last executing test programs:

5.363884043s ago: executing program 2 (id=2476):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a010400000000000000000100000008000240000000020900010073797a300000000014000000110001"], 0x50}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a30000000000800054000000008440000000e0a01020000000000000000010000000900020073797a32000000000900010073797a30"], 0xc8}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYRESHEX], 0x0, 0x0, 0x0, 0x0, 0x0, 0x64}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x9141, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0)

4.611662476s ago: executing program 2 (id=2498):
syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000200), 0xfe, 0x254, &(0x7f0000000840)="$eJzs3U9oHFUcB/Df7B/jJotEvQjiHxARDYR4E7zEi0JAQhARVIiIeJJEiAnesp68eNCzLTn1EkpvTXssvYReWgo9pW0O6aXQhh4aemgPW2Znt2yTDW2zyU7JfD4wO/P2vZnfDMz37V5mN4DCGo2IyYgoR8RYRFQjIuke8H62jLabK7X12Yhm85t7SWtc1s509huJiEZEfBZR6fQtrf2w9WDjq4/+Wax+eGrt+9qgrq/b9tbm1zsnp/8+O/Xp0pVrd6aTmIx6u6/7Og5T0uO9ShLxxlEUe0kklbzPgOcx8+eZ62nu34yID1r5r0apHdl/F165WI1PTuy37393r749yHMFDl+zWU0/AxtNoHBKEVGPpDQeEdl2qTQ+nn2Hv1EeLv02v/DH2K/zi3O/5D1TAYelHrH55fmhcyO78n+7nOUfOL7S/H87s3oz3d4p5302wEC8k63S/I/9tPxxyD8UjvxDcck/FJf8wzFwwOzKPxSX/ENxyT8cY9XORqNnt/xDcck/FJf8Q3F15x8AKJbmUN5PIAN5yXv+AQAAAAAAAAAAAAAAAAAA9lqprc92lkHVvPR/xPYXEVHpVb/c+j/iiFdbr8P3k3TYE0m2W19+fK/PA/TpdM5PX792K9/6l989muP+9XSztt+45bmIRjp4olLZe/8l7fvv4F5/Rn/15z4LvKBkV/vz7wZbf7dHq/nWn9qIuJDOPxO95p9SvNVa955/6t0/sXxAvz/s8wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMzOMAAAD//7MNbSk=")
open(&(0x7f0000000340)='./bus\x00', 0x143142, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1, 0x8001, 0x0, 0x0, 0x2, 0x18, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7c2542ded71038259ca171ce1a311ef54ec32ff7f00009cc093fce47d42140c3c47411bcd3dc177e9b49600", "f28359738e229a4c000dd70200"})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0)

4.552046102s ago: executing program 2 (id=2499):
openat$cgroup(0xffffffffffffffff, &(0x7f0000000040)='syz1\x00', 0x200002, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/time_for_children\x00')
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x40040)
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='net/igmp\x00')
pread64(r1, &(0x7f0000000540)=""/232, 0xe8, 0x1000000359)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x161281, 0x0)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r3, 0x8910, &(0x7f0000000000)={'veth0_vlan\x00', @ifru_settings={0x4, 0x0, @te1=0x0}})
getdents64(r1, &(0x7f0000000700)=""/106, 0x6a)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r2, &(0x7f0000000040)={0x12})
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x6, 0x0, 0x0, 0x0, "a05c7b5d00008023e9c5bcf5fb7700"})
r4 = syz_open_pts(r2, 0x0)
dup3(r4, r2, 0x0)
r5 = socket$l2tp6(0xa, 0x2, 0x73)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000040)=@security={'security\x00', 0xe, 0x4, 0x4f0, 0xffffffff, 0xf8, 0x8000000, 0x0, 0xffffffff, 0xffffffff, 0x420, 0x40a, 0x420, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@dev, @local, [], [], 'macvlan1\x00', 'dvmrp1\x00'}, 0x0, 0xd0, 0xf8, 0x0, {}, [@common=@hl={{0x28}}]}, @common=@unspec=@NFQUEUE2={0x28}}, {{@ipv6={@mcast2, @local, [], [], 'veth1_vlan\x00', 'wlan0\x00'}, 0x0, 0xf8, 0x120, 0x0, {}, [@common=@hl={{0x28}}, @common=@unspec=@cpu={{0x28}}]}, @common=@unspec=@AUDIT={0x28}}, {{@uncond, 0x0, 0x1e0, 0x208, 0x0, {}, [@common=@rt={{0x138}, {0x0, [], 0x0, 0x0, 0x0, [@local, @loopback, @rand_addr=' \x01\x00', @dev, @mcast2, @private0, @ipv4={'\x00', '\xff\xff', @multicast2}, @local, @private2, @remote, @private0, @private2, @rand_addr=' \x01\x00', @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, @empty, @mcast2]}}]}, @common=@inet=@SYNPROXY={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x550)
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
r6 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc))
syz_open_dev$tty1(0xc, 0x4, 0x1)
timer_settime(0x0, 0x0, &(0x7f0000000040)={{}, {0x0, 0x3938700}}, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000340)=[{0x0, 0xfffffffffffffe8c}, {0x0}, {0x0}, {0x0}], 0x4, 0x0, 0xfe77, 0x10}, 0x8000)
readv(r0, 0x0, 0x0)
r7 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
socket$nl_generic(0x10, 0x3, 0x10)

4.312232302s ago: executing program 0 (id=2508):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000070"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5}, 0x48)
r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
setsockopt$sock_int(r1, 0x1, 0x3e, &(0x7f00000000c0)=0x7, 0x4)
bind$llc(r1, &(0x7f0000000400)={0x1a, 0x1, 0x0, 0x0, 0x0, 0x0, @link_local}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff15, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0)
io_uring_setup(0x669, &(0x7f00000002c0)={0x0, 0xfffffffc, 0x0, 0x3})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x62, &(0x7f00000000c0)=[{0x7f, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="180156af0000003b810000850000006d00"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000004c0)='inet_sk_error_report\x00', r2}, 0x10)
add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
lstat(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140))
syz_open_dev$tty20(0xc, 0x4, 0x1)

4.296013904s ago: executing program 0 (id=2509):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
fcntl$dupfd(r2, 0x0, r2)
r3 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x0, 0x11012, r3, 0x0)

4.231783799s ago: executing program 0 (id=2511):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffff"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$igmp6(0xa, 0x3, 0x2)
getsockopt$inet6_buf(r2, 0x29, 0x1b, &(0x7f0000000000)=""/144, &(0x7f0000000180)=0x90)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xc8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x101c0ca, &(0x7f0000000400)=ANY=[@ANYBLOB="73686f72746e616d653d6d697865642c666d61736b3d30303030303030303030303030303030303030303036362c696f636861727365743d69736f383835392d312c6572726f72733d636f6e74696e75652c756e695f786c6174653d302c696f636861727365743d61736369692c726f6469722c73686f72746e616d653d6d697865642c756e695f786c6174653d302c757466383d302c757466383d302c756e695f786c6174653d312c64656275672c756e695f786c6174653d312c666d61736b3d30303030303030303030303030303030303030303030332c6e6f63617365aec489af6ba9723d4b17106f6d47b9ade1c253d4e3b08066427cae9f41fd1e1dd25a22ec22ad6e8bf6f67e052de91b544f2f4541f87a0c0b36e8d444150b35c110bda57fe7a9c06ba087cc975447082aaf95213301f3e04b70ea67a8aa0d582ca1a9525dba7116d80f126f782a78428b878fc79c0be9ad98cb6950995e6edba78e5301e8c8e69cc85beceb8b54f84a84787815ef9a18f1fe1c81b4c1830102f7e3236e2533e486ecb46ee53991c5bfe6289a474582b2e57741fd8de78f42097851bee74d4201c7767e0e0f4b34523150639b1291441ad01f2f72ed3679d7bca0e8b4e0689f883196af0d0dfe7344f276c1b4bd333882cf7879248ad423e3f21cd0cae2309519f9d40df23cf05d9c8d8f9d07da771ea1e3bcd8478fb989f770da17f700000000000000"], 0x6, 0x2c0, &(0x7f0000000900)="$eJzs3U9rK1UUAPAz+TOJukgWrkRwQBeuHu+9rZsUeQ/ErnxkoS60+FqQJggtFKri2JVbNy78DILgB3HjNxDcCu6sUBiZyaRJ2pg2palof79Fe3vnnLlnboZ2WujJx6+O959nsXfy5a/R7SbRGMQgTpPoRyOmvo4Fg28DAPgvOy2K+KOYWCcviYju5soCADboej//W7PhT3dSFgCwQc/e/+Ddre3tJ+9lWTeejr85Gpa/2ZefJ8e39uLTGMVuPIxenEVUDwrtqJ4WyuHToijyVlbqxxvj/GhYZo4/+rk+/9bv9R8LSv3q4/nTRpX/zvaTR9nEXH5e1vFivf6gXP9x9OLl8+SF/MdL8mOYxpuvz9X/IHrxyyfxWYzieVXELP+rR1n2dvHdn198WJZX5if50bBTxc0UzTt8WQAAAAAAAAAAAAAAAAAAAAAA+J97UPfO6UTVv6ecqvvvNM/KL9qRTfUX+/NM8qetfRb6AxVFkVftcib9dR5mWVbUgbP8VrzSmm8sCAAAAAAAAAAAAAAAAAAAAPfX4fHn+zuj0e7BrQym3QBaEfHXs4ibnmcwN/NarA7u1GvujEaNergY05qfieY0JolYWUZ5Ebe0LVcNXrhUcz344cd1T9i9Oqa9fK3D4+ZNX6/84sz07trfSZbvYSemM9160e/TiFlMGtdcPf2nQ0Wsc/ulSw/11t6N9KVqkK+IiWRVYW/9Ntm5eia5eBVptatL09v1YC79wr1xrfs5upP0y98rEt06AAAAAAAAAAAAAAAAAABgo2b//bvk4MnK1EbR2VhZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCnZu//v8Ygj4h2fYIrgtM4OPyXLxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB74O8AAAD//0aWVl0=")
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000280)='./file0/../file0\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1000, 0x0)
mount$bind(&(0x7f0000000300)='./file0\x00', &(0x7f0000000000)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x112dd10, 0x0)
r3 = open(&(0x7f0000000a40)='./bus\x00', 0x141a42, 0x0)
sendfile(r3, 0xffffffffffffffff, 0x0, 0x100801700)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
close(r5)
recvmsg$unix(r4, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r7, &(0x7f0000000140), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r6, 0x0)
r8 = socket(0x22, 0x2, 0x2)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r8, 0x84, 0x1, 0x0, &(0x7f0000000180))

4.212089401s ago: executing program 0 (id=2513):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000070"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff15, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)

4.150325896s ago: executing program 2 (id=2514):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r0=>0xffffffffffffffff, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000540)=ANY=[@ANYBLOB="38010000100003000000000000000000fe80000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000002318bfdd8e5784", @ANYRES32=0x0, @ANYRES8=<r2=>r0, @ANYBLOB="000000600000000000000000000000000000000033000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020001000000000000000000480001006d643500"/237], 0x138}}, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000001a40)=ANY=[@ANYRESDEC, @ANYRESHEX=r2, @ANYRES32, @ANYRES8=r0, @ANYRES8=0x0, @ANYRESDEC=r3, @ANYBLOB="8ae13f337804cd791950ddb39ba7b767ed218fffd5b81e73d9e6f9d96d4d2020f3a0c4fa52ef1696f4909048049060eab678f8f30d3fc497e5cd9a3448b4441d6a243fb6f010c6bc723a131f74beed2dc3d49ec6222d9990bc3a0249c33659f65a01cbfc79e251848f54f4f68434866e521afdfcd7e5a518b463c75ed6819f8621818c46ac40f2813983ebde2fe03763e429131d6aae7adda6d12c54c122c8a1c12e16e079f6d7203b17058cba35b8877b0ffc7b75dd163355ec1a0c795088012fa179001575728191a6b070df4b4524c80fe6da174cde422cd20884286a312dc9b40fb6461b39cef648843a1d6c64ca93d328c2212606887c68a803efb13ea4d5e7eaa887e0a9e9479122555862a856c376ecaab3132536ea9d039a86a21cf0c738f84b73572b17fddafdfe0797f93bc0dc270d9b11fe632352ef8485608094923f0ca98d17e1aa2ea98bbf44325b028d3a3743d8b018a9fdee4acf12a0b8b78ce41a6572b9d19136b7079ed34ef39c2c6ace6d470420a47fa84a2aa37299cb52da9b93670dc232f33e1d1d1efc33b5053f2c451449dd7096530df2205a0a0d87f3d78d34280aaafb02680cab4f95c3f70be738d728a1c4a874a791c275148f0cefeceb626db1c6a0f657bd8399442f50598400c599ecd3c2390236c915fb2ddeac63b11a6c09c7aff566b6c13255d888b388e74e0f36c2c6bf8a5cafdc78637fb6cea7cf2bdca3b19df2be8da00d8738fbeb709444c48aa3397c35445132319a094489a665cd561e7a3a448a2206a7fd507ca2833294ab6ee3bfc18083a2d6db37a4e6f3ce009d11389d7ee6c8b7afb6d5d936d740efb5ca8486d88fbf7ae6e3cd6eaf48a62932f9dba2e677c907a5d81ce3f01d912cab772f9074ecf36fe73df164215c5d9a14350ff04ebb045c50444acda8d32ba4a8ff8d7266d262199dd945f51d55db064faaa97281b10d88cde126b9fabaceb9c7e4fd4b2b420446f0c5c308611a29ac30199d6a2bc549e466a909ecc4d10786662968552e3f221f65b0dda03040b81b2556ad1831160079e057f1cacd5f954ab099dc4928d989d317069f9401dd252f72d9cc4b45916764f4727b314384e65e3190cba96c0e15a23d29b1fb01e507c6553154aa5b808975fa4080e35cd585a8fa2826fe63aebc50cf5b0d06c2bdbc008af4f31ddc2ee54d36aa04fac50df9577d05b93b8d2f246c8c97a17d611681293747ecd9de3a38163d5cd07721c36edc14cffd76288893baceded068564749a92a85752d980ce62f2fc364ff00325ac0be66249476af3c98ef9051f35bc0b5d6d3528b4db7982e65a7d71189cdcd6e84043ef57985226ac414b1fb8c2cb48c5fef7eec9b1f7936a0735a94304f653bce2bd863c80e9e5f153640459d53d1933979a44786732a72d825a4dc22b47a1d28b27864a0388c200e00d32f7efff66a3f45b201e8f4776e4dcb22eed86b2a7eead8e6815d0ebaa5f671e45f6693b136adff28e7892d055245f297aeb1c19bd2da888f348a74717cb754a7a332fec8df4c58ef8fddc0950494d883e3f554d2f37fc74a7e4fccb9a748cdec78accaf0e99d081af777c92e3daca488831112a5db0ccc71c4221e306c69b147a0591d8790c4fb8e0a42004a8f3ab71f5a72eb89dcf5170d4437ae1baebd0b67684bf2ce32f7d2f704a37b3e66ec4fc46a87cb9cb06ba157d863dc771314497446c1d273f6a07edfe0dbf04e2a109c3194eba9bde137d71e0f618812e81dde64bfb58dad004f033bc9b28312fab059800eed717f763c390716ad59d6440fb26a9afa788f806dd25bebe6524514eeef268d2939ceaf322342fe2c2bf8bd5e128e2b4ff395d7af037650ad23589e0ba07ad023389b389cd7677d15c95024b8f5d037def279b6f73035a766a175ea5d0f4672719293128fe53439b7b649691c9b7817e5d27a0265599396c3e0341e9bbb481ebc31b04f1b2ed4c46386dfd07ad5558484f7196c303d211b1fa3a8a667aa322bfc2fa2308bed218d6df1bd9a5e96c5251d2fa88a67e90b2b21659469e5670f612d58ec25affd8b3391d2a0aaf283f042cb9e4dc5e7b38d31b69d148e517119ec678440500b6f7c5509648408f9ee6d99eb33f3660bbc4c4ca76d6e4218e14363c0e7e76ebfb628d04061bfabe940aa746aae2756498ec454ce46873cece7c3f467c7e61485abc8d57108bc0a299febb2b9dec52e9eb010de1da6619930b9a7be7ab52e630388673e5f4b826dd54ce51824f5ccd5b1401eeef1403c28495dd2f2eb5910a2697095d6e0f2c183ea303ec47267fcd25742e71c2d2f2597343f8a5083105165da4cdaf1a57e852a8f801aafb26e675d4e44165df269d824c3128307451fc9f4f4c071ab8f902060fa0e4d6429c50eef887a7cff4d02f65173e17abb7aef232751b1685af8db0ddd36d1e0bc2b1e428a2dcaf503fcbf104c4f7b060254717959925877b050e70a7e3f98127209ee15054c9a79bf5654f3bec01849e085750fe97e190183fbc21c2b4d7f498e568e1adf40b6bbcb4b7ec7abfbaeaa313f065e92f7a166283146599c85602d85c6dbbe8692648ba3c5bf32cca75a34d75c77bffc05bdc07166308e7f7895795c4b27b57e663f5119c1724633c6565bd389a36b080fb957cc47c8854cdbb4f7cc6b7bda7d74c55c7b282607af7311bd68fe40162ef69a40134826ec83a9c36ad94318e80068509d8814fd1d91ca0a503de74da60434b6c12c27428d9119934962fabfd6c0242a68d84c057a7d6f4181bff6bcd89dd5bcb334b5976c12edecf9608df4f18980e5482c3a2cf9a8987ff09deddc6e5eb8018f5989db908b22a5ff8af96edda997b3749654f88d712871c30fa1ac1fa0f36d27e7b013ef5255863e670f2dff77d2894423e9902b01935de077e642b3caddcbe94d9deb29ba2eebf075d08dcc464585d31dc546d4aa0d9e4c9509072cc9f60fba950849c82bbb14f4200b50decbb9520967ded572a761bbf83944339674358e0f917a801e307471cac681b0f9b596d30e2612cf0471339ea85f94518f5f293d9acd84e530304f5fc37746c36eb4df07785ebaa9c01d3d5181e58f727beb88d08efcd3976af2deaf227433b323584453a5b36c636bd7eeec8635bc0a623f31ba0048ca0e8865adae05f326f38f30dfbcd9e163da2ea051773d7c71df59ccd55bd6edaac0568929b32ea20b553abda2ce5f81c262ff539da6ad45a9c262d16a095f04277459888076d6ecd4b09ca71b706d75e9a6656334d041b856335550293be43cfef66d62d373190c9629cce095d2cfe50cae37793535ed44e749e65e9fbc352304d0c41442201156841f0d786370ce11e9fc08894405f57a951b395ce4bbd60529fa01c026ab494fc75e13d62bf0595a10422c19de1ea309cce043f156fdfc3f6c6b6c89d261246f3a52d822c4b5e05f8db7b2d78b843620ee05c074719f78df8f492938b3b7adcd0d44f0e12bdae9506f19ca31483a83ab189ebc32119c1fed7bf2af468be5b9f1b09688d6048d35296ed1befc766b1604333d2186ca20d02107505ed863bc51809459e0c21d72e3eaebc75221937af116f0b2596e7364fa87c44ff319e7e609a7057f8387fcd2e1ac09a1f1c8c90135cda9ac4d7164cfa4220d56b9534f2d30cfad48bcd63571671f68f89f06e1c31007e8048785e2242b58c09d395a1e35bfe7b3c4f37e1213538a1c9242ec86062fb303a3c000e68b577e25d84e5e10826c04a894920ce629debf9555fc941d062230917b29f0a2143df7453afc5b05ce947397992788762a1ac285411579281ef62e77671bcf317f4ae9a956e36dec80a54170ccd17ac67b0656b401f08bf3acf0f101a3b925703a6c64d18d493ea31200055c125353061fc231bc7f64e3e534454d433ff6b1139e5bba0e9f020e5b3ae25cc8a2f2018e437e8acbc86e9c29e5a1e0f30f456992ab6fb68156ba30d1b5ee24ca130a9ec2191767ea3026e2056d1bc5b267beb542fc1bacbb92079f76cff45cc039dc2d2d3db008fd3cf60bca8ca9a2af071491310b5f11dfbf81c8b910661c5c22c12a5342a6eebabff0d600cb7a69a916955d8872177afe751bc2635cf203639f4bdb70530141258b3b832e523bc338fde5bb47ca65dcb603b8cf073612b9595e5cbec371fa4aa57db33290f3137bbd7df8c645ac4d1f924955589939757a4d84e07f40ff9033e5b2e02772e1fa3a5daa29b5359c813051b5c116363dfbb850157ae515ca957ca6fda6285d471ccde59f03aa50025f2e9d2809364509a37f9f1b61ba66f4fee871c0768d93925ad062881664a006220dd3f5002153d7b3af25e3f170437cfcded04c88026a546107c286451c3ae106925a9a77b2c8be5ecc5c3b3ec3427826897d798e7d0b8cd3289ae2c0a74dfe5fb8585c145ac81c0d3efb8fca310414f64bd932e11442ab2756ceb591358e4ec96b3daed9d7bc097380e92d9e91306a1e211cf03ee5c4982a9cb0b110afaa15760e97dfde8bb05f21e80bf4d41b2dafe9ced556099a93183dfbbde1e33ee3eec9bae7ded8d1684fdac63fb0fc0ad999366ab2d436dc5ec8ed781e0d85c60a987eb60c3410f0aadfe6a3cfefb60fde135c16864d4adf1d596d8c3379051cf953c1dbb6a358acf6f2bab3660d287ad46bc4e46fb3a231543b381be7bbeb933ab1dea83f542e630e38d4cb9d3302dcdfa75dd70fc380f4cd43c8b552df0962abb0e1cd6c1a8b2b156b5abe1916da4b3cfc13c311be7e5de60d0ba10b52ed52619e3234288088eab7ede99bca8ce34eeacc882a81c7f83e406afc004e41f95ddd74cb78a19362b2ca31cff16ad953534ea5b6b49b6490de45d8cf26e7a7e2e08e4b16d9b32390b4b5b8f5ead68dde3eed5b1d744a8eeaa9175a01d1f0208605278dc1c98d561fc3aaf9359a1d7f0b378189dc847ad8b5d89de2b884ddd50e847cf11335e0ce97993951cc511769e9f51a0bd9a34147b73f42e5a21ea1b4abfeda44ef131a3e1d52153012c6eb8f37c88ef39e67586ad6e89f096d77315ed36e26228b562ec50b3c6bcab6859fc73a2b92cae5c45a1f7ca14509723176c6e9377961d8af8dd1dab731c9fc18caccc41f2c402c87ca1342e97232383f5d1dc02a4e9b2bb0ec1bf4c3678a8dabbd6d0d53475f87a4f59f0e1b7c12be4c24e1f084550dda5c1f82e84c15f41921e43fb13dd9da529cc52996cd072c399278aff58e355538104f1317589da3a42b61256a2558b4d4945342a19b4189e18fcc97342c3c4c1476d05fe9b3c52599fd60ba528b1a1dd89afb6f6b626ed150044faeb599864bf51a3253b072e21163a1b27b673eef9b1230261eb35b3263ee7c022818940b911a718320d2689e64cead1375cfd9aec413c56923d8b06a532bd0a7cfce1ab758ae8546303c3e3879d0ad282e69ac075d8c3e2b65a26a055842d493248e45c31081f1f86b0f26802cac42212dd6c84ad6785efcd7b0f7109e562f92cfe9bd72ee1be32b22bf38db2de59f4d86979596127f9b638f4c49ff9fa57467a90147052507c6f924031c5351de5c7f27bdd02cb2e5e91fa076b690dea96b00eda15cedbaa7beb65054ab3861ea52a852fb318a481849cece70fd65a945b07e4e78ccc38ae9fd14db2c59892b25ac1bb0e51ff8c476953dc99d2a1dc126e73e5a1730ffe696792e5e2136933ec3badda302033e3cff907fc332f54ab1374a49945bf5890574c553b6d26814274dc509e16605f0290564006dcaeac3a035bece9a7af6666f8ea11b88e783aaa0", @ANYRESHEX=r0, @ANYRES16=r0, @ANYRES64=r3], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x7c)
io_setup(0x3, &(0x7f0000000180))
eventfd(0x0)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000000000))
r5 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
readv(r5, &(0x7f00000018c0)=[{&(0x7f0000000840)=""/4096, 0x1000}], 0x1)
sendto(0xffffffffffffffff, &(0x7f0000001900)="b67f17f479be0ec94c69d04dac004bd47322981ab11937aaee8cd39197c4bbd25e28bb650dfec9b1c76a7f1b871088ef693219afe7cb2787bad0a2c8e7121c265611d30d78e13b09396b4e6b362710b0e1361b6104de50cdcf13c4bd18b5030503a0ba2cbd193fd80124c4c48444f900b4d9baba8eb6d5a26126941e7d508f542837fc0ffe445ef415be03326e558114dfbc9bc40bfad0d12b3c66d31fedda8c53928b6e0e3a1fd18a546a0c8cb4a920f95593c60d6b3a82d20cfe83a622d83ca12dd24eb3d45fb048f310e12204168fad133d98f422d7f70e5dbda8409407fb03aa2f034f131c8fe4e2b1f9dde1760e2348926b6367454cc6f75c167b537d9adb57a15002c9ed287274cf3bc9d679767323e2", 0x113, 0x4080, &(0x7f00000001c0)=@l2tp6={0xa, 0x0, 0x49, @private0={0xfc, 0x0, '\x00', 0x1}, 0x4, 0x1}, 0x80)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x2, 0x4, 0x9755, 0xbf22, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x10000000}, 0x48)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xd, 0x69, 0x4, 0x5, 0x0, r6}, 0x48)
rseq(&(0x7f0000000400), 0x20, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r7}, &(0x7f0000000080), &(0x7f00000000c0)=r6}, 0x20)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r8 = socket(0x1e, 0x4, 0x0)
recvmmsg(r8, &(0x7f0000006000)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f00000007c0)=""/242, 0xf2}], 0x1, &(0x7f00000004c0)=""/75, 0x4b}}], 0x1, 0x0, 0x0)
sendmsg$tipc(r8, &(0x7f0000000000)={&(0x7f0000000200)=@id={0x1e, 0x3, 0x3, {0x4e20}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r9 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r10 = fcntl$dupfd(r9, 0x0, r9)
write$sndseq(r10, &(0x7f0000000180)=[{0x0, 0x1, 0x0, 0x0, @tick, {}, {0xfe}, @raw32}, {0x0, 0x2, 0x0, 0x0, @time, {}, {}, @quote}], 0x38)
ioctl$SG_GET_REQUEST_TABLE(r10, 0x2275, &(0x7f00000018c0))

3.920291326s ago: executing program 0 (id=2525):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x13)
kcmp$KCMP_EPOLL_TFD(r0, r0, 0x7, 0xffffffffffffffff, 0x0)
r3 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'sit0\x00', <r4=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000080)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="3c000000680001000000000000000000020000000000000006000700020000000c000880080012000000000008000600f200000008000500", @ANYRES32=r4], 0x3c}}, 0x0)
ioctl$TCXONC(0xffffffffffffffff, 0x5608, 0x2)
syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0)

2.253390258s ago: executing program 4 (id=2543):
syz_open_pts(0xffffffffffffffff, 0x200002)
r0 = open(&(0x7f00009e1000)='./file0\x00', 0x8060, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0xb6, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_config_ext, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="4c0000001000010400"/19, @ANYRES32=0x0, @ANYBLOB="000000000000000008001f00030000000800200006000000140012800900010076657468"], 0x4c}}, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r2}, 0x10)
pipe2$9p(&(0x7f0000000100)={<r3=>0xffffffffffffffff}, 0x0)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x1, &(0x7f00000002c0)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000000540)={0x0, @in={{0x2, 0x4e22, @empty}}, 0xfffffffd, 0xfff, 0x2, 0x8, 0x10}, &(0x7f0000000600)=0x98)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0)
mount$9p_fd(0x0, &(0x7f0000000340)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
io_submit(0x0, 0x1, &(0x7f0000000380)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
write$binfmt_aout(r6, &(0x7f00000002c0)=ANY=[], 0xc1)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000005, 0x13, r6, 0x0)
getsockopt$inet_int(0xffffffffffffffff, 0x10d, 0xae, 0x0, &(0x7f00000000c0))
sendmsg$NFT_BATCH(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB="14000091a892f5424bb729b4e4a3171000010000000008000000000000000a14000003000000000000000005000007140000001100010000000000000000001520000a4a9f78fa1624f1526c96a19a6fddb887efd3b9a8b0e4cf32d44f575c92e73b82857a699e"], 0x3c}}, 0x0)
ioctl$TCSETSW2(r6, 0x402c542c, &(0x7f0000000000)={0x0, 0x53cc1305, 0x1, 0x796e, 0x40, "66342f0de28cd4caf484057ee36905f8b3f6ea", 0x6404b7f8})
socket$inet6_sctp(0xa, 0x5, 0x84)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r4, 0xc0502100, &(0x7f0000000140))

1.416332639s ago: executing program 3 (id=2555):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000440), r0)
r2 = socket$kcm(0x10, 0x2, 0x4)
r3 = socket$kcm(0x2, 0x6, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="4c0000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002c00128009000100626f6e64000000001c00028005001d00000000000500010004000000050015"], 0x4c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
sendmsg$inet(r3, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000280)="89000000130081ae08060cdc030000017f03e3f7000000006ee2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec00120c1f01400b080c00bdad01409bbc7a46e3988285dcdf12176679df069163ce955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0x0)
sendmsg$NLBL_CALIPSO_C_ADD(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="01000000000000000000017d0e01baca0a0816fdfd6c0ddd197748000000"], 0x14}}, 0x0)

1.379159123s ago: executing program 4 (id=2556):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xffd, 0x2}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f9ffffffb703000000080000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001640)=@newtaction={0xe68, 0x30, 0x871a15abc695fa3d, 0x0, 0x0, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{}, 0x9}, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x9}, {}, {}, {}, {}, {}, {0x2000000}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0xfffffffd}, {}, {}, {}, {}, {0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0xfff}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x10}, {}, {}, {0x0, 0x0, 0x0, 0x7fffffff}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe68}}, 0x0)

1.077415198s ago: executing program 4 (id=2557):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x5, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1}, 0x48)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r2}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @broadcast})

1.026381873s ago: executing program 3 (id=2558):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
fcntl$dupfd(r2, 0x0, r2)
r3 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x0, 0x11012, r3, 0x0)

1.011312954s ago: executing program 2 (id=2524):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffff"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$igmp6(0xa, 0x3, 0x2)
getsockopt$inet6_buf(r2, 0x29, 0x1b, &(0x7f0000000000)=""/144, &(0x7f0000000180)=0x90)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xc8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x101c0ca, &(0x7f0000000400)=ANY=[@ANYBLOB="73686f72746e616d653d6d697865642c666d61736b3d30303030303030303030303030303030303030303036362c696f636861727365743d69736f383835392d312c6572726f72733d636f6e74696e75652c756e695f786c6174653d302c696f636861727365743d61736369692c726f6469722c73686f72746e616d653d6d697865642c756e695f786c6174653d302c757466383d302c757466383d302c756e695f786c6174653d312c64656275672c756e695f786c6174653d312c666d61736b3d30303030303030303030303030303030303030303030332c6e6f63617365aec489af6ba9723d4b17106f6d47b9ade1c253d4e3b08066427cae9f41fd1e1dd25a22ec22ad6e8bf6f67e052de91b544f2f4541f87a0c0b36e8d444150b35c110bda57fe7a9c06ba087cc975447082aaf95213301f3e04b70ea67a8aa0d582ca1a9525dba7116d80f126f782a78428b878fc79c0be9ad98cb6950995e6edba78e5301e8c8e69cc85beceb8b54f84a84787815ef9a18f1fe1c81b4c1830102f7e3236e2533e486ecb46ee53991c5bfe6289a474582b2e57741fd8de78f42097851bee74d4201c7767e0e0f4b34523150639b1291441ad01f2f72ed3679d7bca0e8b4e0689f883196af0d0dfe7344f276c1b4bd333882cf7879248ad423e3f21cd0cae2309519f9d40df23cf05d9c8d8f9d07da771ea1e3bcd8478fb989f770da17f700000000000000"], 0x6, 0x2c0, &(0x7f0000000900)="$eJzs3U9rK1UUAPAz+TOJukgWrkRwQBeuHu+9rZsUeQ/ErnxkoS60+FqQJggtFKri2JVbNy78DILgB3HjNxDcCu6sUBiZyaRJ2pg2palof79Fe3vnnLlnboZ2WujJx6+O959nsXfy5a/R7SbRGMQgTpPoRyOmvo4Fg28DAPgvOy2K+KOYWCcviYju5soCADboej//W7PhT3dSFgCwQc/e/+Ddre3tJ+9lWTeejr85Gpa/2ZefJ8e39uLTGMVuPIxenEVUDwrtqJ4WyuHToijyVlbqxxvj/GhYZo4/+rk+/9bv9R8LSv3q4/nTRpX/zvaTR9nEXH5e1vFivf6gXP9x9OLl8+SF/MdL8mOYxpuvz9X/IHrxyyfxWYzieVXELP+rR1n2dvHdn198WJZX5if50bBTxc0UzTt8WQAAAAAAAAAAAAAAAAAAAAAA+J97UPfO6UTVv6ecqvvvNM/KL9qRTfUX+/NM8qetfRb6AxVFkVftcib9dR5mWVbUgbP8VrzSmm8sCAAAAAAAAAAAAAAAAAAAAPfX4fHn+zuj0e7BrQym3QBaEfHXs4ibnmcwN/NarA7u1GvujEaNergY05qfieY0JolYWUZ5Ebe0LVcNXrhUcz344cd1T9i9Oqa9fK3D4+ZNX6/84sz07trfSZbvYSemM9160e/TiFlMGtdcPf2nQ0Wsc/ulSw/11t6N9KVqkK+IiWRVYW/9Ntm5eia5eBVptatL09v1YC79wr1xrfs5upP0y98rEt06AAAAAAAAAAAAAAAAAABgo2b//bvk4MnK1EbR2VhZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCnZu//v8Ygj4h2fYIrgtM4OPyXLxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB74O8AAAD//0aWVl0=")
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000280)='./file0/../file0\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1000, 0x0)
mount$bind(&(0x7f0000000300)='./file0\x00', &(0x7f0000000000)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x112dd10, 0x0)
r3 = open(&(0x7f0000000a40)='./bus\x00', 0x141a42, 0x0)
sendfile(r3, 0xffffffffffffffff, 0x0, 0x100801700)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
close(r5)
recvmsg$unix(r4, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r7, &(0x7f0000000140), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r6, 0x0)
r8 = socket(0x22, 0x2, 0x2)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r8, 0x84, 0x1, 0x0, &(0x7f0000000180))

997.971865ms ago: executing program 3 (id=2559):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@minixdf}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x42, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00')
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
r2 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f0000000a80)=ANY=[@ANYBLOB="180000000000002000000000ff000000850000000f000000850000000500000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r3}, 0x10)
mmap(&(0x7f000045e000/0x3000)=nil, 0x3000, 0x27fffff, 0x4002011, 0xffffffffffffffff, 0x0)
fallocate(r2, 0x0, 0x0, 0x1001f0)
fallocate(r2, 0x3, 0x1000, 0x10000)
pread64(r1, &(0x7f0000004180)=""/4096, 0x1000, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r4 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r4, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x6700}], 0x1, 0x33000, 0x0, 0x0)
r5 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$sock_x25_SIOCADDRT(r5, 0x890b, 0x0)
nanosleep(0x0, 0x0)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000100)={r1, &(0x7f00000003c0)="49b3d6cb0689415c20514398e61a7e3484c63e222235d1dcb3d73f40f7b429a93872cdaf8ee3fe01123941d8ddee5d0b01eef908d22e5806f1d5ec9a4ad652ccf2b4cd5a330c525e40af05ab5fae0495c82676a49d60ff3aa1667edae957a2b9151710603434abcb56f507871f2c06c75670bcf01984a1244d09714e"}, 0x20)
pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000200)="df", 0x1}], 0x1, 0x800001, 0x0, 0x0)

960.096318ms ago: executing program 2 (id=2560):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@minixdf}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x42, 0x0)
capset(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00'}, 0x10)
r2 = socket(0x10, 0x3, 0x0)
sendto$inet6(r2, &(0x7f0000000000)="1c00000018002507b9409b14ffff00000204be04020506050e02040943", 0x1d, 0x0, 0x0, 0x0)
mmap(&(0x7f000045e000/0x3000)=nil, 0x3000, 0x27fffff, 0x4002011, r2, 0x0)
fallocate(0xffffffffffffffff, 0x3, 0x1000, 0x10000)
pread64(r1, &(0x7f0000004180)=""/4096, 0x1000, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r3, 0x0, 0x80, &(0x7f0000000880)=@nat={'nat\x00', 0x19, 0x2, 0x348, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x2, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000021000000000000000000000000000000000000000000000000ffffffff0000000000000000100000000000000000000000000000000000000000000000000000000400000000000000ffffffff0000000000000000000000000000000000000000000000000040000000000000000000000000000000000000ffffffff020000000300000000000000ffff0000000000000000000000000000000062726983676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000d8010000d801000010020000636f6d6d656e7400000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000003f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073746174697374696300000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa000000ffffffff000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e3000e575dd73000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a8000000736e61740000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa000000edffffff00000000"]}, 0x3bf)
ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r4 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r4, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x6700}], 0x1, 0x33000, 0x0, 0x0)
r5 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$sock_x25_SIOCADDRT(r5, 0x890b, 0x0)
nanosleep(0x0, 0x0)
pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000200)="df", 0x1}], 0x1, 0x800001, 0x0, 0x0)

942.21394ms ago: executing program 4 (id=2561):
openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x1, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0xb3, 0x7f}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r4, &(0x7f00000001c0), &(0x7f0000000040)=@tcp, 0x3}, 0x20)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_MON_PEER_GET(r5, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000140)={0x14, r6, 0x5de21d485e277b3, 0x0, 0x0, {0x6}}, 0x14}}, 0x0)

703.74005ms ago: executing program 3 (id=2565):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@minixdf}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x42, 0x0)
capset(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00')
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
r2 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f0000000a80)=ANY=[@ANYBLOB="180000000000002000000000ff000000850000000f000000850000000500000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r3}, 0x10)
r4 = socket(0x10, 0x3, 0x0)
sendto$inet6(r4, &(0x7f0000000000)="1c00000018002507b9409b14ffff00000204be04020506050e02040943", 0x1d, 0x0, 0x0, 0x0)
fallocate(r2, 0x0, 0x0, 0x1001f0)
fallocate(r2, 0x3, 0x1000, 0x10000)
pread64(r1, &(0x7f0000004180)=""/4096, 0x1000, 0x0)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r5, 0x0, 0x80, 0x0, 0x3c0)
ioctl$EXT4_IOC_CLEAR_ES_CACHE(r2, 0x6628)
pwritev2(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x6700}], 0x1, 0x33000, 0x0, 0x0)
r6 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$sock_x25_SIOCADDRT(r6, 0x890b, 0x0)
nanosleep(0x0, 0x0)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000100)={r1, &(0x7f00000003c0)="49b3d6cb0689415c20514398e61a7e3484c63e222235d1dcb3d73f40f7b429a93872cdaf8ee3fe01123941d8ddee5d0b01eef908d22e5806f1d5ec9a4ad652ccf2b4cd5a330c525e40af05ab5fae0495c82676a49d60ff3aa1667edae957a2b9151710603434abcb56f507871f2c06c75670bcf01984a1244d09714e582c298e371e3e31b6064a219f20b5fbe3676cb965a81dbeefb3d13708e91ad97c4ca793b439f44f2866ff7a9b421111a428f80436641c0bb5942e700242ca97abc821238ba439b72135d281d2e3c0f015f08fd4f8bbeaa22df17a98bbdbacfc41ac9b0c4789345ed2e1230b096dd4beafa7ec9031bc5885ce0f5b8a"}, 0x20)
pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000200)="df", 0x1}], 0x1, 0x800001, 0x0, 0x0)

637.447786ms ago: executing program 1 (id=2566):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_int(r1, &(0x7f0000001180)='cpuset.sched_relax_domain_level\x00', 0x2, 0x0)
write$cgroup_int(r2, 0x0, 0x0)
openat$cgroup_devices(r1, &(0x7f0000000400)='devices.deny\x00', 0x2, 0x0)
fsetxattr(r1, &(0x7f0000000080)=@known='user.incfs.id\x00', &(0x7f0000000240)='kfree\x00', 0x6, 0x3)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r0, &(0x7f00000003c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x1008000}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x30, r3, 0x4, 0x70bd2a, 0x25dfdbfb, {{}, {}, {0x14, 0x14, 'broadcast-link\x00'}}, [""]}, 0x30}, 0x1, 0x0, 0x0, 0x4000058}, 0x81)

564.490042ms ago: executing program 1 (id=2567):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000ffffffff000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r1)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r2, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000240)={@local, @dev, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2}}}}}}, 0x0)

564.002782ms ago: executing program 1 (id=2568):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000070"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
fcntl$dupfd(r2, 0x0, r2)
r3 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x0, 0x11012, r3, 0x0)

528.143225ms ago: executing program 3 (id=2569):
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r1, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r2}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="240000006800b9f900000000000200000a00000000000000080001000200000004000b"], 0x24}}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r4=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x5, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', r4}, 0x48)

498.624068ms ago: executing program 1 (id=2570):
prlimit64(0x0, 0xf, &(0x7f0000000140)={0x0, 0xffffffffffffffff}, 0x0)
timer_create(0x3, 0x0, &(0x7f0000000200))
r0 = socket(0x1000000010, 0x80002, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
getsockname(r1, &(0x7f00000014c0)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000001540)=0x80)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_REALDEV_NAME_CMD(r0, 0x8982, &(0x7f0000000000)={0x8, 'veth1_to_bond\x00', {'wlan0\x00'}, 0x1a})
r2 = syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00')
r3 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
dup3(r3, r2, 0x0)
r4 = socket(0x26, 0x800000003, 0x5004685e)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0xd, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000080000000000000000000000180900002020702500000000002020207b1af8ff00000000bda004000000000007000000f8ffffffb702000008000000b7030000000004002500f8ff0600000095"], &(0x7f0000000040)='syzkaller\x00'}, 0x90)
ioctl$sock_SIOCGIFBR(r4, 0x8940, &(0x7f0000000100)=@generic={0x3, 0x1, 0x9})
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000340)={'batadv_slave_1\x00'})
socket(0x10, 0x80002, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
r6 = syz_open_dev$usbfs(&(0x7f0000000000), 0xd7, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$nfc(0x0, 0xffffffffffffffff)
r7 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000200), 0xf000)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r7, 0x0)
r8 = socket$inet_dccp(0x2, 0x6, 0x0)
getsockopt$inet_int(r8, 0x10d, 0xdf, 0x0, &(0x7f00000000c0))
mmap$usbfs(&(0x7f0000ff6000/0x3000)=nil, 0x3000, 0x0, 0x13, r6, 0x0)
r9 = socket(0x400000000010, 0x3, 0x0)
write(r9, &(0x7f0000000040)="1c00000019002551075c0165ff0ffc02802000030004000500e1000c", 0x1c)
mremap(&(0x7f0000ff6000/0x3000)=nil, 0x3000, 0x3000, 0x3, &(0x7f0000ffd000/0x3000)=nil)
mincore(&(0x7f0000fff000/0x1000)=nil, 0x1000, &(0x7f0000000040)=""/70)

449.837582ms ago: executing program 3 (id=2571):
syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r2, @ANYBLOB="0000000000000000b70200001400a685b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000040)="fb", 0x1}], 0x1}, 0x0)
recvmsg(0xffffffffffffffff, &(0x7f0000000b00)={0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000000)=""/60, 0x3c}], 0x1}, 0x0)
ioctl$TIOCL_GETMOUSEREPORTING(r0, 0x5412, &(0x7f00000000c0)=0x13)
write$binfmt_misc(r0, &(0x7f0000000240)=ANY=[], 0xfffffecc)
r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
dup(0xffffffffffffffff)
ioctl$USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0185500, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)=ANY=[@ANYBLOB="2000000069000b00000000000c0000000000000000000000080001"], 0x20}}, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="4400000010000104000004000000", @ANYRES32=0x0], 0x44}}, 0x40000)

448.609902ms ago: executing program 1 (id=2572):
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r1, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000067dfb4a518110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000060000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r2}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="240000006800b9f900000000000200000a00000000000000080001000200000004000b"], 0x24}}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r4=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x5, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', r4}, 0x48)

240.43425ms ago: executing program 1 (id=2573):
sendmsg$FOU_CMD_DEL(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="08002cbd7000fcdb0000050002000000000014000700fce858b37bd44ed8ec0000000000000006000a004e2200000500030033000000000000007caffde9d5f51f59695b8ac0baaca76729a5a64d0b2a3de02b19a989db0ff65525b09e04ec560c468b92ca79d168e8bf5732b561858946a34f53ee1812e3d5c780171fbfb170d27e29fa1e106d2f07c8a98688aa5f3826c4120da9e0988b115af323e5ad8cb5f1ae4fca65f768c9f5e6cef7d976a6ed9df852bb70443a8ed0361b2775a15d2168b4b44f2fa29b941fe628538be7ee81a74854e36e9e783b1713b6a2b57c679836ad3aec50f3d5831ec21b262c87"], 0x40}, 0x1, 0x0, 0x0, 0x1}, 0x20000000)
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000e40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3575], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000b40)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
io_setup(0x3fe, &(0x7f0000000100)=<r3=>0x0)
io_getevents(r3, 0x1, 0x1, &(0x7f0000004600)=[{}], 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
r5 = openat$incfs(0xffffffffffffffff, &(0x7f00000001c0)='.pending_reads\x00', 0x802, 0x188)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r6 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r6, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r6, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000200)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0, 0x2c}, &(0x7f00000006c0)=[{&(0x7f0000000100)=""/44, 0x2c}], 0x1}}, @rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f00000004c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1}}], 0x90}, 0x0)
recvmsg$can_bcm(r5, &(0x7f00000004c0)={&(0x7f0000000280)=@l2tp6={0xa, 0x0, 0x0, @local}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000300)=""/81, 0x51}, {&(0x7f00000003c0)=""/93, 0x5d}], 0x2, &(0x7f0000000440)=""/121, 0x79}, 0x20000003)
bind$unix(r4, &(0x7f0000003000)=@file={0x1}, 0x6e)
r7 = fcntl$dupfd(r4, 0x0, r1)
listen(r7, 0xa0f)
perf_event_open(&(0x7f0000000000)={0x1, 0xffffffffffffffc0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xfffffffc, 0x0, @perf_bp={&(0x7f0000000080), 0x8}, 0x10848a, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(r5, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000005c0)={0x68, r8, 0x100, 0x70bd25, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x6, 0x53}}}}, [@NL80211_ATTR_BANDS={0x8, 0xef, 0x9}, @NL80211_ATTR_NAN_MASTER_PREF={0x5}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0xbe}, @NL80211_ATTR_BANDS={0x8, 0xef, 0xf}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x5}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x2}, @NL80211_ATTR_BANDS={0x8, 0xef, 0xb}, @NL80211_ATTR_NAN_MASTER_PREF={0x5}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x9}]}, 0x68}, 0x1, 0x0, 0x0, 0xc040}, 0x10)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
sendto$inet(r0, &(0x7f0000000300)="ab", 0x1, 0x0, &(0x7f0000000380)={0x2, 0x4e22, @local}, 0x10)
sendmsg$inet_sctp(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000680)='0', 0x1}], 0x1, &(0x7f0000000180)=ANY=[@ANYBLOB="20000000000000008400000002000000840041000000000000000000", @ANYRES32=r0, @ANYBLOB='0'], 0x50}, 0x0)

168.619516ms ago: executing program 0 (id=2526):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r0=>0xffffffffffffffff, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000540)=ANY=[@ANYBLOB="38010000100003000000000000000000fe80000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000002318bfdd8e5784", @ANYRES32=0x0, @ANYRES8=<r2=>r0, @ANYBLOB="000000600000000000000000000000000000000033000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020001000000000000000000480001006d643500"/237], 0x138}}, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000001a40)=ANY=[@ANYRESDEC, @ANYRESHEX=r2, @ANYRES32, @ANYRES8=r0, @ANYRES8=0x0, @ANYRESDEC=r3, @ANYBLOB="8ae13f337804cd791950ddb39ba7b767ed218fffd5b81e73d9e6f9d96d4d2020f3a0c4fa52ef1696f4909048049060eab678f8f30d3fc497e5cd9a3448b4441d6a243fb6f010c6bc723a131f74beed2dc3d49ec6222d9990bc3a0249c33659f65a01cbfc79e251848f54f4f68434866e521afdfcd7e5a518b463c75ed6819f8621818c46ac40f2813983ebde2fe03763e429131d6aae7adda6d12c54c122c8a1c12e16e079f6d7203b17058cba35b8877b0ffc7b75dd163355ec1a0c795088012fa179001575728191a6b070df4b4524c80fe6da174cde422cd20884286a312dc9b40fb6461b39cef648843a1d6c64ca93d328c2212606887c68a803efb13ea4d5e7eaa887e0a9e9479122555862a856c376ecaab3132536ea9d039a86a21cf0c738f84b73572b17fddafdfe0797f93bc0dc270d9b11fe632352ef8485608094923f0ca98d17e1aa2ea98bbf44325b028d3a3743d8b018a9fdee4acf12a0b8b78ce41a6572b9d19136b7079ed34ef39c2c6ace6d470420a47fa84a2aa37299cb52da9b93670dc232f33e1d1d1efc33b5053f2c451449dd7096530df2205a0a0d87f3d78d34280aaafb02680cab4f95c3f70be738d728a1c4a874a791c275148f0cefeceb626db1c6a0f657bd8399442f50598400c599ecd3c2390236c915fb2ddeac63b11a6c09c7aff566b6c13255d888b388e74e0f36c2c6bf8a5cafdc78637fb6cea7cf2bdca3b19df2be8da00d8738fbeb709444c48aa3397c35445132319a094489a665cd561e7a3a448a2206a7fd507ca2833294ab6ee3bfc18083a2d6db37a4e6f3ce009d11389d7ee6c8b7afb6d5d936d740efb5ca8486d88fbf7ae6e3cd6eaf48a62932f9dba2e677c907a5d81ce3f01d912cab772f9074ecf36fe73df164215c5d9a14350ff04ebb045c50444acda8d32ba4a8ff8d7266d262199dd945f51d55db064faaa97281b10d88cde126b9fabaceb9c7e4fd4b2b420446f0c5c308611a29ac30199d6a2bc549e466a909ecc4d10786662968552e3f221f65b0dda03040b81b2556ad1831160079e057f1cacd5f954ab099dc4928d989d317069f9401dd252f72d9cc4b45916764f4727b314384e65e3190cba96c0e15a23d29b1fb01e507c6553154aa5b808975fa4080e35cd585a8fa2826fe63aebc50cf5b0d06c2bdbc008af4f31ddc2ee54d36aa04fac50df9577d05b93b8d2f246c8c97a17d611681293747ecd9de3a38163d5cd07721c36edc14cffd76288893baceded068564749a92a85752d980ce62f2fc364ff00325ac0be66249476af3c98ef9051f35bc0b5d6d3528b4db7982e65a7d71189cdcd6e84043ef57985226ac414b1fb8c2cb48c5fef7eec9b1f7936a0735a94304f653bce2bd863c80e9e5f153640459d53d1933979a44786732a72d825a4dc22b47a1d28b27864a0388c200e00d32f7efff66a3f45b201e8f4776e4dcb22eed86b2a7eead8e6815d0ebaa5f671e45f6693b136adff28e7892d055245f297aeb1c19bd2da888f348a74717cb754a7a332fec8df4c58ef8fddc0950494d883e3f554d2f37fc74a7e4fccb9a748cdec78accaf0e99d081af777c92e3daca488831112a5db0ccc71c4221e306c69b147a0591d8790c4fb8e0a42004a8f3ab71f5a72eb89dcf5170d4437ae1baebd0b67684bf2ce32f7d2f704a37b3e66ec4fc46a87cb9cb06ba157d863dc771314497446c1d273f6a07edfe0dbf04e2a109c3194eba9bde137d71e0f618812e81dde64bfb58dad004f033bc9b28312fab059800eed717f763c390716ad59d6440fb26a9afa788f806dd25bebe6524514eeef268d2939ceaf322342fe2c2bf8bd5e128e2b4ff395d7af037650ad23589e0ba07ad023389b389cd7677d15c95024b8f5d037def279b6f73035a766a175ea5d0f4672719293128fe53439b7b649691c9b7817e5d27a0265599396c3e0341e9bbb481ebc31b04f1b2ed4c46386dfd07ad5558484f7196c303d211b1fa3a8a667aa322bfc2fa2308bed218d6df1bd9a5e96c5251d2fa88a67e90b2b21659469e5670f612d58ec25affd8b3391d2a0aaf283f042cb9e4dc5e7b38d31b69d148e517119ec678440500b6f7c5509648408f9ee6d99eb33f3660bbc4c4ca76d6e4218e14363c0e7e76ebfb628d04061bfabe940aa746aae2756498ec454ce46873cece7c3f467c7e61485abc8d57108bc0a299febb2b9dec52e9eb010de1da6619930b9a7be7ab52e630388673e5f4b826dd54ce51824f5ccd5b1401eeef1403c28495dd2f2eb5910a2697095d6e0f2c183ea303ec47267fcd25742e71c2d2f2597343f8a5083105165da4cdaf1a57e852a8f801aafb26e675d4e44165df269d824c3128307451fc9f4f4c071ab8f902060fa0e4d6429c50eef887a7cff4d02f65173e17abb7aef232751b1685af8db0ddd36d1e0bc2b1e428a2dcaf503fcbf104c4f7b060254717959925877b050e70a7e3f98127209ee15054c9a79bf5654f3bec01849e085750fe97e190183fbc21c2b4d7f498e568e1adf40b6bbcb4b7ec7abfbaeaa313f065e92f7a166283146599c85602d85c6dbbe8692648ba3c5bf32cca75a34d75c77bffc05bdc07166308e7f7895795c4b27b57e663f5119c1724633c6565bd389a36b080fb957cc47c8854cdbb4f7cc6b7bda7d74c55c7b282607af7311bd68fe40162ef69a40134826ec83a9c36ad94318e80068509d8814fd1d91ca0a503de74da60434b6c12c27428d9119934962fabfd6c0242a68d84c057a7d6f4181bff6bcd89dd5bcb334b5976c12edecf9608df4f18980e5482c3a2cf9a8987ff09deddc6e5eb8018f5989db908b22a5ff8af96edda997b3749654f88d712871c30fa1ac1fa0f36d27e7b013ef5255863e670f2dff77d2894423e9902b01935de077e642b3caddcbe94d9deb29ba2eebf075d08dcc464585d31dc546d4aa0d9e4c9509072cc9f60fba950849c82bbb14f4200b50decbb9520967ded572a761bbf83944339674358e0f917a801e307471cac681b0f9b596d30e2612cf0471339ea85f94518f5f293d9acd84e530304f5fc37746c36eb4df07785ebaa9c01d3d5181e58f727beb88d08efcd3976af2deaf227433b323584453a5b36c636bd7eeec8635bc0a623f31ba0048ca0e8865adae05f326f38f30dfbcd9e163da2ea051773d7c71df59ccd55bd6edaac0568929b32ea20b553abda2ce5f81c262ff539da6ad45a9c262d16a095f04277459888076d6ecd4b09ca71b706d75e9a6656334d041b856335550293be43cfef66d62d373190c9629cce095d2cfe50cae37793535ed44e749e65e9fbc352304d0c41442201156841f0d786370ce11e9fc08894405f57a951b395ce4bbd60529fa01c026ab494fc75e13d62bf0595a10422c19de1ea309cce043f156fdfc3f6c6b6c89d261246f3a52d822c4b5e05f8db7b2d78b843620ee05c074719f78df8f492938b3b7adcd0d44f0e12bdae9506f19ca31483a83ab189ebc32119c1fed7bf2af468be5b9f1b09688d6048d35296ed1befc766b1604333d2186ca20d02107505ed863bc51809459e0c21d72e3eaebc75221937af116f0b2596e7364fa87c44ff319e7e609a7057f8387fcd2e1ac09a1f1c8c90135cda9ac4d7164cfa4220d56b9534f2d30cfad48bcd63571671f68f89f06e1c31007e8048785e2242b58c09d395a1e35bfe7b3c4f37e1213538a1c9242ec86062fb303a3c000e68b577e25d84e5e10826c04a894920ce629debf9555fc941d062230917b29f0a2143df7453afc5b05ce947397992788762a1ac285411579281ef62e77671bcf317f4ae9a956e36dec80a54170ccd17ac67b0656b401f08bf3acf0f101a3b925703a6c64d18d493ea31200055c125353061fc231bc7f64e3e534454d433ff6b1139e5bba0e9f020e5b3ae25cc8a2f2018e437e8acbc86e9c29e5a1e0f30f456992ab6fb68156ba30d1b5ee24ca130a9ec2191767ea3026e2056d1bc5b267beb542fc1bacbb92079f76cff45cc039dc2d2d3db008fd3cf60bca8ca9a2af071491310b5f11dfbf81c8b910661c5c22c12a5342a6eebabff0d600cb7a69a916955d8872177afe751bc2635cf203639f4bdb70530141258b3b832e523bc338fde5bb47ca65dcb603b8cf073612b9595e5cbec371fa4aa57db33290f3137bbd7df8c645ac4d1f924955589939757a4d84e07f40ff9033e5b2e02772e1fa3a5daa29b5359c813051b5c116363dfbb850157ae515ca957ca6fda6285d471ccde59f03aa50025f2e9d2809364509a37f9f1b61ba66f4fee871c0768d93925ad062881664a006220dd3f5002153d7b3af25e3f170437cfcded04c88026a546107c286451c3ae106925a9a77b2c8be5ecc5c3b3ec3427826897d798e7d0b8cd3289ae2c0a74dfe5fb8585c145ac81c0d3efb8fca310414f64bd932e11442ab2756ceb591358e4ec96b3daed9d7bc097380e92d9e91306a1e211cf03ee5c4982a9cb0b110afaa15760e97dfde8bb05f21e80bf4d41b2dafe9ced556099a93183dfbbde1e33ee3eec9bae7ded8d1684fdac63fb0fc0ad999366ab2d436dc5ec8ed781e0d85c60a987eb60c3410f0aadfe6a3cfefb60fde135c16864d4adf1d596d8c3379051cf953c1dbb6a358acf6f2bab3660d287ad46bc4e46fb3a231543b381be7bbeb933ab1dea83f542e630e38d4cb9d3302dcdfa75dd70fc380f4cd43c8b552df0962abb0e1cd6c1a8b2b156b5abe1916da4b3cfc13c311be7e5de60d0ba10b52ed52619e3234288088eab7ede99bca8ce34eeacc882a81c7f83e406afc004e41f95ddd74cb78a19362b2ca31cff16ad953534ea5b6b49b6490de45d8cf26e7a7e2e08e4b16d9b32390b4b5b8f5ead68dde3eed5b1d744a8eeaa9175a01d1f0208605278dc1c98d561fc3aaf9359a1d7f0b378189dc847ad8b5d89de2b884ddd50e847cf11335e0ce97993951cc511769e9f51a0bd9a34147b73f42e5a21ea1b4abfeda44ef131a3e1d52153012c6eb8f37c88ef39e67586ad6e89f096d77315ed36e26228b562ec50b3c6bcab6859fc73a2b92cae5c45a1f7ca14509723176c6e9377961d8af8dd1dab731c9fc18caccc41f2c402c87ca1342e97232383f5d1dc02a4e9b2bb0ec1bf4c3678a8dabbd6d0d53475f87a4f59f0e1b7c12be4c24e1f084550dda5c1f82e84c15f41921e43fb13dd9da529cc52996cd072c399278aff58e355538104f1317589da3a42b61256a2558b4d4945342a19b4189e18fcc97342c3c4c1476d05fe9b3c52599fd60ba528b1a1dd89afb6f6b626ed150044faeb599864bf51a3253b072e21163a1b27b673eef9b1230261eb35b3263ee7c022818940b911a718320d2689e64cead1375cfd9aec413c56923d8b06a532bd0a7cfce1ab758ae8546303c3e3879d0ad282e69ac075d8c3e2b65a26a055842d493248e45c31081f1f86b0f26802cac42212dd6c84ad6785efcd7b0f7109e562f92cfe9bd72ee1be32b22bf38db2de59f4d86979596127f9b638f4c49ff9fa57467a90147052507c6f924031c5351de5c7f27bdd02cb2e5e91fa076b690dea96b00eda15cedbaa7beb65054ab3861ea52a852fb318a481849cece70fd65a945b07e4e78ccc38ae9fd14db2c59892b25ac1bb0e51ff8c476953dc99d2a1dc126e73e5a1730ffe696792e5e2136933ec3badda302033e3cff907fc332f54ab1374a49945bf5890574c553b6d26814274dc509e16605f0290564006dcaeac3a035bece9a7af6666f8ea11b88e783aaa0", @ANYRESHEX=r0, @ANYRES16=r0, @ANYRES64=r3], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x7c)
io_setup(0x3, &(0x7f0000000180))
eventfd(0x0)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000000000))
r5 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
readv(r5, &(0x7f00000018c0)=[{&(0x7f0000000840)=""/4096, 0x1000}], 0x1)
sendto(0xffffffffffffffff, &(0x7f0000001900)="b67f17f479be0ec94c69d04dac004bd47322981ab11937aaee8cd39197c4bbd25e28bb650dfec9b1c76a7f1b871088ef693219afe7cb2787bad0a2c8e7121c265611d30d78e13b09396b4e6b362710b0e1361b6104de50cdcf13c4bd18b5030503a0ba2cbd193fd80124c4c48444f900b4d9baba8eb6d5a26126941e7d508f542837fc0ffe445ef415be03326e558114dfbc9bc40bfad0d12b3c66d31fedda8c53928b6e0e3a1fd18a546a0c8cb4a920f95593c60d6b3a82d20cfe83a622d83ca12dd24eb3d45fb048f310e12204168fad133d98f422d7f70e5dbda8409407fb03aa2f034f131c8fe4e2b1f9dde1760e2348926b6367454cc6f75c167b537d9adb57a15002c9ed287274cf3bc9d679767323e2", 0x113, 0x4080, &(0x7f00000001c0)=@l2tp6={0xa, 0x0, 0x49, @private0={0xfc, 0x0, '\x00', 0x1}, 0x4, 0x1}, 0x80)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x2, 0x4, 0x9755, 0xbf22, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x10000000}, 0x48)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xd, 0x69, 0x4, 0x5, 0x0, r6}, 0x48)
rseq(&(0x7f0000000400), 0x20, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r7}, &(0x7f0000000080), &(0x7f00000000c0)=r6}, 0x20)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r8 = socket(0x1e, 0x4, 0x0)
recvmmsg(r8, &(0x7f0000006000)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f00000007c0)=""/242, 0xf2}], 0x1, &(0x7f00000004c0)=""/75, 0x4b}}], 0x1, 0x0, 0x0)
sendmsg$tipc(r8, &(0x7f0000000000)={&(0x7f0000000200)=@id={0x1e, 0x3, 0x3, {0x4e20}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r9 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r10 = fcntl$dupfd(r9, 0x0, r9)
write$sndseq(r10, &(0x7f0000000180)=[{0x0, 0x1, 0x0, 0x0, @tick, {}, {0xfe}, @raw32}, {0x0, 0x2, 0x0, 0x0, @time, {}, {}, @quote}], 0x38)
ioctl$SG_GET_REQUEST_TABLE(r10, 0x2275, &(0x7f00000018c0))

436.72µs ago: executing program 4 (id=2574):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffff"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$igmp6(0xa, 0x3, 0x2)
getsockopt$inet6_buf(r2, 0x29, 0x1b, &(0x7f0000000000)=""/144, &(0x7f0000000180)=0x90)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xc8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x101c0ca, &(0x7f0000000400)=ANY=[@ANYBLOB="73686f72746e616d653d6d697865642c666d61736b3d30303030303030303030303030303030303030303036362c696f636861727365743d69736f383835392d312c6572726f72733d636f6e74696e75652c756e695f786c6174653d302c696f636861727365743d61736369692c726f6469722c73686f72746e616d653d6d697865642c756e695f786c6174653d302c757466383d302c757466383d302c756e695f786c6174653d312c64656275672c756e695f786c6174653d312c666d61736b3d30303030303030303030303030303030303030303030332c6e6f63617365aec489af6ba9723d4b17106f6d47b9ade1c253d4e3b08066427cae9f41fd1e1dd25a22ec22ad6e8bf6f67e052de91b544f2f4541f87a0c0b36e8d444150b35c110bda57fe7a9c06ba087cc975447082aaf95213301f3e04b70ea67a8aa0d582ca1a9525dba7116d80f126f782a78428b878fc79c0be9ad98cb6950995e6edba78e5301e8c8e69cc85beceb8b54f84a84787815ef9a18f1fe1c81b4c1830102f7e3236e2533e486ecb46ee53991c5bfe6289a474582b2e57741fd8de78f42097851bee74d4201c7767e0e0f4b34523150639b1291441ad01f2f72ed3679d7bca0e8b4e0689f883196af0d0dfe7344f276c1b4bd333882cf7879248ad423e3f21cd0cae2309519f9d40df23cf05d9c8d8f9d07da771ea1e3bcd8478fb989f770da17f700000000000000"], 0x6, 0x2c0, &(0x7f0000000900)="$eJzs3U9rK1UUAPAz+TOJukgWrkRwQBeuHu+9rZsUeQ/ErnxkoS60+FqQJggtFKri2JVbNy78DILgB3HjNxDcCu6sUBiZyaRJ2pg2palof79Fe3vnnLlnboZ2WujJx6+O959nsXfy5a/R7SbRGMQgTpPoRyOmvo4Fg28DAPgvOy2K+KOYWCcviYju5soCADboej//W7PhT3dSFgCwQc/e/+Ddre3tJ+9lWTeejr85Gpa/2ZefJ8e39uLTGMVuPIxenEVUDwrtqJ4WyuHToijyVlbqxxvj/GhYZo4/+rk+/9bv9R8LSv3q4/nTRpX/zvaTR9nEXH5e1vFivf6gXP9x9OLl8+SF/MdL8mOYxpuvz9X/IHrxyyfxWYzieVXELP+rR1n2dvHdn198WJZX5if50bBTxc0UzTt8WQAAAAAAAAAAAAAAAAAAAAAA+J97UPfO6UTVv6ecqvvvNM/KL9qRTfUX+/NM8qetfRb6AxVFkVftcib9dR5mWVbUgbP8VrzSmm8sCAAAAAAAAAAAAAAAAAAAAPfX4fHn+zuj0e7BrQym3QBaEfHXs4ibnmcwN/NarA7u1GvujEaNergY05qfieY0JolYWUZ5Ebe0LVcNXrhUcz344cd1T9i9Oqa9fK3D4+ZNX6/84sz07trfSZbvYSemM9160e/TiFlMGtdcPf2nQ0Wsc/ulSw/11t6N9KVqkK+IiWRVYW/9Ntm5eia5eBVptatL09v1YC79wr1xrfs5upP0y98rEt06AAAAAAAAAAAAAAAAAABgo2b//bvk4MnK1EbR2VhZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCnZu//v8Ygj4h2fYIrgtM4OPyXLxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB74O8AAAD//0aWVl0=")
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000280)='./file0/../file0\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1000, 0x0)
mount$bind(&(0x7f0000000300)='./file0\x00', &(0x7f0000000000)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x112dd10, 0x0)
r3 = open(&(0x7f0000000a40)='./bus\x00', 0x141a42, 0x0)
sendfile(r3, 0xffffffffffffffff, 0x0, 0x100801700)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
close(r5)
recvmsg$unix(r4, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r7, &(0x7f0000000140), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r6, 0x0)
r8 = socket(0x22, 0x2, 0x2)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r8, 0x84, 0x1, 0x0, &(0x7f0000000180))

0s ago: executing program 4 (id=2575):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff15, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10)
syz_mount_image$msdos(&(0x7f00000000c0), &(0x7f0000000200)='./file0\x00', 0x10814, &(0x7f0000000cc0)=ANY=[@ANYBLOB='umask=00000000000000000000000,flush,nodots,dots,gid=', @ANYRESHEX, @ANYBLOB="00006b746769643d0092", @ANYRESOCT, @ANYBLOB="1500bba7d41fabba4332de3ca642acf6f8de847e3f21783608008708a887d30aaf0a14b0691d48445fe3b4d1ddde1b81337b2c3b5f88535d7f6fa931b84783704494cebe49ca9f6269b05edde0246c360d0566b4056f0f02ccab035d3d0a5cde0b31bd424949fe23c0a0a25691738006c5c6acdf101fecdb4f79abdfb95c6afaea03dd5903b5240565f31504c207a9a2aa6c8108fb973081e90412a3c6cfa3b2513693727fad9acd8108acb8b90fab033c9dac0dc3e5a61c513e7b5edc5d76320f0e54045ea2b7b8fb1f78d3d346e26ee5ed6926cea1ffe0a1", @ANYRESOCT], 0x1, 0x1fa, &(0x7f0000000500)="$eJzs2zFrE2EYB/Dn2rRe7GAHJ1E4cHEK6icwSAUxIEQy6GSgurQipEsUxH4eZz+EX8alg2SLXO5om2sLjWdyEn8/ON6H/O/guSF53uHN27sfDvY/Hr3f+nISaZLFRsSTmETs5lUpKdd0Vm/HnCTq+FXraQDgj/T7w27TPbBco1F3eDsidi4kg2+NNAQAAAAAAAAAAEBti5z/34j4Wj3/f7zifgGA+pz/X1/tch2NusN7xf6twvl/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDmT6fTWNL/Sci2vGxGRRkQ7Im5GRCsi8s+b7hcAqG8ynZ/7V83/iEgiwvwHgDXw6vWbF91eb6+fZWnEz+PxYDwo1iJ/9ry39zCb2T176mQ8Hmye5o+KPJvPt2b7hjx/fGm+HQ/uF3mePX3Zq+Q7sb/81weA/1InO3Vuvm+WV0Snc1mez+eiOrc/qMzvVtxprew1AIAFHH36fDA8PHw3+utFsthT7bKhq+/53lpWq4prFT+Sf6INRd0ivc7NDf8wAUt39qWvJmkzDQEAAAAAAAAAAAAAABes4i9HTb8jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADr53cAAAD//8h6UUs=")

kernel console output (not intermixed with test programs):

n (100), value rounded to 0 ms
[  177.902939][T10171]  dump_stack+0x15/0x20
[  177.907212][T10171]  should_fail_ex+0x229/0x230
[  177.911933][T10171]  ? vm_area_dup+0x98/0x130
[  177.912926][T10177] loop1: detected capacity change from 0 to 2048
[  177.916483][T10171]  should_failslab+0x8f/0xb0
[  177.916528][T10171]  kmem_cache_alloc_noprof+0x4c/0x290
[  177.916563][T10171]  vm_area_dup+0x98/0x130
[  177.916587][T10171]  __split_vma+0xf7/0x690
[  177.926501][T10177] msdos: Unknown parameter 'sys_enter'
[  177.927591][T10171]  do_vmi_align_munmap+0x1a5/0xa60
[  177.952557][T10171]  do_vmi_munmap+0x1fb/0x250
[  177.957206][T10171]  do_munmap+0x7a/0xb0
[  177.961367][T10171]  __se_sys_mremap+0xabc/0xf20
[  177.962200][T10181] loop1: detected capacity change from 0 to 512
[  177.966205][T10171]  ? bpf_trace_run2+0x123/0x1d0
[  177.977347][T10171]  __x64_sys_mremap+0x67/0x80
[  177.980152][T10181] ext4 filesystem being mounted at /45/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  177.982094][T10171]  x64_sys_call+0x2747/0x2d60
[  177.997096][T10171]  do_syscall_64+0xc9/0x1c0
[  178.001625][T10171]  ? clear_bhb_loop+0x55/0xb0
[  178.006325][T10171]  ? clear_bhb_loop+0x55/0xb0
[  178.011093][T10171]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  178.017097][T10171] RIP: 0033:0x7f09339c9ef9
[  178.021590][T10171] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  178.041253][T10171] RSP: 002b:00007f0932647038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019
[  178.049855][T10171] RAX: ffffffffffffffda RBX: 00007f0933b65f80 RCX: 00007f09339c9ef9
[  178.057839][T10171] RDX: 0000000000200000 RSI: 0000000000600600 RDI: 0000000020000000
[  178.065914][T10171] RBP: 00007f0932647090 R08: 0000000020a00000 R09: 0000000000000000
[  178.073957][T10171] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001
[  178.081930][T10171] R13: 0000000000000000 R14: 00007f0933b65f80 R15: 00007ffe5d4a53e8
[  178.089913][T10171]  </TASK>
[  178.095222][ T3335] tipc: Node number set to 2886997007
[  178.118879][T10187] netlink: 44 bytes leftover after parsing attributes in process `syz.3.2052'.
[  178.178352][T10193] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2054'.
[  178.231068][T10195] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2055'.
[  178.258329][T10195] loop4: detected capacity change from 0 to 128
[  178.264835][T10195] vfat: Unknown parameter '0000000000000000000000001777777777777777777777ÿ'
[  178.307676][T10204] loop4: detected capacity change from 0 to 512
[  178.318935][T10204] ext4 filesystem being mounted at /88/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  178.369557][T10209] bond3: entered allmulticast mode
[  178.380820][T10209] 8021q: adding VLAN 0 to HW filter on device batadv1
[  178.388597][T10209] batadv1: entered allmulticast mode
[  178.394186][T10209] bond3: (slave batadv1): Enslaving as an active interface with an up link
[  178.491123][T10215] (unnamed net_device) (uninitialized): peer notification delay (31) is not a multiple of miimon (100), value rounded to 0 ms
[  178.522317][T10215] loop4: detected capacity change from 0 to 2048
[  178.529099][T10215] msdos: Unknown parameter 'sys_enter'
[  178.622711][   T29] audit: type=1326 audit(1724957192.937:3380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10221 comm="syz.4.2062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a9ae59ef9 code=0x7ffc0000
[  178.646381][   T29] audit: type=1326 audit(1724957192.937:3381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10221 comm="syz.4.2062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a9ae59ef9 code=0x7ffc0000
[  178.670218][   T29] audit: type=1326 audit(1724957192.937:3382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10221 comm="syz.4.2062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f4a9ae59ef9 code=0x7ffc0000
[  178.693747][   T29] audit: type=1326 audit(1724957192.937:3383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10221 comm="syz.4.2062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a9ae59ef9 code=0x7ffc0000
[  178.813760][T10225] sch_fq: defrate 0 ignored.
[  178.982514][T10232] loop3: detected capacity change from 0 to 512
[  178.999250][T10232] ext4 filesystem being mounted at /175/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  179.070813][T10243] loop1: detected capacity change from 0 to 512
[  179.088915][T10243] ext4 filesystem being mounted at /50/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  179.221996][T10263] loop1: detected capacity change from 0 to 256
[  179.229602][T10263] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  179.255960][T10265] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  179.299872][T10270] loop1: detected capacity change from 0 to 512
[  179.328844][T10270] ext4 filesystem being mounted at /55/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  179.413337][T10279] loop1: detected capacity change from 0 to 512
[  179.428994][T10279] ext4 filesystem being mounted at /58/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  179.674585][ T3283] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  179.850140][T10286] chnl_net:caif_netlink_parms(): no params data found
[  179.886709][T10286] bridge0: port 1(bridge_slave_0) entered blocking state
[  179.893914][T10286] bridge0: port 1(bridge_slave_0) entered disabled state
[  179.901283][T10286] bridge_slave_0: entered allmulticast mode
[  179.907863][T10286] bridge_slave_0: entered promiscuous mode
[  179.914690][T10286] bridge0: port 2(bridge_slave_1) entered blocking state
[  179.921830][T10286] bridge0: port 2(bridge_slave_1) entered disabled state
[  179.929918][T10286] bridge_slave_1: entered allmulticast mode
[  179.936391][T10286] bridge_slave_1: entered promiscuous mode
[  179.954670][T10286] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  179.965449][T10286] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  179.991713][T10286] team0: Port device team_slave_0 added
[  179.998656][T10286] team0: Port device team_slave_1 added
[  180.016612][T10286] batman_adv: batadv0: Adding interface: batadv_slave_0
[  180.023662][T10286] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  180.049773][T10286] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  180.061261][T10286] batman_adv: batadv0: Adding interface: batadv_slave_1
[  180.068331][T10286] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  180.094497][T10286] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  180.125446][T10286] hsr_slave_0: entered promiscuous mode
[  180.135276][T10286] hsr_slave_1: entered promiscuous mode
[  180.143902][T10286] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  180.152587][T10286] Cannot create hsr debugfs directory
[  180.185589][T10313] loop4: detected capacity change from 0 to 256
[  180.195183][T10313] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  180.226834][T10318] loop4: detected capacity change from 0 to 512
[  180.242107][T10318] ext4 filesystem being mounted at /103/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  180.288937][T10324] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  180.371296][T10338] loop3: detected capacity change from 0 to 512
[  180.379499][T10338] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #15: comm syz.3.2103: corrupted in-inode xattr: invalid ea_ino
[  180.393169][T10338] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.2103: couldn't read orphan inode 15 (err -117)
[  181.174423][T10346] loop4: detected capacity change from 0 to 256
[  181.182268][T10346] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  181.285214][   T29] kauditd_printk_skb: 56 callbacks suppressed
[  181.285233][   T29] audit: type=1400 audit(1724957195.597:3440): avc:  denied  { ioctl } for  pid=10365 comm="syz.3.2111" path="socket:[39212]" dev="sockfs" ino=39212 ioctlcmd=0x9429 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  181.317079][   T29] audit: type=1400 audit(1724957195.597:3441): avc:  denied  { ioctl } for  pid=10365 comm="syz.3.2111" path="pid:[4026532393]" dev="nsfs" ino=4026532393 ioctlcmd=0x9363 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  181.342551][   T29] audit: type=1400 audit(1724957195.607:3442): avc:  denied  { shutdown } for  pid=10365 comm="syz.3.2111" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  181.507881][   T29] audit: type=1400 audit(1724957195.827:3443): avc:  denied  { ioctl } for  pid=10369 comm="syz.3.2113" path="/dev/sg0" dev="devtmpfs" ino=111 ioctlcmd=0x2275 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  181.974931][T10369] syz.3.2113 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  181.986006][T10369] CPU: 0 UID: 0 PID: 10369 Comm: syz.3.2113 Not tainted 6.11.0-rc5-syzkaller-00081-gd5d547aa7b51 #0
[  181.996801][T10369] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  182.006942][T10369] Call Trace:
[  182.010235][T10369]  <TASK>
[  182.013209][T10369]  dump_stack_lvl+0xf2/0x150
[  182.017974][T10369]  dump_stack+0x15/0x20
[  182.022210][T10369]  dump_header+0x83/0x2d0
[  182.026571][T10369]  oom_kill_process+0x341/0x4c0
[  182.031493][T10369]  out_of_memory+0x9af/0xbe0
[  182.036192][T10369]  ? __rcu_read_unlock+0x4e/0x70
[  182.041165][T10369]  mem_cgroup_out_of_memory+0x13e/0x190
[  182.046820][T10369]  try_charge_memcg+0x51b/0x810
[  182.051695][T10369]  mem_cgroup_swapin_charge_folio+0x107/0x1a0
[  182.057878][T10369]  __read_swap_cache_async+0x2b7/0x520
[  182.063487][T10369]  swap_cluster_readahead+0x276/0x3f0
[  182.068986][T10369]  swapin_readahead+0xe4/0x760
[  182.073878][T10369]  ? __filemap_get_folio+0x420/0x5b0
[  182.079197][T10369]  ? __lruvec_stat_mod_folio+0xdb/0x120
[  182.084795][T10369]  ? swap_cache_get_folio+0x77/0x210
[  182.090163][T10369]  do_swap_page+0x3da/0x1ef0
[  182.094837][T10369]  ? cgroup_rstat_updated+0x99/0x550
[  182.100158][T10369]  ? __rcu_read_lock+0x36/0x50
[  182.105169][T10369]  ? pte_offset_map_nolock+0x124/0x1d0
[  182.110705][T10369]  handle_mm_fault+0x8cb/0x2a30
[  182.115681][T10369]  exc_page_fault+0x3b9/0x650
[  182.120496][T10369]  asm_exc_page_fault+0x26/0x30
[  182.125435][T10369] RIP: 0033:0x7f093389d9ac
[  182.129863][T10369] Code: 72 64 0f 1f 40 00 69 3d 06 7d df 00 e8 03 00 00 48 8d 1d e7 85 2c 00 e8 b2 c4 12 00 eb 0c 48 81 c3 d8 00 00 00 48 39 dd 74 24 <80> 7b 20 00 74 ee 8b 43 0c 85 c0 74 e7 48 89 df 48 81 c3 d8 00 00
[  182.149650][T10369] RSP: 002b:00007ffe5d4a5550 EFLAGS: 00010206
[  182.156206][T10369] RAX: 0000000000000000 RBX: 00007f0933b65f80 RCX: 0000000000000000
[  182.164272][T10369] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000555575d19808
[  182.172878][T10369] RBP: 00007f0933b67a80 R08: 0000000000000000 R09: 7fffffffffffffff
[  182.180860][T10369] R10: 0000000000000000 R11: 0000000000000293 R12: 000000000002c79e
[  182.188836][T10369] R13: 00007ffe5d4a5650 R14: 0000000000000032 R15: ffffffffffffffff
[  182.196897][T10369]  </TASK>
[  182.200508][T10369] memory: usage 114584kB, limit 307200kB, failcnt 10730
[  182.207654][T10369] memory+swap: usage 106992kB, limit 9007199254740988kB, failcnt 0
[  182.215575][T10369] kmem: usage 95932kB, limit 9007199254740988kB, failcnt 0
[  182.222834][T10369] Memory cgroup stats for /syz3:
[  182.226203][T10369] cache 368640
[  182.234557][T10369] rss 8192
[  182.237742][T10369] shmem 0
[  182.240747][T10369] mapped_file 364544
[  182.244640][T10369] dirty 364544
[  182.248104][T10369] writeback 0
[  182.251413][T10369] workingset_refault_anon 8
[  182.255921][T10369] workingset_refault_file 0
[  182.260471][T10369] swap 212992
[  182.263780][T10369] swapcached 16384
[  182.267551][T10369] pgpgin 290239
[  182.271063][T10369] pgpgout 290144
[  182.274619][T10369] pgfault 290248
[  182.278290][T10369] pgmajfault 11
[  182.281811][T10369] inactive_anon 0
[  182.285445][T10369] active_anon 20480
[  182.289380][T10369] inactive_file 0
[  182.292819][T10377] loop1: detected capacity change from 0 to 256
[  182.293070][T10369] active_file 368640
[  182.293080][T10369] unevictable 0
[  182.302919][T10377] msdos: Bad value for 'gid'
[  182.303442][T10369] hierarchical_memory_limit 314572800
[  182.306967][T10377] msdos: Bad value for 'gid'
[  182.311511][T10369] hierarchical_memsw_limit 9223372036854771712
[  182.327713][T10369] total_cache 368640
[  182.331611][T10369] total_rss 8192
[  182.335168][T10369] total_shmem 0
[  182.338740][T10369] total_mapped_file 364544
[  182.343199][T10369] total_dirty 364544
[  182.347125][T10369] total_writeback 0
[  182.350987][T10369] total_workingset_refault_anon 8
[  182.356063][T10369] total_workingset_refault_file 0
[  182.361121][T10369] total_swap 212992
[  182.364942][T10369] total_swapcached 16384
[  182.369204][T10369] total_pgpgin 290239
[  182.373252][T10369] total_pgpgout 290144
[  182.376890][T10380] loop1: detected capacity change from 0 to 256
[  182.377360][T10369] total_pgfault 290248
[  182.377370][T10369] total_pgmajfault 11
[  182.377379][T10369] total_inactive_anon 0
[  182.377388][T10369] total_active_anon 20480
[  182.388525][T10380] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  182.391707][T10369] total_inactive_file 0
[  182.414939][T10369] total_active_file 368640
[  182.419410][T10369] total_unevictable 0
[  182.423458][T10369] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.2113,pid=10369,uid=0
[  182.438467][T10369] Memory cgroup out of memory: Killed process 10369 (syz.3.2113) total-vm:91360kB, anon-rss:520kB, file-rss:18376kB, shmem-rss:0kB, UID:0 pgtables:120kB oom_score_adj:1000
[  182.440537][T10370] syz.3.2113 (10370) used greatest stack depth: 9272 bytes left
[  182.467687][ T3283] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  182.520507][ T3283] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  182.581217][ T3283] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  182.646709][ T3283] bridge_slave_1: left allmulticast mode
[  182.652694][ T3283] bridge_slave_1: left promiscuous mode
[  182.658443][ T3283] bridge0: port 2(bridge_slave_1) entered disabled state
[  182.666264][ T3283] bridge_slave_0: left allmulticast mode
[  182.671988][ T3283] bridge_slave_0: left promiscuous mode
[  182.677750][ T3283] bridge0: port 1(bridge_slave_0) entered disabled state
[  182.800181][ T3283] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  182.810977][ T3283] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  182.821486][ T3283] bond0 (unregistering): Released all slaves
[  182.999872][ T3283] hsr_slave_0: left promiscuous mode
[  183.005649][ T3283] hsr_slave_1: left promiscuous mode
[  183.015362][ T3283] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  183.023086][ T3283] batman_adv: batadv0: Removing interface: batadv_slave_0
[  183.033592][ T3283] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  183.041134][ T3283] batman_adv: batadv0: Removing interface: batadv_slave_1
[  183.055342][ T3283] veth1_macvtap: left promiscuous mode
[  183.060973][ T3283] veth0_macvtap: left promiscuous mode
[  183.066523][ T3283] veth1_vlan: left promiscuous mode
[  183.071848][ T3283] veth0_vlan: left promiscuous mode
[  183.140439][T10408] loop4: detected capacity change from 0 to 512
[  183.158737][T10408] ext4 filesystem being mounted at /110/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  183.200177][ T3283] team0 (unregistering): Port device team_slave_1 removed
[  183.203322][T10413] loop3: detected capacity change from 0 to 256
[  183.217409][ T3283] team0 (unregistering): Port device team_slave_0 removed
[  183.226064][T10413] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  183.393133][T10286] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  183.407046][T10286] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  183.424298][T10286] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  183.440819][T10286] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  183.531489][T10286] 8021q: adding VLAN 0 to HW filter on device bond0
[  183.556211][T10286] 8021q: adding VLAN 0 to HW filter on device team0
[  183.570667][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[  183.577957][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[  183.612768][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[  183.615442][T10437] loop3: detected capacity change from 0 to 1024
[  183.619987][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[  183.626775][T10437] ext4: Unknown parameter 'func'
[  183.653084][   T29] audit: type=1326 audit(1724957197.967:3444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10436 comm="syz.3.2137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09339c9ef9 code=0x7ffc0000
[  183.688066][T10437] loop3: detected capacity change from 0 to 512
[  183.690496][T10286] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  183.697985][   T29] audit: type=1326 audit(1724957197.997:3445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10436 comm="syz.3.2137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f09339c9ef9 code=0x7ffc0000
[  183.728285][   T29] audit: type=1326 audit(1724957197.997:3446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10436 comm="syz.3.2137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f09339c9f33 code=0x7ffc0000
[  183.752223][   T29] audit: type=1326 audit(1724957197.997:3447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10436 comm="syz.3.2137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f09339c89df code=0x7ffc0000
[  183.776031][   T29] audit: type=1326 audit(1724957197.997:3448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10436 comm="syz.3.2137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f09339c9f87 code=0x7ffc0000
[  183.800943][   T29] audit: type=1326 audit(1724957198.007:3449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10436 comm="syz.3.2137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f09339c8890 code=0x7ffc0000
[  183.834716][T10286] 8021q: adding VLAN 0 to HW filter on device batadv0
[  183.846548][T10437] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #15: comm syz.3.2137: corrupted in-inode xattr: invalid ea_ino
[  183.862349][T10437] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.2137: couldn't read orphan inode 15 (err -117)
[  183.976093][T10286] veth0_vlan: entered promiscuous mode
[  183.986320][T10286] veth1_vlan: entered promiscuous mode
[  184.013483][T10286] veth0_macvtap: entered promiscuous mode
[  184.022535][T10286] veth1_macvtap: entered promiscuous mode
[  184.034039][T10286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  184.044540][T10286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  184.044561][T10286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  184.044620][T10286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  184.044634][T10286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  184.044647][T10286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  184.044662][T10286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  184.044675][T10286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  184.115882][T10286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  184.115903][T10286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  184.117528][T10286] batman_adv: batadv0: Interface activated: batadv_slave_0
[  184.118728][T10286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  184.118747][T10286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  184.118759][T10286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  184.118839][T10286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  184.118850][T10286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  184.118864][T10286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  184.118875][T10286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  184.118888][T10286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  184.118899][T10286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  184.118921][T10286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  184.119715][T10286] batman_adv: batadv0: Interface activated: batadv_slave_1
[  184.121148][T10286] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  184.121253][T10286] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  184.121286][T10286] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  184.121425][T10286] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  184.298038][T10485] (unnamed net_device) (uninitialized): peer notification delay (31) is not a multiple of miimon (100), value rounded to 0 ms
[  184.309090][T10490] loop2: detected capacity change from 0 to 512
[  184.313579][T10490] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  184.347048][T10485] loop4: detected capacity change from 0 to 2048
[  184.359448][T10490] EXT4-fs error (device loop2): __ext4_iget:4985: inode #11: block 1556: comm syz.2.2152: invalid block
[  184.364825][T10485] msdos: Unknown parameter 'sys_enter'
[  184.377983][T10490] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.2152: couldn't read orphan inode 11 (err -117)
[  184.551770][T10509] loop2: detected capacity change from 0 to 512
[  184.561129][T10511] loop4: detected capacity change from 0 to 256
[  184.570282][T10509] ext4 filesystem being mounted at /9/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  184.585700][ T8782] FAT-fs (loop4): error, corrupted directory (invalid entries)
[  184.594253][ T8782] FAT-fs (loop4): error, corrupted directory (invalid entries)
[  184.714202][T10518] __nla_validate_parse: 4 callbacks suppressed
[  184.714228][T10518] netlink: 536 bytes leftover after parsing attributes in process `syz.1.2164'.
[  184.796558][T10523] FAULT_INJECTION: forcing a failure.
[  184.796558][T10523] name failslab, interval 1, probability 0, space 0, times 0
[  184.809280][T10523] CPU: 1 UID: 0 PID: 10523 Comm: syz.1.2166 Not tainted 6.11.0-rc5-syzkaller-00081-gd5d547aa7b51 #0
[  184.820182][T10523] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  184.830249][T10523] Call Trace:
[  184.833534][T10523]  <TASK>
[  184.836478][T10523]  dump_stack_lvl+0xf2/0x150
[  184.841138][T10523]  dump_stack+0x15/0x20
[  184.845316][T10523]  should_fail_ex+0x229/0x230
[  184.850015][T10523]  ? skb_clone+0x154/0x1f0
[  184.854469][T10523]  should_failslab+0x8f/0xb0
[  184.859129][T10523]  kmem_cache_alloc_noprof+0x4c/0x290
[  184.864519][T10523]  skb_clone+0x154/0x1f0
[  184.868848][T10523]  __netlink_deliver_tap+0x2bd/0x4c0
[  184.874233][T10523]  netlink_unicast+0x64a/0x670
[  184.879087][T10523]  netlink_sendmsg+0x5cc/0x6e0
[  184.883871][T10523]  ? __pfx_netlink_sendmsg+0x10/0x10
[  184.889224][T10523]  __sock_sendmsg+0x140/0x180
[  184.893974][T10523]  ____sys_sendmsg+0x312/0x410
[  184.898823][T10523]  __sys_sendmsg+0x1e9/0x280
[  184.903545][T10523]  __x64_sys_sendmsg+0x46/0x50
[  184.908378][T10523]  x64_sys_call+0x2689/0x2d60
[  184.913075][T10523]  do_syscall_64+0xc9/0x1c0
[  184.917613][T10523]  ? clear_bhb_loop+0x55/0xb0
[  184.922415][T10523]  ? clear_bhb_loop+0x55/0xb0
[  184.927103][T10523]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.933092][T10523] RIP: 0033:0x7f3eb6e19ef9
[  184.937516][T10523] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  184.957261][T10523] RSP: 002b:00007f3eb5a91038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  184.965699][T10523] RAX: ffffffffffffffda RBX: 00007f3eb6fb5f80 RCX: 00007f3eb6e19ef9
[  184.973860][T10523] RDX: 0000000000000000 RSI: 0000000020001200 RDI: 0000000000000005
[  184.981879][T10523] RBP: 00007f3eb5a91090 R08: 0000000000000000 R09: 0000000000000000
[  184.989856][T10523] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  184.997833][T10523] R13: 0000000000000000 R14: 00007f3eb6fb5f80 R15: 00007fff6ab56e48
[  185.005838][T10523]  </TASK>
[  185.066744][T10528] loop3: detected capacity change from 0 to 1024
[  185.081395][T10528] EXT4-fs: Ignoring removed orlov option
[  185.087130][T10528] EXT4-fs: Ignoring removed nomblk_io_submit option
[  185.113576][T10531] loop2: detected capacity change from 0 to 512
[  185.130231][T10536] loop1: detected capacity change from 0 to 512
[  185.170770][T10531] ext4 filesystem being mounted at /12/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  185.184683][  T328] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  185.199850][T10536] ext4 filesystem being mounted at /75/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  185.240623][  T328] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  185.305080][  T328] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  185.363495][T10557] loop2: detected capacity change from 0 to 512
[  185.392251][T10557] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.2174: corrupted in-inode xattr: invalid ea_ino
[  185.407059][  T328] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  185.420042][T10557] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.2174: couldn't read orphan inode 15 (err -117)
[  185.472751][T10533] chnl_net:caif_netlink_parms(): no params data found
[  185.546481][T10567] EXT4-fs error (device loop2): ext4_find_dest_de:2067: inode #2: block 13: comm syz.2.2174: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0
[  185.573371][  T328] bridge_slave_1: left allmulticast mode
[  185.579097][  T328] bridge_slave_1: left promiscuous mode
[  185.584891][  T328] bridge0: port 2(bridge_slave_1) entered disabled state
[  185.593593][  T328] bridge_slave_0: left allmulticast mode
[  185.599496][  T328] bridge_slave_0: left promiscuous mode
[  185.605268][  T328] bridge0: port 1(bridge_slave_0) entered disabled state
[  185.750671][  T328] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  185.764122][  T328] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  185.774640][  T328] bond0 (unregistering): Released all slaves
[  185.783680][  T328] bond1 (unregistering): Released all slaves
[  185.793134][  T328] bond2 (unregistering): Released all slaves
[  185.802761][  T328] bond3 (unregistering): (slave batadv1): Releasing backup interface
[  185.811650][  T328] batadv1: left allmulticast mode
[  185.818391][  T328] bond3 (unregistering): Released all slaves
[  185.829883][  T328] bond4 (unregistering): Released all slaves
[  185.841109][  T328] bond5 (unregistering): Released all slaves
[  185.872542][T10564] netlink: 264 bytes leftover after parsing attributes in process `syz.3.2169'.
[  185.914216][T10533] bridge0: port 1(bridge_slave_0) entered blocking state
[  185.921346][T10533] bridge0: port 1(bridge_slave_0) entered disabled state
[  185.930115][T10533] bridge_slave_0: entered allmulticast mode
[  185.936766][T10533] bridge_slave_0: entered promiscuous mode
[  185.945220][T10533] bridge0: port 2(bridge_slave_1) entered blocking state
[  185.952356][T10533] bridge0: port 2(bridge_slave_1) entered disabled state
[  185.960290][T10533] bridge_slave_1: entered allmulticast mode
[  185.966884][T10533] bridge_slave_1: entered promiscuous mode
[  185.982852][  T328] hsr_slave_0: left promiscuous mode
[  185.989699][  T328] hsr_slave_1: left promiscuous mode
[  185.995584][  T328] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  186.003054][  T328] batman_adv: batadv0: Removing interface: batadv_slave_0
[  186.010921][  T328] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  186.018390][  T328] batman_adv: batadv0: Removing interface: batadv_slave_1
[  186.028421][  T328] veth1_macvtap: left promiscuous mode
[  186.034025][  T328] veth0_macvtap: left promiscuous mode
[  186.039723][  T328] veth1_vlan: left promiscuous mode
[  186.044959][  T328] veth0_vlan: left promiscuous mode
[  186.136057][T10582] loop3: detected capacity change from 0 to 256
[  186.156941][ T8342] FAT-fs (loop3): error, corrupted directory (invalid entries)
[  186.165122][ T8342] FAT-fs (loop3): error, corrupted directory (invalid entries)
[  186.176681][  T328] team0 (unregistering): Port device team_slave_1 removed
[  186.190266][  T328] team0 (unregistering): Port device team_slave_0 removed
[  186.211715][T10584] loop2: detected capacity change from 0 to 512
[  186.232490][T10584] ext4 filesystem being mounted at /14/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  186.257800][T10578] pim6reg1: entered promiscuous mode
[  186.263185][T10578] pim6reg1: entered allmulticast mode
[  186.290411][T10533] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  186.302673][T10533] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  186.349458][T10533] team0: Port device team_slave_0 added
[  186.356087][T10533] team0: Port device team_slave_1 added
[  186.372685][T10533] batman_adv: batadv0: Adding interface: batadv_slave_0
[  186.379711][T10533] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  186.405668][T10533] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  186.417070][T10533] batman_adv: batadv0: Adding interface: batadv_slave_1
[  186.424092][T10533] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  186.450111][T10533] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  186.500408][T10533] hsr_slave_0: entered promiscuous mode
[  186.509581][T10533] hsr_slave_1: entered promiscuous mode
[  186.515670][T10533] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  186.524168][T10533] Cannot create hsr debugfs directory
[  186.538565][T10598] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2188'.
[  186.598675][T10598] loop1: detected capacity change from 0 to 512
[  186.641945][T10598] ext4 filesystem being mounted at /79/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  186.667271][T10598] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  186.776446][T10617] loop1: detected capacity change from 0 to 256
[  186.792975][T10617] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  186.810154][  T328] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  186.842601][T10619] loop1: detected capacity change from 0 to 512
[  186.852693][T10619] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.2193: corrupted in-inode xattr: invalid ea_ino
[  186.874551][  T328] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  186.877488][T10619] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.2193: couldn't read orphan inode 15 (err -117)
[  186.910889][T10602] chnl_net:caif_netlink_parms(): no params data found
[  186.954516][T10602] bridge0: port 1(bridge_slave_0) entered blocking state
[  186.957459][T10633] EXT4-fs error (device loop1): ext4_find_dest_de:2067: inode #2: block 13: comm syz.1.2193: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0
[  186.961777][T10602] bridge0: port 1(bridge_slave_0) entered disabled state
[  186.990457][T10602] bridge_slave_0: entered allmulticast mode
[  186.997326][T10602] bridge_slave_0: entered promiscuous mode
[  187.007949][  T328] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  187.021375][T10602] bridge0: port 2(bridge_slave_1) entered blocking state
[  187.028627][T10602] bridge0: port 2(bridge_slave_1) entered disabled state
[  187.038338][T10602] bridge_slave_1: entered allmulticast mode
[  187.044929][T10602] bridge_slave_1: entered promiscuous mode
[  187.061687][T10634] pim6reg1: entered promiscuous mode
[  187.067114][T10634] pim6reg1: entered allmulticast mode
[  187.076418][T10602] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  187.088683][  T328] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  187.105298][T10602] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  187.136360][T10602] team0: Port device team_slave_0 added
[  187.145959][T10602] team0: Port device team_slave_1 added
[  187.157585][T10533] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  187.172587][T10602] batman_adv: batadv0: Adding interface: batadv_slave_0
[  187.179641][T10602] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  187.205941][T10602] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  187.221810][T10533] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  187.232213][T10602] batman_adv: batadv0: Adding interface: batadv_slave_1
[  187.239299][T10602] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  187.265608][T10602] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  187.287693][T10533] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  187.296765][T10533] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  187.333087][T10602] hsr_slave_0: entered promiscuous mode
[  187.347136][T10602] hsr_slave_1: entered promiscuous mode
[  187.354867][T10602] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  187.362933][T10602] Cannot create hsr debugfs directory
[  187.380796][T10649] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  187.421527][  T328] bridge_slave_1: left allmulticast mode
[  187.422418][T10652] loop2: detected capacity change from 0 to 512
[  187.427422][  T328] bridge_slave_1: left promiscuous mode
[  187.439388][  T328] bridge0: port 2(bridge_slave_1) entered disabled state
[  187.447600][  T328] bridge_slave_0: left allmulticast mode
[  187.453280][T10652] ext4 filesystem being mounted at /20/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  187.453343][  T328] bridge_slave_0: left promiscuous mode
[  187.469542][  T328] bridge0: port 1(bridge_slave_0) entered disabled state
[  187.570333][  T328] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  187.580846][  T328] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  187.591007][  T328] bond0 (unregistering): Released all slaves
[  187.600348][  T328] bond1 (unregistering): Released all slaves
[  187.609749][  T328] bond2 (unregistering): (slave batadv1): Releasing backup interface
[  187.618508][  T328] batadv1: left allmulticast mode
[  187.624804][  T328] bond2 (unregistering): Released all slaves
[  187.634713][  T328] bond3 (unregistering): (slave batadv2): Releasing backup interface
[  187.643801][  T328] batadv2: left allmulticast mode
[  187.650307][  T328] bond3 (unregistering): Released all slaves
[  187.659374][  T328] bond4 (unregistering): (slave batadv3): Releasing backup interface
[  187.669356][  T328] batadv3: left allmulticast mode
[  187.675943][  T328] bond4 (unregistering): Released all slaves
[  187.685002][  T328] bond5 (unregistering): Released all slaves
[  187.694822][  T328] bond6 (unregistering): Released all slaves
[  187.704021][  T328] bond7 (unregistering): (slave batadv4): Releasing backup interface
[  187.712981][  T328] batadv4: left allmulticast mode
[  187.719800][  T328] bond7 (unregistering): Released all slaves
[  187.765905][T10663] loop2: detected capacity change from 0 to 256
[  187.772744][T10533] 8021q: adding VLAN 0 to HW filter on device bond0
[  187.774956][T10663] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  187.793355][  T328] tipc: Disabling bearer <udp:s>
[  187.798399][  T328] tipc: Left network mode
[  187.811833][T10533] 8021q: adding VLAN 0 to HW filter on device team0
[  187.814491][T10666] loop2: detected capacity change from 0 to 512
[  187.822971][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[  187.832137][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[  187.846901][   T50] bridge0: port 2(bridge_slave_1) entered blocking state
[  187.854111][   T50] bridge0: port 2(bridge_slave_1) entered forwarding state
[  187.867048][T10666] ext4 filesystem being mounted at /22/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  187.910338][  T328] hsr_slave_0: left promiscuous mode
[  187.915949][  T328] hsr_slave_1: left promiscuous mode
[  187.922266][  T328] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  187.929924][  T328] batman_adv: batadv0: Removing interface: batadv_slave_0
[  187.938037][  T328] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  187.945463][  T328] batman_adv: batadv0: Removing interface: batadv_slave_1
[  187.946429][T10672] loop2: detected capacity change from 0 to 256
[  187.960856][T10672] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  187.971621][  T328] veth1_macvtap: left promiscuous mode
[  187.977424][  T328] veth0_macvtap: left promiscuous mode
[  187.983054][  T328] veth1_vlan: left promiscuous mode
[  187.988541][  T328] veth0_vlan: left promiscuous mode
[  188.085872][  T328] team0 (unregistering): Port device team_slave_1 removed
[  188.098058][  T328] team0 (unregistering): Port device team_slave_0 removed
[  188.119190][T10681] loop2: detected capacity change from 0 to 512
[  188.126995][T10681] EXT4-fs error (device loop2): ext4_orphan_get:1391: inode #15: comm syz.2.2213: casefold flag without casefold feature
[  188.143403][T10681] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.2213: couldn't read orphan inode 15 (err -117)
[  188.156195][T10681] EXT4-fs mount: 69 callbacks suppressed
[  188.156227][T10681] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  188.181318][   T29] kauditd_printk_skb: 67 callbacks suppressed
[  188.181335][   T29] audit: type=1400 audit(1724957202.497:3517): avc:  denied  { mounton } for  pid=10680 comm="syz.2.2213" path="/27/file0/bus" dev="loop2" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  188.212088][   T29] audit: type=1400 audit(1724957202.527:3518): avc:  denied  { unlink } for  pid=10286 comm="syz-executor" name="bus" dev="loop2" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  188.213106][T10533] 8021q: adding VLAN 0 to HW filter on device batadv0
[  188.242622][T10286] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  188.322604][   T29] audit: type=1400 audit(1724957202.637:3519): avc:  denied  { write } for  pid=10687 comm="syz.2.2214" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  188.389814][T10702] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  188.392492][T10602] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  188.412065][T10533] veth0_vlan: entered promiscuous mode
[  188.421626][T10602] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  188.450821][T10602] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  188.465442][T10533] veth1_vlan: entered promiscuous mode
[  188.478462][T10602] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  188.493234][T10533] veth0_macvtap: entered promiscuous mode
[  188.503471][T10533] veth1_macvtap: entered promiscuous mode
[  188.533533][T10533] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  188.544373][T10533] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  188.554376][T10533] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  188.564863][T10533] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  188.574857][T10533] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  188.585454][T10533] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  188.595548][T10533] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  188.606018][T10533] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  188.618208][T10533] batman_adv: batadv0: Interface activated: batadv_slave_0
[  188.635571][T10533] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  188.646060][T10533] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  188.656181][T10533] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  188.666983][T10533] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  188.676886][T10533] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  188.687442][T10533] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  188.697288][T10533] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  188.707730][T10533] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  188.719901][T10533] batman_adv: batadv0: Interface activated: batadv_slave_1
[  188.729191][T10533] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  188.738058][T10533] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  188.746909][T10533] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  188.755861][T10533] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  188.802505][T10602] 8021q: adding VLAN 0 to HW filter on device bond0
[  188.895444][T10602] 8021q: adding VLAN 0 to HW filter on device team0
[  188.917976][ T3283] bridge0: port 1(bridge_slave_0) entered blocking state
[  188.925119][ T3283] bridge0: port 1(bridge_slave_0) entered forwarding state
[  188.951939][ T3283] bridge0: port 2(bridge_slave_1) entered blocking state
[  188.959089][ T3283] bridge0: port 2(bridge_slave_1) entered forwarding state
[  189.074157][   T29] audit: type=1326 audit(1724957203.387:3520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10735 comm="syz.2.2227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d2ad69ef9 code=0x7ffc0000
[  189.076623][T10738] bridge0: port 1(bridge_slave_0) entered disabled state
[  189.124357][   T29] audit: type=1326 audit(1724957203.417:3521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10735 comm="syz.2.2227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d2ad69ef9 code=0x7ffc0000
[  189.134429][T10738] bridge0: port 2(bridge_slave_1) entered disabled state
[  189.148082][   T29] audit: type=1326 audit(1724957203.427:3522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10735 comm="syz.2.2227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f7d2ad69ef9 code=0x7ffc0000
[  189.178933][   T29] audit: type=1326 audit(1724957203.427:3523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10735 comm="syz.2.2227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d2ad69ef9 code=0x7ffc0000
[  189.202612][   T29] audit: type=1326 audit(1724957203.427:3524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10735 comm="syz.2.2227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f7d2ad69ef9 code=0x7ffc0000
[  189.226549][   T29] audit: type=1326 audit(1724957203.437:3525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10735 comm="syz.2.2227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d2ad69ef9 code=0x7ffc0000
[  189.250191][   T29] audit: type=1326 audit(1724957203.437:3526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10735 comm="syz.2.2227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f7d2ad69ef9 code=0x7ffc0000
[  189.471692][T10602] 8021q: adding VLAN 0 to HW filter on device batadv0
[  189.879291][T10602] veth0_vlan: entered promiscuous mode
[  189.910096][T10602] veth1_vlan: entered promiscuous mode
[  189.984431][T10602] veth0_macvtap: entered promiscuous mode
[  189.999461][T10602] veth1_macvtap: entered promiscuous mode
[  190.028369][T10602] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  190.038904][T10602] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.048820][T10602] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  190.048840][T10602] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.048931][T10602] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  190.048997][T10602] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.049016][T10602] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  190.049032][T10602] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.049049][T10602] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  190.123874][T10602] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.151928][T10602] batman_adv: batadv0: Interface activated: batadv_slave_0
[  190.174610][T10602] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  190.185128][T10602] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.185145][T10602] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  190.205466][T10602] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.215340][T10602] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  190.215361][T10602] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.215445][T10602] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  190.215461][T10602] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.215478][T10602] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  190.215516][T10602] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.217676][T10602] batman_adv: batadv0: Interface activated: batadv_slave_1
[  190.298037][T10602] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  190.306901][T10602] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  190.315893][T10602] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  190.315935][T10602] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  190.354232][T10790] loop4: detected capacity change from 0 to 256
[  190.364322][T10790] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  190.403005][T10794] loop4: detected capacity change from 0 to 512
[  190.422961][T10794] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  190.443096][T10794] ext4 filesystem being mounted at /6/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  190.459664][T10799] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2246'.
[  190.468684][T10799] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2246'.
[  190.491825][T10799] 9pnet_fd: Insufficient options for proto=fd
[  190.503749][T10533] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.527615][T10805] loop4: detected capacity change from 0 to 512
[  190.538985][T10805] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  190.552050][T10805] ext4 filesystem being mounted at /7/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  190.625501][T10805] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0
[  190.645064][T10533] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.758839][T10830] loop4: detected capacity change from 0 to 512
[  190.771017][T10830] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  190.783899][T10830] ext4 filesystem being mounted at /11/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  190.810587][T10834] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2258'.
[  190.811598][T10533] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.819540][T10834] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2258'.
[  190.846879][T10837] loop4: detected capacity change from 0 to 512
[  190.859143][T10837] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  190.871821][T10837] ext4 filesystem being mounted at /12/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  190.909077][T10533] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.963599][T10843] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[  190.971862][T10843] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[  190.998747][T10847] loop4: detected capacity change from 0 to 512
[  191.009030][T10847] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  191.022152][T10847] ext4 filesystem being mounted at /15/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  191.066701][T10847] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0
[  191.086483][T10533] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.117043][T10855] FAULT_INJECTION: forcing a failure.
[  191.117043][T10855] name failslab, interval 1, probability 0, space 0, times 0
[  191.130062][T10855] CPU: 0 UID: 0 PID: 10855 Comm: syz.4.2264 Not tainted 6.11.0-rc5-syzkaller-00081-gd5d547aa7b51 #0
[  191.141043][T10855] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  191.151199][T10855] Call Trace:
[  191.154581][T10855]  <TASK>
[  191.157520][T10855]  dump_stack_lvl+0xf2/0x150
[  191.162131][T10855]  dump_stack+0x15/0x20
[  191.166315][T10855]  should_fail_ex+0x229/0x230
[  191.171171][T10855]  ? skb_clone+0x154/0x1f0
[  191.175626][T10855]  should_failslab+0x8f/0xb0
[  191.180259][T10855]  kmem_cache_alloc_noprof+0x4c/0x290
[  191.185668][T10855]  skb_clone+0x154/0x1f0
[  191.189979][T10855]  __netlink_deliver_tap+0x2bd/0x4c0
[  191.195343][T10855]  netlink_unicast+0x64a/0x670
[  191.200184][T10855]  netlink_sendmsg+0x5cc/0x6e0
[  191.205021][T10855]  ? __pfx_netlink_sendmsg+0x10/0x10
[  191.210342][T10855]  __sock_sendmsg+0x140/0x180
[  191.215223][T10855]  ____sys_sendmsg+0x312/0x410
[  191.220103][T10855]  __sys_sendmsg+0x1e9/0x280
[  191.224790][T10855]  __x64_sys_sendmsg+0x46/0x50
[  191.229575][T10855]  x64_sys_call+0x2689/0x2d60
[  191.234346][T10855]  do_syscall_64+0xc9/0x1c0
[  191.238970][T10855]  ? clear_bhb_loop+0x55/0xb0
[  191.243747][T10855]  ? clear_bhb_loop+0x55/0xb0
[  191.248517][T10855]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  191.254554][T10855] RIP: 0033:0x7f39d2179ef9
[  191.258992][T10855] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  191.278851][T10855] RSP: 002b:00007f39d0df7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  191.287524][T10855] RAX: ffffffffffffffda RBX: 00007f39d2315f80 RCX: 00007f39d2179ef9
[  191.295572][T10855] RDX: 0000000000000000 RSI: 0000000020001200 RDI: 0000000000000003
[  191.303797][T10855] RBP: 00007f39d0df7090 R08: 0000000000000000 R09: 0000000000000000
[  191.311872][T10855] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  191.320082][T10855] R13: 0000000000000000 R14: 00007f39d2315f80 R15: 00007ffeec2edee8
[  191.328114][T10855]  </TASK>
[  191.462240][T10866] loop4: detected capacity change from 0 to 512
[  191.479360][T10866] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  191.492011][T10866] ext4 filesystem being mounted at /21/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  191.518837][T10533] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.541769][T10871] loop4: detected capacity change from 0 to 256
[  191.549792][T10871] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  191.581591][T10874] loop4: detected capacity change from 0 to 512
[  191.611330][T10874] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  191.624377][T10874] ext4 filesystem being mounted at /23/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  191.658117][T10881] pim6reg1: entered promiscuous mode
[  191.663470][T10881] pim6reg1: entered allmulticast mode
[  191.689482][T10883] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  191.717087][T10533] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.758654][T10891] loop4: detected capacity change from 0 to 512
[  191.769752][T10891] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  191.782550][T10891] ext4 filesystem being mounted at /24/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  191.840545][T10891] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0
[  191.862365][T10533] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.896471][T10909] loop4: detected capacity change from 0 to 256
[  191.905817][T10909] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  191.933447][T10914] loop4: detected capacity change from 0 to 512
[  191.943160][T10910] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2285'.
[  191.950943][T10914] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  191.952089][T10910] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2285'.
[  191.966308][T10914] ext4 filesystem being mounted at /26/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  191.977076][T10912] pim6reg1: entered promiscuous mode
[  191.989147][T10912] pim6reg1: entered allmulticast mode
[  192.029118][T10533] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.047946][T10919] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  192.089691][T10923] loop4: detected capacity change from 0 to 512
[  192.100730][T10923] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  192.113511][T10923] ext4 filesystem being mounted at /29/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  192.159621][T10533] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.305167][T10945] loop2: detected capacity change from 0 to 512
[  192.320972][T10945] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  192.334536][T10945] ext4 filesystem being mounted at /40/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  192.373724][T10286] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.485758][T10961] loop4: detected capacity change from 0 to 512
[  192.498739][T10961] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  192.511678][T10961] ext4 filesystem being mounted at /35/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  192.548709][T10533] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.651205][T10972] loop2: detected capacity change from 0 to 512
[  192.669092][T10972] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  192.681908][T10972] ext4 filesystem being mounted at /45/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  192.708217][T10286] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.787995][T10979] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2309'.
[  192.971707][   T11] bridge_slave_1: left allmulticast mode
[  192.977644][   T11] bridge_slave_1: left promiscuous mode
[  192.983838][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  193.012076][   T11] bridge_slave_0: left allmulticast mode
[  193.017807][   T11] bridge_slave_0: left promiscuous mode
[  193.023465][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  193.260469][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  193.271181][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  193.281927][   T11] bond0 (unregistering): Released all slaves
[  193.291506][   T11] bond1 (unregistering): Released all slaves
[  193.299407][T10985] netlink: 264 bytes leftover after parsing attributes in process `syz.0.2312'.
[  193.405521][   T29] kauditd_printk_skb: 36 callbacks suppressed
[  193.405539][   T29] audit: type=1326 audit(1724957207.717:3563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10993 comm="syz.1.2315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3eb6e19ef9 code=0x7ffc0000
[  193.435391][   T29] audit: type=1326 audit(1724957207.717:3564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10993 comm="syz.1.2315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3eb6e19ef9 code=0x7ffc0000
[  193.435428][   T29] audit: type=1326 audit(1724957207.717:3565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10993 comm="syz.1.2315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3eb6e19ef9 code=0x7ffc0000
[  193.435461][   T29] audit: type=1326 audit(1724957207.717:3566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10993 comm="syz.1.2315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f3eb6e19ef9 code=0x7ffc0000
[  193.435503][   T29] audit: type=1326 audit(1724957207.717:3567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10993 comm="syz.1.2315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3eb6e19ef9 code=0x7ffc0000
[  193.435571][   T29] audit: type=1326 audit(1724957207.717:3568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10993 comm="syz.1.2315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=208 compat=0 ip=0x7f3eb6e19ef9 code=0x7ffc0000
[  193.475105][   T29] audit: type=1326 audit(1724957207.747:3569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10993 comm="syz.1.2315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3eb6e19ef9 code=0x7ffc0000
[  193.475148][   T29] audit: type=1326 audit(1724957207.747:3570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10993 comm="syz.1.2315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3eb6e19ef9 code=0x7ffc0000
[  193.475413][   T29] audit: type=1326 audit(1724957207.787:3571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10993 comm="syz.1.2315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3eb6e19ef9 code=0x7ffc0000
[  193.475549][   T29] audit: type=1326 audit(1724957207.787:3572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10993 comm="syz.1.2315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3eb6e19ef9 code=0x7ffc0000
[  193.478707][   T11] hsr_slave_0: left promiscuous mode
[  193.528057][   T11] hsr_slave_1: left promiscuous mode
[  193.589139][T11002] loop3: detected capacity change from 0 to 256
[  193.610238][T11003] FAULT_INJECTION: forcing a failure.
[  193.610238][T11003] name failslab, interval 1, probability 0, space 0, times 0
[  193.624119][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  193.624170][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  193.639522][T10602] FAT-fs (loop3): error, corrupted directory (invalid entries)
[  193.653180][T11003] CPU: 0 UID: 0 PID: 11003 Comm: syz.0.2318 Not tainted 6.11.0-rc5-syzkaller-00081-gd5d547aa7b51 #0
[  193.678623][T10602] FAT-fs (loop3): error, corrupted directory (invalid entries)
[  193.681806][T11003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  193.756636][T11003] Call Trace:
[  193.756651][T11003]  <TASK>
[  193.756672][T11003]  dump_stack_lvl+0xf2/0x150
[  193.767916][T11003]  dump_stack+0x15/0x20
[  193.772194][T11003]  should_fail_ex+0x229/0x230
[  193.776995][T11003]  ? alloc_fdtable+0x72/0x190
[  193.781714][T11003]  should_failslab+0x8f/0xb0
[  193.786481][T11003]  __kmalloc_cache_noprof+0x4b/0x2a0
[  193.791822][T11003]  alloc_fdtable+0x72/0x190
[  193.796495][T11003]  dup_fd+0x56d/0x6c0
[  193.800527][T11003]  copy_files+0xc1/0x130
[  193.804183][T11007] loop4: detected capacity change from 0 to 512
[  193.804797][T11003]  copy_process+0xe45/0x1f90
[  193.815674][T11003]  kernel_clone+0x167/0x5e0
[  193.820256][T11003]  __x64_sys_clone+0xe8/0x120
[  193.820421][T11007] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  193.824964][T11003]  x64_sys_call+0x2d23/0x2d60
[  193.839928][T11007] ext4 filesystem being mounted at /39/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  193.842323][T11003]  do_syscall_64+0xc9/0x1c0
[  193.842352][T11003]  ? clear_bhb_loop+0x55/0xb0
[  193.842373][T11003]  ? clear_bhb_loop+0x55/0xb0
[  193.842393][T11003]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  193.872405][T11003] RIP: 0033:0x7fbd89939ef9
[  193.876872][T11003] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  193.896516][T11003] RSP: 002b:00007fbd885b0fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  193.904954][T11003] RAX: ffffffffffffffda RBX: 00007fbd89ad5f80 RCX: 00007fbd89939ef9
[  193.912931][T11003] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000640c7000
[  193.920905][T11003] RBP: 00007fbd885b1090 R08: 0000000000000000 R09: 0000000000000000
[  193.928973][T11003] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[  193.936959][T11003] R13: 0000000000000000 R14: 00007fbd89ad5f80 R15: 00007ffe62cac0f8
[  193.945021][T11003]  </TASK>
[  193.948591][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  193.956081][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  193.969267][   T11] veth1_macvtap: left promiscuous mode
[  193.974853][   T11] veth0_macvtap: left promiscuous mode
[  193.980695][   T11] veth1_vlan: left promiscuous mode
[  193.985959][   T11] veth0_vlan: left promiscuous mode
[  193.997101][T10533] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.055840][T11015] loop4: detected capacity change from 0 to 1024
[  194.085575][T11015] EXT4-fs: Ignoring removed orlov option
[  194.091500][T11015] EXT4-fs: Ignoring removed nomblk_io_submit option
[  194.110553][T11015] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  194.145532][   T11] team0 (unregistering): Port device team_slave_1 removed
[  194.156717][   T11] team0 (unregistering): Port device team_slave_0 removed
[  194.221804][T11021] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[  194.230080][T11021] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[  194.590188][T11015] netlink: 264 bytes leftover after parsing attributes in process `syz.4.2324'.
[  194.618685][   T11] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  194.666165][   T11] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  194.723732][   T11] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  194.751535][T11046] chnl_net:caif_netlink_parms(): no params data found
[  194.781837][T10533] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.792705][   T11] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  194.816358][T11046] bridge0: port 1(bridge_slave_0) entered blocking state
[  194.823790][T11046] bridge0: port 1(bridge_slave_0) entered disabled state
[  194.831067][T11046] bridge_slave_0: entered allmulticast mode
[  194.837705][T11046] bridge_slave_0: entered promiscuous mode
[  194.844648][T11046] bridge0: port 2(bridge_slave_1) entered blocking state
[  194.851757][T11046] bridge0: port 2(bridge_slave_1) entered disabled state
[  194.858993][T11046] bridge_slave_1: entered allmulticast mode
[  194.865577][T11046] bridge_slave_1: entered promiscuous mode
[  194.895799][T11046] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  194.911561][T11046] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  194.920932][   T11] bridge_slave_1: left allmulticast mode
[  194.926624][   T11] bridge_slave_1: left promiscuous mode
[  194.932323][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  194.940259][   T11] bridge_slave_0: left allmulticast mode
[  194.945907][   T11] bridge_slave_0: left promiscuous mode
[  194.946155][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  195.050209][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  195.061490][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  195.071884][   T11] bond0 (unregistering): Released all slaves
[  195.100919][T11046] team0: Port device team_slave_0 added
[  195.107815][T11046] team0: Port device team_slave_1 added
[  195.126076][T11046] batman_adv: batadv0: Adding interface: batadv_slave_0
[  195.133253][T11046] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  195.159539][T11046] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  195.172805][T11046] batman_adv: batadv0: Adding interface: batadv_slave_1
[  195.179940][T11046] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  195.206564][T11046] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  195.255068][T11070] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2342'.
[  195.289626][   T11] hsr_slave_0: left promiscuous mode
[  195.296102][   T11] hsr_slave_1: left promiscuous mode
[  195.301579][T11076] loop2: detected capacity change from 0 to 256
[  195.309510][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  195.317590][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  195.327062][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  195.334566][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  195.346175][   T11] veth1_macvtap: left promiscuous mode
[  195.351852][   T11] veth0_macvtap: left promiscuous mode
[  195.357485][   T11] veth1_vlan: left promiscuous mode
[  195.362806][   T11] veth0_vlan: left promiscuous mode
[  195.369303][T11076] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  195.491610][   T11] team0 (unregistering): Port device team_slave_1 removed
[  195.503414][   T11] team0 (unregistering): Port device team_slave_0 removed
[  195.552405][T11046] hsr_slave_0: entered promiscuous mode
[  195.559234][T11046] hsr_slave_1: entered promiscuous mode
[  195.565309][T11046] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  195.572997][T11046] Cannot create hsr debugfs directory
[  195.702477][T11104] loop2: detected capacity change from 0 to 256
[  195.709110][T11104] msdos: Bad value for 'gid'
[  195.713737][T11104] msdos: Bad value for 'gid'
[  195.764359][T11106] loop2: detected capacity change from 0 to 2048
[  195.780141][T11106] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  195.804566][T11113] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  195.804566][T11113] The task syz.1.2355 (11113) triggered the difference, watch for misbehavior.
[  195.846661][T11116] netlink: 72 bytes leftover after parsing attributes in process `syz.4.2358'.
[  195.920538][T10286] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.942032][T11119] loop2: detected capacity change from 0 to 256
[  195.951290][T11119] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  195.994473][T11046] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  196.005306][T11122] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2360'.
[  196.014458][T11122] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2360'.
[  196.033099][T11046] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  196.043847][T11046] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  196.055026][T11046] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  196.100860][T11046] 8021q: adding VLAN 0 to HW filter on device bond0
[  196.115351][T11046] 8021q: adding VLAN 0 to HW filter on device team0
[  196.145023][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  196.152166][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  196.181482][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  196.188699][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  196.264735][T11046] 8021q: adding VLAN 0 to HW filter on device batadv0
[  196.364944][T11046] veth0_vlan: entered promiscuous mode
[  196.384378][T11046] veth1_vlan: entered promiscuous mode
[  196.402977][T11116] syz.4.2358 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  196.414065][T11116] CPU: 1 UID: 0 PID: 11116 Comm: syz.4.2358 Not tainted 6.11.0-rc5-syzkaller-00081-gd5d547aa7b51 #0
[  196.424885][T11116] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  196.435393][T11116] Call Trace:
[  196.438708][T11116]  <TASK>
[  196.441666][T11116]  dump_stack_lvl+0xf2/0x150
[  196.446275][T11116]  dump_stack+0x15/0x20
[  196.450437][T11116]  dump_header+0x83/0x2d0
[  196.454811][T11116]  oom_kill_process+0x341/0x4c0
[  196.459819][T11116]  out_of_memory+0x9af/0xbe0
[  196.464434][T11116]  ? __rcu_read_unlock+0x4e/0x70
[  196.469533][T11116]  mem_cgroup_out_of_memory+0x13e/0x190
[  196.475188][T11116]  try_charge_memcg+0x51b/0x810
[  196.480060][T11116]  mem_cgroup_swapin_charge_folio+0x107/0x1a0
[  196.486237][T11116]  __read_swap_cache_async+0x2b7/0x520
[  196.491795][T11116]  swap_cluster_readahead+0x276/0x3f0
[  196.497223][T11116]  swapin_readahead+0xe4/0x760
[  196.502072][T11116]  ? __filemap_get_folio+0x420/0x5b0
[  196.507465][T11116]  ? swap_cache_get_folio+0x77/0x210
[  196.512929][T11116]  do_swap_page+0x3da/0x1ef0
[  196.518167][T11116]  ? strlen+0x19/0x30
[  196.522191][T11116]  ? __rcu_read_lock+0x36/0x50
[  196.527058][T11116]  ? pte_offset_map_nolock+0x124/0x1d0
[  196.532535][T11116]  handle_mm_fault+0x8cb/0x2a30
[  196.537663][T11116]  exc_page_fault+0x296/0x650
[  196.542389][T11116]  asm_exc_page_fault+0x26/0x30
[  196.547298][T11116] RIP: 0010:__import_iovec+0x10c/0x520
[  196.552851][T11116] Code: 6f e8 78 da 73 ff 4c 89 e7 e8 20 52 8c ff 49 c7 04 24 00 00 00 00 e9 11 03 00 00 4d 85 f6 0f 88 8e 03 00 00 0f 01 cb 0f ae e8 <49> 8b 5e 08 4d 89 e7 49 8b 2e 45 31 e4 31 ff 48 89 de e8 1d df 73
[  196.572562][T11116] RSP: 0018:ffffc90003c93cc8 EFLAGS: 00050206
[  196.578664][T11116] RAX: ffff888107a65d00 RBX: 0000000000000001 RCX: ffffffff81bbf859
[  196.586654][T11116] RDX: 000000000000057c RSI: 0000000000000000 RDI: ffffc90003c93dc8
[  196.594657][T11116] RBP: 0000000000000000 R08: 0001c90003c93dcf R09: 0000000000000000
[  196.602637][T11116] R10: 0001ffffffffffff R11: 0001c90003c93dc8 R12: ffffc90003c93dc8
[  196.610885][T11116] R13: ffffc90003c93dd0 R14: 00000000200018c0 R15: 0000000000000008
[  196.618867][T11116]  ? __import_iovec+0x49/0x520
[  196.623768][T11116]  ? __import_iovec+0x49/0x520
[  196.628576][T11116]  import_iovec+0xbc/0xd0
[  196.632970][T11116]  vfs_readv+0xec/0x660
[  196.637148][T11116]  ? restore_sigcontext+0x1b5/0x220
[  196.642464][T11116]  do_readv+0xf8/0x220
[  196.646545][T11116]  __x64_sys_readv+0x45/0x50
[  196.651186][T11116]  x64_sys_call+0x2bd9/0x2d60
[  196.655889][T11116]  do_syscall_64+0xc9/0x1c0
[  196.660540][T11116]  ? clear_bhb_loop+0x55/0xb0
[  196.665227][T11116]  ? clear_bhb_loop+0x55/0xb0
[  196.670040][T11116]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  196.675959][T11116] RIP: 0033:0x7f39d2179ef9
[  196.680457][T11116] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  196.700262][T11116] RSP: 002b:00007f39d0df7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013
[  196.708933][T11116] RAX: ffffffffffffffda RBX: 00007f39d2315f80 RCX: 00007f39d2179ef9
[  196.716916][T11116] RDX: 0000000000000001 RSI: 00000000200018c0 RDI: 0000000000000005
[  196.725387][T11116] RBP: 00007f39d21e793e R08: 0000000000000000 R09: 0000000000000000
[  196.733424][T11116] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  196.741404][T11116] R13: 0000000000000000 R14: 00007f39d2315f80 R15: 00007ffeec2edee8
[  196.749527][T11116]  </TASK>
[  196.752890][T11116] memory: usage 307184kB, limit 307200kB, failcnt 2502
[  196.759870][T11116] memory+swap: usage 299600kB, limit 9007199254740988kB, failcnt 0
[  196.767828][T11116] kmem: usage 285520kB, limit 9007199254740988kB, failcnt 0
[  196.775124][T11116] Memory cgroup stats for /syz4:
[  196.779061][T11046] veth0_macvtap: entered promiscuous mode
[  196.805467][T11116] cache 172032
[  196.810245][T11116] rss 40960
[  196.813481][T11116] shmem 0
[  196.817204][T11116] mapped_file 167936
[  196.821109][T11116] dirty 167936
[  196.824485][T11116] writeback 40960
[  196.828154][T11116] workingset_refault_anon 12
[  196.832091][T11136] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0
[  196.832740][T11116] workingset_refault_file 0
[  196.832752][T11116] swap 139264
[  196.849325][T11116] swapcached 90112
[  196.853156][T11116] pgpgin 188028
[  196.856665][T11116] pgpgout 187964
[  196.860348][T11116] pgfault 213582
[  196.863986][T11116] pgmajfault 8
[  196.867556][T11116] inactive_anon 40960
[  196.871693][T11116] active_anon 49152
[  196.875562][T11116] inactive_file 167936
[  196.879763][T11116] active_file 4096
[  196.883492][T11116] unevictable 0
[  196.886960][T11116] hierarchical_memory_limit 314572800
[  196.892452][T11116] hierarchical_memsw_limit 9223372036854771712
[  196.898854][T11116] total_cache 172032
[  196.902900][T11116] total_rss 40960
[  196.906551][T11116] total_shmem 0
[  196.910084][T11116] total_mapped_file 167936
[  196.914525][T11116] total_dirty 167936
[  196.918461][T11116] total_writeback 40960
[  196.922718][T11116] total_workingset_refault_anon 12
[  196.927855][T11116] total_workingset_refault_file 0
[  196.933004][T11116] total_swap 139264
[  196.936808][T11116] total_swapcached 90112
[  196.941082][T11116] total_pgpgin 188028
[  196.945067][T11116] total_pgpgout 187964
[  196.949168][T11116] total_pgfault 213582
[  196.953411][T11116] total_pgmajfault 8
[  196.957351][T11116] total_inactive_anon 40960
[  196.961856][T11116] total_active_anon 49152
[  196.966195][T11116] total_inactive_file 167936
[  196.970986][T11116] total_active_file 4096
[  196.975493][T11116] total_unevictable 0
[  196.979596][T11116] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.2358,pid=11115,uid=0
[  196.994626][T11116] Memory cgroup out of memory: Killed process 11116 (syz.4.2358) total-vm:89312kB, anon-rss:520kB, file-rss:18228kB, shmem-rss:0kB, UID:0 pgtables:120kB oom_score_adj:1000
[  197.020073][T11046] veth1_macvtap: entered promiscuous mode
[  197.033769][T11046] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  197.044317][T11046] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  197.054280][T11046] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  197.065028][T11046] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  197.075267][T11046] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  197.085893][T11046] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  197.095861][T11046] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  197.106312][T11046] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  197.150429][T11046] batman_adv: batadv0: Interface activated: batadv_slave_0
[  197.160519][T11046] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  197.171076][T11046] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  197.181072][T11046] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  197.191662][T11046] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  197.201513][T11046] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  197.212003][T11046] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  197.222065][T11046] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  197.232581][T11046] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  197.244595][T11046] batman_adv: batadv0: Interface activated: batadv_slave_1
[  197.254493][T11046] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  197.263805][T11046] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  197.272662][T11046] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  197.281456][T11046] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  197.306719][T11155] usb usb8: usbfs: process 11155 (syz.0.2365) did not claim interface 0 before use
[  197.334052][T11163] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  197.360249][T11167] sch_fq: defrate 0 ignored.
[  197.374654][T11169] (unnamed net_device) (uninitialized): peer notification delay (31) is not a multiple of miimon (100), value rounded to 0 ms
[  197.478940][T11185] pim6reg1: entered promiscuous mode
[  197.484319][T11185] pim6reg1: entered allmulticast mode
[  197.495362][T11187] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2380'.
[  197.511669][T11187] tmpfs: Bad value for 'mpol'
[  197.532660][T11192] netlink: 72 bytes leftover after parsing attributes in process `syz.3.2381'.
[  197.573421][T11194] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  197.585902][T11196] sch_fq: defrate 0 ignored.
[  197.631907][T11203] loop4: detected capacity change from 0 to 512
[  197.652241][T11203] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  197.666983][T11203] ext4 filesystem being mounted at /52/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  197.683982][T11208] FAULT_INJECTION: forcing a failure.
[  197.683982][T11208] name failslab, interval 1, probability 0, space 0, times 0
[  197.696832][T11208] CPU: 1 UID: 0 PID: 11208 Comm: syz.1.2387 Not tainted 6.11.0-rc5-syzkaller-00081-gd5d547aa7b51 #0
[  197.707968][T11208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  197.718052][T11208] Call Trace:
[  197.721373][T11208]  <TASK>
[  197.724364][T11208]  dump_stack_lvl+0xf2/0x150
[  197.729168][T11208]  dump_stack+0x15/0x20
[  197.733358][T11208]  should_fail_ex+0x229/0x230
[  197.738228][T11208]  ? __kvmalloc_node_noprof+0x72/0x170
[  197.743718][T11208]  should_failslab+0x8f/0xb0
[  197.748451][T11208]  __kmalloc_node_noprof+0xa8/0x380
[  197.753998][T11208]  __kvmalloc_node_noprof+0x72/0x170
[  197.759349][T11208]  alloc_netdev_mqs+0x9d/0x8d0
[  197.764333][T11208]  ? __pfx_vti6_dev_setup+0x10/0x10
[  197.769637][T11208]  ? selinux_capable+0x1f2/0x260
[  197.774711][T11208]  vti6_locate+0x30a/0x3c0
[  197.779167][T11208]  vti6_siocdevprivate+0x57b/0x910
[  197.784319][T11208]  ? __pfx_vti6_siocdevprivate+0x10/0x10
[  197.790104][T11208]  dev_ifsioc+0x84e/0xa10
[  197.794466][T11208]  dev_ioctl+0x8e9/0xab0
[  197.798755][T11208]  sock_ioctl+0x5c0/0x640
[  197.803212][T11208]  ? __pfx_sock_ioctl+0x10/0x10
[  197.808092][T11208]  __se_sys_ioctl+0xd3/0x150
[  197.812722][T11208]  __x64_sys_ioctl+0x43/0x50
[  197.817346][T11208]  x64_sys_call+0x15cc/0x2d60
[  197.822042][T11208]  do_syscall_64+0xc9/0x1c0
[  197.826623][T11208]  ? clear_bhb_loop+0x55/0xb0
[  197.831319][T11208]  ? clear_bhb_loop+0x55/0xb0
[  197.836049][T11208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  197.841976][T11208] RIP: 0033:0x7f3eb6e19ef9
[  197.846398][T11208] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  197.866044][T11208] RSP: 002b:00007f3eb5a91038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  197.874549][T11208] RAX: ffffffffffffffda RBX: 00007f3eb6fb5f80 RCX: 00007f3eb6e19ef9
[  197.882705][T11208] RDX: 0000000020000900 RSI: 00000000000089f1 RDI: 0000000000000004
[  197.890772][T11208] RBP: 00007f3eb5a91090 R08: 0000000000000000 R09: 0000000000000000
[  197.898800][T11208] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  197.906780][T11208] R13: 0000000000000000 R14: 00007f3eb6fb5f80 R15: 00007fff6ab56e48
[  197.915028][T11208]  </TASK>
[  197.950006][T10533] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.045463][T11218] loop4: detected capacity change from 0 to 512
[  198.055218][T11218] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #15: comm syz.4.2390: casefold flag without casefold feature
[  198.069791][T11218] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.2390: couldn't read orphan inode 15 (err -117)
[  198.083606][T11218] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  198.116787][T11218] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  198.160730][T11218] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  198.189820][T11230] pim6reg1: entered promiscuous mode
[  198.195223][T11230] pim6reg1: entered allmulticast mode
[  198.232662][T11233] sch_fq: defrate 0 ignored.
[  198.262659][T11235] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=11235 comm=syz.4.2390
[  198.320388][T11234] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0
[  198.378057][T11241] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2399'.
[  198.386997][T11241] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2399'.
[  198.399826][T11245] ebt_limit: overflow, try lower: 0/0
[  198.460392][   T29] kauditd_printk_skb: 116 callbacks suppressed
[  198.460407][   T29] audit: type=1326 audit(1724957212.777:3689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11251 comm="syz.1.2402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3eb6e19ef9 code=0x7ffc0000
[  198.490946][   T29] audit: type=1326 audit(1724957212.777:3690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11251 comm="syz.1.2402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3eb6e19ef9 code=0x7ffc0000
[  198.516409][   T29] audit: type=1326 audit(1724957212.807:3691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11251 comm="syz.1.2402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3eb6e19ef9 code=0x7ffc0000
[  198.539994][   T29] audit: type=1326 audit(1724957212.807:3692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11251 comm="syz.1.2402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3eb6e19ef9 code=0x7ffc0000
[  198.563626][   T29] audit: type=1326 audit(1724957212.807:3693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11251 comm="syz.1.2402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3eb6e19ef9 code=0x7ffc0000
[  198.587402][   T29] audit: type=1326 audit(1724957212.827:3694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11251 comm="syz.1.2402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f3eb6e19ef9 code=0x7ffc0000
[  198.610956][   T29] audit: type=1326 audit(1724957212.827:3695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11251 comm="syz.1.2402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3eb6e19ef9 code=0x7ffc0000
[  198.625158][T11260] pim6reg1: entered promiscuous mode
[  198.634502][   T29] audit: type=1326 audit(1724957212.827:3696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11251 comm="syz.1.2402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3eb6e19ef9 code=0x7ffc0000
[  198.639899][T11260] pim6reg1: entered allmulticast mode
[  198.686754][   T29] audit: type=1326 audit(1724957212.827:3697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11251 comm="syz.1.2402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=208 compat=0 ip=0x7f3eb6e19ef9 code=0x7ffc0000
[  198.817451][T11265] sch_fq: defrate 0 ignored.
[  198.882234][T10533] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.888068][T11273] FAULT_INJECTION: forcing a failure.
[  198.888068][T11273] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  198.904567][T11273] CPU: 1 UID: 0 PID: 11273 Comm: syz.3.2411 Not tainted 6.11.0-rc5-syzkaller-00081-gd5d547aa7b51 #0
[  198.915380][T11273] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  198.925473][T11273] Call Trace:
[  198.928916][T11273]  <TASK>
[  198.931928][T11273]  dump_stack_lvl+0xf2/0x150
[  198.936542][T11273]  dump_stack+0x15/0x20
[  198.940711][T11273]  should_fail_ex+0x229/0x230
[  198.945591][T11273]  should_fail_alloc_page+0xfd/0x110
[  198.950933][T11273]  __alloc_pages_noprof+0x109/0x360
[  198.956160][T11273]  alloc_pages_mpol_noprof+0xb1/0x1e0
[  198.961603][T11273]  alloc_pages_noprof+0xe1/0x100
[  198.966613][T11273]  pte_alloc_one+0x32/0xf0
[  198.971106][T11273]  ? __rcu_read_unlock+0x4e/0x70
[  198.976062][T11273]  handle_mm_fault+0x10c1/0x2a30
[  198.981042][T11273]  exc_page_fault+0x296/0x650
[  198.985780][T11273]  asm_exc_page_fault+0x26/0x30
[  198.990706][T11273] RIP: 0010:__get_user_4+0x11/0x20
[  198.995967][T11273] Code: 01 ca c3 cc cc cc cc 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 c2 48 c1 fa 3f 48 09 d0 0f 01 cb <8b> 10 31 c0 0f 01 ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90
[  199.015924][T11273] RSP: 0018:ffffc90001823db8 EFLAGS: 00050206
[  199.022020][T11273] RAX: 0000000020000100 RBX: ffff88810056d040 RCX: 0000000000000000
[  199.030001][T11273] RDX: 0000000000000000 RSI: 0000000000000107 RDI: 0000000000000107
[  199.038538][T11273] RBP: 0000000000000107 R08: ffffffff848f7eb2 R09: 0000000000000000
[  199.046521][T11273] R10: ffffc90001823dd0 R11: 0001c90001823df4 R12: 0000000020000100
[  199.054501][T11273] R13: 0000000000000006 R14: ffff8881188e4000 R15: 0000000000000006
[  199.062607][T11273]  ? packet_getsockopt+0x82/0x6f0
[  199.067693][T11273]  packet_getsockopt+0x92/0x6f0
[  199.072687][T11273]  do_sock_getsockopt+0x121/0x1a0
[  199.077933][T11273]  ? __pfx_packet_getsockopt+0x10/0x10
[  199.083497][T11273]  __sys_getsockopt+0x19a/0x210
[  199.088395][T11273]  __x64_sys_getsockopt+0x66/0x80
[  199.093490][T11273]  x64_sys_call+0x11cd/0x2d60
[  199.098309][T11273]  do_syscall_64+0xc9/0x1c0
[  199.102825][T11273]  ? clear_bhb_loop+0x55/0xb0
[  199.107815][T11273]  ? clear_bhb_loop+0x55/0xb0
[  199.112501][T11273]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.118499][T11273] RIP: 0033:0x7fac63fd9ef9
[  199.123061][T11273] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  199.142921][T11273] RSP: 002b:00007fac62c51038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  199.151731][T11273] RAX: ffffffffffffffda RBX: 00007fac64175f80 RCX: 00007fac63fd9ef9
[  199.159858][T11273] RDX: 0000000000000006 RSI: 0000000000000107 RDI: 0000000000000003
[  199.167920][T11273] RBP: 00007fac62c51090 R08: 0000000020000100 R09: 0000000000000000
[  199.176030][T11273] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  199.184008][T11273] R13: 0000000000000000 R14: 00007fac64175f80 R15: 00007ffd1e0348b8
[  199.192046][T11273]  </TASK>
[  199.210503][T11271] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0
[  199.255166][T11278] loop4: detected capacity change from 0 to 164
[  199.262831][T11278] Unable to read rock-ridge attributes
[  199.269570][   T29] audit: type=1400 audit(1724957213.587:3698): avc:  denied  { mount } for  pid=11277 comm="syz.4.2412" name="/" dev="loop4" ino=1792 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1
[  199.274280][T11286] pim6reg1: entered promiscuous mode
[  199.297557][T11286] pim6reg1: entered allmulticast mode
[  199.325275][T11289] netlink: 72 bytes leftover after parsing attributes in process `syz.3.2418'.
[  199.361735][T11293] loop4: detected capacity change from 0 to 1024
[  199.369372][T11293] EXT4-fs: Ignoring removed orlov option
[  199.380735][T11293] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  199.408537][T11301] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  199.432381][T11293] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2419'.
[  199.514597][T11318] netlink: 52 bytes leftover after parsing attributes in process `syz.4.2419'.
[  199.536176][T11312] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0
[  199.590961][T10533] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.632303][T11329] loop4: detected capacity change from 0 to 512
[  199.639728][T11329] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  199.666787][T11333] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  200.301540][T11353] loop3: detected capacity change from 0 to 512
[  200.310423][T11354] loop4: detected capacity change from 0 to 512
[  200.317663][T11354] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  200.326933][T11354] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  200.338198][T11354] EXT4-fs (loop4): warning: checktime reached, running e2fsck is recommended
[  200.349108][T11354] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  200.357234][T11354] System zones: 0-2, 18-18, 34-34
[  200.363139][T11354] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1137: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  200.378955][T11353] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  200.392438][T11353] ext4 filesystem being mounted at /7/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  200.403208][T11354] EXT4-fs (loop4): 1 truncate cleaned up
[  200.410239][T11354] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  200.506353][T11363] EXT4-fs error (device loop4): ext4_generic_delete_entry:2678: inode #12: block 13: comm syz.4.2440: bad entry in directory: rec_len is too small for name_len - offset=0, inode=12, rec_len=12, size=4096 fake=0
[  200.535572][T11353] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0
[  200.539801][T11363] EXT4-fs error (device loop4) in ext4_delete_entry:2749: Corrupt filesystem
[  200.561270][T11371] loop2: detected capacity change from 0 to 512
[  200.571957][T11372] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  200.586913][T11046] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  200.600776][T11371] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  200.613662][T11378] loop3: detected capacity change from 0 to 256
[  200.614321][T11378] msdos: Bad value for 'gid'
[  200.614339][T11378] msdos: Bad value for 'gid'
[  200.615637][T11371] ext4 filesystem being mounted at /72/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  200.684318][T10286] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  200.845052][T11408] sch_fq: defrate 0 ignored.
[  200.890889][T11414] loop2: detected capacity change from 0 to 512
[  200.908982][T11414] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  200.919059][T11417] FAULT_INJECTION: forcing a failure.
[  200.919059][T11417] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  200.921754][T11414] ext4 filesystem being mounted at /77/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  200.934571][T11417] CPU: 0 UID: 0 PID: 11417 Comm: syz.0.2461 Not tainted 6.11.0-rc5-syzkaller-00081-gd5d547aa7b51 #0
[  200.934604][T11417] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  200.965966][T11417] Call Trace:
[  200.965979][T11417]  <TASK>
[  200.965990][T11417]  dump_stack_lvl+0xf2/0x150
[  200.966026][T11417]  dump_stack+0x15/0x20
[  200.966052][T11417]  should_fail_ex+0x229/0x230
[  200.966083][T11417]  should_fail+0xb/0x10
[  200.966190][T11417]  should_fail_usercopy+0x1a/0x20
[  200.966281][T11417]  strncpy_from_user+0x25/0x270
[  200.966318][T11417]  ? kmem_cache_alloc_noprof+0x10c/0x290
[  200.966356][T11417]  getname_flags+0xb0/0x3b0
[  200.966402][T11417]  getname+0x17/0x20
[  200.966434][T11417]  do_sys_openat2+0x67/0x120
[  200.966459][T11417]  __x64_sys_openat+0xf3/0x120
[  200.966488][T11417]  x64_sys_call+0x1025/0x2d60
[  200.966576][T11417]  do_syscall_64+0xc9/0x1c0
[  200.966607][T11417]  ? clear_bhb_loop+0x55/0xb0
[  200.966626][T11417]  ? clear_bhb_loop+0x55/0xb0
[  200.966647][T11417]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  200.966712][T11417] RIP: 0033:0x7fbd89938890
[  200.966731][T11417] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 19 8f 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 6c 8f 02 00 8b 44
[  200.966755][T11417] RSP: 002b:00007fbd8858ff00 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  200.966814][T11417] RAX: ffffffffffffffda RBX: 0000000000004100 RCX: 00007fbd89938890
[  200.966829][T11417] RDX: 0000000000004100 RSI: 00007fbd8858ffa0 RDI: 00000000ffffff9c
[  200.966844][T11417] RBP: 00007fbd8858ffa0 R08: 0000000000000000 R09: 00007fbd8858fd17
[  200.966858][T11417] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  200.966874][T11417] R13: 0000000000000000 R14: 00007fbd89ad6058 R15: 00007ffe62cac0f8
[  200.966898][T11417]  </TASK>
[  200.988650][T10286] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  201.208170][T10533] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  201.279172][T11432] loop4: detected capacity change from 0 to 512
[  201.292120][T11432] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  201.304834][T11432] ext4 filesystem being mounted at /65/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  201.336518][T10533] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  201.339487][T11438] sch_fq: defrate 0 ignored.
[  201.373692][T11442] loop2: detected capacity change from 0 to 512
[  201.390423][T11442] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  201.403463][T11442] ext4 filesystem being mounted at /83/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  201.428835][T11447] (unnamed net_device) (uninitialized): peer notification delay (31) is not a multiple of miimon (100), value rounded to 0 ms
[  201.459086][T10286] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  201.467466][T11447] loop4: detected capacity change from 0 to 2048
[  201.475134][T11447] msdos: Unknown parameter 'sys_enter'
[  201.500284][T11453] __nla_validate_parse: 2 callbacks suppressed
[  201.500300][T11453] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2476'.
[  201.660337][T11465] pim6reg1: entered promiscuous mode
[  201.665681][T11465] pim6reg1: entered allmulticast mode
[  201.725229][T11467] sch_fq: defrate 0 ignored.
[  201.953673][T11477] (unnamed net_device) (uninitialized): peer notification delay (31) is not a multiple of miimon (100), value rounded to 0 ms
[  201.978895][T11489] netlink: 44 bytes leftover after parsing attributes in process `syz.3.2489'.
[  202.059597][T11498] sch_fq: defrate 0 ignored.
[  202.184407][T11506] pim6reg1: entered promiscuous mode
[  202.184901][T11508] loop2: detected capacity change from 0 to 128
[  202.189842][T11506] pim6reg1: entered allmulticast mode
[  202.200172][T11508] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  202.214159][T11508] ext4 filesystem being mounted at /86/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  202.277273][T11508] loop2: detected capacity change from 128 to 64
[  202.285703][T11508] EXT4-fs error (device loop2): __ext4_new_inode:1070: comm syz.2.2498: reserved inode found cleared - inode=5
[  202.306218][T10286] EXT4-fs error (device loop2): htree_dirblock_to_tree:1112: inode #2: block 4: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=201326592, rec_len=256, size=1024 fake=0
[  202.326286][T10286] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5810: Out of memory
[  202.337661][T10286] EXT4-fs error (device loop2): ext4_dirty_inode:6014: inode #2: comm syz-executor: mark_inode_dirty error
[  202.357716][T10286] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  202.514176][T11524] sch_fq: defrate 0 ignored.
[  202.728762][T11540] loop4: detected capacity change from 0 to 256
[  202.736402][T11540] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  202.844051][T11559] loop3: detected capacity change from 0 to 512
[  202.874743][T11561] loop4: detected capacity change from 0 to 512
[  202.884664][T11561] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  202.894435][T11559] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  202.907066][T11559] ext4 filesystem being mounted at /16/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  202.909274][T11561] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  202.945316][T11561] ext4 filesystem being mounted at /78/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  202.957035][ T3283] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  203.017010][T11559] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0
[  203.032078][ T3283] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  203.044647][T11577] netlink: 44 bytes leftover after parsing attributes in process `syz.1.2527'.
[  203.069962][T11046] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  203.095780][ T3283] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  203.105035][T11583] loop3: detected capacity change from 0 to 256
[  203.113939][T11583] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  203.128297][T11561] netlink: 11 bytes leftover after parsing attributes in process `syz.4.2521'.
[  203.139483][T11561] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2521'.
[  203.151710][T11587] FAULT_INJECTION: forcing a failure.
[  203.151710][T11587] name failslab, interval 1, probability 0, space 0, times 0
[  203.164523][T11587] CPU: 1 UID: 0 PID: 11587 Comm: syz.3.2529 Not tainted 6.11.0-rc5-syzkaller-00081-gd5d547aa7b51 #0
[  203.169963][T11541] chnl_net:caif_netlink_parms(): no params data found
[  203.175302][T11587] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  203.192156][T11587] Call Trace:
[  203.195460][T11587]  <TASK>
[  203.198400][T11587]  dump_stack_lvl+0xf2/0x150
[  203.203023][T11587]  dump_stack+0x15/0x20
[  203.207244][T11587]  should_fail_ex+0x229/0x230
[  203.212008][T11587]  ? skb_clone+0x154/0x1f0
[  203.216432][T11587]  should_failslab+0x8f/0xb0
[  203.221049][T11587]  kmem_cache_alloc_noprof+0x4c/0x290
[  203.226446][T11587]  skb_clone+0x154/0x1f0
[  203.230721][T11587]  __netlink_deliver_tap+0x2bd/0x4c0
[  203.236364][T11587]  netlink_unicast+0x64a/0x670
[  203.241154][T11587]  netlink_sendmsg+0x5cc/0x6e0
[  203.245969][T11587]  ? __pfx_netlink_sendmsg+0x10/0x10
[  203.251281][T11587]  __sock_sendmsg+0x140/0x180
[  203.256051][T11587]  ____sys_sendmsg+0x312/0x410
[  203.260850][T11587]  __sys_sendmsg+0x1e9/0x280
[  203.265517][T11587]  __x64_sys_sendmsg+0x46/0x50
[  203.270301][T11587]  x64_sys_call+0x2689/0x2d60
[  203.275001][T11587]  do_syscall_64+0xc9/0x1c0
[  203.279522][T11587]  ? clear_bhb_loop+0x55/0xb0
[  203.284289][T11587]  ? clear_bhb_loop+0x55/0xb0
[  203.289017][T11587]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  203.295028][T11587] RIP: 0033:0x7fac63fd9ef9
[  203.299522][T11587] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  203.319162][T11587] RSP: 002b:00007fac62c51038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  203.327725][T11587] RAX: ffffffffffffffda RBX: 00007fac64175f80 RCX: 00007fac63fd9ef9
[  203.335702][T11587] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000005
[  203.343713][T11587] RBP: 00007fac62c51090 R08: 0000000000000000 R09: 0000000000000000
[  203.351730][T11587] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  203.359709][T11587] R13: 0000000000000000 R14: 00007fac64175f80 R15: 00007ffd1e0348b8
[  203.367702][T11587]  </TASK>
[  203.383899][ T3283] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  203.427666][T10533] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  203.438224][T11541] bridge0: port 1(bridge_slave_0) entered blocking state
[  203.445335][T11541] bridge0: port 1(bridge_slave_0) entered disabled state
[  203.454381][T11541] bridge_slave_0: entered allmulticast mode
[  203.456296][T11600] loop3: detected capacity change from 0 to 512
[  203.460989][T11541] bridge_slave_0: entered promiscuous mode
[  203.480914][T11541] bridge0: port 2(bridge_slave_1) entered blocking state
[  203.488113][T11541] bridge0: port 2(bridge_slave_1) entered disabled state
[  203.498060][T11600] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #15: comm syz.3.2532: corrupted in-inode xattr: invalid ea_ino
[  203.513869][T11600] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.2532: couldn't read orphan inode 15 (err -117)
[  203.520709][T11541] bridge_slave_1: entered allmulticast mode
[  203.529459][T11600] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  203.535531][T11541] bridge_slave_1: entered promiscuous mode
[  203.567438][T11541] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  203.591801][T11541] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  203.606234][ T3283] bridge_slave_1: left allmulticast mode
[  203.611967][ T3283] bridge_slave_1: left promiscuous mode
[  203.617618][ T3283] bridge0: port 2(bridge_slave_1) entered disabled state
[  203.625538][ T3283] bridge_slave_0: left allmulticast mode
[  203.628512][   T29] kauditd_printk_skb: 5 callbacks suppressed
[  203.628585][   T29] audit: type=1400 audit(1724957217.937:3704): avc:  denied  { append } for  pid=11599 comm="syz.3.2532" path="/20/file0/file0/memory.events.local" dev="loop3" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  203.631244][ T3283] bridge_slave_0: left promiscuous mode
[  203.667616][ T3283] bridge0: port 1(bridge_slave_0) entered disabled state
[  203.769993][ T3283] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  203.781095][ T3283] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  203.791406][ T3283] bond0 (unregistering): Released all slaves
[  203.827252][T11541] team0: Port device team_slave_0 added
[  203.835697][T11541] team0: Port device team_slave_1 added
[  203.865706][T11541] batman_adv: batadv0: Adding interface: batadv_slave_0
[  203.872759][T11541] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  203.899078][T11541] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  203.912697][T11541] batman_adv: batadv0: Adding interface: batadv_slave_1
[  203.919803][T11541] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  203.945899][T11541] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  203.967755][T11571] chnl_net:caif_netlink_parms(): no params data found
[  204.004417][T11541] hsr_slave_0: entered promiscuous mode
[  204.010632][T11541] hsr_slave_1: entered promiscuous mode
[  204.016576][T11541] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  204.024180][T11541] Cannot create hsr debugfs directory
[  204.032906][ T3283] hsr_slave_0: left promiscuous mode
[  204.038616][ T3283] hsr_slave_1: left promiscuous mode
[  204.044389][ T3283] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  204.051959][ T3283] batman_adv: batadv0: Removing interface: batadv_slave_0
[  204.060148][ T3283] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  204.067766][ T3283] batman_adv: batadv0: Removing interface: batadv_slave_1
[  204.077751][ T3283] veth1_macvtap: left promiscuous mode
[  204.083267][ T3283] veth0_macvtap: left promiscuous mode
[  204.088876][ T3283] veth1_vlan: left promiscuous mode
[  204.094209][ T3283] veth0_vlan: left promiscuous mode
[  204.184980][ T3283] team0 (unregistering): Port device team_slave_1 removed
[  204.195367][ T3283] team0 (unregistering): Port device team_slave_0 removed
[  204.249225][T11622] pim6reg1: entered promiscuous mode
[  204.254605][T11622] pim6reg1: entered allmulticast mode
[  204.267621][T11571] bridge0: port 1(bridge_slave_0) entered blocking state
[  204.274793][T11571] bridge0: port 1(bridge_slave_0) entered disabled state
[  204.282165][T11571] bridge_slave_0: entered allmulticast mode
[  204.282705][T11571] bridge_slave_0: entered promiscuous mode
[  204.283819][T11571] bridge0: port 2(bridge_slave_1) entered blocking state
[  204.283864][T11571] bridge0: port 2(bridge_slave_1) entered disabled state
[  204.283974][T11571] bridge_slave_1: entered allmulticast mode
[  204.284640][T11571] bridge_slave_1: entered promiscuous mode
[  204.323453][T11046] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  204.352918][T11571] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  204.371136][T11571] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  204.420200][T11571] team0: Port device team_slave_0 added
[  204.431792][T11571] team0: Port device team_slave_1 added
[  204.454147][T11571] batman_adv: batadv0: Adding interface: batadv_slave_0
[  204.461712][T11571] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  204.475624][   T29] audit: type=1326 audit(1724957218.777:3705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11637 comm="syz.3.2542" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fac63fd9ef9 code=0x0
[  204.487719][T11571] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  204.522666][T11571] batman_adv: batadv0: Adding interface: batadv_slave_1
[  204.529671][T11571] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  204.529764][T11571] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  204.592117][T11571] hsr_slave_0: entered promiscuous mode
[  204.599031][T11571] hsr_slave_1: entered promiscuous mode
[  204.605683][T11571] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  204.613944][T11571] Cannot create hsr debugfs directory
[  204.623430][T11641] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2543'.
[  204.627463][T11642] Process accounting resumed
[  204.761044][ T3283] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  204.791543][T11541] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  204.800192][T11541] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  204.809225][T11541] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  204.817868][T11541] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  204.830293][ T3283] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  204.881303][ T3283] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  204.895187][T11541] 8021q: adding VLAN 0 to HW filter on device bond0
[  204.907820][T11541] 8021q: adding VLAN 0 to HW filter on device team0
[  204.920515][   T53] bridge0: port 1(bridge_slave_0) entered blocking state
[  204.927756][   T53] bridge0: port 1(bridge_slave_0) entered forwarding state
[  204.941970][ T3283] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  204.955068][   T53] bridge0: port 2(bridge_slave_1) entered blocking state
[  204.962314][   T53] bridge0: port 2(bridge_slave_1) entered forwarding state
[  205.033712][ T3283] bridge_slave_1: left allmulticast mode
[  205.039492][ T3283] bridge_slave_1: left promiscuous mode
[  205.045172][ T3283] bridge0: port 2(bridge_slave_1) entered disabled state
[  205.062819][ T3283] bridge_slave_0: left allmulticast mode
[  205.068629][ T3283] bridge_slave_0: left promiscuous mode
[  205.074417][ T3283] bridge0: port 1(bridge_slave_0) entered disabled state
[  205.159765][ T3283] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  205.170165][ T3283] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  205.180109][ T3283] bond0 (unregistering): Released all slaves
[  205.196999][T11541] 8021q: adding VLAN 0 to HW filter on device batadv0
[  205.270238][T11541] veth0_vlan: entered promiscuous mode
[  205.280752][T11541] veth1_vlan: entered promiscuous mode
[  205.298090][T11541] veth0_macvtap: entered promiscuous mode
[  205.305842][T11541] veth1_macvtap: entered promiscuous mode
[  205.320139][T11541] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  205.330803][T11541] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  205.340810][T11541] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  205.340832][T11541] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  205.340851][T11541] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  205.340878][T11541] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  205.340895][T11541] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  205.340911][T11541] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  205.342501][T11541] batman_adv: batadv0: Interface activated: batadv_slave_0
[  205.366671][ T3283] hsr_slave_0: left promiscuous mode
[  205.421285][ T3283] hsr_slave_1: left promiscuous mode
[  205.426919][ T3283] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  205.434432][ T3283] batman_adv: batadv0: Removing interface: batadv_slave_0
[  205.442693][ T3283] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  205.450408][ T3283] batman_adv: batadv0: Removing interface: batadv_slave_1
[  205.462078][ T3283] veth1_macvtap: left promiscuous mode
[  205.467634][ T3283] veth0_macvtap: left promiscuous mode
[  205.473207][ T3283] veth1_vlan: left promiscuous mode
[  205.478817][ T3283] veth0_vlan: left promiscuous mode
[  205.480561][   T29] audit: type=1400 audit(1724957219.797:3706): avc:  denied  { write } for  pid=11687 comm="syz.3.2555" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  205.480592][   T29] audit: type=1400 audit(1724957219.797:3707): avc:  denied  { nlmsg_read } for  pid=11687 comm="syz.3.2555" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  205.624558][ T3283] team0 (unregistering): Port device team_slave_1 removed
[  205.635730][ T3283] team0 (unregistering): Port device team_slave_0 removed
[  205.675690][T11541] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  205.686197][T11541] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  205.696198][T11541] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  205.706731][T11541] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  205.706750][T11541] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  205.727111][T11541] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  205.739428][T11541] batman_adv: batadv0: Interface activated: batadv_slave_1
[  205.750494][T11688] (unnamed net_device) (uninitialized): option lacp_rate: invalid value (64)
[  205.762644][T11541] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  205.771544][T11541] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  205.780438][T11541] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  205.780479][T11541] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  205.812952][T11694] pim6reg1: entered promiscuous mode
[  205.818427][T11694] pim6reg1: entered allmulticast mode
[  205.858529][T11571] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  205.868237][T11699] loop2: detected capacity change from 0 to 256
[  205.869361][T11571] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  205.885348][T11701] loop3: detected capacity change from 0 to 512
[  205.898152][T11541] FAT-fs (loop2): error, corrupted directory (invalid entries)
[  205.908224][T11571] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  205.910112][T11541] FAT-fs (loop2): error, corrupted directory (invalid entries)
[  205.924929][T11571] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  205.948387][T11701] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  205.975552][T11701] ext4 filesystem being mounted at /29/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  206.068735][T11571] 8021q: adding VLAN 0 to HW filter on device bond0
[  206.087072][T11571] 8021q: adding VLAN 0 to HW filter on device team0
[  206.101029][   T50] bridge0: port 1(bridge_slave_0) entered blocking state
[  206.108233][   T50] bridge0: port 1(bridge_slave_0) entered forwarding state
[  206.120620][   T50] bridge0: port 2(bridge_slave_1) entered blocking state
[  206.127836][   T50] bridge0: port 2(bridge_slave_1) entered forwarding state
[  206.156179][T11046] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  206.203336][T11716] loop3: detected capacity change from 0 to 512
[  206.229777][T11716] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  206.254209][T11571] 8021q: adding VLAN 0 to HW filter on device batadv0
[  206.260026][T11716] ext4 filesystem being mounted at /30/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  206.274401][T11726] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  206.331547][T11046] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  206.352180][T11571] veth0_vlan: entered promiscuous mode
[  206.368352][T11571] veth1_vlan: entered promiscuous mode
[  206.389738][T11571] veth0_macvtap: entered promiscuous mode
[  206.399785][T11571] veth1_macvtap: entered promiscuous mode
[  206.412613][T11571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  206.423227][T11571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  206.433114][T11571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  206.443651][T11571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  206.443670][T11571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  206.443687][T11571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  206.473823][T11571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  206.473843][T11571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  206.475427][T11571] batman_adv: batadv0: Interface activated: batadv_slave_0
[  206.503534][T11571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  206.514018][T11571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  206.523951][T11571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  206.534472][T11571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  206.544464][T11571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  206.544538][T11571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  206.544554][T11571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  206.544569][T11571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  206.546348][T11571] batman_adv: batadv0: Interface activated: batadv_slave_1
[  206.597353][T11571] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  206.597397][T11571] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  206.597453][T11571] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  206.597488][T11571] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  206.627889][   T29] audit: type=1326 audit(1724957220.937:3708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11747 comm="syz.1.2573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3eb6e19ef9 code=0x7ffc0000
[  206.660356][   T29] audit: type=1326 audit(1724957220.937:3709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11747 comm="syz.1.2573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3eb6e19ef9 code=0x7ffc0000
[  206.660417][   T29] audit: type=1326 audit(1724957220.937:3710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11747 comm="syz.1.2573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3eb6e19ef9 code=0x7ffc0000
[  206.660443][   T29] audit: type=1326 audit(1724957220.937:3711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11747 comm="syz.1.2573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3eb6e19ef9 code=0x7ffc0000
[  206.660469][   T29] audit: type=1326 audit(1724957220.947:3712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11747 comm="syz.1.2573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f3eb6e19ef9 code=0x7ffc0000
[  206.660498][   T29] audit: type=1326 audit(1724957220.947:3713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11747 comm="syz.1.2573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3eb6e19ef9 code=0x7ffc0000
[  206.697741][T11752] netlink: 72 bytes leftover after parsing attributes in process `syz.0.2526'.
[  206.839609][T11755] loop4: detected capacity change from 0 to 256
[  206.858821][T10533] FAT-fs (loop4): error, corrupted directory (invalid entries)
[  206.866714][T10533] FAT-fs (loop4): error, corrupted directory (invalid entries)
[  207.156396][T11751] ==================================================================
[  207.164507][T11751] BUG: KCSAN: data-race in mem_cgroup_iter / mem_cgroup_iter
[  207.171899][T11751] 
[  207.174227][T11751] read to 0xffff888114376668 of 4 bytes by task 11753 on cpu 1:
[  207.181856][T11751]  mem_cgroup_iter+0x93/0x380
[  207.186540][T11751]  shrink_node+0x74a/0x1d40
[  207.191052][T11751]  do_try_to_free_pages+0x3c6/0xc50
[  207.196271][T11751]  try_to_free_mem_cgroup_pages+0x1f3/0x4f0
[  207.202185][T11751]  try_charge_memcg+0x2bc/0x810
[  207.207045][T11751]  obj_cgroup_charge_pages+0xbd/0x1a0
[  207.212432][T11751]  __memcg_kmem_charge_page+0x9d/0x170
[  207.217910][T11751]  __alloc_pages_noprof+0x1bc/0x360
[  207.223133][T11751]  alloc_pages_mpol_noprof+0xb1/0x1e0
[  207.228523][T11751]  alloc_pages_noprof+0xe1/0x100
[  207.233477][T11751]  __vmalloc_node_range_noprof+0x736/0xec0
[  207.239297][T11751]  bpf_map_area_alloc+0xd8/0x110
[  207.244250][T11751]  array_map_alloc+0x1c2/0x390
[  207.249036][T11751]  map_create+0x83c/0xb90
[  207.253376][T11751]  __sys_bpf+0x667/0x7a0
[  207.257625][T11751]  __x64_sys_bpf+0x43/0x50
[  207.262152][T11751]  x64_sys_call+0x2625/0x2d60
[  207.266846][T11751]  do_syscall_64+0xc9/0x1c0
[  207.271374][T11751]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  207.277292][T11751] 
[  207.279619][T11751] read-write to 0xffff888114376668 of 4 bytes by task 11751 on cpu 0:
[  207.287774][T11751]  mem_cgroup_iter+0x28e/0x380
[  207.292557][T11751]  shrink_node+0x74a/0x1d40
[  207.297090][T11751]  do_try_to_free_pages+0x3c6/0xc50
[  207.302313][T11751]  try_to_free_mem_cgroup_pages+0x1f3/0x4f0
[  207.308231][T11751]  try_charge_memcg+0x2bc/0x810
[  207.313091][T11751]  mem_cgroup_swapin_charge_folio+0x107/0x1a0
[  207.319179][T11751]  __read_swap_cache_async+0x2b7/0x520
[  207.324682][T11751]  swap_cluster_readahead+0x276/0x3f0
[  207.330091][T11751]  swapin_readahead+0xe4/0x760
[  207.334869][T11751]  do_swap_page+0x3da/0x1ef0
[  207.339474][T11751]  handle_mm_fault+0x8cb/0x2a30
[  207.344336][T11751]  exc_page_fault+0x3b9/0x650
[  207.349033][T11751]  asm_exc_page_fault+0x26/0x30
[  207.353906][T11751] 
[  207.356229][T11751] value changed: 0x00000099 -> 0x0000009a
[  207.361948][T11751] 
[  207.364275][T11751] Reported by Kernel Concurrency Sanitizer on:
[  207.370427][T11751] CPU: 0 UID: 0 PID: 11751 Comm: syz.0.2526 Not tainted 6.11.0-rc5-syzkaller-00081-gd5d547aa7b51 #0
[  207.381209][T11751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  207.391489][T11751] ==================================================================
[  207.422781][   T11] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  207.466855][T11571] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  207.477836][T11571] CPU: 0 UID: 0 PID: 11571 Comm: syz-executor Not tainted 6.11.0-rc5-syzkaller-00081-gd5d547aa7b51 #0
[  207.488836][T11571] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  207.498953][T11571] Call Trace:
[  207.502292][T11571]  <TASK>
[  207.505245][T11571]  dump_stack_lvl+0xf2/0x150
[  207.509860][T11571]  dump_stack+0x15/0x20
[  207.514120][T11571]  dump_header+0x83/0x2d0
[  207.518569][T11571]  oom_kill_process+0x341/0x4c0
[  207.523476][T11571]  out_of_memory+0x9af/0xbe0
[  207.528138][T11571]  ? __rcu_read_unlock+0x4e/0x70
[  207.533110][T11571]  mem_cgroup_out_of_memory+0x13e/0x190
[  207.538758][T11571]  try_charge_memcg+0x51b/0x810
[  207.543698][T11571]  ? _rtl_pci_rx_interrupt+0x350/0xc60
[  207.549381][T11571]  mem_cgroup_swapin_charge_folio+0x107/0x1a0
[  207.555577][T11571]  __read_swap_cache_async+0x2b7/0x520
[  207.561086][T11571]  swap_cluster_readahead+0x276/0x3f0
[  207.566597][T11571]  swapin_readahead+0xe4/0x760
[  207.571389][T11571]  ? __filemap_get_folio+0x420/0x5b0
[  207.576793][T11571]  ? save_fpregs_to_fpstate+0x102/0x160
[  207.582432][T11571]  ? swap_cache_get_folio+0x77/0x210
[  207.587779][T11571]  do_swap_page+0x3da/0x1ef0
[  207.592399][T11571]  ? hrtimer_start_range_ns+0x53d/0x580
[  207.597986][T11571]  ? hrtimer_try_to_cancel+0x106/0x1d0
[  207.603529][T11571]  ? __rcu_read_lock+0x36/0x50
[  207.608896][T11571]  ? pte_offset_map_nolock+0x124/0x1d0
[  207.614433][T11571]  handle_mm_fault+0x8cb/0x2a30
[  207.619335][T11571]  exc_page_fault+0x3b9/0x650
[  207.624127][T11571]  asm_exc_page_fault+0x26/0x30
[  207.629091][T11571] RIP: 0033:0x7f9bc05cbfa5
[  207.633534][T11571] Code: 00 00 00 00 00 83 ff 03 74 7b 83 ff 02 b8 fa ff ff ff 49 89 ca 0f 44 f8 80 3d 9e 05 14 00 00 74 14 b8 e6 00 00 00 0f 05 f7 d8 <c3> 66 2e 0f 1f 84 00 00 00 00 00 48 83 ec 28 48 89 54 24 10 89 74
[  207.653295][T11571] RSP: 002b:00007ffed3719298 EFLAGS: 00010246
[  207.659382][T11571] RAX: 0000000000000000 RBX: 0000000000000002 RCX: 00007f9bc05cbfa3
[  207.667596][T11571] RDX: 00007ffed37192b0 RSI: 0000000000000000 RDI: 0000000000000000
[  207.675637][T11571] RBP: 00007ffed371930c R08: 0000000008490c0a R09: 7fffffffffffffff
[  207.683663][T11571] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000032
[  207.691658][T11571] R13: 0000000000032863 R14: 000000000003275f R15: 00007ffed3719360
[  207.699660][T11571]  </TASK>
[  207.703008][T11571] memory: usage 307200kB, limit 307200kB, failcnt 2560
[  207.709909][T11571] memory+swap: usage 307400kB, limit 9007199254740988kB, failcnt 0
[  207.717907][T11571] kmem: usage 307088kB, limit 9007199254740988kB, failcnt 0
[  207.725267][T11571] Memory cgroup stats for /syz0:
[  207.735676][   T11] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  207.771920][T11571] cache 114688
[  207.775348][T11571] rss 0
[  207.778284][T11571] shmem 0
[  207.781223][T11571] mapped_file 110592
[  207.785128][T11571] dirty 110592
[  207.788655][T11571] writeback 0
[  207.792043][T11571] workingset_refault_anon 8
[  207.796560][T11571] workingset_refault_file 0
[  207.801112][T11571] swap 172032
[  207.804510][T11571] swapcached 32768
[  207.808400][T11571] pgpgin 211568
[  207.811875][T11571] pgpgout 211532
[  207.815670][T11571] pgfault 218515
[  207.819285][T11571] pgmajfault 11
[  207.822755][T11571] inactive_anon 0
[  207.826460][T11571] active_anon 32768
[  207.830328][T11571] inactive_file 0
[  207.833968][T11571] active_file 114688
[  207.837935][T11571] unevictable 0
[  207.841468][T11571] hierarchical_memory_limit 314572800
[  207.846901][T11571] hierarchical_memsw_limit 9223372036854771712
[  207.853128][T11571] total_cache 114688
[  207.857230][T11571] total_rss 0
[  207.860537][T11571] total_shmem 0
[  207.864009][T11571] total_mapped_file 110592
[  207.868680][T11571] total_dirty 110592
[  207.872588][T11571] total_writeback 0
[  207.876474][T11571] total_workingset_refault_anon 8
[  207.881739][T11571] total_workingset_refault_file 0
[  207.886775][T11571] total_swap 172032
[  207.890645][T11571] total_swapcached 32768
[  207.894966][T11571] total_pgpgin 211568
[  207.898977][T11571] total_pgpgout 211532
[  207.903050][T11571] total_pgfault 218515
[  207.907188][T11571] total_pgmajfault 11
[  207.911256][T11571] total_inactive_anon 0
[  207.915420][T11571] total_active_anon 32768
[  207.919796][T11571] total_inactive_file 0
[  207.924015][T11571] total_active_file 114688
[  207.928471][T11571] total_unevictable 0
[  207.932464][T11571] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.2526,pid=11751,uid=0
[  207.947536][T11571] Memory cgroup out of memory: Killed process 11753 (syz.0.2526) total-vm:89240kB, anon-rss:512kB, file-rss:18292kB, shmem-rss:0kB, UID:0 pgtables:120kB oom_score_adj:1000
[  208.002617][   T11] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  208.071342][   T11] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  208.140798][   T11] bridge_slave_1: left allmulticast mode
[  208.146646][   T11] bridge_slave_1: left promiscuous mode
[  208.152413][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  208.161858][   T11] bridge_slave_0: left allmulticast mode
[  208.167623][   T11] bridge_slave_0: left promiscuous mode
[  208.173307][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  208.290608][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  208.302436][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  208.312855][   T11] bond0 (unregistering): Released all slaves
[  208.323639][   T11] bond1 (unregistering): Released all slaves
[  208.429561][   T11] hsr_slave_0: left promiscuous mode
[  208.436958][   T11] hsr_slave_1: left promiscuous mode
[  208.442916][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  208.450418][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  208.459787][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  208.467240][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  208.476679][   T11] veth1_macvtap: left promiscuous mode
[  208.482359][   T11] veth0_macvtap: left promiscuous mode
[  208.487981][   T11] veth1_vlan: left promiscuous mode
[  208.493243][   T11] veth0_vlan: left promiscuous mode
[  208.601063][   T11] team0 (unregistering): Port device team_slave_1 removed
[  208.612198][   T11] team0 (unregistering): Port device team_slave_0 removed
[  209.016316][   T11] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.762614][   T11] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.822006][   T11] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.870707][   T11] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.943158][   T11] bridge_slave_1: left allmulticast mode
[  211.948873][   T11] bridge_slave_1: left promiscuous mode
[  211.954530][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  211.962536][   T11] bridge_slave_0: left allmulticast mode
[  211.968246][   T11] bridge_slave_0: left promiscuous mode
[  211.973984][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  212.101609][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  212.112417][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  212.123999][   T11] bond0 (unregistering): Released all slaves
[  212.251506][   T11] hsr_slave_0: left promiscuous mode
[  212.257517][   T11] hsr_slave_1: left promiscuous mode
[  212.263363][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  212.270874][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  212.279656][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  212.287060][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  212.296509][   T11] veth1_macvtap: left promiscuous mode
[  212.302092][   T11] veth0_macvtap: left promiscuous mode
[  212.307683][   T11] veth1_vlan: left promiscuous mode
[  212.313065][   T11] veth0_vlan: left promiscuous mode
[  212.413556][   T11] team0 (unregistering): Port device team_slave_1 removed
[  212.424011][   T11] team0 (unregistering): Port device team_slave_0 removed