1625] veth0_vlan: left promiscuous mode
[  385.151405][T20657] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4487'.
[  385.236104][T20660] loop0: detected capacity change from 0 to 512
[  385.247834][ T1625] team0 (unregistering): Port device team_slave_1 removed
[  385.259538][T20660] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  385.259908][ T1625] team0 (unregistering): Port device team_slave_0 removed
[  385.274700][T20660] ext4 filesystem being mounted at /188/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  385.290566][T20660] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  385.319103][T20587] bridge0: port 2(bridge_slave_1) entered blocking state
[  385.326250][T20587] bridge0: port 2(bridge_slave_1) entered disabled state
[  385.333439][T20587] bridge_slave_1: entered allmulticast mode
[  385.340168][T20587] bridge_slave_1: entered promiscuous mode
[  385.359600][T20587] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  385.377985][T20587] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  385.389153][T19355] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  385.403599][T20664] loop3: detected capacity change from 0 to 2048
[  385.420918][T20587] team0: Port device team_slave_0 added
[  385.427789][T20664] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  385.430383][T20587] team0: Port device team_slave_1 added
[  385.463055][T20587] batman_adv: batadv0: Adding interface: batadv_slave_0
[  385.470110][T20587] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  385.496187][T20587] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  385.507612][T12190] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  385.508130][T20587] batman_adv: batadv0: Adding interface: batadv_slave_1
[  385.523627][T20587] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  385.549618][T20587] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  385.560488][T20670] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4495'.
[  385.572378][T20670] bridge0: entered promiscuous mode
[  385.577891][T20670] macvtap1: entered promiscuous mode
[  385.583187][T20670] macvtap1: entered allmulticast mode
[  385.588631][T20670] bridge0: entered allmulticast mode
[  385.617998][T20587] hsr_slave_0: entered promiscuous mode
[  385.628666][T20587] hsr_slave_1: entered promiscuous mode
[  385.635256][T20587] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  385.642825][T20587] Cannot create hsr debugfs directory
[  385.681158][T20682] loop4: detected capacity change from 0 to 512
[  385.690528][T20682] EXT4-fs: Ignoring removed mblk_io_submit option
[  385.697537][T20682] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  385.710786][T20682] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.4500: corrupted in-inode xattr: e_value out of bounds
[  385.727915][T20682] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.4500: couldn't read orphan inode 15 (err -117)
[  385.740730][T20682] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  385.763658][T20682] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4500'.
[  385.787484][T19355] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  385.859695][T20694] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4505'.
[  385.883551][T20696] loop3: detected capacity change from 0 to 512
[  385.891272][T20696] EXT4-fs (loop3): 1 truncate cleaned up
[  385.897434][T20696] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  385.962572][T20587] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  385.973936][T20587] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  385.982967][T20587] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  385.992824][T20587] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  386.000570][T12190] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  386.068492][T20587] 8021q: adding VLAN 0 to HW filter on device bond0
[  386.084638][T20587] 8021q: adding VLAN 0 to HW filter on device team0
[  386.118928][ T3270] bridge0: port 1(bridge_slave_0) entered blocking state
[  386.126040][ T3270] bridge0: port 1(bridge_slave_0) entered forwarding state
[  386.143826][ T1625] bridge0: port 2(bridge_slave_1) entered blocking state
[  386.150914][ T1625] bridge0: port 2(bridge_slave_1) entered forwarding state
[  386.154717][T19060] kmmpd-loop2: attempt to access beyond end of device
[  386.154717][T19060] loop2: rw=14337, sector=48, nr_sectors = 4 limit=11
[  386.171594][T19060] Buffer I/O error on dev loop2, logical block 12, lost sync page write
[  386.199310][T20587] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  386.209754][T20587] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  386.251526][T20717] loop0: detected capacity change from 0 to 256
[  386.321558][    C0] dccp_v6_rcv: dropped packet with invalid checksum
[  386.328698][    C0] dccp_v6_rcv: dropped packet with invalid checksum
[  386.446172][T20587] 8021q: adding VLAN 0 to HW filter on device batadv0
[  386.525797][T19044] EXT4-fs error: 74 callbacks suppressed
[  386.525811][T19044] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5810: Out of memory
[  386.569571][T19044] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #19: comm syz.2.3890: mark_inode_dirty error
[  386.599466][T20587] veth0_vlan: entered promiscuous mode
[  386.613426][T20587] veth1_vlan: entered promiscuous mode
[  386.642042][T20587] veth0_macvtap: entered promiscuous mode
[  386.653513][T20587] veth1_macvtap: entered promiscuous mode
[  386.669705][T20587] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  386.680152][T20587] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  386.690005][T20587] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  386.700482][T20587] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  386.710393][T20587] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  386.720856][T20587] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  386.730680][T20587] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  386.741166][T20587] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  386.750976][T20587] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  386.761467][T20587] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  386.771382][T20587] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  386.781796][T20587] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  386.791664][T20587] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  386.795082][T19044] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5810: Out of memory
[  386.802162][T20587] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  386.802175][T20587] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  386.831323][T20587] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  386.841188][T20587] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  386.851635][T20587] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  386.861479][T20587] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  386.871909][T20587] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  386.884989][T20587] batman_adv: batadv0: Interface activated: batadv_slave_0
[  386.899752][T20587] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  386.905700][T19044] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #19: comm syz.2.3890: mark_inode_dirty error
[  386.910568][T20587] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  386.932004][T20587] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  386.942513][T20587] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  386.952465][T20587] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  386.962918][T20587] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  386.972733][T20587] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  386.983157][T20587] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  386.992991][T20587] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  387.003839][T20587] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  387.014996][T20587] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  387.025496][T20587] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  387.035319][T20587] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  387.045613][T19044] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5810: Out of memory
[  387.045854][T20587] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  387.064713][T20587] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  387.075285][T20587] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  387.085099][T20587] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  387.095581][T20587] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  387.105452][T20587] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  387.115887][T20587] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  387.128234][T20587] batman_adv: batadv0: Interface activated: batadv_slave_1
[  387.135826][T19044] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #19: comm syz.2.3890: mark_inode_dirty error
[  387.148675][T20587] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  387.157408][T20587] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  387.166389][T20587] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  387.175221][T20587] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  387.242367][   T29] kauditd_printk_skb: 1204 callbacks suppressed
[  387.242383][   T29] audit: type=1326 audit(1726177284.300:15161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20742 comm="syz.0.4517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb142def9 code=0x7ffc0000
[  387.272299][   T29] audit: type=1326 audit(1726177284.300:15162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20742 comm="syz.0.4517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb142def9 code=0x7ffc0000
[  387.295923][   T29] audit: type=1326 audit(1726177284.300:15163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20742 comm="syz.0.4517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fdfb142def9 code=0x7ffc0000
[  387.296813][T19044] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5810: Out of memory
[  387.319381][   T29] audit: type=1326 audit(1726177284.300:15164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20742 comm="syz.0.4517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb142def9 code=0x7ffc0000
[  387.319405][   T29] audit: type=1326 audit(1726177284.300:15165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20742 comm="syz.0.4517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fdfb142def9 code=0x7ffc0000
[  387.319427][   T29] audit: type=1326 audit(1726177284.300:15166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20742 comm="syz.0.4517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb142def9 code=0x7ffc0000
[  387.399230][   T29] audit: type=1326 audit(1726177284.300:15167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20742 comm="syz.0.4517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb142def9 code=0x7ffc0000
[  387.423147][   T29] audit: type=1326 audit(1726177284.300:15168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20742 comm="syz.0.4517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdfb142def9 code=0x7ffc0000
[  387.446840][   T29] audit: type=1326 audit(1726177284.300:15169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20742 comm="syz.0.4517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb142def9 code=0x7ffc0000
[  387.470540][   T29] audit: type=1326 audit(1726177284.300:15170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20742 comm="syz.0.4517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb142def9 code=0x7ffc0000
[  387.470898][T19044] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #19: comm syz.2.3890: mark_inode_dirty error
[  387.614911][T20745] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  387.626818][T20741] loop3: detected capacity change from 0 to 256
[  387.689327][T20752] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4521'.
[  387.702158][T19044] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5810: Out of memory
[  387.718215][T19044] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #19: comm syz.2.3890: mark_inode_dirty error
[  387.743229][T12190] bond0: (slave syz_tun): Releasing backup interface
[  387.793520][T20765] SELinux:  Context u:r:untrusted_app:s0:c512,c768 is not valid (left unmapped).
[  387.811225][T20768] loop0: detected capacity change from 0 to 512
[  387.827164][T20768] EXT4-fs: Ignoring removed mblk_io_submit option
[  387.840267][T20768] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  387.868472][T20768] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.4525: corrupted in-inode xattr: e_value out of bounds
[  387.905016][T20768] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.4525: couldn't read orphan inode 15 (err -117)
[  387.926009][T20768] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  387.944104][T20768] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4525'.
[  387.980860][T18638] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  388.001621][T20761] chnl_net:caif_netlink_parms(): no params data found
[  388.031116][T20781] loop0: detected capacity change from 0 to 512
[  388.040248][T20781] EXT4-fs: Ignoring removed mblk_io_submit option
[  388.047033][T20781] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  388.061469][T20781] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.4526: corrupted in-inode xattr: e_value out of bounds
[  388.076587][T20761] bridge0: port 1(bridge_slave_0) entered blocking state
[  388.081099][T20781] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.4526: couldn't read orphan inode 15 (err -117)
[  388.083775][T20761] bridge0: port 1(bridge_slave_0) entered disabled state
[  388.109082][T20761] bridge_slave_0: entered allmulticast mode
[  388.109431][T20781] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  388.117277][T20761] bridge_slave_0: entered promiscuous mode
[  388.158395][T20761] bridge0: port 2(bridge_slave_1) entered blocking state
[  388.165508][T20761] bridge0: port 2(bridge_slave_1) entered disabled state
[  388.172713][T20761] bridge_slave_1: entered allmulticast mode
[  388.179413][T20761] bridge_slave_1: entered promiscuous mode
[  388.202916][T20781] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4526'.
[  388.217407][T20761] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  388.229670][T18638] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  388.234265][T20761] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  388.358633][T20761] team0: Port device team_slave_0 added
[  388.365835][T20761] team0: Port device team_slave_1 added
[  388.380783][T20761] batman_adv: batadv0: Adding interface: batadv_slave_0
[  388.387873][T20761] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  388.413853][T20761] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  388.535846][T20789] loop0: detected capacity change from 0 to 256
[  388.563428][T20761] batman_adv: batadv0: Adding interface: batadv_slave_1
[  388.570426][T20761] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  388.596384][T20761] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  388.768328][T20796] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  388.791465][T20761] hsr_slave_0: entered promiscuous mode
[  388.797845][T20761] hsr_slave_1: entered promiscuous mode
[  388.803836][T20761] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  388.811526][T20761] Cannot create hsr debugfs directory
[  388.847685][T20810] loop1: detected capacity change from 0 to 764
[  388.855919][T20808] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4535'.
[  388.868855][T20810] ISOFS: unable to read i-node block
[  388.912349][T20761] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  388.935965][T20819] loop1: detected capacity change from 0 to 128
[  388.942742][T20819] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  389.000917][T20761] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  389.048911][T20825] syz.2.4543[20825] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  389.049023][T20825] syz.2.4543[20825] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  389.067276][T20761] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  389.146235][T20761] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  389.261487][T20761] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  389.271394][T20761] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  389.281501][T20761] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  389.290201][T20761] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  389.359132][T20761] 8021q: adding VLAN 0 to HW filter on device bond0
[  389.376896][T20761] 8021q: adding VLAN 0 to HW filter on device team0
[  389.391803][   T50] bridge0: port 1(bridge_slave_0) entered blocking state
[  389.398961][   T50] bridge0: port 1(bridge_slave_0) entered forwarding state
[  389.408543][   T50] bridge0: port 2(bridge_slave_1) entered blocking state
[  389.416169][   T50] bridge0: port 2(bridge_slave_1) entered forwarding state
[  389.449331][T20761] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  389.454305][T20841] bpf: Bad value for 'gid'
[  389.508487][T20761] 8021q: adding VLAN 0 to HW filter on device batadv0
[  389.575452][T20761] veth0_vlan: entered promiscuous mode
[  389.583741][T20761] veth1_vlan: entered promiscuous mode
[  389.601197][T20761] veth0_macvtap: entered promiscuous mode
[  389.609732][T20761] veth1_macvtap: entered promiscuous mode
[  389.620712][T20761] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  389.631225][T20761] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  389.641252][T20761] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  389.651723][T20761] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  389.661555][T20761] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  389.672049][T20761] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  389.681843][T20761] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  389.692244][T20761] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  389.702033][T20761] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  389.712435][T20761] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  389.722245][T20761] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  389.732918][T20761] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  389.742714][T20761] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  389.753154][T20761] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  389.763232][T20761] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  389.773639][T20761] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  389.783568][T20761] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  389.793967][T20761] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  389.803879][T20761] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  389.814440][T20761] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  389.824269][T20761] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  389.834883][T20761] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  389.847163][T20761] batman_adv: batadv0: Interface activated: batadv_slave_0
[  389.855811][T20761] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  389.866287][T20761] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  389.876198][T20761] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  389.886843][T20761] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  389.896665][T20761] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  389.901634][T20860] loop1: detected capacity change from 0 to 764
[  389.907106][T20761] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  389.907127][T20761] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  389.907141][T20761] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  389.907154][T20761] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  389.907165][T20761] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  389.907176][T20761] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  389.907188][T20761] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  389.956718][T20860] ISOFS: unable to read i-node block
[  389.964420][T20761] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  390.000484][T20761] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  390.010447][T20761] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  390.021267][T20761] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  390.031343][T20761] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  390.041769][T20761] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  390.051945][T20761] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  390.062345][T20761] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  390.072308][T20761] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  390.082750][T20761] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  390.095636][T20761] batman_adv: batadv0: Interface activated: batadv_slave_1
[  390.122863][T20761] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  390.131670][T20761] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  390.140462][T20761] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  390.149309][T20761] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  390.304196][T20893] loop3: detected capacity change from 0 to 764
[  390.344125][T20897] loop3: detected capacity change from 0 to 2048
[  390.356255][T20897] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  390.388323][T20761] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  390.411025][T20903] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  390.443532][T20901] loop0: detected capacity change from 0 to 1024
[  390.450983][T20901] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  390.461733][T20901] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  390.486530][T20912] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4572'.
[  391.173501][T18638] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  391.198337][T19060] kmmpd-loop2: attempt to access beyond end of device
[  391.198337][T19060] loop2: rw=14337, sector=48, nr_sectors = 4 limit=11
[  391.211885][T19060] Buffer I/O error on dev loop2, logical block 12, lost sync page write
[  391.409895][T20930] tipc: Started in network mode
[  391.414924][T20930] tipc: Node identity ac1414aa, cluster identity 4711
[  391.421830][T20930] tipc: New replicast peer: 100.1.1.1
[  391.427391][T20930] tipc: Enabled bearer <udp:s>, priority 10
[  391.534938][T19044] EXT4-fs error: 64 callbacks suppressed
[  391.534953][T19044] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5810: Out of memory
[  391.549723][T19044] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #19: comm syz.2.3890: mark_inode_dirty error
[  391.674942][T19044] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5810: Out of memory
[  391.684247][T19044] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #19: comm syz.2.3890: mark_inode_dirty error
[  391.804878][T19044] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5810: Out of memory
[  391.815044][T19044] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #19: comm syz.2.3890: mark_inode_dirty error
[  391.934803][T19044] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5810: Out of memory
[  391.944589][T19044] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #19: comm syz.2.3890: mark_inode_dirty error
[  392.064824][T19044] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5810: Out of memory
[  392.074054][T19044] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #19: comm syz.2.3890: mark_inode_dirty error
[  392.167104][T20936] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  392.231188][T20942] loop0: detected capacity change from 0 to 512
[  392.237821][T20942] EXT4-fs: Ignoring removed mblk_io_submit option
[  392.245285][T20942] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  392.258211][T20942] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.4583: corrupted in-inode xattr: e_value out of bounds
[  392.272921][T20942] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.4583: couldn't read orphan inode 15 (err -117)
[  392.287842][T20942] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  392.307767][T20942] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4583'.
[  392.424737][T12320] tipc: Node number set to 2886997162
[  392.697276][T20949] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4585'.
[  392.723253][T20951] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4586'.
[  392.776495][T20952] Cannot find set identified by id 0 to match
[  393.101909][T18638] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  393.125195][T20954] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  393.162446][T20962] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  393.181734][   T29] kauditd_printk_skb: 346 callbacks suppressed
[  393.181747][   T29] audit: type=1326 audit(1726177290.250:15517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20963 comm="syz.0.4592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb142def9 code=0x7ffc0000
[  393.214873][   T29] audit: type=1326 audit(1726177290.250:15518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20963 comm="syz.0.4592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb142def9 code=0x7ffc0000
[  393.238683][   T29] audit: type=1326 audit(1726177290.250:15519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20963 comm="syz.0.4592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdfb142def9 code=0x7ffc0000
[  393.262253][   T29] audit: type=1326 audit(1726177290.250:15520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20963 comm="syz.0.4592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb142def9 code=0x7ffc0000
[  393.285902][   T29] audit: type=1326 audit(1726177290.250:15521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20963 comm="syz.0.4592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb142def9 code=0x7ffc0000
[  393.310064][   T29] audit: type=1326 audit(1726177290.250:15522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20963 comm="syz.0.4592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdfb142def9 code=0x7ffc0000
[  393.333808][   T29] audit: type=1326 audit(1726177290.250:15523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20963 comm="syz.0.4592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb142def9 code=0x7ffc0000
[  393.357392][   T29] audit: type=1326 audit(1726177290.250:15524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20963 comm="syz.0.4592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdfb142def9 code=0x7ffc0000
[  393.380979][   T29] audit: type=1326 audit(1726177290.250:15525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20963 comm="syz.0.4592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb142def9 code=0x7ffc0000
[  393.404602][   T29] audit: type=1326 audit(1726177290.250:15526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20963 comm="syz.0.4592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdfb142def9 code=0x7ffc0000
[  393.499966][T20978] loop0: detected capacity change from 0 to 512
[  393.507830][T20978] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2
[  393.515944][T20978] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -2
[  393.524318][T20978] EXT4-fs (loop0): 1 truncate cleaned up
[  393.530360][T20978] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  393.551266][T18638] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  393.656360][T20987] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  393.710555][T20999] loop0: detected capacity change from 0 to 764
[  393.874301][T21020] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  394.018079][T21030] loop0: detected capacity change from 0 to 256
[  394.085352][T21034] SELinux:  policydb version 1302396298 does not match my version range 15-33
[  394.094423][T21034] SELinux: failed to load policy
[  394.200103][T21038] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4620'.
[  394.804523][T21043] loop3: detected capacity change from 0 to 2048
[  394.818344][T21043] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  394.847430][T18638] ==================================================================
[  394.851537][T20761] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  394.855521][T18638] BUG: KCSAN: data-race in shmem_add_to_page_cache / shmem_getattr
[  394.872346][T18638] 
[  394.874660][T18638] read-write to 0xffff8881300893b8 of 8 bytes by task 21054 on cpu 1:
[  394.882801][T18638]  shmem_add_to_page_cache+0x3b9/0x4b0
[  394.888261][T18638]  shmem_get_folio_gfp+0x513/0xd80
[  394.893383][T18638]  shmem_write_begin+0xa0/0x1c0
[  394.898238][T18638]  generic_perform_write+0x1b4/0x580
[  394.903527][T18638]  shmem_file_write_iter+0xc8/0xf0
[  394.908649][T18638]  __kernel_write_iter+0x24f/0x4e0
[  394.913899][T18638]  dump_user_range+0x3a7/0x550
[  394.918666][T18638]  elf_core_dump+0x1aeb/0x1c30
[  394.923466][T18638]  do_coredump+0xfa7/0x1810
[  394.927973][T18638]  get_signal+0xdc1/0x1080
[  394.932432][T18638]  arch_do_signal_or_restart+0x95/0x4b0
[  394.937980][T18638]  irqentry_exit_to_user_mode+0x9a/0x130
[  394.943625][T18638]  irqentry_exit+0x12/0x50
[  394.948053][T18638]  exc_general_protection+0x33d/0x4d0
[  394.953425][T18638]  asm_exc_general_protection+0x26/0x30
[  394.958985][T18638] 
[  394.961299][T18638] read to 0xffff8881300893b8 of 8 bytes by task 18638 on cpu 0:
[  394.968925][T18638]  shmem_getattr+0x69/0x200
[  394.973431][T18638]  vfs_getattr+0x19b/0x1e0
[  394.977859][T18638]  vfs_statx+0x134/0x2f0
[  394.982106][T18638]  vfs_fstatat+0xec/0x110
[  394.986443][T18638]  __se_sys_newfstatat+0x58/0x260
[  394.991464][T18638]  __x64_sys_newfstatat+0x55/0x70
[  394.996486][T18638]  x64_sys_call+0x141f/0x2d60
[  395.001162][T18638]  do_syscall_64+0xc9/0x1c0
[  395.005662][T18638]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  395.011573][T18638] 
[  395.013885][T18638] value changed: 0x000000000000002a -> 0x000000000000002d
[  395.020985][T18638] 
[  395.023304][T18638] Reported by Kernel Concurrency Sanitizer on:
[  395.029440][T18638] CPU: 0 UID: 0 PID: 18638 Comm: syz-executor Not tainted 6.11.0-rc7-syzkaller-00039-g77f587896757 #0
[  395.040371][T18638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  395.050887][T18638] ==================================================================
[  395.111968][T21058] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  396.224797][T19060] kmmpd-loop2: attempt to access beyond end of device
[  396.224797][T19060] loop2: rw=14337, sector=48, nr_sectors = 4 limit=11
[  396.238815][T19060] Buffer I/O error on dev loop2, logical block 12, lost sync page write
[  396.654790][T19044] EXT4-fs error: 78 callbacks suppressed
[  396.654805][T19044] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5810: Out of memory
[  396.669555][T19044] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #19: comm syz.2.3890: mark_inode_dirty error
[  396.784809][T19044] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5810: Out of memory
[  396.794362][T19044] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #19: comm syz.2.3890: mark_inode_dirty error
[  396.914808][T19044] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5810: Out of memory
[  396.924110][T19044] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #19: comm syz.2.3890: mark_inode_dirty error
[  397.054794][T19044] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5810: Out of memory
[  397.064140][T19044] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #19: comm syz.2.3890: mark_inode_dirty error
[  397.194806][T19044] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5810: Out of memory
[  397.204638][T19044] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #19: comm syz.2.3890: mark_inode_dirty error
[  401.264759][T19060] kmmpd-loop2: attempt to access beyond end of device
[  401.264759][T19060] loop2: rw=14337, sector=48, nr_sectors = 4 limit=11
[  401.278234][T19060] Buffer I/O error on dev loop2, logical block 12, lost sync page write
[  401.704785][T19044] EXT4-fs error: 80 callbacks suppressed
[  401.704797][T19044] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5810: Out of memory
[  401.719638][T19044] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #19: comm syz.2.3890: mark_inode_dirty error
[  401.834774][T19044] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5810: Out of memory
[  401.843950][T19044] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #19: comm syz.2.3890: mark_inode_dirty error
[  401.974802][T19044] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5810: Out of memory
[  401.984004][T19044] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #19: comm syz.2.3890: mark_inode_dirty error
[  402.104767][T19044] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5810: Out of memory
[  402.113870][T19044] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #19: comm syz.2.3890: mark_inode_dirty error
[  402.234803][T19044] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5810: Out of memory
[  402.244049][T19044] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #19: comm syz.2.3890: mark_inode_dirty error